[pacman-dev] [PATCH 3/3] sync.c: check signatures for local package files when available
Rémy Oudompheng
remyoudompheng at gmail.com
Sun Apr 10 07:29:34 EDT 2011
Signed-off-by: Rémy Oudompheng <remy at archlinux.org>
---
Note that no global option exists to control whether
this check is optional or not.
On branch 'master'
lib/libalpm/sync.c | 19 ++++++++++++++-----
1 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c
index 5428e40..a97a67b 100644
--- a/lib/libalpm/sync.c
+++ b/lib/libalpm/sync.c
@@ -828,16 +828,25 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
for(i = trans->add; i; i = i->next, current++) {
pmpkg_t *spkg = i->data;
int percent = (current * 100) / numtargs;
- if(spkg->origin == PKG_FROM_FILE) {
- continue; /* pkg_load() has been already called, this package is valid */
- }
+ const char *filename = alpm_pkg_get_filename(spkg);
+ const pmpgpsig_t *pgpsig = alpm_pkg_get_pgpsig(spkg);
PROGRESS(trans, PM_TRANS_PROGRESS_INTEGRITY_START, "", percent,
numtargs, current);
- const char *filename = alpm_pkg_get_filename(spkg);
+ if(spkg->origin == PKG_FROM_FILE) {
+ if (!pgpsig->encdata && !pgpsig->rawdata)
+ continue;
+ int ret = _alpm_file_checksig(filename, pgpsig);
+ if (ret != 0) {
+ errors++;
+ *data = alpm_list_add(*data, strdup(filename));
+ }
+ /* no checksum verification for package files */
+ continue;
+ }
+
char *filepath = _alpm_filecache_find(filename);
const char *md5sum = alpm_pkg_get_md5sum(spkg);
- const pmpgpsig_t *pgpsig = alpm_pkg_get_pgpsig(spkg);
/* check md5sum first */
if(test_md5sum(trans, filepath, md5sum) != 0) {
--
1.7.4.4
More information about the pacman-dev
mailing list