[pacman-dev] [PATCH 1/3] Changed all references to signature verification level in libalpm symbols to 'verifysig'. Removed references to PGP in libalpm symbols. Signed-off-by: Kerrick Staley <mail@kerrickstaley.com>
--- lib/libalpm/alpm.h | 24 ++++++++++++------------ lib/libalpm/be_package.c | 10 +++++----- lib/libalpm/be_sync.c | 10 +++++----- lib/libalpm/db.c | 6 +++--- lib/libalpm/db.h | 2 +- lib/libalpm/dload.c | 6 +++--- lib/libalpm/handle.c | 14 +++++++------- lib/libalpm/handle.h | 2 +- lib/libalpm/package.h | 2 +- lib/libalpm/signing.c | 14 +++++++------- lib/libalpm/signing.h | 2 +- lib/libalpm/sync.c | 4 ++-- src/pacman/conf.c | 24 ++++++++++++------------ src/pacman/query.c | 2 +- src/pacman/sync.c | 2 +- src/pacman/upgrade.c | 2 +- src/util/testpkg.c | 2 +- 17 files changed, 64 insertions(+), 64 deletions(-) diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 5af843c..c779a06 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -63,12 +63,12 @@ typedef enum _pmpkgreason_t { /** * GPG signature verification options */ -typedef enum _pgp_verify_t { - PM_PGP_VERIFY_UNKNOWN, - PM_PGP_VERIFY_NEVER, - PM_PGP_VERIFY_OPTIONAL, - PM_PGP_VERIFY_ALWAYS -} pgp_verify_t; +typedef enum pmverifysig_t { + PM_VERIFYSIG_UNKNOWN, + PM_VERIFYSIG_NEVER, + PM_VERIFYSIG_OPTIONAL, + PM_VERIFYSIG_ALWAYS +} pmverifysig_t; /* * Structures @@ -263,8 +263,8 @@ int alpm_option_set_usedelta(int usedelta); int alpm_option_get_checkspace(void); int alpm_option_set_checkspace(int checkspace); -pgp_verify_t alpm_option_get_default_sigverify(void); -int alpm_option_set_default_sigverify(pgp_verify_t level); +pmverifysig_t alpm_option_get_default_verifysig(void); +int alpm_option_set_default_verifysig(pmverifysig_t level); /** @} */ @@ -389,7 +389,7 @@ int alpm_db_set_pkgreason(pmdb_t *db, const char *name, pmpkgreason_t reason); * @param pkg address of the package pointer * @return 0 on success, -1 on error (pm_errno is set accordingly) */ -int alpm_pkg_load(const char *filename, int full, pgp_verify_t check_sig, +int alpm_pkg_load(const char *filename, int full, pmverifysig_t check_sig, pmpkg_t **pkg); /** Free a package. @@ -626,10 +626,10 @@ alpm_list_t *alpm_pkg_unused_deltas(pmpkg_t *pkg); * Signatures */ -int alpm_pkg_check_pgp_signature(pmpkg_t *pkg); +int alpm_pkg_check_signature(pmpkg_t *pkg); -int alpm_db_check_pgp_signature(pmdb_t *db); -int alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify); +int alpm_db_check_signature(pmdb_t *db); +int alpm_db_set_verifysig(pmdb_t *db, pmverifysig_t verify); /* * Deltas diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 9e59d69..173bd4b 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -227,7 +227,7 @@ static int parse_descfile(struct archive *a, pmpkg_t *newpkg) * @return An information filled pmpkg_t struct */ pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full, - const char *md5sum, const char *base64_sig, pgp_verify_t check_sig) + const char *md5sum, const char *base64_sig, pmverifysig_t check_sig) { int ret; int config = 0; @@ -266,11 +266,11 @@ pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full, } _alpm_log(PM_LOG_DEBUG, "base64_sig: %s\n", base64_sig); - if(check_sig != PM_PGP_VERIFY_NEVER) { + if(check_sig != PM_VERIFYSIG_NEVER) { _alpm_log(PM_LOG_DEBUG, "checking signature for %s\n", pkgfile); ret = _alpm_gpgme_checksig(pkgfile, base64_sig); - if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) || - (check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) { + if((check_sig == PM_VERIFYSIG_ALWAYS && ret != 0) || + (check_sig == PM_VERIFYSIG_OPTIONAL && ret == 1)) { RET_ERR(PM_ERR_SIG_INVALID, NULL); } } @@ -381,7 +381,7 @@ error: } int SYMEXPORT alpm_pkg_load(const char *filename, int full, - pgp_verify_t check_sig, pmpkg_t **pkg) + pmverifysig_t check_sig, pmpkg_t **pkg) { ALPM_LOG_FUNC; diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c index 9d85a45..3294f45 100644 --- a/lib/libalpm/be_sync.c +++ b/lib/libalpm/be_sync.c @@ -85,7 +85,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) size_t len; int ret = -1; mode_t oldmask; - pgp_verify_t check_sig; + pmverifysig_t check_sig; ALPM_LOG_FUNC; @@ -117,7 +117,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) } } - check_sig = _alpm_db_get_sigverify_level(db); + check_sig = _alpm_db_get_verifysig(db); for(i = db->servers; i; i = i->next) { const char *server = i->data; @@ -132,9 +132,9 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) ret = _alpm_download(fileurl, syncpath, force, 0, 0); - if(ret == 0 && (check_sig == PM_PGP_VERIFY_ALWAYS || - check_sig == PM_PGP_VERIFY_OPTIONAL)) { - int errors_ok = (check_sig == PM_PGP_VERIFY_OPTIONAL); + if(ret == 0 && (check_sig == PM_VERIFYSIG_ALWAYS || + check_sig == PM_VERIFYSIG_OPTIONAL)) { + int errors_ok = (check_sig == PM_VERIFYSIG_OPTIONAL); /* if we downloaded a DB, we want the .sig from the same server */ snprintf(fileurl, len, "%s/%s.db.sig", server, db->treename); diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c index 3133614..d062a92 100644 --- a/lib/libalpm/db.c +++ b/lib/libalpm/db.c @@ -225,17 +225,17 @@ int SYMEXPORT alpm_db_remove_server(pmdb_t *db, const char *url) } /** Set the verify gpg signature option for a database. * @param db database pointer - * @param verify enum pgp_verify_t + * @param verify enum pmverifysig_t * @return 0 on success, -1 on error (pm_errno is set accordingly) */ -int SYMEXPORT alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify) +int SYMEXPORT alpm_db_set_verifysig(pmdb_t *db, pmverifysig_t verify) { ALPM_LOG_FUNC; /* Sanity checks */ ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, -1)); - db->pgp_verify = verify; + db->verifysig = verify; _alpm_log(PM_LOG_DEBUG, "adding VerifySig option to database '%s': %d\n", db->treename, verify); diff --git a/lib/libalpm/db.h b/lib/libalpm/db.h index 399e2d5..23dffb7 100644 --- a/lib/libalpm/db.h +++ b/lib/libalpm/db.h @@ -63,7 +63,7 @@ struct __pmdb_t { pmpkghash_t *pkgcache; alpm_list_t *grpcache; alpm_list_t *servers; - pgp_verify_t pgp_verify; + pmverifysig_t verifysig; struct db_operations *ops; }; diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c index d024c73..9d44ce7 100644 --- a/lib/libalpm/dload.c +++ b/lib/libalpm/dload.c @@ -351,11 +351,11 @@ char SYMEXPORT *alpm_fetch_pkgurl(const char *url) _alpm_log(PM_LOG_DEBUG, "successfully downloaded %s\n", url); /* attempt to download the signature */ - if(ret == 0 && (handle->sigverify == PM_PGP_VERIFY_ALWAYS || - handle->sigverify == PM_PGP_VERIFY_OPTIONAL)) { + if(ret == 0 && (handle->verifysig == PM_VERIFYSIG_ALWAYS || + handle->verifysig == PM_VERIFYSIG_OPTIONAL)) { char *sig_url; size_t len; - int errors_ok = (handle->sigverify == PM_PGP_VERIFY_OPTIONAL); + int errors_ok = (handle->verifysig == PM_VERIFYSIG_OPTIONAL); len = strlen(url) + 5; CALLOC(sig_url, len, sizeof(char), RET_ERR(PM_ERR_MEMORY, NULL)); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 39b3b60..4999244 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -46,7 +46,7 @@ pmhandle_t *_alpm_handle_new() CALLOC(handle, 1, sizeof(pmhandle_t), RET_ERR(PM_ERR_MEMORY, NULL)); - handle->sigverify = PM_PGP_VERIFY_OPTIONAL; + handle->verifysig = PM_VERIFYSIG_OPTIONAL; return handle; } @@ -627,18 +627,18 @@ int SYMEXPORT alpm_option_set_checkspace(int checkspace) return 0; } -int SYMEXPORT alpm_option_set_default_sigverify(pgp_verify_t level) +int SYMEXPORT alpm_option_set_default_verifysig(pmverifysig_t level) { ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, -1)); - ASSERT(level != PM_PGP_VERIFY_UNKNOWN, RET_ERR(PM_ERR_WRONG_ARGS, -1)); - handle->sigverify = level; + ASSERT(level != PM_VERIFYSIG_UNKNOWN, RET_ERR(PM_ERR_WRONG_ARGS, -1)); + handle->verifysig = level; return 0; } -pgp_verify_t SYMEXPORT alpm_option_get_default_sigverify() +pmverifysig_t SYMEXPORT alpm_option_get_default_verifysig() { - ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, PM_PGP_VERIFY_UNKNOWN)); - return handle->sigverify; + ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, PM_VERIFYSIG_UNKNOWN)); + return handle->verifysig; } /* vim: set ts=2 sw=2 noet: */ diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index aa00b6f..5bd41f1 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -72,7 +72,7 @@ typedef struct _pmhandle_t { char *arch; /* Architecture of packages we should allow */ int usedelta; /* Download deltas if possible */ int checkspace; /* Check disk space before installing */ - pgp_verify_t sigverify; /* Default signature verification level */ + pmverifysig_t verifysig; /* Default signature verification level */ } pmhandle_t; /* global handle variable */ diff --git a/lib/libalpm/package.h b/lib/libalpm/package.h index debb239..f3b3d26 100644 --- a/lib/libalpm/package.h +++ b/lib/libalpm/package.h @@ -141,7 +141,7 @@ void _alpm_pkg_free(pmpkg_t *pkg); void _alpm_pkg_free_trans(pmpkg_t *pkg); pmpkg_t *_alpm_pkg_load_internal(const char *filename, int full, - const char *md5sum, const char *base64_sig, pgp_verify_t check_sig); + const char *md5sum, const char *base64_sig, pmverifysig_t check_sig); int _alpm_pkg_cmp(const void *p1, const void *p2); int _alpm_pkg_compare_versions(pmpkg_t *local_pkg, pmpkg_t *pkg); diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 9bb9d0a..1a99c8f 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -369,15 +369,15 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig) * * @return signature verification level */ -pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db) +pmverifysig_t _alpm_db_get_verifysig(pmdb_t *db) { ALPM_LOG_FUNC; - ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_PGP_VERIFY_UNKNOWN)); + ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_VERIFYSIG_UNKNOWN)); - if(db->pgp_verify != PM_PGP_VERIFY_UNKNOWN) { - return db->pgp_verify; + if(db->verifysig != PM_VERIFYSIG_UNKNOWN) { + return db->verifysig; } else { - return alpm_option_get_default_sigverify(); + return alpm_option_get_default_verifysig(); } } @@ -386,7 +386,7 @@ pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db) * @param pkg the package to check * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred) */ -int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) +int SYMEXPORT alpm_pkg_check_signature(pmpkg_t *pkg) { ALPM_LOG_FUNC; ASSERT(pkg != NULL, return 0); @@ -399,7 +399,7 @@ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) * @param db the database to check * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred) */ -int SYMEXPORT alpm_db_check_pgp_signature(pmdb_t *db) +int SYMEXPORT alpm_db_check_signature(pmdb_t *db) { ALPM_LOG_FUNC; ASSERT(db != NULL, return 0); diff --git a/lib/libalpm/signing.h b/lib/libalpm/signing.h index 8d8c164..253a919 100644 --- a/lib/libalpm/signing.h +++ b/lib/libalpm/signing.h @@ -22,7 +22,7 @@ #include "alpm.h" int _alpm_gpgme_checksig(const char *path, const char *base64_sig); -pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db); +pmverifysig_t _alpm_db_get_verifysig(pmdb_t *db); #endif /* _ALPM_SIGNING_H */ diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c index 8dd51aa..6b99e08 100644 --- a/lib/libalpm/sync.c +++ b/lib/libalpm/sync.c @@ -866,7 +866,7 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) int percent = (current * 100) / numtargs; const char *filename; char *filepath; - pgp_verify_t check_sig; + pmverifysig_t check_sig; PROGRESS(trans, PM_TRANS_PROGRESS_INTEGRITY_START, "", percent, numtargs, current); @@ -877,7 +877,7 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) filename = alpm_pkg_get_filename(spkg); filepath = _alpm_filecache_find(filename); pmdb_t *sdb = alpm_pkg_get_db(spkg); - check_sig = _alpm_db_get_sigverify_level(sdb); + check_sig = _alpm_db_get_verifysig(sdb); /* load the package file and replace pkgcache entry with it in the target list */ /* TODO: alpm_pkg_get_db() will not work on this target anymore */ diff --git a/src/pacman/conf.c b/src/pacman/conf.c index 370ec51..a872d3f 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -214,17 +214,17 @@ int config_set_arch(const char *arch) } } -static pgp_verify_t option_verifysig(const char *value) +static pmverifysig_t option_verifysig(const char *value) { - pgp_verify_t level; + pmverifysig_t level; if(strcmp(value, "Always") == 0) { - level = PM_PGP_VERIFY_ALWAYS; + level = PM_VERIFYSIG_ALWAYS; } else if(strcmp(value, "Optional") == 0) { - level = PM_PGP_VERIFY_OPTIONAL; + level = PM_VERIFYSIG_OPTIONAL; } else if(strcmp(value, "Never") == 0) { - level = PM_PGP_VERIFY_NEVER; + level = PM_VERIFYSIG_NEVER; } else { - level = PM_PGP_VERIFY_UNKNOWN; + level = PM_VERIFYSIG_UNKNOWN; } pm_printf(PM_LOG_DEBUG, "config: VerifySig = %s (%d)\n", value, level); return level; @@ -359,9 +359,9 @@ static int _parse_options(const char *key, char *value, } else if(strcmp(key, "CleanMethod") == 0) { setrepeatingoption(value, "CleanMethod", option_add_cleanmethod); } else if(strcmp(key, "VerifySig") == 0) { - pgp_verify_t level = option_verifysig(value); - if(level != PM_PGP_VERIFY_UNKNOWN) { - alpm_option_set_default_sigverify(level); + pmverifysig_t level = option_verifysig(value); + if(level != PM_VERIFYSIG_UNKNOWN) { + alpm_option_set_default_verifysig(level); } else { pm_printf(PM_LOG_ERROR, _("config file %s, line %d: directive '%s' has invalid value '%s'\n"), @@ -634,9 +634,9 @@ static int _parseconfig(const char *file, int parse_options, goto cleanup; } } else if(strcmp(key, "VerifySig") == 0) { - pgp_verify_t level = option_verifysig(value); - if(level != PM_PGP_VERIFY_UNKNOWN) { - ret = alpm_db_set_pgp_verify(db, level); + pmverifysig_t level = option_verifysig(value); + if(level != PM_VERIFYSIG_UNKNOWN) { + ret = alpm_db_set_verifysig(db, level); if(ret != 0) { pm_printf(PM_LOG_ERROR, _("could not add set verify option for database '%s': %s (%s)\n"), alpm_db_get_name(db), value, alpm_strerrorlast()); diff --git a/src/pacman/query.c b/src/pacman/query.c index d1105b4..87f06c4 100644 --- a/src/pacman/query.c +++ b/src/pacman/query.c @@ -551,7 +551,7 @@ int pacman_query(alpm_list_t *targets) char *strname = alpm_list_getdata(i); if(config->op_q_isfile) { - alpm_pkg_load(strname, 1, PM_PGP_VERIFY_OPTIONAL, &pkg); + alpm_pkg_load(strname, 1, PM_VERIFYSIG_OPTIONAL, &pkg); } else { pkg = alpm_db_get_pkg(db_local, strname); } diff --git a/src/pacman/sync.c b/src/pacman/sync.c index 884504f..8e2c236 100644 --- a/src/pacman/sync.c +++ b/src/pacman/sync.c @@ -219,7 +219,7 @@ static int sync_cleancache(int level) /* attempt to load the package, prompt removal on failures as we may have * files here that aren't valid packages. we also don't need a full * load of the package, just the metadata. */ - if(alpm_pkg_load(path, 0, PM_PGP_VERIFY_NEVER, &localpkg) != 0 + if(alpm_pkg_load(path, 0, PM_VERIFYSIG_NEVER, &localpkg) != 0 || localpkg == NULL) { if(yesno(_("File %s does not seem to be a valid package, remove it?"), path)) { diff --git a/src/pacman/upgrade.c b/src/pacman/upgrade.c index 0ffc94c..7a955e2 100644 --- a/src/pacman/upgrade.c +++ b/src/pacman/upgrade.c @@ -42,7 +42,7 @@ int pacman_upgrade(alpm_list_t *targets) { alpm_list_t *i, *data = NULL; - pgp_verify_t check_sig = alpm_option_get_default_sigverify(); + pmverifysig_t check_sig = alpm_option_get_default_verifysig(); int retval = 0; if(targets == NULL) { diff --git a/src/util/testpkg.c b/src/util/testpkg.c index ad6ec30..4568262 100644 --- a/src/util/testpkg.c +++ b/src/util/testpkg.c @@ -55,7 +55,7 @@ int main(int argc, char *argv[]) /* let us get log messages from libalpm */ alpm_option_set_logcb(output_cb); - if(alpm_pkg_load(argv[1], 1, PM_PGP_VERIFY_OPTIONAL, &pkg) == -1 + if(alpm_pkg_load(argv[1], 1, PM_VERIFYSIG_OPTIONAL, &pkg) == -1 || pkg == NULL) { switch(pm_errno) { case PM_ERR_PKG_OPEN: -- 1.7.5.2
