[pacman-dev] [PATCH] Proposal: Add some kind of user feedback about package signing
Hey, I know that package signing is not a favorite topic, but as its implemented, the world should know, which packages are signed for the time where unsigned and signed packages reside next to each other. Maybe also more people will "complain" to the devs about not-yet signed packages. This fancy one-liner is just an idea, maybe the printf should go to the place, where pacman checks, if the package has a signature and complain there. Or while installing packages, a little * could appear for signed packages. Ideas? -robert
From 648c0ecf65d3cc34559fecbb93b67d572fb1f9c5 Mon Sep 17 00:00:00 2001 From: robert <r.evert_AT_tu-bs.de> Date: Tue, 1 Nov 2011 20:41:25 +0100 Subject: [PATCH] - Add some kind of user feedback about package signing
--- lib/libalpm/signing.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 92f34b5..9928fc0 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -665,6 +665,7 @@ int _alpm_check_pgp_helper(alpm_handle_t *handle, const char *path, switch(siglist->results[num].validity) { case ALPM_SIGVALIDITY_FULL: _alpm_log(handle, ALPM_LOG_DEBUG, "signature is fully trusted\n"); + printf(_("Package signature for %s is valid.\n"), path); break; case ALPM_SIGVALIDITY_MARGINAL: _alpm_log(handle, ALPM_LOG_DEBUG, "signature is marginal trust\n");
On Tue, Nov 1, 2011 at 3:01 PM, robert evert <r.evert@tu-bs.de> wrote:
Hey,
I know that package signing is not a favorite topic, but as its implemented, the world should know, which packages are signed for the time where unsigned and signed packages reside next to each other.
Maybe also more people will "complain" to the devs about not-yet signed packages.
This fancy one-liner is just an idea, maybe the printf should go to the place, where pacman checks, if the package has a signature and complain there. As implemented this is a total no-go; the backend *never* uses printf.
Or while installing packages, a little * could appear for signed packages.
Ideas? I somewhat like the idea, but definitely not sure on any good time or method to present this information to the user. However, at the end of the day, what purpose does it provide? Is the user going to ctrl-C if they don't see enough * marks next to their packages?
-Dan
Hey,
I somewhat like the idea me too :)
I changed the signed package information to an information about _unsigned_ packages, as those should be more interesting. Its a totally informative message while installation is taking place. Output takes place in the callback.c function. I needed to add another int variable to the alpm_pkg_t, as I need to look for signatures in the package information AND for a signature file. If there is any chance that such functionality will be implemented in pacman, I could provide some command line option to enable this information ( enabling debug is NO alternative... ). Otherwise it was an exercise for me and I will stop mentally hurting you guys ;) -Rob ~~~~~~~~~~~~~~~~~~ The current output looks like this: ... Proceed with installation? [Y/n] checking package integrity... loading package files... checking for file conflicts... upgrading abcde... upgrading acpitool |Unsigned... ... Proceed with installation? [Y/n] (2/2) checking package integrity [###################################################] 100% (2/2) loading package files [###################################################] 100% (2/2) checking for file conflicts [###################################################] 100% (1/2) upgrading abcde [###################################################] 100% :: The following package is unsigned: (2/2) upgrading acpitool [###################################################] 100%
From fa2c83f3ed5def1bfc0ab99eb06a7f466387674c Mon Sep 17 00:00:00 2001 From: robert <r.evert_AT_tu-bs.de> Date: Thu, 3 Nov 2011 22:52:07 +0100 Subject: [PATCH] Added user feedback about unsigned packages for progressbar and --noprogressbar runs
--- lib/libalpm/alpm.h | 6 ++++++ lib/libalpm/be_package.c | 9 +++++++++ lib/libalpm/package.c | 7 +++++++ lib/libalpm/package.h | 1 + src/pacman/callback.c | 15 +++++++++++++-- 5 files changed, 36 insertions(+), 2 deletions(-) diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 9fda940..5e7e2ad 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -889,6 +889,12 @@ alpm_db_t *alpm_pkg_get_db(alpm_pkg_t *pkg); */ const char *alpm_pkg_get_base64_sig(alpm_pkg_t *pkg); +/** Retuns 1 if package is signed via .sig file. + * @param pkg a pointer to package + * @return an int + */ +const int *alpm_pkg_get_has_sig(alpm_pkg_t *pkg); + /* End of alpm_pkg_t accessors */ /* @} */ diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 90a1972..2249108 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -508,6 +508,15 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle, newpkg->infolevel |= INFRQ_FILES; } + /* Package signature checking again*/ + char *sigpath = _alpm_sigpath(handle, pkgfile); + if(sigpath && !