[pacman-dev] [PATCH 2/3] pacman: Add --verifylvl option

Kerrick Staley mail at kerrickstaley.com
Sun Jun 12 04:29:38 EDT 2011 

Just a heads-up: I proposed a more complex scheme that, if adopted,
will require this patch to be revised considerably (I actually sent
the damn email a week ago, but due to idiocy on my part and on that of
Gmail, I only noticed the problem today).

-Kerrick Staley

On Sat, Jun 11, 2011 at 11:15 PM, Pang Yan Han <pangyanhan at gmail.com> wrote:
> The --verifylvl option allows the user to change pacman's signature
> verification level. It can take in one of "always", "optional", "never", or
> their capitalized counterparts.
>
> Signed-off-by: Pang Yan Han <pangyanhan at gmail.com>
> ---
>  doc/pacman.8.txt    |    7 +++++++
>  src/pacman/conf.c   |    9 +++++++++
>  src/pacman/conf.h   |    4 +++-
>  src/pacman/pacman.c |    6 ++++++
>  4 files changed, 25 insertions(+), 1 deletions(-)
>
> diff --git a/doc/pacman.8.txt b/doc/pacman.8.txt
> index 531c992..96f4c12 100644
> --- a/doc/pacman.8.txt
> +++ b/doc/pacman.8.txt
> @@ -165,6 +165,13 @@ Options
>        Bypass any and all ``Are you sure?'' messages. It's not a good idea to do
>        this unless you want to run pacman from a script.
>
> +*\--verifylvl* <level>::
> +       Sets pacman's signature verification level to <level>. Valid values for level
> +       are "always", "optional", "never" and their capitalized counterparts. This
> +       can be used to override the "VerifySig" option in linkman:pacman.conf[5].
> +       If an invalid level is given, pacman will fallback to using the level given
> +       in the "VerifySig" option in linkman:pacman.conf[5].
> +
>  Transaction Options (apply to '-S', '-R' and '-U')
>  --------------------------------------------------
>  *-d, \--nodeps*::
> diff --git a/src/pacman/conf.c b/src/pacman/conf.c
> index 13707d0..cf507d9 100644
> --- a/src/pacman/conf.c
> +++ b/src/pacman/conf.c
> @@ -74,6 +74,7 @@ int config_free(config_t *oldconfig)
>        free(oldconfig->dbpath);
>        free(oldconfig->logfile);
>        free(oldconfig->gpgdir);
> +       free(oldconfig->verifylvl);
>        FREELIST(oldconfig->cachedirs);
>        free(oldconfig->xfercommand);
>        free(oldconfig->print_format);
> @@ -481,6 +482,14 @@ static int setup_libalpm(void)
>                alpm_option_set_cachedirs(handle, config->cachedirs);
>        }
>
> +       /* Override signature verification level from command line */
> +       if(config->verifylvl) {
> +               pgp_verify_t verifylvl = option_verifysig(config->verifylvl);
> +               if(verifylvl != PM_PGP_VERIFY_UNKNOWN) {
> +                       config->sigverify = verifylvl;
> +               }
> +       }
> +
>        if(config->sigverify != PM_PGP_VERIFY_UNKNOWN) {
>                alpm_option_set_default_sigverify(handle, config->sigverify);
>        }
> diff --git a/src/pacman/conf.h b/src/pacman/conf.h
> index 4c44bfd..7d98729 100644
> --- a/src/pacman/conf.h
> +++ b/src/pacman/conf.h
> @@ -45,6 +45,7 @@ typedef struct __config_t {
>        char *dbpath;
>        char *logfile;
>        char *gpgdir;
> +       char *verifylvl;
>        alpm_list_t *cachedirs;
>
>        unsigned short op_q_isfile;
> @@ -123,7 +124,8 @@ enum {
>        OP_ASEXPLICIT,
>        OP_ARCH,
>        OP_PRINTFORMAT,
> -       OP_GPGDIR
> +       OP_GPGDIR,
> +       OP_VERIFYLVL
>  };
>
>  /* clean method */
> diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c
> index afc79f6..0c200db 100644
> --- a/src/pacman/pacman.c
> +++ b/src/pacman/pacman.c
> @@ -205,6 +205,8 @@ static void usage(int op, const char * const myname)
>                addlist(_("      --gpgdir <path>  set an alternate home directory for GnuPG\n"));
>                addlist(_("      --logfile <path> set an alternate log file\n"));
>                addlist(_("      --noconfirm      do not ask for any confirmation\n"));
> +               addlist(_("      --verifylvl <lvl>\n"
> +                         "                       set an alternate signature verification level\n"));
>        }
>        list = alpm_list_msort(list, alpm_list_count(list), options_cmp);
>        for (i = list; i; i = alpm_list_next(i)) {
> @@ -431,6 +433,9 @@ static int parsearg_global(int opt)
>                        config->logfile = strndup(optarg, PATH_MAX);
>                        break;
>                case OP_NOCONFIRM: config->noconfirm = 1; break;
> +               case OP_VERIFYLVL:
> +                       config->verifylvl = strdup(optarg);
> +                       break;
>                case 'b':
>                        check_optarg();
>                        config->dbpath = strdup(optarg);
> @@ -628,6 +633,7 @@ static int parseargs(int argc, char *argv[])
>                {"arch",       required_argument, 0, OP_ARCH},
>                {"print-format", required_argument, 0, OP_PRINTFORMAT},
>                {"gpgdir",     required_argument, 0, OP_GPGDIR},
> +               {"verifylvl",  required_argument, 0, OP_VERIFYLVL},
>                {0, 0, 0, 0}
>        };
>
> --
> 1.7.6.rc0
>
>
>

More information about the pacman-dev mailing list