--- lib/libalpm/alpm.h | 4 ++-- lib/libalpm/handle.c | 18 +++++++++--------- lib/libalpm/handle.h | 2 +- lib/libalpm/signing.c | 4 ++-- src/pacman/conf.c | 2 +- src/pacman/pacman.c | 2 +- 6 files changed, 16 insertions(+), 16 deletions(-) diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index c779a06..62a8f09 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -198,9 +198,9 @@ int alpm_option_set_logfile(const char *logfile); const char *alpm_option_get_lockfile(void); /** Returns the signature directory path. */ -const char *alpm_option_get_signaturedir(void); +const char *alpm_option_get_gpgdir(void); /** Sets the signature directory path. */ -int alpm_option_set_signaturedir(const char *signaturedir); +int alpm_option_set_gpgdir(const char *gpgdir); /** Returns whether to use syslog (0 is FALSE, TRUE otherwise). */ int alpm_option_get_usesyslog(void); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 4999244..04656b4 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -82,7 +82,7 @@ void _alpm_handle_free(pmhandle_t *handle) FREE(handle->logfile); FREE(handle->lockfile); FREE(handle->arch); - FREE(handle->signaturedir); + FREE(handle->gpgdir); FREELIST(handle->dbs_sync); FREELIST(handle->noupgrade); FREELIST(handle->noextract); @@ -173,13 +173,13 @@ const char SYMEXPORT *alpm_option_get_lockfile() return handle->lockfile; } -const char SYMEXPORT *alpm_option_get_signaturedir() +const char SYMEXPORT *alpm_option_get_gpgdir() { if(handle == NULL) { pm_errno = PM_ERR_HANDLE_NULL; return NULL; } - return handle->signaturedir; + return handle->gpgdir; } int SYMEXPORT alpm_option_get_usesyslog() @@ -468,21 +468,21 @@ int SYMEXPORT alpm_option_set_logfile(const char *logfile) return 0; } -int SYMEXPORT alpm_option_set_signaturedir(const char *signaturedir) +int SYMEXPORT alpm_option_set_gpgdir(const char *gpgdir) { ALPM_LOG_FUNC; - if(!signaturedir) { + if(!gpgdir) { pm_errno = PM_ERR_WRONG_ARGS; return -1; } - if(handle->signaturedir) { - FREE(handle->signaturedir); + if(handle->gpgdir) { + FREE(handle->gpgdir); } - handle->signaturedir = strdup(signaturedir); + handle->gpgdir = strdup(gpgdir); - _alpm_log(PM_LOG_DEBUG, "option 'signaturedir' = %s\n", handle->signaturedir); + _alpm_log(PM_LOG_DEBUG, "option 'gpgdir' = %s\n", handle->gpgdir); return 0; } diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index 5bd41f1..616c9fd 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -58,7 +58,7 @@ typedef struct _pmhandle_t { char *dbpath; /* Base path to pacman's DBs */ char *logfile; /* Name of the log file */ char *lockfile; /* Name of the lock file */ - char *signaturedir; /* Directory where GnuPG files are stored */ + char *gpgdir; /* Directory where GnuPG files are stored */ alpm_list_t *cachedirs; /* Paths to pacman cache directories */ /* package lists */ diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 1a99c8f..fd13549 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -118,7 +118,7 @@ static int gpgme_init(void) return 0; } - if(!alpm_option_get_signaturedir()) { + if(!alpm_option_get_gpgdir()) { RET_ERR(PM_ERR_SIG_MISSINGDIR, 1); } @@ -144,7 +144,7 @@ static int gpgme_init(void) /* set and check engine information */ err = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL, - alpm_option_get_signaturedir()); + alpm_option_get_gpgdir()); CHECK_ERR(); err = gpgme_get_engine_info(&enginfo); CHECK_ERR(); diff --git a/src/pacman/conf.c b/src/pacman/conf.c index a872d3f..0dbbfea 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -466,7 +466,7 @@ static int setlibpaths(void) /* Set GnuPG's home directory. This is not relative to rootdir, even if * rootdir is defined. Reasoning: gpgdir contains configuration data. */ if(config->gpgdir) { - ret = alpm_option_set_signaturedir(config->gpgdir); + ret = alpm_option_set_gpgdir(config->gpgdir); if(ret != 0) { pm_printf(PM_LOG_ERROR, _("problem setting gpgdir '%s' (%s)\n"), config->gpgdir, alpm_strerrorlast()); diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c index 8458c97..810f335 100644 --- a/src/pacman/pacman.c +++ b/src/pacman/pacman.c @@ -813,7 +813,7 @@ int main(int argc, char *argv[]) /* define paths to reasonable defaults */ alpm_option_set_root(ROOTDIR); alpm_option_set_dbpath(DBPATH); - alpm_option_set_signaturedir(GPGDIR); + alpm_option_set_gpgdir(GPGDIR); alpm_option_set_logfile(LOGFILE); /* Priority of options: -- 1.7.5.2
^^^ You deleted the blank line between the patch subject and the summary text, which makes it do what it did. You'll want to put that back. On Wed, Jun 1, 2011 at 3:03 PM, Kerrick Staley <mail@kerrickstaley.com> wrote:
--- lib/libalpm/alpm.h | 4 ++-- lib/libalpm/handle.c | 18 +++++++++--------- lib/libalpm/handle.h | 2 +- lib/libalpm/signing.c | 4 ++-- src/pacman/conf.c | 2 +- src/pacman/pacman.c | 2 +- 6 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index c779a06..62a8f09 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -198,9 +198,9 @@ int alpm_option_set_logfile(const char *logfile); const char *alpm_option_get_lockfile(void);
/** Returns the signature directory path. */ -const char *alpm_option_get_signaturedir(void); +const char *alpm_option_get_gpgdir(void); /** Sets the signature directory path. */ These two docstrings should probably be made more in line with the new name; e.g. "Sets the path to the GPG home directory."
-int alpm_option_set_signaturedir(const char *signaturedir); +int alpm_option_set_gpgdir(const char *gpgdir);
/** Returns whether to use syslog (0 is FALSE, TRUE otherwise). */ int alpm_option_get_usesyslog(void); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 4999244..04656b4 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -82,7 +82,7 @@ void _alpm_handle_free(pmhandle_t *handle) FREE(handle->logfile); FREE(handle->lockfile); FREE(handle->arch); - FREE(handle->signaturedir); + FREE(handle->gpgdir); FREELIST(handle->dbs_sync); FREELIST(handle->noupgrade); FREELIST(handle->noextract); @@ -173,13 +173,13 @@ const char SYMEXPORT *alpm_option_get_lockfile() return handle->lockfile; }
-const char SYMEXPORT *alpm_option_get_signaturedir() +const char SYMEXPORT *alpm_option_get_gpgdir() { if(handle == NULL) { pm_errno = PM_ERR_HANDLE_NULL; return NULL; } - return handle->signaturedir; + return handle->gpgdir; }
int SYMEXPORT alpm_option_get_usesyslog() @@ -468,21 +468,21 @@ int SYMEXPORT alpm_option_set_logfile(const char *logfile) return 0; }
-int SYMEXPORT alpm_option_set_signaturedir(const char *signaturedir) +int SYMEXPORT alpm_option_set_gpgdir(const char *gpgdir) { ALPM_LOG_FUNC;
- if(!signaturedir) { + if(!gpgdir) { pm_errno = PM_ERR_WRONG_ARGS; return -1; }
- if(handle->signaturedir) { - FREE(handle->signaturedir); + if(handle->gpgdir) { + FREE(handle->gpgdir); } - handle->signaturedir = strdup(signaturedir); + handle->gpgdir = strdup(gpgdir);
- _alpm_log(PM_LOG_DEBUG, "option 'signaturedir' = %s\n", handle->signaturedir); + _alpm_log(PM_LOG_DEBUG, "option 'gpgdir' = %s\n", handle->gpgdir); return 0; }
diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index 5bd41f1..616c9fd 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -58,7 +58,7 @@ typedef struct _pmhandle_t { char *dbpath; /* Base path to pacman's DBs */ char *logfile; /* Name of the log file */ char *lockfile; /* Name of the lock file */ - char *signaturedir; /* Directory where GnuPG files are stored */ + char *gpgdir; /* Directory where GnuPG files are stored */ alpm_list_t *cachedirs; /* Paths to pacman cache directories */
/* package lists */ diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 1a99c8f..fd13549 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -118,7 +118,7 @@ static int gpgme_init(void) return 0; }
- if(!alpm_option_get_signaturedir()) { + if(!alpm_option_get_gpgdir()) { RET_ERR(PM_ERR_SIG_MISSINGDIR, 1); }
@@ -144,7 +144,7 @@ static int gpgme_init(void)
/* set and check engine information */ err = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL, - alpm_option_get_signaturedir()); + alpm_option_get_gpgdir()); CHECK_ERR(); err = gpgme_get_engine_info(&enginfo); CHECK_ERR(); diff --git a/src/pacman/conf.c b/src/pacman/conf.c index a872d3f..0dbbfea 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -466,7 +466,7 @@ static int setlibpaths(void) /* Set GnuPG's home directory. This is not relative to rootdir, even if * rootdir is defined. Reasoning: gpgdir contains configuration data. */ if(config->gpgdir) { - ret = alpm_option_set_signaturedir(config->gpgdir); + ret = alpm_option_set_gpgdir(config->gpgdir); if(ret != 0) { pm_printf(PM_LOG_ERROR, _("problem setting gpgdir '%s' (%s)\n"), config->gpgdir, alpm_strerrorlast()); diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c index 8458c97..810f335 100644 --- a/src/pacman/pacman.c +++ b/src/pacman/pacman.c @@ -813,7 +813,7 @@ int main(int argc, char *argv[]) /* define paths to reasonable defaults */ alpm_option_set_root(ROOTDIR); alpm_option_set_dbpath(DBPATH); - alpm_option_set_signaturedir(GPGDIR); + alpm_option_set_gpgdir(GPGDIR); alpm_option_set_logfile(LOGFILE);
/* Priority of options: -- 1.7.5.2
Otherwise this looks fine to me; I'll let other people weigh in on API naming stuff as well though. -Dan
'gpgdir' is clearer than 'signaturedir'. Since this directory and the API based on it are specific to GPGME, 'gpg' is used in the name to separate it from library-independent functions. Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/alpm.h | 8 ++++---- lib/libalpm/handle.c | 18 +++++++++--------- lib/libalpm/handle.h | 2 +- lib/libalpm/signing.c | 4 ++-- src/pacman/conf.c | 2 +- src/pacman/pacman.c | 2 +- 6 files changed, 18 insertions(+), 18 deletions(-) diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 5fdeac2..6a9f25e 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -197,10 +197,10 @@ int alpm_option_set_logfile(const char *logfile); */ const char *alpm_option_get_lockfile(void); -/** Returns the signature directory path. */ -const char *alpm_option_get_signaturedir(void); -/** Sets the signature directory path. */ -int alpm_option_set_signaturedir(const char *signaturedir); +/** Returns the path to pacman's GPG home directory. */ +const char *alpm_option_get_gpgdir(void); +/** Sets the path to pacman's GPG home directory. */ +int alpm_option_set_gpgdir(const char *gpgdir); /** Returns whether to use syslog (0 is FALSE, TRUE otherwise). */ int alpm_option_get_usesyslog(void); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 8d33caa..5942911 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -82,7 +82,7 @@ void _alpm_handle_free(pmhandle_t *handle) FREE(handle->logfile); FREE(handle->lockfile); FREE(handle->arch); - FREE(handle->signaturedir); + FREE(handle->gpgdir); FREELIST(handle->dbs_sync); FREELIST(handle->noupgrade); FREELIST(handle->noextract); @@ -173,13 +173,13 @@ const char SYMEXPORT *alpm_option_get_lockfile() return handle->lockfile; } -const char SYMEXPORT *alpm_option_get_signaturedir() +const char SYMEXPORT *alpm_option_get_gpgdir() { if(handle == NULL) { pm_errno = PM_ERR_HANDLE_NULL; return NULL; } - return handle->signaturedir; + return handle->gpgdir; } int SYMEXPORT alpm_option_get_usesyslog() @@ -468,21 +468,21 @@ int SYMEXPORT alpm_option_set_logfile(const char *logfile) return 0; } -int SYMEXPORT alpm_option_set_signaturedir(const char *signaturedir) +int SYMEXPORT alpm_option_set_gpgdir(const char *gpgdir) { ALPM_LOG_FUNC; - if(!signaturedir) { + if(!gpgdir) { pm_errno = PM_ERR_WRONG_ARGS; return -1; } - if(handle->signaturedir) { - FREE(handle->signaturedir); + if(handle->gpgdir) { + FREE(handle->gpgdir); } - handle->signaturedir = strdup(signaturedir); + handle->gpgdir = strdup(gpgdir); - _alpm_log(PM_LOG_DEBUG, "option 'signaturedir' = %s\n", handle->signaturedir); + _alpm_log(PM_LOG_DEBUG, "option 'gpgdir' = %s\n", handle->gpgdir); return 0; } diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index 672cab4..59375fd 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -58,7 +58,7 @@ typedef struct _pmhandle_t { char *dbpath; /* Base path to pacman's DBs */ char *logfile; /* Name of the log file */ char *lockfile; /* Name of the lock file */ - char *signaturedir; /* Directory where GnuPG files are stored */ + char *gpgdir; /* Directory where GnuPG files are stored */ alpm_list_t *cachedirs; /* Paths to pacman cache directories */ /* package lists */ diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index a57d86a..0142058 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -118,7 +118,7 @@ static int gpgme_init(void) return 0; } - if(!alpm_option_get_signaturedir()) { + if(!alpm_option_get_gpgdir()) { RET_ERR(PM_ERR_SIG_MISSINGDIR, 1); } @@ -144,7 +144,7 @@ static int gpgme_init(void) /* set and check engine information */ err = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL, - alpm_option_get_signaturedir()); + alpm_option_get_gpgdir()); CHECK_ERR(); err = gpgme_get_engine_info(&enginfo); CHECK_ERR(); diff --git a/src/pacman/conf.c b/src/pacman/conf.c index d8f2ac3..ccb1291 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -466,7 +466,7 @@ static int setlibpaths(void) /* Set GnuPG's home directory. This is not relative to rootdir, even if * rootdir is defined. Reasoning: gpgdir contains configuration data. */ if(config->gpgdir) { - ret = alpm_option_set_signaturedir(config->gpgdir); + ret = alpm_option_set_gpgdir(config->gpgdir); if(ret != 0) { pm_printf(PM_LOG_ERROR, _("problem setting gpgdir '%s' (%s)\n"), config->gpgdir, alpm_strerrorlast()); diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c index 8458c97..810f335 100644 --- a/src/pacman/pacman.c +++ b/src/pacman/pacman.c @@ -813,7 +813,7 @@ int main(int argc, char *argv[]) /* define paths to reasonable defaults */ alpm_option_set_root(ROOTDIR); alpm_option_set_dbpath(DBPATH); - alpm_option_set_signaturedir(GPGDIR); + alpm_option_set_gpgdir(GPGDIR); alpm_option_set_logfile(LOGFILE); /* Priority of options: -- 1.7.5.2
This is identical to the patch I submitted a while ago, except the docstrings are changed per Dan's request. I just realized that I referred to pacman in the libalpm source, though, so I'll fix that and resend. -Kerrick Staley On Sun, Jun 12, 2011 at 5:36 AM, Kerrick Staley <mail@kerrickstaley.com> wrote:
'gpgdir' is clearer than 'signaturedir'. Since this directory and the API based on it are specific to GPGME, 'gpg' is used in the name to separate it from library-independent functions.
Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/alpm.h | 8 ++++---- lib/libalpm/handle.c | 18 +++++++++--------- lib/libalpm/handle.h | 2 +- lib/libalpm/signing.c | 4 ++-- src/pacman/conf.c | 2 +- src/pacman/pacman.c | 2 +- 6 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 5fdeac2..6a9f25e 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -197,10 +197,10 @@ int alpm_option_set_logfile(const char *logfile); */ const char *alpm_option_get_lockfile(void);
-/** Returns the signature directory path. */ -const char *alpm_option_get_signaturedir(void); -/** Sets the signature directory path. */ -int alpm_option_set_signaturedir(const char *signaturedir); +/** Returns the path to pacman's GPG home directory. */ +const char *alpm_option_get_gpgdir(void); +/** Sets the path to pacman's GPG home directory. */ +int alpm_option_set_gpgdir(const char *gpgdir);
/** Returns whether to use syslog (0 is FALSE, TRUE otherwise). */ int alpm_option_get_usesyslog(void); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 8d33caa..5942911 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -82,7 +82,7 @@ void _alpm_handle_free(pmhandle_t *handle) FREE(handle->logfile); FREE(handle->lockfile); FREE(handle->arch); - FREE(handle->signaturedir); + FREE(handle->gpgdir); FREELIST(handle->dbs_sync); FREELIST(handle->noupgrade); FREELIST(handle->noextract); @@ -173,13 +173,13 @@ const char SYMEXPORT *alpm_option_get_lockfile() return handle->lockfile; }
-const char SYMEXPORT *alpm_option_get_signaturedir() +const char SYMEXPORT *alpm_option_get_gpgdir() { if(handle == NULL) { pm_errno = PM_ERR_HANDLE_NULL; return NULL; } - return handle->signaturedir; + return handle->gpgdir; }
int SYMEXPORT alpm_option_get_usesyslog() @@ -468,21 +468,21 @@ int SYMEXPORT alpm_option_set_logfile(const char *logfile) return 0; }
-int SYMEXPORT alpm_option_set_signaturedir(const char *signaturedir) +int SYMEXPORT alpm_option_set_gpgdir(const char *gpgdir) { ALPM_LOG_FUNC;
- if(!signaturedir) { + if(!gpgdir) { pm_errno = PM_ERR_WRONG_ARGS; return -1; }
- if(handle->signaturedir) { - FREE(handle->signaturedir); + if(handle->gpgdir) { + FREE(handle->gpgdir); } - handle->signaturedir = strdup(signaturedir); + handle->gpgdir = strdup(gpgdir);
- _alpm_log(PM_LOG_DEBUG, "option 'signaturedir' = %s\n", handle->signaturedir); + _alpm_log(PM_LOG_DEBUG, "option 'gpgdir' = %s\n", handle->gpgdir); return 0; }
diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index 672cab4..59375fd 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -58,7 +58,7 @@ typedef struct _pmhandle_t { char *dbpath; /* Base path to pacman's DBs */ char *logfile; /* Name of the log file */ char *lockfile; /* Name of the lock file */ - char *signaturedir; /* Directory where GnuPG files are stored */ + char *gpgdir; /* Directory where GnuPG files are stored */ alpm_list_t *cachedirs; /* Paths to pacman cache directories */
/* package lists */ diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index a57d86a..0142058 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -118,7 +118,7 @@ static int gpgme_init(void) return 0; }
- if(!alpm_option_get_signaturedir()) { + if(!alpm_option_get_gpgdir()) { RET_ERR(PM_ERR_SIG_MISSINGDIR, 1); }
@@ -144,7 +144,7 @@ static int gpgme_init(void)
/* set and check engine information */ err = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL, - alpm_option_get_signaturedir()); + alpm_option_get_gpgdir()); CHECK_ERR(); err = gpgme_get_engine_info(&enginfo); CHECK_ERR(); diff --git a/src/pacman/conf.c b/src/pacman/conf.c index d8f2ac3..ccb1291 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -466,7 +466,7 @@ static int setlibpaths(void) /* Set GnuPG's home directory. This is not relative to rootdir, even if * rootdir is defined. Reasoning: gpgdir contains configuration data. */ if(config->gpgdir) { - ret = alpm_option_set_signaturedir(config->gpgdir); + ret = alpm_option_set_gpgdir(config->gpgdir); if(ret != 0) { pm_printf(PM_LOG_ERROR, _("problem setting gpgdir '%s' (%s)\n"), config->gpgdir, alpm_strerrorlast()); diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c index 8458c97..810f335 100644 --- a/src/pacman/pacman.c +++ b/src/pacman/pacman.c @@ -813,7 +813,7 @@ int main(int argc, char *argv[]) /* define paths to reasonable defaults */ alpm_option_set_root(ROOTDIR); alpm_option_set_dbpath(DBPATH); - alpm_option_set_signaturedir(GPGDIR); + alpm_option_set_gpgdir(GPGDIR); alpm_option_set_logfile(LOGFILE);
/* Priority of options: -- 1.7.5.2
'gpgdir' is clearer than 'signaturedir'. Since this directory and the API based on it are specific to GPGME, 'gpg' is used in the name to separate it from library-independent functions. Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/alpm.h | 8 ++++---- lib/libalpm/handle.c | 18 +++++++++--------- lib/libalpm/handle.h | 2 +- lib/libalpm/signing.c | 4 ++-- src/pacman/conf.c | 6 +++--- src/pacman/pacman.c | 2 +- 6 files changed, 20 insertions(+), 20 deletions(-) diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 5fdeac2..f4ba9eb 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -197,10 +197,10 @@ int alpm_option_set_logfile(const char *logfile); */ const char *alpm_option_get_lockfile(void); -/** Returns the signature directory path. */ -const char *alpm_option_get_signaturedir(void); -/** Sets the signature directory path. */ -int alpm_option_set_signaturedir(const char *signaturedir); +/** Returns the path to libalpm's GnuPG home directory. */ +const char *alpm_option_get_gpgdir(void); +/** Sets the path to libalpm's GnuPG home directory. */ +int alpm_option_set_gpgdir(const char *gpgdir); /** Returns whether to use syslog (0 is FALSE, TRUE otherwise). */ int alpm_option_get_usesyslog(void); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 8d33caa..5942911 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -82,7 +82,7 @@ void _alpm_handle_free(pmhandle_t *handle) FREE(handle->logfile); FREE(handle->lockfile); FREE(handle->arch); - FREE(handle->signaturedir); + FREE(handle->gpgdir); FREELIST(handle->dbs_sync); FREELIST(handle->noupgrade); FREELIST(handle->noextract); @@ -173,13 +173,13 @@ const char SYMEXPORT *alpm_option_get_lockfile() return handle->lockfile; } -const char SYMEXPORT *alpm_option_get_signaturedir() +const char SYMEXPORT *alpm_option_get_gpgdir() { if(handle == NULL) { pm_errno = PM_ERR_HANDLE_NULL; return NULL; } - return handle->signaturedir; + return handle->gpgdir; } int SYMEXPORT alpm_option_get_usesyslog() @@ -468,21 +468,21 @@ int SYMEXPORT alpm_option_set_logfile(const char *logfile) return 0; } -int SYMEXPORT alpm_option_set_signaturedir(const char *signaturedir) +int SYMEXPORT alpm_option_set_gpgdir(const char *gpgdir) { ALPM_LOG_FUNC; - if(!signaturedir) { + if(!gpgdir) { pm_errno = PM_ERR_WRONG_ARGS; return -1; } - if(handle->signaturedir) { - FREE(handle->signaturedir); + if(handle->gpgdir) { + FREE(handle->gpgdir); } - handle->signaturedir = strdup(signaturedir); + handle->gpgdir = strdup(gpgdir); - _alpm_log(PM_LOG_DEBUG, "option 'signaturedir' = %s\n", handle->signaturedir); + _alpm_log(PM_LOG_DEBUG, "option 'gpgdir' = %s\n", handle->gpgdir); return 0; } diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index 672cab4..59375fd 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -58,7 +58,7 @@ typedef struct _pmhandle_t { char *dbpath; /* Base path to pacman's DBs */ char *logfile; /* Name of the log file */ char *lockfile; /* Name of the lock file */ - char *signaturedir; /* Directory where GnuPG files are stored */ + char *gpgdir; /* Directory where GnuPG files are stored */ alpm_list_t *cachedirs; /* Paths to pacman cache directories */ /* package lists */ diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index a57d86a..0142058 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -118,7 +118,7 @@ static int gpgme_init(void) return 0; } - if(!alpm_option_get_signaturedir()) { + if(!alpm_option_get_gpgdir()) { RET_ERR(PM_ERR_SIG_MISSINGDIR, 1); } @@ -144,7 +144,7 @@ static int gpgme_init(void) /* set and check engine information */ err = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL, - alpm_option_get_signaturedir()); + alpm_option_get_gpgdir()); CHECK_ERR(); err = gpgme_get_engine_info(&enginfo); CHECK_ERR(); diff --git a/src/pacman/conf.c b/src/pacman/conf.c index d8f2ac3..fd8d833 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -463,10 +463,10 @@ static int setlibpaths(void) } } - /* Set GnuPG's home directory. This is not relative to rootdir, even if - * rootdir is defined. Reasoning: gpgdir contains configuration data. */ + /* Set pacman's GnuPG home directory. This is not relative to rootdir, even + * if rootdir is defined. Reasoning: gpgdir contains configuration data. */ if(config->gpgdir) { - ret = alpm_option_set_signaturedir(config->gpgdir); + ret = alpm_option_set_gpgdir(config->gpgdir); if(ret != 0) { pm_printf(PM_LOG_ERROR, _("problem setting gpgdir '%s' (%s)\n"), config->gpgdir, alpm_strerrorlast()); diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c index 8458c97..810f335 100644 --- a/src/pacman/pacman.c +++ b/src/pacman/pacman.c @@ -813,7 +813,7 @@ int main(int argc, char *argv[]) /* define paths to reasonable defaults */ alpm_option_set_root(ROOTDIR); alpm_option_set_dbpath(DBPATH); - alpm_option_set_signaturedir(GPGDIR); + alpm_option_set_gpgdir(GPGDIR); alpm_option_set_logfile(LOGFILE); /* Priority of options: -- 1.7.5.2
And, this doesn't compile because I didn't change an instance of signaturedir that was introduced after this patch was originally written. Fixing and resending... -Kerrick Staley On Sun, Jun 12, 2011 at 5:44 AM, Kerrick Staley <mail@kerrickstaley.com> wrote:
'gpgdir' is clearer than 'signaturedir'. Since this directory and the API based on it are specific to GPGME, 'gpg' is used in the name to separate it from library-independent functions.
Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/alpm.h | 8 ++++---- lib/libalpm/handle.c | 18 +++++++++--------- lib/libalpm/handle.h | 2 +- lib/libalpm/signing.c | 4 ++-- src/pacman/conf.c | 6 +++--- src/pacman/pacman.c | 2 +- 6 files changed, 20 insertions(+), 20 deletions(-)
diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 5fdeac2..f4ba9eb 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -197,10 +197,10 @@ int alpm_option_set_logfile(const char *logfile); */ const char *alpm_option_get_lockfile(void);
-/** Returns the signature directory path. */ -const char *alpm_option_get_signaturedir(void); -/** Sets the signature directory path. */ -int alpm_option_set_signaturedir(const char *signaturedir); +/** Returns the path to libalpm's GnuPG home directory. */ +const char *alpm_option_get_gpgdir(void); +/** Sets the path to libalpm's GnuPG home directory. */ +int alpm_option_set_gpgdir(const char *gpgdir);
/** Returns whether to use syslog (0 is FALSE, TRUE otherwise). */ int alpm_option_get_usesyslog(void); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 8d33caa..5942911 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -82,7 +82,7 @@ void _alpm_handle_free(pmhandle_t *handle) FREE(handle->logfile); FREE(handle->lockfile); FREE(handle->arch); - FREE(handle->signaturedir); + FREE(handle->gpgdir); FREELIST(handle->dbs_sync); FREELIST(handle->noupgrade); FREELIST(handle->noextract); @@ -173,13 +173,13 @@ const char SYMEXPORT *alpm_option_get_lockfile() return handle->lockfile; }
-const char SYMEXPORT *alpm_option_get_signaturedir() +const char SYMEXPORT *alpm_option_get_gpgdir() { if(handle == NULL) { pm_errno = PM_ERR_HANDLE_NULL; return NULL; } - return handle->signaturedir; + return handle->gpgdir; }
int SYMEXPORT alpm_option_get_usesyslog() @@ -468,21 +468,21 @@ int SYMEXPORT alpm_option_set_logfile(const char *logfile) return 0; }
-int SYMEXPORT alpm_option_set_signaturedir(const char *signaturedir) +int SYMEXPORT alpm_option_set_gpgdir(const char *gpgdir) { ALPM_LOG_FUNC;
- if(!signaturedir) { + if(!gpgdir) { pm_errno = PM_ERR_WRONG_ARGS; return -1; }
- if(handle->signaturedir) { - FREE(handle->signaturedir); + if(handle->gpgdir) { + FREE(handle->gpgdir); } - handle->signaturedir = strdup(signaturedir); + handle->gpgdir = strdup(gpgdir);
- _alpm_log(PM_LOG_DEBUG, "option 'signaturedir' = %s\n", handle->signaturedir); + _alpm_log(PM_LOG_DEBUG, "option 'gpgdir' = %s\n", handle->gpgdir); return 0; }
diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index 672cab4..59375fd 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -58,7 +58,7 @@ typedef struct _pmhandle_t { char *dbpath; /* Base path to pacman's DBs */ char *logfile; /* Name of the log file */ char *lockfile; /* Name of the lock file */ - char *signaturedir; /* Directory where GnuPG files are stored */ + char *gpgdir; /* Directory where GnuPG files are stored */ alpm_list_t *cachedirs; /* Paths to pacman cache directories */
/* package lists */ diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index a57d86a..0142058 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -118,7 +118,7 @@ static int gpgme_init(void) return 0; }
- if(!alpm_option_get_signaturedir()) { + if(!alpm_option_get_gpgdir()) { RET_ERR(PM_ERR_SIG_MISSINGDIR, 1); }
@@ -144,7 +144,7 @@ static int gpgme_init(void)
/* set and check engine information */ err = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL, - alpm_option_get_signaturedir()); + alpm_option_get_gpgdir()); CHECK_ERR(); err = gpgme_get_engine_info(&enginfo); CHECK_ERR(); diff --git a/src/pacman/conf.c b/src/pacman/conf.c index d8f2ac3..fd8d833 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -463,10 +463,10 @@ static int setlibpaths(void) } }
- /* Set GnuPG's home directory. This is not relative to rootdir, even if - * rootdir is defined. Reasoning: gpgdir contains configuration data. */ + /* Set pacman's GnuPG home directory. This is not relative to rootdir, even + * if rootdir is defined. Reasoning: gpgdir contains configuration data. */ if(config->gpgdir) { - ret = alpm_option_set_signaturedir(config->gpgdir); + ret = alpm_option_set_gpgdir(config->gpgdir); if(ret != 0) { pm_printf(PM_LOG_ERROR, _("problem setting gpgdir '%s' (%s)\n"), config->gpgdir, alpm_strerrorlast()); diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c index 8458c97..810f335 100644 --- a/src/pacman/pacman.c +++ b/src/pacman/pacman.c @@ -813,7 +813,7 @@ int main(int argc, char *argv[]) /* define paths to reasonable defaults */ alpm_option_set_root(ROOTDIR); alpm_option_set_dbpath(DBPATH); - alpm_option_set_signaturedir(GPGDIR); + alpm_option_set_gpgdir(GPGDIR); alpm_option_set_logfile(LOGFILE);
/* Priority of options: -- 1.7.5.2
'gpgdir' is clearer than 'signaturedir'. Since this directory and the API based on it are specific to GPGME, 'gpg' is used in the name to separate it from library-independent functions. Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/alpm.h | 8 ++++---- lib/libalpm/handle.c | 18 +++++++++--------- lib/libalpm/handle.h | 2 +- lib/libalpm/signing.c | 4 ++-- src/pacman/conf.c | 6 +++--- src/pacman/pacman.c | 4 ++-- 6 files changed, 21 insertions(+), 21 deletions(-) diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 5fdeac2..f4ba9eb 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -197,10 +197,10 @@ int alpm_option_set_logfile(const char *logfile); */ const char *alpm_option_get_lockfile(void); -/** Returns the signature directory path. */ -const char *alpm_option_get_signaturedir(void); -/** Sets the signature directory path. */ -int alpm_option_set_signaturedir(const char *signaturedir); +/** Returns the path to libalpm's GnuPG home directory. */ +const char *alpm_option_get_gpgdir(void); +/** Sets the path to libalpm's GnuPG home directory. */ +int alpm_option_set_gpgdir(const char *gpgdir); /** Returns whether to use syslog (0 is FALSE, TRUE otherwise). */ int alpm_option_get_usesyslog(void); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 8d33caa..5942911 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -82,7 +82,7 @@ void _alpm_handle_free(pmhandle_t *handle) FREE(handle->logfile); FREE(handle->lockfile); FREE(handle->arch); - FREE(handle->signaturedir); + FREE(handle->gpgdir); FREELIST(handle->dbs_sync); FREELIST(handle->noupgrade); FREELIST(handle->noextract); @@ -173,13 +173,13 @@ const char SYMEXPORT *alpm_option_get_lockfile() return handle->lockfile; } -const char SYMEXPORT *alpm_option_get_signaturedir() +const char SYMEXPORT *alpm_option_get_gpgdir() { if(handle == NULL) { pm_errno = PM_ERR_HANDLE_NULL; return NULL; } - return handle->signaturedir; + return handle->gpgdir; } int SYMEXPORT alpm_option_get_usesyslog() @@ -468,21 +468,21 @@ int SYMEXPORT alpm_option_set_logfile(const char *logfile) return 0; } -int SYMEXPORT alpm_option_set_signaturedir(const char *signaturedir) +int SYMEXPORT alpm_option_set_gpgdir(const char *gpgdir) { ALPM_LOG_FUNC; - if(!signaturedir) { + if(!gpgdir) { pm_errno = PM_ERR_WRONG_ARGS; return -1; } - if(handle->signaturedir) { - FREE(handle->signaturedir); + if(handle->gpgdir) { + FREE(handle->gpgdir); } - handle->signaturedir = strdup(signaturedir); + handle->gpgdir = strdup(gpgdir); - _alpm_log(PM_LOG_DEBUG, "option 'signaturedir' = %s\n", handle->signaturedir); + _alpm_log(PM_LOG_DEBUG, "option 'gpgdir' = %s\n", handle->gpgdir); return 0; } diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index 672cab4..59375fd 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -58,7 +58,7 @@ typedef struct _pmhandle_t { char *dbpath; /* Base path to pacman's DBs */ char *logfile; /* Name of the log file */ char *lockfile; /* Name of the lock file */ - char *signaturedir; /* Directory where GnuPG files are stored */ + char *gpgdir; /* Directory where GnuPG files are stored */ alpm_list_t *cachedirs; /* Paths to pacman cache directories */ /* package lists */ diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index a57d86a..0142058 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -118,7 +118,7 @@ static int gpgme_init(void) return 0; } - if(!alpm_option_get_signaturedir()) { + if(!alpm_option_get_gpgdir()) { RET_ERR(PM_ERR_SIG_MISSINGDIR, 1); } @@ -144,7 +144,7 @@ static int gpgme_init(void) /* set and check engine information */ err = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL, - alpm_option_get_signaturedir()); + alpm_option_get_gpgdir()); CHECK_ERR(); err = gpgme_get_engine_info(&enginfo); CHECK_ERR(); diff --git a/src/pacman/conf.c b/src/pacman/conf.c index d8f2ac3..fd8d833 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -463,10 +463,10 @@ static int setlibpaths(void) } } - /* Set GnuPG's home directory. This is not relative to rootdir, even if - * rootdir is defined. Reasoning: gpgdir contains configuration data. */ + /* Set pacman's GnuPG home directory. This is not relative to rootdir, even + * if rootdir is defined. Reasoning: gpgdir contains configuration data. */ if(config->gpgdir) { - ret = alpm_option_set_signaturedir(config->gpgdir); + ret = alpm_option_set_gpgdir(config->gpgdir); if(ret != 0) { pm_printf(PM_LOG_ERROR, _("problem setting gpgdir '%s' (%s)\n"), config->gpgdir, alpm_strerrorlast()); diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c index 8458c97..9dd27b5 100644 --- a/src/pacman/pacman.c +++ b/src/pacman/pacman.c @@ -813,7 +813,7 @@ int main(int argc, char *argv[]) /* define paths to reasonable defaults */ alpm_option_set_root(ROOTDIR); alpm_option_set_dbpath(DBPATH); - alpm_option_set_signaturedir(GPGDIR); + alpm_option_set_gpgdir(GPGDIR); alpm_option_set_logfile(LOGFILE); /* Priority of options: @@ -913,7 +913,7 @@ int main(int argc, char *argv[]) printf("\n"); printf("Lock File : %s\n", alpm_option_get_lockfile()); printf("Log File : %s\n", alpm_option_get_logfile()); - printf("GPG Dir : %s\n", alpm_option_get_signaturedir()); + printf("GPG Dir : %s\n", alpm_option_get_gpgdir()); list_display("Targets :", pm_targets); } -- 1.7.5.2
On Sun, Jun 12, 2011 at 6:12 AM, Kerrick Staley <mail@kerrickstaley.com> wrote:
'gpgdir' is clearer than 'signaturedir'. Since this directory and the API based on it are specific to GPGME, 'gpg' is used in the name to separate it from library-independent functions.
