[pacman-dev] [PATCH 4/6] Add --verify option for signature level

Sat May 28 10:37:34 EDT 2011

The --verify option allows the user to change pacman's default signature
verification level. It must take in one of "always", "optional" and "verify".

Signed-off-by: Pang Yan Han <pangyanhan at gmail.com>
---
 doc/pacman.8.txt    |    5 +++++
 src/pacman/conf.h   |    3 ++-
 src/pacman/pacman.c |   15 +++++++++++++++
 3 files changed, 22 insertions(+), 1 deletions(-)

diff --git a/doc/pacman.8.txt b/doc/pacman.8.txt
index aec7fd1..453c446 100644
--- a/doc/pacman.8.txt
+++ b/doc/pacman.8.txt
@@ -165,6 +165,11 @@ Options
 	Bypass any and all ``Are you sure?'' messages. It's not a good idea to do
 	this unless you want to run pacman from a script.
 
+*\--verify* <level>::
+	Sets the default signature verification level to <level>. Valid values for level
+	are "never", "optional" and "always". This can be used to override the "VerifySig"
+	option in linkman:pacman.conf[5].
+
 Transaction Options (apply to '-S', '-R' and '-U')
 --------------------------------------------------
 *-d, \--nodeps*::
diff --git a/src/pacman/conf.h b/src/pacman/conf.h
index 76c76cf..f741ae6 100644
--- a/src/pacman/conf.h
+++ b/src/pacman/conf.h
@@ -111,7 +111,8 @@ enum {
 	OP_ASEXPLICIT,
 	OP_ARCH,
 	OP_PRINTFORMAT,
-	OP_GPGDIR
+	OP_GPGDIR,
+	OP_VERIFY
 };
 
 /* clean method */
diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c
index 8458c97..13dded1 100644
--- a/src/pacman/pacman.c
+++ b/src/pacman/pacman.c
@@ -438,6 +438,20 @@ static int parsearg_global(int opt)
 			config->logfile = strndup(optarg, PATH_MAX);
 			break;
 		case OP_NOCONFIRM: config->noconfirm = 1; break;
+		case OP_VERIFY:
+			if (!strcmp(optarg, "always")) {
+				alpm_option_set_default_sigverify(PM_PGP_VERIFY_ALWAYS);
+			} else if (!strcmp(optarg, "optional")) {
+				alpm_option_set_default_sigverify(PM_PGP_VERIFY_OPTIONAL);
+			} else if (!strcmp(optarg, "never")) {
+				alpm_option_set_default_sigverify(PM_PGP_VERIFY_NEVER);
+			} else {
+				pm_printf(PM_LOG_ERROR, _("'%s' is not a valid verify level\n"),
+						optarg);
+				return 1;
+			}
+
+			break;
 		case 'b':
 			check_optarg();
 			config->dbpath = strdup(optarg);
@@ -635,6 +649,7 @@ static int parseargs(int argc, char *argv[])
 		{"arch",       required_argument, 0, OP_ARCH},
 		{"print-format", required_argument, 0, OP_PRINTFORMAT},
 		{"gpgdir",     required_argument, 0, OP_GPGDIR},
+		{"verify",     required_argument, 0, OP_VERIFY},
 		{0, 0, 0, 0}
 	};
 
-- 
1.7.5.rc0.101.g3d23c

