[pacman-dev] [PATCH] (newgpg) Let pacman specify GnuPG's home directory.
Jatheendra
jatheendra at gmail.com
Wed Dec 17 07:52:36 EST 2008
A patch for adding VerifySignature options in pacman.conf
>From cbe0f2ccf64509f6182136bbfa35ec934dd18d2d Mon Sep 17 00:00:00 2001
From: shankar <jatheendra at gmail.com>
Date: Wed, 17 Dec 2008 16:25:07 +0530
Subject: [PATCH] Added gpg verification options per repo to the config file
---
lib/libalpm/alpm.h | 9 +++++++++
lib/libalpm/db.c | 31 +++++++++++++++++++++++++++++++
lib/libalpm/db.h | 2 ++
src/pacman/pacman.c | 18 ++++++++++++++++++
4 files changed, 60 insertions(+), 0 deletions(-)
diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
index c26b8bb..fedfc12 100644
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@@ -249,6 +249,15 @@ typedef enum _pgpcheck_t {
pgpcheck_t alpm_pkg_check_pgp_signature(pmpkg_t *pkg);
+/* GPG signature verification option */
+typedef enum _pmdb_verify_gpg {
+ PM_GPG_VERIFY_ALWAYS,
+ PM_GPG_VERIFY_OPTIONAL,
+ PM_GPG_VERIFY_NEVER
+} pmdb_verify_gpg;
+
+
+int alpm_db_set_gpg_opt(pmdb_t *db, pmdb_verify_gpg verify);
/*
* Deltas
*/
diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c
index 9b91ce4..2bf03fb 100644
--- a/lib/libalpm/db.c
+++ b/lib/libalpm/db.c
@@ -206,6 +206,37 @@ int SYMEXPORT alpm_db_setserver(pmdb_t *db, const
char *url)
return(0);
}
+/** Set the verify gpg signature option for a database.
+ * @param db database pointer
+ * @param verify enum pmdb_verify_gpg
+ * @return 0 on success, -1 on error (pm_errno is set accordingly)
+ */
+int SYMEXPORT alpm_db_set_gpg_opt(pmdb_t *db, pmdb_verify_gpg verify)
+{
+ alpm_list_t *i;
+ int found = 0;
+
+ ALPM_LOG_FUNC;
+
+ /* Sanity checks */
+ ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, -1));
+
+ for(i = handle->dbs_sync; i && !found; i = i->next) {
+ pmdb_t *sdb = i->data;
+ if(strcmp(db->treename, sdb->treename) == 0) {
+ found = 1;
+ }
+ }
+ if(!found) {
+ RET_ERR(PM_ERR_DB_NOT_FOUND, -1);
+ }
+
+ db->verify_gpg = verify;
+ _alpm_log(PM_LOG_DEBUG, "adding VerifySig option to database '%s': %d\n",
+ db->treename, verify);
+
+ return(0);
+}
/** Get the name of a package database
* @param db pointer to the package database
diff --git a/lib/libalpm/db.h b/lib/libalpm/db.h
index 96fac0d..b94ef01 100644
--- a/lib/libalpm/db.h
+++ b/lib/libalpm/db.h
@@ -37,6 +37,7 @@ typedef enum _pmdbinfrq_t {
INFRQ_ALL = 0x3F
} pmdbinfrq_t;
+
/* Database */
struct __pmdb_t {
char *path;
@@ -45,6 +46,7 @@ struct __pmdb_t {
alpm_list_t *pkgcache;
alpm_list_t *grpcache;
alpm_list_t *servers;
+ pmdb_verify_gpg verify_gpg;
};
/* db.c, database general calls */
diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c
index 18fd3a8..0292cfa 100644
--- a/src/pacman/pacman.c
+++ b/src/pacman/pacman.c
@@ -788,6 +788,24 @@ static int _parseconfig(const char *file, const
char *givensection,
}
free(server);
+ } else if(strcmp(key, "VerifySig") == 0) {
+ if (strcmp(ptr, "Always") == 0) {
+ ret = alpm_db_set_gpg_opt(db,PM_GPG_VERIFY_ALWAYS);
+ } else if (strcmp(ptr, "Optional") == 0) {
+ ret = alpm_db_set_gpg_opt(db,PM_GPG_VERIFY_OPTIONAL);
+ } else if (strcmp(ptr, "Never") == 0) {
+ ret = alpm_db_set_gpg_opt(db,PM_GPG_VERIFY_NEVER);
+ } else {
+ pm_printf(PM_LOG_ERROR, _("invalid value for 'VerifySig' :
'%s'\n"), ptr);
+ ret = 1;
+ goto cleanup;
+ }
+ if ( ret != 0) {
+ pm_printf(PM_LOG_ERROR, _("could not add gpg verify option to
database '%s': %s (%s)\n"),
+ alpm_db_get_name(db), ptr, alpm_strerrorlast());
+ goto cleanup;
+ }
+ pm_printf(PM_LOG_DEBUG, "Verify GPG signature for %s:
%s\n",alpm_db_get_name(db), ptr);
} else {
pm_printf(PM_LOG_ERROR, _("config file %s, line %d: directive
'%s' not recognized.\n"),
file, linenum, key);
--
1.6.0.4
On Tue, Dec 16, 2008 at 3:49 AM, Dan McGee <dpmcgee at gmail.com> wrote:
>
> On Mon, Dec 15, 2008 at 2:11 PM, Gerhard Brauer <gerbra at archlinux.de> wrote:
> > Am Mon, 15 Dec 2008 13:50:49 -0600
> > schrieb Chris Brannon <cmbrannon at cox.net>:
> >> I think pacman should at least complain if the signing key is not
> >> found in the public keyring. Thoughts?
> >
> > IMHO pacman should refuse to install anything from core and extra if
> > the signature is not found or corrupted.
> > I don't know what to to with community (maybe a second keyring with
> > TU signatures?)
>
> Pacman knows nothing about [core], [extra], and [community], so this
> will not be possible. However, I had considered a few possibilities
> for this type of stuff and this was the best I could think of:
> One shared keyring for all repos. Under each repository section, we
> would have a VerifySignatures option or something similar, which would
> take values of "Always", "Optional", or "Never", with one of these as
> a sane default. We would fail when set to "Always" if packages had no
> signature, we didn't have the signature on the package, or if the
> signature was invalid. For optional, we would verify the signature if
> it was there and we had it in our keychain; spit a warning otherwise
> but continue on. Never seems self explanatory
>
> > My thoughts were to make a option to each repo section in pacman.conf.
> > With this option: Keyring = /foo/bar we have an indicator that pacman
> > should check for correct signatures and users could have their
> > unsigned or self-signed repos additionally.
>
> Ha! We think alike. I actually typed the above before I read this.
>
> -Dan
> _______________________________________________
> pacman-dev mailing list
> pacman-dev at archlinux.org
> http://archlinux.org/mailman/listinfo/pacman-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0014-Added-gpg-verification-options-per-repo-to-the-confi.patch
Type: application/octet-stream
Size: 3680 bytes
Desc: not available
URL: <http://archlinux.org/pipermail/pacman-dev/attachments/20081217/ce386dbc/attachment-0001.obj>
More information about the pacman-dev
mailing list