Thanks- I took this but reconstituted the patch for current master by doing a sed and then updating the comments as you did. -Dan
Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/alpm.h | 8 ++++---- lib/libalpm/handle.c | 18 +++++++++--------- lib/libalpm/handle.h | 2 +- lib/libalpm/signing.c | 4 ++-- src/pacman/conf.c | 6 +++--- src/pacman/pacman.c | 4 ++-- 6 files changed, 21 insertions(+), 21 deletions(-)
diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 5fdeac2..f4ba9eb 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -197,10 +197,10 @@ int alpm_option_set_logfile(const char *logfile); */ const char *alpm_option_get_lockfile(void);
-/** Returns the signature directory path. */ -const char *alpm_option_get_signaturedir(void); -/** Sets the signature directory path. */ -int alpm_option_set_signaturedir(const char *signaturedir); +/** Returns the path to libalpm's GnuPG home directory. */ +const char *alpm_option_get_gpgdir(void); +/** Sets the path to libalpm's GnuPG home directory. */ +int alpm_option_set_gpgdir(const char *gpgdir);
/** Returns whether to use syslog (0 is FALSE, TRUE otherwise). */ int alpm_option_get_usesyslog(void); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 8d33caa..5942911 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -82,7 +82,7 @@ void _alpm_handle_free(pmhandle_t *handle) FREE(handle->logfile); FREE(handle->lockfile); FREE(handle->arch); - FREE(handle->signaturedir); + FREE(handle->gpgdir); FREELIST(handle->dbs_sync); FREELIST(handle->noupgrade); FREELIST(handle->noextract); @@ -173,13 +173,13 @@ const char SYMEXPORT *alpm_option_get_lockfile() return handle->lockfile; }
-const char SYMEXPORT *alpm_option_get_signaturedir() +const char SYMEXPORT *alpm_option_get_gpgdir() { if(handle == NULL) { pm_errno = PM_ERR_HANDLE_NULL; return NULL; } - return handle->signaturedir; + return handle->gpgdir; }
int SYMEXPORT alpm_option_get_usesyslog() @@ -468,21 +468,21 @@ int SYMEXPORT alpm_option_set_logfile(const char *logfile) return 0; }
-int SYMEXPORT alpm_option_set_signaturedir(const char *signaturedir) +int SYMEXPORT alpm_option_set_gpgdir(const char *gpgdir) { ALPM_LOG_FUNC;
- if(!signaturedir) { + if(!gpgdir) { pm_errno = PM_ERR_WRONG_ARGS; return -1; }
- if(handle->signaturedir) { - FREE(handle->signaturedir); + if(handle->gpgdir) { + FREE(handle->gpgdir); } - handle->signaturedir = strdup(signaturedir); + handle->gpgdir = strdup(gpgdir);
- _alpm_log(PM_LOG_DEBUG, "option 'signaturedir' = %s\n", handle->signaturedir); + _alpm_log(PM_LOG_DEBUG, "option 'gpgdir' = %s\n", handle->gpgdir); return 0; }
diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index 672cab4..59375fd 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -58,7 +58,7 @@ typedef struct _pmhandle_t { char *dbpath; /* Base path to pacman's DBs */ char *logfile; /* Name of the log file */ char *lockfile; /* Name of the lock file */ - char *signaturedir; /* Directory where GnuPG files are stored */ + char *gpgdir; /* Directory where GnuPG files are stored */ alpm_list_t *cachedirs; /* Paths to pacman cache directories */
/* package lists */ diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index a57d86a..0142058 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -118,7 +118,7 @@ static int gpgme_init(void) return 0; }
- if(!alpm_option_get_signaturedir()) { + if(!alpm_option_get_gpgdir()) { RET_ERR(PM_ERR_SIG_MISSINGDIR, 1); }
@@ -144,7 +144,7 @@ static int gpgme_init(void)
/* set and check engine information */ err = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL, - alpm_option_get_signaturedir()); + alpm_option_get_gpgdir()); CHECK_ERR(); err = gpgme_get_engine_info(&enginfo); CHECK_ERR(); diff --git a/src/pacman/conf.c b/src/pacman/conf.c index d8f2ac3..fd8d833 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -463,10 +463,10 @@ static int setlibpaths(void) } }
- /* Set GnuPG's home directory. This is not relative to rootdir, even if - * rootdir is defined. Reasoning: gpgdir contains configuration data. */ + /* Set pacman's GnuPG home directory. This is not relative to rootdir, even + * if rootdir is defined. Reasoning: gpgdir contains configuration data. */ if(config->gpgdir) { - ret = alpm_option_set_signaturedir(config->gpgdir); + ret = alpm_option_set_gpgdir(config->gpgdir); if(ret != 0) { pm_printf(PM_LOG_ERROR, _("problem setting gpgdir '%s' (%s)\n"), config->gpgdir, alpm_strerrorlast()); diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c index 8458c97..9dd27b5 100644 --- a/src/pacman/pacman.c +++ b/src/pacman/pacman.c @@ -813,7 +813,7 @@ int main(int argc, char *argv[]) /* define paths to reasonable defaults */ alpm_option_set_root(ROOTDIR); alpm_option_set_dbpath(DBPATH); - alpm_option_set_signaturedir(GPGDIR); + alpm_option_set_gpgdir(GPGDIR); alpm_option_set_logfile(LOGFILE);
/* Priority of options: @@ -913,7 +913,7 @@ int main(int argc, char *argv[]) printf("\n"); printf("Lock File : %s\n", alpm_option_get_lockfile()); printf("Log File : %s\n", alpm_option_get_logfile()); - printf("GPG Dir : %s\n", alpm_option_get_signaturedir()); + printf("GPG Dir : %s\n", alpm_option_get_gpgdir()); list_display("Targets :", pm_targets); }
-- 1.7.5.2
OK, thanks. -Kerrick Staley
--- scripts/makepkg.sh.in | 6 +++--- scripts/repo-add.sh.in | 23 ++++++++++++++++++++--- 2 files changed, 23 insertions(+), 6 deletions(-) diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index b0d0c23..95f541f 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1625,7 +1625,7 @@ usage() { printf "$(gettext " --nocheck Do not run the check() function in the %s")\n" "$BUILDSCRIPT" echo "$(gettext " --nosign Do not create a signature for the package")" echo "$(gettext " --pkg <list> Only build listed packages from a split package")" - echo "$(gettext " --sign Sign the resulting package with gpg")" + echo "$(gettext " -S, --sign Sign the resulting package with gpg")" echo "$(gettext " --skipinteg Do not fail when integrity checks are missing")" echo "$(gettext " --source Generate a source-only tarball without downloaded sources")" echo @@ -1659,7 +1659,7 @@ fi ARGLIST=("$@") # Parse Command Line Options. -OPT_SHORT="AcCdefFghiLmop:rRsV" +OPT_SHORT="AcCdefFghiLmop:rRsSV" OPT_LONG="allsource,asroot,ignorearch,check,clean,cleancache,nodeps" OPT_LONG+=",noextract,force,forcever:,geninteg,help,holdver" OPT_LONG+=",install,key:,log,nocolor,nobuild,nocheck,nosign,pkg:,rmdeps" @@ -1708,7 +1708,7 @@ while true; do -r|--rmdeps) RMDEPS=1 ;; -R|--repackage) REPKG=1 ;; --skipinteg) SKIPINTEG=1 ;; - --sign) SIGNPKG='y' ;; + -S|--sign) SIGNPKG='y' ;; --source) SOURCEONLY=1 ;; -s|--syncdeps) DEP_BIN=1 ;; diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 820db36..f00b519 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -26,6 +26,8 @@ export TEXTDOMAINDIR='@localedir@' myver='@PACKAGE_VERSION@' confdir='@sysconfdir@' +GPGDIR='@sysconfdir@/pacman.d/gnupg' + QUIET=0 DELTA=0 WITHFILES=0 @@ -80,8 +82,9 @@ specified on the command line from the given repo database. Multiple\n\ packages to remove can be specified on the command line.\n\n")" printf "$(gettext "Options:\n")" fi + printf "$(gettext " --gpgdir <dir> use the specified GnuPG home directory\n")" printf "$(gettext " -q, --quiet minimize output\n")" - printf "$(gettext " -s, --sign sign database with GnuPG after update\n")" + printf "$(gettext " -S, --sign sign database with GnuPG after update\n")" printf "$(gettext " -k, --key <key> use the specified key to sign the database\n")" printf "$(gettext " -v, --verify verify database's signature before update\n")" printf "$(gettext "\n\ @@ -231,7 +234,12 @@ verify_signature() { warning "$(gettext "No existing signature found, skipping verification.")" return fi - gpg --verify "$dbfile.sig" || ret=$? + # unlike signing, verification of old database is done with pacman's keyring + if ! gpg --homedir "$GPGDIR" --list-keys &>/dev/null; then + error "$(gettext "${GPGDIR} is not a properly initialized GnuPG home directory.")" + exit 1 + fi + gpg --homedir "$GPGDIR" --verify "$dbfile.sig" || ret=$? if (( ! ret )); then msg2 "$(gettext "Database signature file verified.")" else @@ -552,7 +560,16 @@ while [[ $# > 0 ]]; do -q|--quiet) QUIET=1;; -d|--delta) DELTA=1;; -f|--files) WITHFILES=1;; - -s|--sign) + --gpgdir) + check_gpg + shift + GPGDIR="$1" + if ! gpg --homedir "$GPGDIR" --list-keys &>/dev/null; then + error "$(gettext "${GPGDIR} is not a properly initialized GnuPG home directory.")" + exit 1 + fi + ;; + -S|--sign) check_gpg SIGN=1 if ! gpg --list-key ${GPGKEY} &>/dev/null; then -- 1.7.5.2
^^^ You deleted the blank line between the patch subject and the summary text, which makes it do what it did. You'll want to put that back. On Wed, Jun 1, 2011 at 3:03 PM, Kerrick Staley <mail@kerrickstaley.com> wrote: I'm not against either of these two things, but it probably should be two patches. The first should add -S to both repo-add and makepkg (and update the documentation appropriately). The other should implement --gpgdir (as well as document it). Here is what I notice at quick glance- to the casual user, it isn't very clear why only one gpg invocation was changed. Your comment is unfortunately hidden away in the code, but is very helpful: "unlike signing, verification of old database is done with pacman's keyring." The usage string should reflect this accordingly, and it needs to be documented in the manpages as well this way. -Dan
--- scripts/makepkg.sh.in | 6 +++--- scripts/repo-add.sh.in | 23 ++++++++++++++++++++--- 2 files changed, 23 insertions(+), 6 deletions(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index b0d0c23..95f541f 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1625,7 +1625,7 @@ usage() { printf "$(gettext " --nocheck Do not run the check() function in the %s")\n" "$BUILDSCRIPT" echo "$(gettext " --nosign Do not create a signature for the package")" echo "$(gettext " --pkg <list> Only build listed packages from a split package")" - echo "$(gettext " --sign Sign the resulting package with gpg")" + echo "$(gettext " -S, --sign Sign the resulting package with gpg")" echo "$(gettext " --skipinteg Do not fail when integrity checks are missing")" echo "$(gettext " --source Generate a source-only tarball without downloaded sources")" echo @@ -1659,7 +1659,7 @@ fi ARGLIST=("$@")
# Parse Command Line Options. -OPT_SHORT="AcCdefFghiLmop:rRsV" +OPT_SHORT="AcCdefFghiLmop:rRsSV" OPT_LONG="allsource,asroot,ignorearch,check,clean,cleancache,nodeps" OPT_LONG+=",noextract,force,forcever:,geninteg,help,holdver" OPT_LONG+=",install,key:,log,nocolor,nobuild,nocheck,nosign,pkg:,rmdeps" @@ -1708,7 +1708,7 @@ while true; do -r|--rmdeps) RMDEPS=1 ;; -R|--repackage) REPKG=1 ;; --skipinteg) SKIPINTEG=1 ;; - --sign) SIGNPKG='y' ;; + -S|--sign) SIGNPKG='y' ;; --source) SOURCEONLY=1 ;; -s|--syncdeps) DEP_BIN=1 ;;
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in index 820db36..f00b519 100644 --- a/scripts/repo-add.sh.in +++ b/scripts/repo-add.sh.in @@ -26,6 +26,8 @@ export TEXTDOMAINDIR='@localedir@' myver='@PACKAGE_VERSION@' confdir='@sysconfdir@'
+GPGDIR='@sysconfdir@/pacman.d/gnupg' + QUIET=0 DELTA=0 WITHFILES=0 @@ -80,8 +82,9 @@ specified on the command line from the given repo database. Multiple\n\ packages to remove can be specified on the command line.\n\n")" printf "$(gettext "Options:\n")" fi + printf "$(gettext " --gpgdir <dir> use the specified GnuPG home directory\n")" printf "$(gettext " -q, --quiet minimize output\n")" - printf "$(gettext " -s, --sign sign database with GnuPG after update\n")" + printf "$(gettext " -S, --sign sign database with GnuPG after update\n")" printf "$(gettext " -k, --key <key> use the specified key to sign the database\n")" printf "$(gettext " -v, --verify verify database's signature before update\n")" printf "$(gettext "\n\ @@ -231,7 +234,12 @@ verify_signature() { warning "$(gettext "No existing signature found, skipping verification.")" return fi - gpg --verify "$dbfile.sig" || ret=$? + # unlike signing, verification of old database is done with pacman's keyring + if ! gpg --homedir "$GPGDIR" --list-keys &>/dev/null; then + error "$(gettext "${GPGDIR} is not a properly initialized GnuPG home directory.")" + exit 1 + fi + gpg --homedir "$GPGDIR" --verify "$dbfile.sig" || ret=$? if (( ! ret )); then msg2 "$(gettext "Database signature file verified.")" else @@ -552,7 +560,16 @@ while [[ $# > 0 ]]; do -q|--quiet) QUIET=1;; -d|--delta) DELTA=1;; -f|--files) WITHFILES=1;; - -s|--sign) + --gpgdir) + check_gpg + shift + GPGDIR="$1" + if ! gpg --homedir "$GPGDIR" --list-keys &>/dev/null; then + error "$(gettext "${GPGDIR} is not a properly initialized GnuPG home directory.")" + exit 1 + fi + ;; + -S|--sign) check_gpg SIGN=1 if ! gpg --list-key ${GPGKEY} &>/dev/null; then -- 1.7.5.2
On 02/06/11 06:21, Dan McGee wrote:
^^^ You deleted the blank line between the patch subject and the summary text, which makes it do what it did. You'll want to put that back.