_alpm_access(handle, NULL, sigpath, R_OK)) { + newpkg->signature_file = 1; + } else { + newpkg->signature_file = 0; + } + free(sigpath); + return newpkg; pkg_invalid: diff --git a/lib/libalpm/package.c b/lib/libalpm/package.c index 0b0bf6e..fc1078a 100644 --- a/lib/libalpm/package.c +++ b/lib/libalpm/package.c @@ -242,6 +242,13 @@ const char SYMEXPORT *alpm_pkg_get_base64_sig(alpm_pkg_t *pkg) return pkg->base64_sig; } +const int SYMEXPORT *alpm_pkg_get_has_sig(alpm_pkg_t *pkg) +{ + ASSERT(pkg != NULL, return NULL); + pkg->handle->pm_errno = 0; + return pkg->signature_file; +} + const char SYMEXPORT *alpm_pkg_get_arch(alpm_pkg_t *pkg) { ASSERT(pkg != NULL, return NULL); diff --git a/lib/libalpm/package.h b/lib/libalpm/package.h index 82a8326..1672f70 100644 --- a/lib/libalpm/package.h +++ b/lib/libalpm/package.h @@ -96,6 +96,7 @@ struct __alpm_pkg_t { off_t download_size; int scriptlet; + int signature_file; alpm_pkgreason_t reason; alpm_dbinfrq_t infolevel; diff --git a/src/pacman/callback.c b/src/pacman/callback.c index 6f39013..accb851 100644 --- a/src/pacman/callback.c +++ b/src/pacman/callback.c @@ -171,8 +171,14 @@ void cb_event(alpm_event_t event, void *data1, void *data2) break; case ALPM_EVENT_ADD_START: if(config->noprogressbar) { - printf(_("installing %s...\n"), alpm_pkg_get_name(data1)); + if (alpm_pkg_get_base64_sig(data1) || alpm_pkg_get_has_sig(data1)) { + printf(_("installing %s...\n"), alpm_pkg_get_name(data1)); + } else + printf(_("installing %s |Unsigned...\n"), alpm_pkg_get_name(data1)); + } else if (alpm_pkg_get_base64_sig(data1) == 0 && alpm_pkg_get_has_sig(data1) == 0) { + printf(_(":: The following package is unsigned:\n")); } + break; case ALPM_EVENT_ADD_DONE: alpm_logaction(config->handle, "installed %s (%s)\n", @@ -192,7 +198,12 @@ void cb_event(alpm_event_t event, void *data1, void *data2) break; case ALPM_EVENT_UPGRADE_START: if(config->noprogressbar) { - printf(_("upgrading %s...\n"), alpm_pkg_get_name(data1)); + if (alpm_pkg_get_base64_sig(data1) || alpm_pkg_get_has_sig(data1)) { + printf(_("upgrading %s...\n"), alpm_pkg_get_name(data1)); + } else + printf(_("upgrading %s |Unsigned...\n"), alpm_pkg_get_name(data1)); + } else if (alpm_pkg_get_base64_sig(data1) == 0 && alpm_pkg_get_has_sig(data1) == 0) { + printf(_(":: The following package is unsigned:\n")); } break; case ALPM_EVENT_UPGRADE_DONE:
On 04/11/11 08:11, robert evert wrote:
Hey,
I somewhat like the idea me too :)
I changed the signed package information to an information about _unsigned_ packages, as those should be more interesting. Its a totally informative message while installation is taking place. Output takes place in the callback.c function. I needed to add another int variable to the alpm_pkg_t, as I need to look for signatures in the package information AND for a signature file.
If there is any chance that such functionality will be implemented in pacman, I could provide some command line option to enable this information ( enabling debug is NO alternative... ). Otherwise it was an exercise for me and I will stop mentally hurting you guys ;)
-Rob
~~~~~~~~~~~~~~~~~~
The current output looks like this:
... Proceed with installation? [Y/n] checking package integrity... loading package files... checking for file conflicts... upgrading abcde... upgrading acpitool |Unsigned...
... Proceed with installation? [Y/n] (2/2) checking package integrity [###################################################] 100% (2/2) loading package files [###################################################] 100% (2/2) checking for file conflicts [###################################################] 100% (1/2) upgrading abcde [###################################################] 100% :: The following package is unsigned: (2/2) upgrading acpitool [###################################################] 100%
I am not really a fan of this for the following reasons: 1) I am a fan of keeping the output as minimal as possible and this falls in the "unnecessary output" category for me. 2) The output comes too late to really do anything about the unsigned package. It is now installed on your system. So what is this preventing? 3) If you do not want unsigned packages, you can use SigLevel = Required to force packages to be signed. So, in summary, I am not sure what problem this is trying to solve and if it does indeed solve it. Allan
participants (3)
-
Allan McRae
-
Dan McGee
-
robert evert