[pacman-dev] [PATCH] (newgpg) Let pacman specify GnuPG's home directory.

Jatheendra jatheendra at gmail.com
Tue Dec 16 12:51:54 EST 2008 

A quick question......

I saw this in  be_package.c  pkg_load()

    /* look around for a PGP signature file; load if available */
>         MALLOC(pgpfile, strlen(pkgfile) + 5, RET_ERR(PM_ERR_MEMORY, NULL));
>         sprintf(pgpfile, "%s.sig", pkgfile);
>         if(access(pgpfile, R_OK) == 0) {
>             FILE *f;
>             long bytes;
>             f = fopen(pgpfile, "rb");
>             fseek(f, 0L, SEEK_END);
>             bytes = ftell(f);
>             fseek(f, 0L, SEEK_SET);
>             /* don't read the file in if it is obviously not the size of a
> sig */
>             if(bytes == 72) {
>                 CALLOC(newpkg->pgpsig.rawdata, bytes, sizeof(char),
>                         RET_ERR(PM_ERR_MEMORY, NULL));
>                 fread(newpkg->pgpsig.rawdata, sizeof(char), bytes, f);
>                 newpkg->pgpsig.rawlen = bytes;
>                 _alpm_log(PM_LOG_DEBUG,
>                         "loaded package .sig file, location %s\n",
> pgpfile);
>             } else {
>                 _alpm_log(PM_LOG_WARNING, _("PGP signature file for %s was
> abnormal"
>                             " (had length %ld), skipping\n"), pkgfile,
> bytes);
>             }
>             fclose(f);
>         } else {
>             _alpm_log(PM_LOG_DEBUG, "no package signature file found\n");
>         }
>         FREE(pgpfile);
>


So do we download the signature file along with the package? Or use
%PGPSIG% in the db?



On Tue, Dec 16, 2008 at 3:49 AM, Dan McGee <dpmcgee at gmail.com> wrote:
> On Mon, Dec 15, 2008 at 2:11 PM, Gerhard Brauer <gerbra at archlinux.de>
wrote:
>> Am Mon, 15 Dec 2008 13:50:49 -0600
>> schrieb Chris Brannon <cmbrannon at cox.net>:
>>> I think pacman should at least complain if the signing key is not
>>> found in the public keyring.  Thoughts?
>>
>> IMHO pacman should refuse to install anything from core and extra if
>> the signature is not found or corrupted.
>> I don't know what to to with community (maybe a second keyring with
>> TU signatures?)
>
> Pacman knows nothing about [core], [extra], and [community], so this
> will not be possible. However, I had considered a few possibilities
> for this type of stuff and this was the best I could think of:
> One shared keyring for all repos. Under each repository section, we
> would have a VerifySignatures option or something similar, which would
> take values of "Always", "Optional", or "Never", with one of these as
> a sane default. We would fail when set to "Always" if packages had no
> signature, we didn't have the signature on the package, or if the
> signature was invalid. For optional, we would verify the signature if
> it was there and we had it in our keychain; spit a warning otherwise
> but continue on. Never seems self explanatory
>
>> My thoughts were to make a option to each repo section in pacman.conf.
>> With this option: Keyring = /foo/bar we have an indicator that pacman
>> should check for correct signatures and users could have their
>> unsigned or self-signed repos additionally.
>
> Ha! We think alike. I actually typed the above before I read this.
>
> -Dan
> _______________________________________________
> pacman-dev mailing list
> pacman-dev at archlinux.org
> http://archlinux.org/mailman/listinfo/pacman-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://archlinux.org/pipermail/pacman-dev/attachments/20081216/18ce12bc/attachment-0001.htm>

More information about the pacman-dev mailing list