On Wed, Jun 1, 2011 at 3:03 PM, Kerrick Staley<mail@kerrickstaley.com> wrote:
I'm not against either of these two things, but it probably should be two patches. The first should add -S to both repo-add and makepkg (and update the documentation appropriately).
Just as an FYI, I originally went for having no short options to sign a package with makepkg because I thought actually using --sign would be a rare case given the control of this in makepkg.conf. However, I'm also not against adding one and making it consistent with repo-add... Allan
^^^ You deleted the blank line between the patch subject and the summary text, which makes it do what it did. You'll want to put that back. On Wed, Jun 1, 2011 at 3:03 PM, Kerrick Staley <mail@kerrickstaley.com> wrote: So I don't find VerifySig any more appitizing, other than matching the option name we came up with. I was leaning in my head when I wrote up this TODO toward something like GPGLevel, SigLevel, etc. I also think we may need to be a bit more granular than our current Always/Optional/Never trifecta. We have a multitude of possibilities when checking a signature: * Valid signature, fully trusted (or ultimate, (GPGME_VALIDITY_{ULTIMATE, FULL}). * Valid signature, unknown trust/unknown key (GPGME_VALIDITY_UNKNOWN, GPGME_SIGSUM_KEY_MISSING). * Valid signature, trust somewhere in between (marginal, GPGME_VALIDITY_MARGINAL). * Valid signature, user is never valid (GPGME_VALIDITY_NEVER) * Valid signature, signature is however expired (GPGME_SIGSUM_SIG_EXPIRED) * Valid signature, key is however expired (GPGME_SIGSUM_KEY_EXPIRED) * Bad signature, trust level is irrelevant (GPGME_VALIDITY_RED) Thoughts from anyone else on the naming, as well as what to do as far as expanded options? I've divided it above into roughly 3 categories, of which the top would always be acceptable, the bottom would never, and the middle could be a switchable option. I'm envisioning something like: SigLevel = Always AllowUnknown [core] SigLevel = Always [otherrepo] SigLevel = Optional AllowUnknown -Dan
On Wed, Jun 1, 2011 at 3:46 PM, Dan McGee <dpmcgee@gmail.com> wrote:
^^^ You deleted the blank line between the patch subject and the summary text, which makes it do what it did. You'll want to put that back.
On Wed, Jun 1, 2011 at 3:03 PM, Kerrick Staley <mail@kerrickstaley.com> wrote:
So I don't find VerifySig any more appitizing, other than matching the option name we came up with. I was leaning in my head when I wrote up this TODO toward something like GPGLevel, SigLevel, etc. I also think we may need to be a bit more granular than our current Always/Optional/Never trifecta. We have a multitude of possibilities when checking a signature:
* Valid signature, fully trusted (or ultimate, (GPGME_VALIDITY_{ULTIMATE, FULL}).
* Valid signature, unknown trust/unknown key (GPGME_VALIDITY_UNKNOWN, GPGME_SIGSUM_KEY_MISSING). * Valid signature, trust somewhere in between (marginal, GPGME_VALIDITY_MARGINAL).
* Valid signature, user is never valid (GPGME_VALIDITY_NEVER) * Valid signature, signature is however expired (GPGME_SIGSUM_SIG_EXPIRED) * Valid signature, key is however expired (GPGME_SIGSUM_KEY_EXPIRED) * Bad signature, trust level is irrelevant (GPGME_VALIDITY_RED)
Thoughts from anyone else on the naming, as well as what to do as far as expanded options? I've divided it above into roughly 3 categories, of which the top would always be acceptable, the bottom would never, and the middle could be a switchable option. I'm envisioning something like:
SigLevel = Always AllowUnknown
[core] SigLevel = Always
[otherrepo] SigLevel = Optional AllowUnknown
I should also add that the ability to have a signed database without signed packages could be done this same way; e.g. "SigLevel = NoPackages" or something (maybe even a corresponding "NoDatabase").
On 02/06/11 06:50, Dan McGee wrote:
On Wed, Jun 1, 2011 at 3:46 PM, Dan McGee<dpmcgee@gmail.com> wrote:
^^^ You deleted the blank line between the patch subject and the summary text, which makes it do what it did. You'll want to put that back.
On Wed, Jun 1, 2011 at 3:03 PM, Kerrick Staley<mail@kerrickstaley.com> wrote:
So I don't find VerifySig any more appitizing, other than matching the option name we came up with. I was leaning in my head when I wrote up this TODO toward something like GPGLevel, SigLevel, etc. I also think we may need to be a bit more granular than our current Always/Optional/Never trifecta. We have a multitude of possibilities when checking a signature:
* Valid signature, fully trusted (or ultimate, (GPGME_VALIDITY_{ULTIMATE, FULL}).
* Valid signature, unknown trust/unknown key (GPGME_VALIDITY_UNKNOWN, GPGME_SIGSUM_KEY_MISSING). * Valid signature, trust somewhere in between (marginal, GPGME_VALIDITY_MARGINAL).
* Valid signature, user is never valid (GPGME_VALIDITY_NEVER) * Valid signature, signature is however expired (GPGME_SIGSUM_SIG_EXPIRED) * Valid signature, key is however expired (GPGME_SIGSUM_KEY_EXPIRED) * Bad signature, trust level is irrelevant (GPGME_VALIDITY_RED)
Thoughts from anyone else on the naming, as well as what to do as far as expanded options? I've divided it above into roughly 3 categories, of which the top would always be acceptable, the bottom would never, and the middle could be a switchable option. I'm envisioning something like:
SigLevel = Always AllowUnknown
[core] SigLevel = Always
[otherrepo] SigLevel = Optional AllowUnknown
I should also add that the ability to have a signed database without signed packages could be done this same way; e.g. "SigLevel = NoPackages" or something (maybe even a corresponding "NoDatabase").
That sort of naming scheme sounds fine to me. How about CheckLevel rather than SigLevel as it is the level of the checking that is being done once you add options like "NoPackages"? Anyway, we can bikeshed the name later! But this might actually be a case where setting up a wiki page to hash out the configuration format and options could be useful. At least I think it would be helpful to have this written down somewhere so I can get it all straight in my head and it could be used as the basis of the man page later. Allan
On Sat, Jun 4, 2011 at 9:30 AM, Allan McRae <allan@archlinux.org> wrote:
On 02/06/11 06:50, Dan McGee wrote:
On Wed, Jun 1, 2011 at 3:46 PM, Dan McGee<dpmcgee@gmail.com> wrote:
^^^ You deleted the blank line between the patch subject and the summary text, which makes it do what it did. You'll want to put that back.
On Wed, Jun 1, 2011 at 3:03 PM, Kerrick Staley<mail@kerrickstaley.com> wrote:
So I don't find VerifySig any more appitizing, other than matching the option name we came up with. I was leaning in my head when I wrote up this TODO toward something like GPGLevel, SigLevel, etc. I also think we may need to be a bit more granular than our current Always/Optional/Never trifecta. We have a multitude of possibilities when checking a signature:
* Valid signature, fully trusted (or ultimate, (GPGME_VALIDITY_{ULTIMATE, FULL}).
* Valid signature, unknown trust/unknown key (GPGME_VALIDITY_UNKNOWN, GPGME_SIGSUM_KEY_MISSING). * Valid signature, trust somewhere in between (marginal, GPGME_VALIDITY_MARGINAL).
* Valid signature, user is never valid (GPGME_VALIDITY_NEVER) * Valid signature, signature is however expired (GPGME_SIGSUM_SIG_EXPIRED) * Valid signature, key is however expired (GPGME_SIGSUM_KEY_EXPIRED) * Bad signature, trust level is irrelevant (GPGME_VALIDITY_RED)
Thoughts from anyone else on the naming, as well as what to do as far as expanded options? I've divided it above into roughly 3 categories, of which the top would always be acceptable, the bottom would never, and the middle could be a switchable option. I'm envisioning something like:
SigLevel = Always AllowUnknown
[core] SigLevel = Always
[otherrepo] SigLevel = Optional AllowUnknown
I should also add that the ability to have a signed database without signed packages could be done this same way; e.g. "SigLevel = NoPackages" or something (maybe even a corresponding "NoDatabase").
That sort of naming scheme sounds fine to me.
How about CheckLevel rather than SigLevel as it is the level of the checking that is being done once you add options like "NoPackages"? Sounds good to me.
Anyway, we can bikeshed the name later! But this might actually be a case where setting up a wiki page to hash out the configuration format and options could be useful. At least I think it would be helpful to have this written down somewhere so I can get it all straight in my head and it could be used as the basis of the man page later. Agreed. Although as far as setting up a wiki page we should probably first winnow down the multiple ones into one master page so it is a bit more clear where we are and where we are going as a team (and not thoughts from two years ago). I'll see if I can tackle this task in the next day or two as my current round of patches bake a bit on the ML.
-Dan
This is the updated version of the patch that fixes all older symbols. There are several small changes that I didn't think merited seperate commits: * I added a few comments about what certain files and functions did * I added code to initialize the db->siglevel member, since it isn't initialized elsewhere as far as I can tell * I changed one instance of return(0); to return 0; I think SigLevel is more appropriate than CheckLevel because the latter doesn't make any reference to signatures and so is ambiguous: the level of checking of what?
Symbols related to signature verification were changed to SigLevel and similar names, instead of the various names used previously. Also, I added some documentation in areas that confused me, and added code to explictly initialize the siglevel member of the db structure. Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/alpm.h | 24 ++++++++++++------------ lib/libalpm/be_package.c | 10 +++++----- lib/libalpm/be_sync.c | 12 ++++++------ lib/libalpm/db.c | 14 ++++++++------ lib/libalpm/db.h | 2 +- lib/libalpm/dload.c | 9 ++++++--- lib/libalpm/handle.c | 14 +++++++------- lib/libalpm/handle.h | 2 +- lib/libalpm/package.h | 2 +- lib/libalpm/signing.c | 15 ++++++++------- lib/libalpm/signing.h | 2 +- lib/libalpm/sync.c | 4 ++-- src/pacman/conf.c | 32 ++++++++++++++++---------------- src/pacman/query.c | 2 +- src/pacman/sync.c | 2 +- src/pacman/upgrade.c | 2 +- src/util/testpkg.c | 2 +- 17 files changed, 78 insertions(+), 72 deletions(-) diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 5af843c..54e2a1e 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -63,12 +63,12 @@ typedef enum _pmpkgreason_t { /** * GPG signature verification options */ -typedef enum _pgp_verify_t { - PM_PGP_VERIFY_UNKNOWN, - PM_PGP_VERIFY_NEVER, - PM_PGP_VERIFY_OPTIONAL, - PM_PGP_VERIFY_ALWAYS -} pgp_verify_t; +typedef enum pmsiglevel_t { + PM_SIGLEVEL_UNKNOWN, + PM_SIGLEVEL_NEVER, + PM_SIGLEVEL_OPTIONAL, + PM_SIGLEVEL_ALWAYS +} pmsiglevel_t; /* * Structures @@ -263,8 +263,8 @@ int alpm_option_set_usedelta(int usedelta); int alpm_option_get_checkspace(void); int alpm_option_set_checkspace(int checkspace); -pgp_verify_t alpm_option_get_default_sigverify(void); -int alpm_option_set_default_sigverify(pgp_verify_t level); +pmsiglevel_t alpm_option_get_default_siglevel(void); +int alpm_option_set_default_siglevel(pmsiglevel_t level); /** @} */ @@ -389,7 +389,7 @@ int alpm_db_set_pkgreason(pmdb_t *db, const char *name, pmpkgreason_t reason); * @param pkg address of the package pointer * @return 0 on success, -1 on error (pm_errno is set accordingly) */ -int alpm_pkg_load(const char *filename, int full, pgp_verify_t check_sig, +int alpm_pkg_load(const char *filename, int full, pmsiglevel_t check_sig, pmpkg_t **pkg); /** Free a package. @@ -626,10 +626,10 @@ alpm_list_t *alpm_pkg_unused_deltas(pmpkg_t *pkg); * Signatures */ -int alpm_pkg_check_pgp_signature(pmpkg_t *pkg); +int alpm_pkg_check_signature(pmpkg_t *pkg); -int alpm_db_check_pgp_signature(pmdb_t *db); -int alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify); +int alpm_db_check_signature(pmdb_t *db); +int alpm_db_set_siglevel(pmdb_t *db, pmsiglevel_t verify); /* * Deltas diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 9e59d69..0fa2ff5 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -227,7 +227,7 @@ static int parse_descfile(struct archive *a, pmpkg_t *newpkg) * @return An information filled pmpkg_t struct */ pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full, - const char *md5sum, const char *base64_sig, pgp_verify_t check_sig) + const char *md5sum, const char *base64_sig, pmsiglevel_t check_sig) { int ret; int config = 0; @@ -266,11 +266,11 @@ pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full, } _alpm_log(PM_LOG_DEBUG, "base64_sig: %s\n", base64_sig); - if(check_sig != PM_PGP_VERIFY_NEVER) { + if(check_sig != PM_SIGLEVEL_NEVER) { _alpm_log(PM_LOG_DEBUG, "checking signature for %s\n", pkgfile); ret = _alpm_gpgme_checksig(pkgfile, base64_sig); - if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) || - (check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) { + if((check_sig == PM_SIGLEVEL_ALWAYS && ret != 0) || + (check_sig == PM_SIGLEVEL_OPTIONAL && ret == 1)) { RET_ERR(PM_ERR_SIG_INVALID, NULL); } } @@ -381,7 +381,7 @@ error: } int SYMEXPORT alpm_pkg_load(const char *filename, int full, - pgp_verify_t check_sig, pmpkg_t **pkg) + pmsiglevel_t check_sig, pmpkg_t **pkg) { ALPM_LOG_FUNC; diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c index 9d85a45..ce9b790 100644 --- a/lib/libalpm/be_sync.c +++ b/lib/libalpm/be_sync.c @@ -1,5 +1,5 @@ /* - * be_sync.c + * be_sync.c : backend for sync databases * * Copyright (c) 2006-2011 Pacman Development Team <pacman-dev@archlinux.org> * Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org> @@ -85,7 +85,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) size_t len; int ret = -1; mode_t oldmask; - pgp_verify_t check_sig; + pmsiglevel_t siglevel; ALPM_LOG_FUNC; @@ -117,7 +117,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) } } - check_sig = _alpm_db_get_sigverify_level(db); + siglevel = _alpm_db_get_siglevel(db); for(i = db->servers; i; i = i->next) { const char *server = i->data; @@ -132,9 +132,9 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) ret = _alpm_download(fileurl, syncpath, force, 0, 0); - if(ret == 0 && (check_sig == PM_PGP_VERIFY_ALWAYS || - check_sig == PM_PGP_VERIFY_OPTIONAL)) { - int errors_ok = (check_sig == PM_PGP_VERIFY_OPTIONAL); + if(ret == 0 && (siglevel == PM_SIGLEVEL_ALWAYS || + siglevel == PM_SIGLEVEL_OPTIONAL)) { + int errors_ok = (siglevel == PM_SIGLEVEL_OPTIONAL); /* if we downloaded a DB, we want the .sig from the same server */ snprintf(fileurl, len, "%s/%s.db.sig", server, db->treename); diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c index 3133614..2a36d23 100644 --- a/lib/libalpm/db.c +++ b/lib/libalpm/db.c @@ -223,23 +223,24 @@ int SYMEXPORT alpm_db_remove_server(pmdb_t *db, const char *url) return 1; } + /** Set the verify gpg signature option for a database. * @param db database pointer - * @param verify enum pgp_verify_t + * @param verify enum pmsiglevel_t * @return 0 on success, -1 on error (pm_errno is set accordingly) */ -int SYMEXPORT alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify) +int SYMEXPORT alpm_db_set_siglevel(pmdb_t *db, pmsiglevel_t level) { ALPM_LOG_FUNC; /* Sanity checks */ ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, -1)); - db->pgp_verify = verify; - _alpm_log(PM_LOG_DEBUG, "adding