[pacman-dev] [PATCH 0/4] Add signature check for local packages
remyoudompheng at gmail.com
Thu Apr 21 02:35:50 EDT 2011
Packages added from local files are not checked currently.
These patches also introduce changes in the handling
of PM_PGP_VERIFY_UNKNOWN that are not really convincing.
We could skip these changes and just apply the other patches,
however we should probably give some thoughts about that.
Making the check level into an argument of the check function
could also be an option.
Rémy Oudompheng (4):
sync.c: remove duplicated code for integrity check failures
handle.c: force sigverify level not to be PM_PGP_VERIFY_UNKNOWN
sync.c: remove unnecessary check for PM_PGP_VERIFY_UNKNOWN
sync.c: also check signatures for packages loaded from files
lib/libalpm/handle.c | 1 +
lib/libalpm/sync.c | 58 +++++++++++++++++++++++++-------------------------
2 files changed, 30 insertions(+), 29 deletions(-)
More information about the pacman-dev