VerifySig option to database '%s': %d\n", - db->treename, verify); + db->siglevel = level; + _alpm_log(PM_LOG_DEBUG, "adding SigLevel option to database '%s': %d\n", + db->treename, level); - return(0); + return 0; } /** Get the name of a package database. */ @@ -374,6 +375,7 @@ pmdb_t *_alpm_db_new(const char *treename, int is_local) CALLOC(db, 1, sizeof(pmdb_t), RET_ERR(PM_ERR_MEMORY, NULL)); STRDUP(db->treename, treename, RET_ERR(PM_ERR_MEMORY, NULL)); db->is_local = is_local; + db->siglevel = PM_SIGLEVEL_UNKNOWN; return db; } diff --git a/lib/libalpm/db.h b/lib/libalpm/db.h index 399e2d5..2e9a3a2 100644 --- a/lib/libalpm/db.h +++ b/lib/libalpm/db.h @@ -63,7 +63,7 @@ struct __pmdb_t { pmpkghash_t *pkgcache; alpm_list_t *grpcache; alpm_list_t *servers; - pgp_verify_t pgp_verify; + pmsiglevel_t siglevel; struct db_operations *ops; }; diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c index 1825eed..dfc93bf 100644 --- a/lib/libalpm/dload.c +++ b/lib/libalpm/dload.c @@ -310,6 +310,9 @@ cleanup: } #endif +/* download file; do not destroy existing destination file upon download failure + * @param force force the file to be downloaded again, even if destination file is up-to-date + */ int _alpm_download(const char *url, const char *localpath, int force, int allow_resume, int errors_ok) { @@ -351,11 +354,11 @@ char SYMEXPORT *alpm_fetch_pkgurl(const char *url) _alpm_log(PM_LOG_DEBUG, "successfully downloaded %s\n", url); /* attempt to download the signature */ - if(ret == 0 && (handle->sigverify == PM_PGP_VERIFY_ALWAYS || - handle->sigverify == PM_PGP_VERIFY_OPTIONAL)) { + if(ret == 0 && (handle->siglevel == PM_SIGLEVEL_ALWAYS || + handle->siglevel == PM_SIGLEVEL_OPTIONAL)) { char *sig_url; size_t len; - int errors_ok = (handle->sigverify == PM_PGP_VERIFY_OPTIONAL); + int errors_ok = (handle->siglevel == PM_SIGLEVEL_OPTIONAL); len = strlen(url) + 5; CALLOC(sig_url, len, sizeof(char), RET_ERR(PM_ERR_MEMORY, NULL)); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 39b3b60..8d33caa 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -46,7 +46,7 @@ pmhandle_t *_alpm_handle_new() CALLOC(handle, 1, sizeof(pmhandle_t), RET_ERR(PM_ERR_MEMORY, NULL)); - handle->sigverify = PM_PGP_VERIFY_OPTIONAL; + handle->siglevel = PM_SIGLEVEL_OPTIONAL; return handle; } @@ -627,18 +627,18 @@ int SYMEXPORT alpm_option_set_checkspace(int checkspace) return 0; } -int SYMEXPORT alpm_option_set_default_sigverify(pgp_verify_t level) +int SYMEXPORT alpm_option_set_default_siglevel(pmsiglevel_t level) { ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, -1)); - ASSERT(level != PM_PGP_VERIFY_UNKNOWN, RET_ERR(PM_ERR_WRONG_ARGS, -1)); - handle->sigverify = level; + ASSERT(level != PM_SIGLEVEL_UNKNOWN, RET_ERR(PM_ERR_WRONG_ARGS, -1)); + handle->siglevel = level; return 0; } -pgp_verify_t SYMEXPORT alpm_option_get_default_sigverify() +pmsiglevel_t SYMEXPORT alpm_option_get_default_siglevel() { - ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, PM_PGP_VERIFY_UNKNOWN)); - return handle->sigverify; + ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, PM_SIGLEVEL_UNKNOWN)); + return handle->siglevel; } /* vim: set ts=2 sw=2 noet: */ diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index aa00b6f..672cab4 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -72,7 +72,7 @@ typedef struct _pmhandle_t { char *arch; /* Architecture of packages we should allow */ int usedelta; /* Download deltas if possible */ int checkspace; /* Check disk space before installing */ - pgp_verify_t sigverify; /* Default signature verification level */ + pmsiglevel_t siglevel; /* Default signature verification level */ } pmhandle_t; /* global handle variable */ diff --git a/lib/libalpm/package.h b/lib/libalpm/package.h index debb239..02d4096 100644 --- a/lib/libalpm/package.h +++ b/lib/libalpm/package.h @@ -141,7 +141,7 @@ void _alpm_pkg_free(pmpkg_t *pkg); void _alpm_pkg_free_trans(pmpkg_t *pkg); pmpkg_t *_alpm_pkg_load_internal(const char *filename, int full, - const char *md5sum, const char *base64_sig, pgp_verify_t check_sig); + const char *md5sum, const char *base64_sig, pmsiglevel_t check_sig); int _alpm_pkg_cmp(const void *p1, const void *p2); int _alpm_pkg_compare_versions(pmpkg_t *local_pkg, pmpkg_t *pkg); diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 9bb9d0a..a57d86a 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -365,19 +365,20 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig) /** * Determines the necessity of checking for a valid PGP signature + * Automatically takes global setting into account. * @param db the sync database to query * * @return signature verification level */ -pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db) +pmsiglevel_t _alpm_db_get_siglevel(pmdb_t *db) { ALPM_LOG_FUNC; - ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_PGP_VERIFY_UNKNOWN)); + ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_SIGLEVEL_UNKNOWN)); - if(db->pgp_verify != PM_PGP_VERIFY_UNKNOWN) { - return db->pgp_verify; + if(db->siglevel != PM_SIGLEVEL_UNKNOWN) { + return db->siglevel; } else { - return alpm_option_get_default_sigverify(); + return alpm_option_get_default_siglevel(); } } @@ -386,7 +387,7 @@ pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db) * @param pkg the package to check * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred) */ -int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) +int SYMEXPORT alpm_pkg_check_signature(pmpkg_t *pkg) { ALPM_LOG_FUNC; ASSERT(pkg != NULL, return 0); @@ -399,7 +400,7 @@ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) * @param db the database to check * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred) */ -int SYMEXPORT alpm_db_check_pgp_signature(pmdb_t *db) +int SYMEXPORT alpm_db_check_signature(pmdb_t *db) { ALPM_LOG_FUNC; ASSERT(db != NULL, return 0); diff --git a/lib/libalpm/signing.h b/lib/libalpm/signing.h index 8d8c164..c33a0d1 100644 --- a/lib/libalpm/signing.h +++ b/lib/libalpm/signing.h @@ -22,7 +22,7 @@ #include "alpm.h" int _alpm_gpgme_checksig(const char *path, const char *base64_sig); -pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db); +pmsiglevel_t _alpm_db_get_siglevel(pmdb_t *db); #endif /* _ALPM_SIGNING_H */ diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c index 8dd51aa..1ecb4b4 100644 --- a/lib/libalpm/sync.c +++ b/lib/libalpm/sync.c @@ -866,7 +866,7 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) int percent = (current * 100) / numtargs; const char *filename; char *filepath; - pgp_verify_t check_sig; + pmsiglevel_t check_sig; PROGRESS(trans, PM_TRANS_PROGRESS_INTEGRITY_START, "", percent, numtargs, current); @@ -877,7 +877,7 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) filename = alpm_pkg_get_filename(spkg); filepath = _alpm_filecache_find(filename); pmdb_t *sdb = alpm_pkg_get_db(spkg); - check_sig = _alpm_db_get_sigverify_level(sdb); + check_sig = _alpm_db_get_siglevel(sdb); /* load the package file and replace pkgcache entry with it in the target list */ /* TODO: alpm_pkg_get_db() will not work on this target anymore */ diff --git a/src/pacman/conf.c b/src/pacman/conf.c index 370ec51..d8f2ac3 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -214,19 +214,19 @@ int config_set_arch(const char *arch) } } -static pgp_verify_t option_verifysig(const char *value) +static pmsiglevel_t option_siglevel(const char *value) { - pgp_verify_t level; + pmsiglevel_t level; if(strcmp(value, "Always") == 0) { - level = PM_PGP_VERIFY_ALWAYS; + level = PM_SIGLEVEL_ALWAYS; } else if(strcmp(value, "Optional") == 0) { - level = PM_PGP_VERIFY_OPTIONAL; + level = PM_SIGLEVEL_OPTIONAL; } else if(strcmp(value, "Never") == 0) { - level = PM_PGP_VERIFY_NEVER; + level = PM_SIGLEVEL_NEVER; } else { - level = PM_PGP_VERIFY_UNKNOWN; + level = PM_SIGLEVEL_UNKNOWN; } - pm_printf(PM_LOG_DEBUG, "config: VerifySig = %s (%d)\n", value, level); + pm_printf(PM_LOG_DEBUG, "config: SigLevel = %s (%d)\n", value, level); return level; } @@ -358,10 +358,10 @@ static int _parse_options(const char *key, char *value, pm_printf(PM_LOG_DEBUG, "config: xfercommand: %s\n", value); } else if(strcmp(key, "CleanMethod") == 0) { setrepeatingoption(value, "CleanMethod", option_add_cleanmethod); - } else if(strcmp(key, "VerifySig") == 0) { - pgp_verify_t level = option_verifysig(value); - if(level != PM_PGP_VERIFY_UNKNOWN) { - alpm_option_set_default_sigverify(level); + } else if(strcmp(key, "SigLevel") == 0) { + pmsiglevel_t level = option_siglevel(value); + if(level != PM_SIGLEVEL_UNKNOWN) { + alpm_option_set_default_siglevel(level); } else { pm_printf(PM_LOG_ERROR, _("config file %s, line %d: directive '%s' has invalid value '%s'\n"), @@ -633,12 +633,12 @@ static int _parseconfig(const char *file, int parse_options, ret = 1; goto cleanup; } - } else if(strcmp(key, "VerifySig") == 0) { - pgp_verify_t level = option_verifysig(value); - if(level != PM_PGP_VERIFY_UNKNOWN) { - ret = alpm_db_set_pgp_verify(db, level); + } else if(strcmp(key, "SigLevel") == 0) { + pmsiglevel_t level = option_siglevel(value); + if(level != PM_SIGLEVEL_UNKNOWN) { + ret = alpm_db_set_siglevel(db, level); if(ret != 0) { - pm_printf(PM_LOG_ERROR, _("could not add set verify option for database '%s': %s (%s)\n"), + pm_printf(PM_LOG_ERROR, _("could not set SigLevel option for database '%s': %s (%s)\n"), alpm_db_get_name(db), value, alpm_strerrorlast()); goto cleanup; } diff --git a/src/pacman/query.c b/src/pacman/query.c index d1105b4..3b09afe 100644 --- a/src/pacman/query.c +++ b/src/pacman/query.c @@ -551,7 +551,7 @@ int pacman_query(alpm_list_t *targets) char *strname = alpm_list_getdata(i); if(config->op_q_isfile) { - alpm_pkg_load(strname, 1, PM_PGP_VERIFY_OPTIONAL, &pkg); + alpm_pkg_load(strname, 1, PM_SIGLEVEL_OPTIONAL, &pkg); } else { pkg = alpm_db_get_pkg(db_local, strname); } diff --git a/src/pacman/sync.c b/src/pacman/sync.c index 884504f..b2b8dab 100644 --- a/src/pacman/sync.c +++ b/src/pacman/sync.c @@ -219,7 +219,7 @@ static int sync_cleancache(int level) /* attempt to load the package, prompt removal on failures as we may have * files here that aren't valid packages. we also don't need a full * load of the package, just the metadata. */ - if(alpm_pkg_load(path, 0, PM_PGP_VERIFY_NEVER, &localpkg) != 0 + if(alpm_pkg_load(path, 0, PM_SIGLEVEL_NEVER, &localpkg) != 0 || localpkg == NULL) { if(yesno(_("File %s does not seem to be a valid package, remove it?"), path)) { diff --git a/src/pacman/upgrade.c b/src/pacman/upgrade.c index 0ffc94c..826e98e 100644 --- a/src/pacman/upgrade.c +++ b/src/pacman/upgrade.c @@ -42,7 +42,7 @@ int pacman_upgrade(alpm_list_t *targets) { alpm_list_t *i, *data = NULL; - pgp_verify_t check_sig = alpm_option_get_default_sigverify(); + pmsiglevel_t check_sig = alpm_option_get_default_siglevel(); int retval = 0; if(targets == NULL) { diff --git a/src/util/testpkg.c b/src/util/testpkg.c index ad6ec30..2c74a47 100644 --- a/src/util/testpkg.c +++ b/src/util/testpkg.c @@ -55,7 +55,7 @@ int main(int argc, char *argv[]) /* let us get log messages from libalpm */ alpm_option_set_logcb(output_cb); - if(alpm_pkg_load(argv[1], 1, PM_PGP_VERIFY_OPTIONAL, &pkg) == -1 + if(alpm_pkg_load(argv[1], 1, PM_SIGLEVEL_OPTIONAL, &pkg) == -1 || pkg == NULL) { switch(pm_errno) { case PM_ERR_PKG_OPEN: -- 1.7.5.2
On 2011/6/12 Kerrick Staley <mail@kerrickstaley.com> wrote:
Symbols related to signature verification were changed to SigLevel and similar names, instead of the various names used previously. Also, I added some documentation in areas that confused me, and added code to explictly initialize the siglevel member of the db structure.
Signed-off-by: Kerrick Staley <mail@kerrickstaley.com>
Hello, Please try to not send patches that say "and other small fixes": I'd personnally, better see three patches even if they only change a line or seem stupid. * add some documentation * explictly initialize the siglevel member of the db structure * rename symbols to *siglevel* Regards, -- Rémy.
Per rule 5 in the "Pacman - Contributing" document, return should not be written as a function call. Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/db.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c index 3133614..0cc4ff2 100644 --- a/lib/libalpm/db.c +++ b/lib/libalpm/db.c @@ -239,7 +239,7 @@ int SYMEXPORT alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify) _alpm_log(PM_LOG_DEBUG, "adding VerifySig option to database '%s': %d\n", db->treename, verify); - return(0); + return 0; } /** Get the name of a package database. */ -- 1.7.5.2
Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/be_sync.c | 2 +- lib/libalpm/dload.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletions(-) diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c index 9d85a45..758e5f9 100644 --- a/lib/libalpm/be_sync.c +++ b/lib/libalpm/be_sync.c @@ -1,5 +1,5 @@ /* - * be_sync.c + * be_sync.c : backend for sync databases * * Copyright (c) 2006-2011 Pacman Development Team <pacman-dev@archlinux.org> * Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org> diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c index 1825eed..6d9b007 100644 --- a/lib/libalpm/dload.c +++ b/lib/libalpm/dload.c @@ -310,6 +310,9 @@ cleanup: } #endif +/* download file; do not destroy existing destination file upon download failure + * @param force force the file to be downloaded again, even if destination file is up-to-date + */ int _alpm_download(const char *url, const char *localpath, int force, int allow_resume, int errors_ok) { -- 1.7.5.2
Hmm- I think we have different versions of helpful. If a function gets half documented and only one parameter gets called out, it isn't so useful to me or others as now we have to wonder just how stale that documentation is. It also isn't even proper Doxygen syntax (you need to use /**, not /*). I will apply something like this, but please use a full template and fill it all out: /** Summary goes here. * Followed by more description. * @param url * @param localpath * @param force * @param allow_resume * @param errors_ok * @return */ On Sun, Jun 12, 2011 at 5:20 AM, Kerrick Staley <mail@kerrickstaley.com> wrote:
Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/be_sync.c | 2 +- lib/libalpm/dload.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c index 9d85a45..758e5f9 100644 --- a/lib/libalpm/be_sync.c +++ b/lib/libalpm/be_sync.c @@ -1,5 +1,5 @@ /* - * be_sync.c + * be_sync.c : backend for sync databases * * Copyright (c) 2006-2011 Pacman Development Team <pacman-dev@archlinux.org> * Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org> diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c index 1825eed..6d9b007 100644 --- a/lib/libalpm/dload.c +++ b/lib/libalpm/dload.c @@ -310,6 +310,9 @@ cleanup: } #endif
+/* download file; do not destroy existing destination file upon download failure + * @param force force the file to be downloaded again, even if destination file is up-to-date + */ int _alpm_download(const char *url, const char *localpath, int force, int allow_resume, int errors_ok) { -- 1.7.5.2
OK, understood, sorry. Will resend the patch. -Kerrick Staley On Mon, Jun 13, 2011 at 5:26 PM, Dan McGee <dpmcgee@gmail.com> wrote:
Hmm- I think we have different versions of helpful. If a function gets half documented and only one parameter gets called out, it isn't so useful to me or others as now we have to wonder just how stale that documentation is. It also isn't even proper Doxygen syntax (you need to use /**, not /*).
I will apply something like this, but please use a full template and fill it all out:
/** Summary goes here. * Followed by more description. * @param url * @param localpath * @param force * @param allow_resume * @param errors_ok * @return */
Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/be_sync.c | 2 +- lib/libalpm/dload.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c index 9d85a45..758e5f9 100644 --- a/lib/libalpm/be_sync.c +++ b/lib/libalpm/be_sync.c @@ -1,5 +1,5 @@ /* - * be_sync.c + * be_sync.c : backend for sync databases * * Copyright (c) 2006-2011 Pacman Development Team <
On Sun, Jun 12, 2011 at 5:20 AM, Kerrick Staley <mail@kerrickstaley.com> wrote: pacman-dev@archlinux.org>
* Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org> diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c index 1825eed..6d9b007 100644 --- a/lib/libalpm/dload.c +++ b/lib/libalpm/dload.c @@ -310,6 +310,9 @@ cleanup: } #endif
+/* download file; do not destroy existing destination file upon download failure + * @param force force the file to be downloaded again, even if destination file is up-to-date + */ int _alpm_download(const char *url, const char *localpath, int force, int allow_resume, int errors_ok) { -- 1.7.5.2
Documented the _alpm_download() function in dload.c Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/dload.c | 10 ++++++++++ 1 files changed, 10 insertions(+), 0 deletions(-) diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c index 9354562..33fb1cb 100644 --- a/lib/libalpm/dload.c +++ b/lib/libalpm/dload.c @@ -311,6 +311,16 @@ cleanup: } #endif +/** Download a file given by a URL to a local directory. + * Does not overwrite an existing file if the download fails. + * @param handle the context handle + * @param url the file's URL + * @param localpath the directory to save the file in + * @param force force download even if there is an up-to-date local copy + * @param allow_resume allow a partial download to be resumed + * @param errors_ok do not log errors (but still return them) + * @return 0 on success, -1 on error (pm_errno is set accordingly if errors_ok == 0) + */ int _alpm_download(pmhandle_t *handle, const char *url, const char *localpath, int force, int allow_resume, int errors_ok) { -- 1.7.5.2
Added a line to the top of each of be_local.c, be_package.c, and be_sync.c indicating their purposes. Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/be_local.c | 2 +- lib/libalpm/be_package.c | 2 +- lib/libalpm/be_sync.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/libalpm/be_local.c b/lib/libalpm/be_local.c index d9a76cc..ee28db5 100644 --- a/lib/libalpm/be_local.c +++ b/lib/libalpm/be_local.c @@ -1,5 +1,5 @@ /* - * be_local.c + * be_local.c : backend for the local database * * Copyright (c) 2006-2011 Pacman Development Team <pacman-dev@archlinux.org> * Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org> diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index a0261d0..94df071 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -1,5 +1,5 @@ /* - * be_package.c + * be_package.c : backend for packages * * Copyright (c) 2006-2011 Pacman Development Team <pacman-dev@archlinux.org> * Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org> diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c index bb10928..f0b1736 100644 --- a/lib/libalpm/be_sync.c +++ b/lib/libalpm/be_sync.c @@ -1,5 +1,5 @@ /* - * be_sync.c + * be_sync.c : backend for sync databases * * Copyright (c) 2006-2011 Pacman Development Team <pacman-dev@archlinux.org> * Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org> -- 1.7.5.2
The varied naming scheme that was previously used for signature verification levels was unified. All relevant symbols are now named SigLevel or something similar. Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/alpm.h | 26 +++++++++++++------------- lib/libalpm/be_package.c | 12 ++++++------ lib/libalpm/be_sync.c | 10 +++++----- lib/libalpm/db.c | 11 ++++++----- lib/libalpm/db.h | 2 +- lib/libalpm/dload.c | 6 +++--- lib/libalpm/handle.c | 14 +++++++------- lib/libalpm/handle.h | 2 +- lib/libalpm/package.h | 2 +- lib/libalpm/signing.c | 15 ++++++++------- lib/libalpm/signing.h | 2 +- lib/libalpm/sync.c | 6 +++--- src/pacman/conf.c | 32 ++++++++++++++++---------------- src/pacman/query.c | 2 +- src/pacman/sync.c | 2 +- src/pacman/upgrade.c | 4 ++-- src/util/testpkg.c | 2 +- test/pacman/util.py | 2 +- 18 files changed, 77 insertions(+), 75 deletions(-) diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 5af843c..5fdeac2 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -63,12 +63,12 @@ typedef enum _pmpkgreason_t { /** * GPG signature verification options */ -typedef enum _pgp_verify_t { - PM_PGP_VERIFY_UNKNOWN, - PM_PGP_VERIFY_NEVER, - PM_PGP_VERIFY_OPTIONAL, - PM_PGP_VERIFY_ALWAYS -} pgp_verify_t; +typedef enum pmsiglevel_t { + PM_SIGLEVEL_UNKNOWN, + PM_SIGLEVEL_NEVER, + PM_SIGLEVEL_OPTIONAL, + PM_SIGLEVEL_ALWAYS +} pmsiglevel_t; /* * Structures @@ -263,8 +263,8 @@ int alpm_option_set_usedelta(int usedelta); int alpm_option_get_checkspace(void); int alpm_option_set_checkspace(int checkspace); -pgp_verify_t alpm_option_get_default_sigverify(void); -int alpm_option_set_default_sigverify(pgp_verify_t level); +pmsiglevel_t alpm_option_get_default_siglevel(void); +int alpm_option_set_default_siglevel(pmsiglevel_t level); /** @} */ @@ -384,12 +384,12 @@ int alpm_db_set_pkgreason(pmdb_t *db, const char *name, pmpkgreason_t reason); * @param filename location of the package tarball * @param full whether to stop the load after metadata is read or continue * through the full archive - * @param check_sig what level of package signature checking to perform on the + * @param siglevel what level of package signature checking to perform on the * package; note that this must be a '.sig' file type verification * @param pkg address of the package pointer * @return 0 on success, -1 on error (pm_errno is set accordingly) */ -int alpm_pkg_load(const char *filename, int full, pgp_verify_t check_sig, +int alpm_pkg_load(const char *filename, int full, pmsiglevel_t siglevel, pmpkg_t **pkg); /** Free a package. @@ -626,10 +626,10 @@ alpm_list_t *alpm_pkg_unused_deltas(pmpkg_t *pkg); * Signatures */ -int alpm_pkg_check_pgp_signature(pmpkg_t *pkg); +int alpm_pkg_check_signature(pmpkg_t *pkg); -int alpm_db_check_pgp_signature(pmdb_t *db); -int alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify); +int alpm_db_check_signature(pmdb_t *db); +int alpm_db_set_siglevel(pmdb_t *db, pmsiglevel_t level); /* * Deltas diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 9e59d69..106ac61 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -227,7 +227,7 @@ static int parse_descfile(struct archive *a, pmpkg_t *newpkg) * @return An information filled pmpkg_t struct */ pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full, - const char *md5sum, const char *base64_sig, pgp_verify_t check_sig) + const char *md5sum, const char *base64_sig, pmsiglevel_t siglevel) { int ret; int config = 0; @@ -266,11 +266,11 @@ pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full, } _alpm_log(PM_LOG_DEBUG, "base64_sig: %s\n", base64_sig); - if(check_sig != PM_PGP_VERIFY_NEVER) { + if(siglevel != PM_SIGLEVEL_NEVER) { _alpm_log(PM_LOG_DEBUG, "checking signature for %s\n", pkgfile); ret = _alpm_gpgme_checksig(pkgfile, base64_sig); - if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) || - (check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) { + if((siglevel == PM_SIGLEVEL_ALWAYS && ret != 0) || + (siglevel == PM_SIGLEVEL_OPTIONAL && ret == 1)) { RET_ERR(PM_ERR_SIG_INVALID, NULL); } } @@ -381,14 +381,14 @@ error: } int SYMEXPORT alpm_pkg_load(const char *filename, int full, - pgp_verify_t check_sig, pmpkg_t **pkg) + pmsiglevel_t siglevel, pmpkg_t **pkg) { ALPM_LOG_FUNC; /* Sanity checks */ ASSERT(pkg != NULL, RET_ERR(PM_ERR_WRONG_ARGS, -1)); - *pkg = _alpm_pkg_load_internal(filename, full, NULL, NULL, check_sig); + *pkg = _alpm_pkg_load_internal(filename, full, NULL, NULL, siglevel); if(*pkg == NULL) { /* pm_errno is set by pkg_load */ return -1; diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c index 758e5f9..ce9b790 100644 --- a/lib/libalpm/be_sync.c +++ b/lib/libalpm/be_sync.c @@ -85,7 +85,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) size_t len; int ret = -1; mode_t oldmask; - pgp_verify_t check_sig; + pmsiglevel_t siglevel; ALPM_LOG_FUNC; @@ -117,7 +117,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) } } - check_sig = _alpm_db_get_sigverify_level(db); + siglevel = _alpm_db_get_siglevel(db); for(i = db->servers; i; i = i->next) { const char *server = i->data; @@ -132,9 +132,9 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) ret = _alpm_download(fileurl, syncpath, force, 0, 0); - if(ret == 0 && (check_sig == PM_PGP_VERIFY_ALWAYS || - check_sig == PM_PGP_VERIFY_OPTIONAL)) { - int errors_ok = (check_sig == PM_PGP_VERIFY_OPTIONAL); + if(ret == 0 && (siglevel == PM_SIGLEVEL_ALWAYS || + siglevel == PM_SIGLEVEL_OPTIONAL)) { + int errors_ok = (siglevel == PM_SIGLEVEL_OPTIONAL); /* if we downloaded a DB, we want the .sig from the same server */ snprintf(fileurl, len, "%s/%s.db.sig", server, db->treename); diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c index 0cc4ff2..5f96967 100644 --- a/lib/libalpm/db.c +++ b/lib/libalpm/db.c @@ -223,21 +223,22 @@ int SYMEXPORT alpm_db_remove_server(pmdb_t *db, const char *url) return 1; } + /** Set the verify gpg signature option for a database. * @param db database pointer - * @param verify enum pgp_verify_t + * @param verify enum pmsiglevel_t * @return 0 on success, -1 on error (pm_errno is set accordingly) */ -int SYMEXPORT alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify) +int SYMEXPORT alpm_db_set_siglevel(pmdb_t *db, pmsiglevel_t level) { ALPM_LOG_FUNC; /* Sanity checks */ ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, -1)); - db->pgp_verify = verify; - _alpm_log(PM_LOG_DEBUG, "adding VerifySig option to database '%s': %d\n", - db->treename, verify); + db->siglevel = level; + _alpm_log(PM_LOG_DEBUG, "adding SigLevel option to database '%s': %d\n", + db->treename, level); return 0; } diff --git a/lib/libalpm/db.h b/lib/libalpm/db.h index 399e2d5..2e9a3a2 100644 --- a/lib/libalpm/db.h +++ b/lib/libalpm/db.h @@ -63,7 +63,7 @@ struct __pmdb_t { pmpkghash_t *pkgcache; alpm_list_t *grpcache; alpm_list_t *servers; - pgp_verify_t pgp_verify; + pmsiglevel_t siglevel; struct db_operations *ops; }; diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c index 6d9b007..dfc93bf 100644 --- a/lib/libalpm/dload.c +++ b/lib/libalpm/dload.c @@ -354,11 +354,11 @@ char SYMEXPORT *alpm_fetch_pkgurl(const char *url) _alpm_log(PM_LOG_DEBUG, "successfully downloaded %s\n", url); /* attempt to download the signature */ - if(ret == 0 && (handle->sigverify == PM_PGP_VERIFY_ALWAYS || - handle->sigverify == PM_PGP_VERIFY_OPTIONAL)) { + if(ret == 0 && (handle->siglevel == PM_SIGLEVEL_ALWAYS || + handle->siglevel == PM_SIGLEVEL_OPTIONAL)) { char *sig_url; size_t len; - int errors_ok = (handle->sigverify == PM_PGP_VERIFY_OPTIONAL); + int errors_ok = (handle->siglevel == PM_SIGLEVEL_OPTIONAL); len = strlen(url) + 5; CALLOC(sig_url, len, sizeof(char), RET_ERR(PM_ERR_MEMORY, NULL)); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index 39b3b60..8d33caa 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -46,7 +46,7 @@ pmhandle_t *_alpm_handle_new() CALLOC(handle, 1, sizeof(pmhandle_t), RET_ERR(PM_ERR_MEMORY, NULL)); - handle->sigverify = PM_PGP_VERIFY_OPTIONAL; + handle->siglevel = PM_SIGLEVEL_OPTIONAL; return handle; } @@ -627,18 +627,18 @@ int SYMEXPORT alpm_option_set_checkspace(int checkspace) return 0; } -int SYMEXPORT alpm_option_set_default_sigverify(pgp_verify_t level) +int SYMEXPORT alpm_option_set_default_siglevel(pmsiglevel_t level) { ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, -1)); - ASSERT(level != PM_PGP_VERIFY_UNKNOWN, RET_ERR(PM_ERR_WRONG_ARGS, -1)); - handle->sigverify = level; + ASSERT(level != PM_SIGLEVEL_UNKNOWN, RET_ERR(PM_ERR_WRONG_ARGS, -1)); + handle->siglevel = level; return 0; } -pgp_verify_t SYMEXPORT alpm_option_get_default_sigverify() +pmsiglevel_t SYMEXPORT alpm_option_get_default_siglevel() { - ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, PM_PGP_VERIFY_UNKNOWN)); - return handle->sigverify; + ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, PM_SIGLEVEL_UNKNOWN)); + return handle->siglevel; } /* vim: set ts=2 sw=2 noet: */ diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index aa00b6f..672cab4 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -72,7 +72,7 @@ typedef struct _pmhandle_t { char *arch; /* Architecture of packages we should allow */ int usedelta; /* Download deltas if possible */ int checkspace; /* Check disk space before installing */ - pgp_verify_t sigverify; /* Default signature verification level */ + pmsiglevel_t siglevel; /* Default signature verification level */ } pmhandle_t; /* global handle variable */ diff --git a/lib/libalpm/package.h b/lib/libalpm/package.h index debb239..84f15dd 100644 --- a/lib/libalpm/package.h +++ b/lib/libalpm/package.h @@ -141,7 +141,7 @@ void _alpm_pkg_free(pmpkg_t *pkg); void _alpm_pkg_free_trans(pmpkg_t *pkg); pmpkg_t *_alpm_pkg_load_internal(const char *filename, int full, - const char *md5sum, const char *base64_sig, pgp_verify_t check_sig); + const char *md5sum, const char *base64_sig, pmsiglevel_t siglevel); int _alpm_pkg_cmp(const void *p1, const void *p2); int _alpm_pkg_compare_versions(pmpkg_t *local_pkg, pmpkg_t *pkg); diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 9bb9d0a..a57d86a 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -365,19 +365,20 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig) /** * Determines the necessity of checking for a valid PGP signature + * Automatically takes global setting into account. * @param db the sync database to query * * @return signature verification level */ -pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db) +pmsiglevel_t _alpm_db_get_siglevel(pmdb_t *db) { ALPM_LOG_FUNC; - ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_PGP_VERIFY_UNKNOWN)); + ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_SIGLEVEL_UNKNOWN)); - if(db->pgp_verify != PM_PGP_VERIFY_UNKNOWN) { - return db->pgp_verify; + if(db->siglevel != PM_SIGLEVEL_UNKNOWN) { + return db->siglevel; } else { - return alpm_option_get_default_sigverify(); + return alpm_option_get_default_siglevel(); } } @@ -386,7 +387,7 @@ pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db) * @param pkg the package to check * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred) */ -int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) +int SYMEXPORT alpm_pkg_check_signature(pmpkg_t *pkg) { ALPM_LOG_FUNC; ASSERT(pkg != NULL, return 0); @@ -399,7 +400,7 @@ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) * @param db the database to check * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred) */ -int SYMEXPORT alpm_db_check_pgp_signature(pmdb_t *db) +int SYMEXPORT alpm_db_check_signature(pmdb_t *db) { ALPM_LOG_FUNC; ASSERT(db != NULL, return 0); diff --git a/lib/libalpm/signing.h b/lib/libalpm/signing.h index 8d8c164..c33a0d1 100644 --- a/lib/libalpm/signing.h +++ b/lib/libalpm/signing.h @@ -22,7 +22,7 @@ #include "alpm.h" int _alpm_gpgme_checksig(const char *path, const char *base64_sig); -pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db); +pmsiglevel_t _alpm_db_get_siglevel(pmdb_t *db); #endif /* _ALPM_SIGNING_H */ diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c index 8dd51aa..2fe644c 100644 --- a/lib/libalpm/sync.c +++ b/lib/libalpm/sync.c @@ -866,7 +866,7 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) int percent = (current * 100) / numtargs; const char *filename; char *filepath; - pgp_verify_t check_sig; + pmsiglevel_t siglevel; PROGRESS(trans, PM_TRANS_PROGRESS_INTEGRITY_START, "", percent, numtargs, current); @@ -877,13 +877,13 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) filename = alpm_pkg_get_filename(spkg); filepath = _alpm_filecache_find(filename); pmdb_t *sdb = alpm_pkg_get_db(spkg); - check_sig = _alpm_db_get_sigverify_level(sdb); + siglevel = _alpm_db_get_siglevel(sdb); /* load the package file and replace pkgcache entry with it in the target list */ /* TODO: alpm_pkg_get_db() will not work on this target anymore */ _alpm_log(PM_LOG_DEBUG, "replacing pkgcache entry with package file for target %s\n", spkg->name); pmpkg_t *pkgfile =_alpm_pkg_load_internal(filepath, 1, spkg->md5sum, - spkg->base64_sig, check_sig); + spkg->base64_sig, siglevel); if(!pkgfile) { errors++; *data = alpm_list_add(*data, strdup(filename)); diff --git a/src/pacman/conf.c b/src/pacman/conf.c index 370ec51..d8f2ac3 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -214,19 +214,19 @@ int config_set_arch(const char *arch) } } -static pgp_verify_t option_verifysig(const char *value) +static pmsiglevel_t option_siglevel(const char *value) { - pgp_verify_t level; + pmsiglevel_t level; if(strcmp(value, "Always") == 0) { - level = PM_PGP_VERIFY_ALWAYS; + level = PM_SIGLEVEL_ALWAYS; } else if(strcmp(value, "Optional") == 0) { - level = PM_PGP_VERIFY_OPTIONAL; + level = PM_SIGLEVEL_OPTIONAL; } else if(strcmp(value, "Never") == 0) { - level = PM_PGP_VERIFY_NEVER; + level = PM_SIGLEVEL_NEVER; } else { - level = PM_PGP_VERIFY_UNKNOWN; + level = PM_SIGLEVEL_UNKNOWN; } - pm_printf(PM_LOG_DEBUG, "config: VerifySig = %s (%d)\n", value, level); + pm_printf(PM_LOG_DEBUG, "config: SigLevel = %s (%d)\n", value, level); return level; } @@ -358,10 +358,10 @@ static int _parse_options(const char *key, char *value, pm_printf(PM_LOG_DEBUG, "config: xfercommand: %s\n", value); } else if(strcmp(key, "CleanMethod") == 0) { setrepeatingoption(value, "CleanMethod", option_add_cleanmethod); - } else if(strcmp(key, "VerifySig") == 0) { - pgp_verify_t level = option_verifysig(value); - if(level != PM_PGP_VERIFY_UNKNOWN) { - alpm_option_set_default_sigverify(level); + } else if(strcmp(key, "SigLevel") == 0) { + pmsiglevel_t level = option_siglevel(value); + if(level != PM_SIGLEVEL_UNKNOWN) { + alpm_option_set_default_siglevel(level); } else { pm_printf(PM_LOG_ERROR, _("config file %s, line %d: directive '%s' has invalid value '%s'\n"), @@ -633,12 +633,12 @@ static int _parseconfig(const char *file, int parse_options, ret = 1; goto cleanup; } - } else if(strcmp(key, "VerifySig") == 0) { - pgp_verify_t level = option_verifysig(value); - if(level != PM_PGP_VERIFY_UNKNOWN) { - ret = alpm_db_set_pgp_verify(db, level); + } else if(strcmp(key, "SigLevel") == 0) { + pmsiglevel_t level = option_siglevel(value); + if(level != PM_SIGLEVEL_UNKNOWN) { + ret = alpm_db_set_siglevel(db, level); if(ret != 0) { - pm_printf(PM_LOG_ERROR, _("could not add set verify option for database '%s': %s (%s)\n"), + pm_printf(PM_LOG_ERROR, _("could not set SigLevel option for database '%s': %s (%s)\n"), alpm_db_get_name(db), value, alpm_strerrorlast()); goto cleanup; } diff --git a/src/pacman/query.c b/src/pacman/query.c index d1105b4..3b09afe 100644 --- a/src/pacman/query.c +++ b/src/pacman/query.c @@ -551,7 +551,7 @@ int pacman_query(alpm_list_t *targets) char *strname = alpm_list_getdata(i); if(config->op_q_isfile) { - alpm_pkg_load(strname, 1, PM_PGP_VERIFY_OPTIONAL, &pkg); + alpm_pkg_load(strname, 1, PM_SIGLEVEL_OPTIONAL, &pkg); } else { pkg = alpm_db_get_pkg(db_local, strname); } diff --git a/src/pacman/sync.c b/src/pacman/sync.c index 884504f..b2b8dab 100644 --- a/src/pacman/sync.c +++ b/src/pacman/sync.c @@ -219,7 +219,7 @@ static int sync_cleancache(int level) /* attempt to load the package, prompt removal on failures as we may have * files here that aren't valid packages. we also don't need a full * load of the package, just the metadata. */ - if(alpm_pkg_load(path, 0, PM_PGP_VERIFY_NEVER, &localpkg) != 0 + if(alpm_pkg_load(path, 0, PM_SIGLEVEL_NEVER, &localpkg) != 0 || localpkg == NULL) { if(yesno(_("File %s does not seem to be a valid package, remove it?"), path)) { diff --git a/src/pacman/upgrade.c b/src/pacman/upgrade.c index 0ffc94c..d9afc09 100644 --- a/src/pacman/upgrade.c +++ b/src/pacman/upgrade.c @@ -42,7 +42,7 @@ int pacman_upgrade(alpm_list_t *targets) { alpm_list_t *i, *data = NULL; - pgp_verify_t check_sig = alpm_option_get_default_sigverify(); + pmsiglevel_t siglevel = alpm_option_get_default_siglevel(); int retval = 0; if(targets == NULL) { @@ -76,7 +76,7 @@ int pacman_upgrade(alpm_list_t *targets) char *targ = alpm_list_getdata(i); pmpkg_t *pkg; - if(alpm_pkg_load(targ, 1, check_sig, &pkg) != 0) { + if(alpm_pkg_load(targ, 1, siglevel, &pkg) != 0) { pm_fprintf(stderr, PM_LOG_ERROR, "'%s': %s\n", targ, alpm_strerrorlast()); trans_release(); diff --git a/src/util/testpkg.c b/src/util/testpkg.c index ad6ec30..2c74a47 100644 --- a/src/util/testpkg.c +++ b/src/util/testpkg.c @@ -55,7 +55,7 @@ int main(int argc, char *argv[]) /* let us get log messages from libalpm */ alpm_option_set_logcb(output_cb); - if(alpm_pkg_load(argv[1], 1, PM_PGP_VERIFY_OPTIONAL, &pkg) == -1 + if(alpm_pkg_load(argv[1], 1, PM_SIGLEVEL_OPTIONAL, &pkg) == -1 || pkg == NULL) { switch(pm_errno) { case PM_ERR_PKG_OPEN: diff --git a/test/pacman/util.py b/test/pacman/util.py index ddd955a..0834856 100755 --- a/test/pacman/util.py +++ b/test/pacman/util.py @@ -132,7 +132,7 @@ def mkcfgfile(filename, root, option, db): if key != "local": value = db[key] data.append("[%s]\n" \ - "VerifySig = %s\n" \ + "SigLevel = %s\n" \ "Server = file://%s" \ % (value.treename, value.getverify(), \ os.path.join(root, SYNCREPO, value.treename))) -- 1.7.5.2
The siglevel field of a newly created pmdb_t struct is now initialized when it is created in _alpm_db_new(). Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> --- lib/libalpm/db.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c index 5f96967..2a36d23 100644 --- a/lib/libalpm/db.c +++ b/lib/libalpm/db.c @@ -375,6 +375,7 @@ pmdb_t *_alpm_db_new(const char *treename, int is_local) CALLOC(db, 1, sizeof(pmdb_t), RET_ERR(PM_ERR_MEMORY, NULL)); STRDUP(db->treename, treename, RET_ERR(PM_ERR_MEMORY, NULL)); db->is_local = is_local; + db->siglevel = PM_SIGLEVEL_UNKNOWN; return db; } -- 1.7.5.2
A few of these snuck in as of late, some from the table display patches that were using the previous format before we changed it after the 3.5.X major release. Noticed-by: Kerrick Staley <mail@kerrickstaley.com> Signed-off-by: Dan McGee <dan@archlinux.org> --- lib/libalpm/db.c | 4 ++-- src/pacman/query.c | 2 +- src/pacman/util.c | 18 +++++++++--------- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c index 8156f2a..36cda72 100644 --- a/lib/libalpm/db.c +++ b/lib/libalpm/db.c @@ -128,7 +128,7 @@ alpm_list_t SYMEXPORT *alpm_db_get_servers(const pmdb_t *db) /* Sanity checks */ ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, NULL)); - return(db->servers); + return db->servers; } /** Set the serverlist of a database. */ @@ -222,7 +222,7 @@ int SYMEXPORT alpm_db_set_pgp_verify(pmdb_t *db, pgp_verify_t verify) _alpm_log(PM_LOG_DEBUG, "adding VerifySig option to database '%s': %d\n", db->treename, verify); - return(0); + return 0; } /** Get the name of a package database. */ diff --git a/src/pacman/query.c b/src/pacman/query.c index cf24306..c12aa91 100644 --- a/src/pacman/query.c +++ b/src/pacman/query.c @@ -79,7 +79,7 @@ static int search_path(char **filename, struct stat *bufptr) fullname = malloc(plen + flen + 2); if(!fullname) { free(envpath); - return(-1); + return -1; } sprintf(fullname, "%s/%s", path, *filename); diff --git a/src/pacman/util.c b/src/pacman/util.c index 043b9d6..af422fe 100644 --- a/src/pacman/util.c +++ b/src/pacman/util.c @@ -107,7 +107,7 @@ int needs_root(void) static int flush_term_input(void) { #ifdef HAVE_TCFLUSH if(isatty(fileno(stdin))) { - return(tcflush(fileno(stdin), TCIFLUSH)); + return tcflush(fileno(stdin), TCIFLUSH); } #endif @@ -517,10 +517,10 @@ static alpm_list_t *table_create_format(const alpm_list_t *header, if(totalwidth > getcols(80)) { fprintf(stderr, _("insufficient columns available for table display\n")); FREELIST(formats); - return(NULL); + return NULL; } - return(formats); + return formats; } /** Displays the list in table format @@ -540,12 +540,12 @@ int table_display(const char *title, const alpm_list_t *header, alpm_list_t *formats; if(rows == NULL || header == NULL) { - return(0); + return 0; } formats = table_create_format(header, rows); if(formats == NULL) { - return(-1); + return -1; } if(title != NULL) { @@ -560,7 +560,7 @@ int table_display(const char *title, const alpm_list_t *header, } FREELIST(formats); - return(0); + return 0; } void list_display(const char *title, const alpm_list_t *list) @@ -645,7 +645,7 @@ static alpm_list_t *create_verbose_header(int install) pm_asprintf(&str, "%s", _("Size")); res = alpm_list_add(res, str); - return(res); + return res; } /* returns package info as list of strings */ @@ -677,7 +677,7 @@ static alpm_list_t *create_verbose_row(pmpkg_t *pkg, int install) pm_asprintf(&str, "%.2f %s", size, label); ret = alpm_list_add(ret, str); - return(ret); + return ret; } /* prepare a list of pkgs to display */ @@ -838,7 +838,7 @@ double humanize_size(off_t bytes, const char target_unit, int long_labels, *label = labels[index]; } - return(val); + return val; } void print_packages(const alpm_list_t *packages) -- 1.7.5.2
I inadvertently broke my email account when I configured git-send-mail, and I only just realized it. Everything I've sent to the list since then didn't go through, so I'm resending this message, originally sent June 5 (I edited/updated it). Whatever we call the variable doesn't really matter; I like SigLevel. I'm working on a patch that will implement the below behavior. It's just taking a while because it's somewhat complicated. ======== Config: # Action to take (warn or abort) when packages and databases are unsigned but were previously signed SigPreviouslySigned = warn # Action to take (accept, warn, or abort) when neither the package nor the database have a signature SigNoSignature = warn # Action to take (accept, warn, or abort) when a package is signed but the database is unsigned # SigDatabaseUnsigned = accept # Action to take (accept, warn, or abort) when a package is unsigned but has a SHA256 hash in a signed database # SigHashed = accept ======== A) When handling a given situation, there are three actions that can be taken: 1. The situation is accepted silently. 2. The situation is accepted with a warning. 3. Installation/update is aborted, unless an override flag is passed, in which case a warning will be given. B) For a database, consider whether it should have a signature: 1. If SigDatabaseUnsigned = abort, but the .sig file cannot be downloaded, then keep checking servers until a .sig can be gotten, and give a warning each time a .sig download returns a 404. 2. If not (1) but, based on the various config settings, having an unsigned database would result in more warnings or aborts than a signed one, then check servers for a .sig until you get a .sig or you get 3 404's; if you get 3 404's, rescan through the list from the beginning, not checking for .sig's this time. Again, give a warning whenever a 404 happens. 3. If not (1)/(2), don't check for .sig's. C) For a package, consider whether it should have a signature: 1. If the package was previously signed but now isn't, act based on SigPreviouslySigned. 2. For local packages, if the package indicates it should have a signature (mechanism to be implemented) but it doesn't, abort. D) Outcomes for package/database signature validity ("signed" means GPGME_SIGSUM_VALID w/ GPGME_VALIDITY_{FULL,ULTIMATE}; "unsigned" means GPGME_SIGSUM_KEY_MISSING or no signature present, "bad" means anything else): 1. The package or database or both have bad signatures. Abort (could happen during database unpacking; the rest only happen on package check). 2. The package and database are signed. Accept. 3. The package is unsigned but the database is signed and the database uses SHA256. Act based on SigHashed. 4. The package is signed but the database is unsigned. Act based on SigDatabaseUnsigned. 5. The package is unsigned and the database is unsigned. Act based on SigNoSignature. ======== Notes: I invented the config names more or less randomly; if you have strong objections, we'll change them, otherwise let's go with these. I won't implement the SigPreviouslySigned functionality in the initial patch, because it can be cleanly separated from the rest, and I'm unsure if it's desirable. I've made pmsiglevel_t into a struct with 4 enum members; I'm currently passing it around by value (not with pointers); please give me a heads-up if you don't think I should do it this way. No marginal signatures should come up, because I don't think we should use such signatures during the interim when not all developers have fully validated keys; a developer's key can just be excluded from pacman-keyring until it is fully validated. A more sophisticated scheme that makes accommodations for marginally trusted signatures in external repositories (and probably also on PKGBUILDS for makepkg) would probably not be useful [1]. Regardless, I'd prefer we finalize/ship this feature in the future (while possibly adding basic support for it in the git now). Expiring signatures/keys and are not really necessary and will just complicate things. -Kerrick Staley [1] A distinction should be made between key validity and trust of the UID. In most contexts, it is assumed that you fully trust the person identified by the UID: if you know someone's name and email address, then you can exact some sort of revenge on them (or at least publicly scorn them) if they do you harm. However, in this case, you may not want to trust a random person maintaining a small Arch repository halfway across the globe with the same access to your system that the Arch developers have, even if you do know their name and email. GnuPG has no mechanism for implementing this sort of distinction; GnuPG only tracks how likely it is that the key-UID relationship hasn't been falsified. GnuPG simply displays the UID when verifying a signature, and the user can then make a judgement based off the UID, but pacman will not display the UID by default, and it is cumbersome to check the UID for each upgrade. A mechanism built into pacman for UID trust would be nice, but it seems like it would be complicated to implement "properly". Managing marginally-trusted keys is not really needed in pacman, because users can just manage the key in their personal keyring during the brief period when it's not fully trusted, manually checking and upgrading packages if necessary (using --gpgdir "$GNUPGHOME"), and then import it into pacman's keyring once it's trusted. So, for now, we should assume keys in the keyring are trusted and their UID's identify a trusted person. We can implement something more complicated in the future if we want; I might take a stab at this after basic signing's up and running. Until such time, users should only import a key into pacman's keyring if they trust packages created by the person identified in the UID and they trust the key itself.
I inadvertently broke my email account when I configured git-send-mail, and I only just realized it. Everything I've sent to the list since then didn't go through, so I'm resending this message, originally sent June 5. On Wed, Jun 1, 2011 at 3:50 PM, Dan McGee <dpmcgee@gmail.com> wrote:
I should also add that the ability to have a signed database without signed packages could be done this same way; e.g. "SigLevel = NoPackages" or something (maybe even a corresponding "NoDatabase").
If you indicate that the database is to be signed and it is in fact signed, then it doesn't matter: the database itself dictates whether a package should be signed (based on whether it includes a signature in desc). I'll also make all the config directives both global and customizable on a per-database basis. -Kerrick Staley
participants (5)
-
Allan McRae
-
Dan McGee
-
Dan McGee
-
Kerrick Staley
-
Rémy Oudompheng