[pacman-dev] [PATCH 4/6] Add --verify option for signature level
Pang Yan Han
pangyanhan at gmail.com
Sat May 28 10:37:34 EDT 2011
The --verify option allows the user to change pacman's default signature
verification level. It must take in one of "always", "optional" and "verify".
Signed-off-by: Pang Yan Han <pangyanhan at gmail.com>
---
doc/pacman.8.txt | 5 +++++
src/pacman/conf.h | 3 ++-
src/pacman/pacman.c | 15 +++++++++++++++
3 files changed, 22 insertions(+), 1 deletions(-)
diff --git a/doc/pacman.8.txt b/doc/pacman.8.txt
index aec7fd1..453c446 100644
--- a/doc/pacman.8.txt
+++ b/doc/pacman.8.txt
@@ -165,6 +165,11 @@ Options
Bypass any and all ``Are you sure?'' messages. It's not a good idea to do
this unless you want to run pacman from a script.
+*\--verify* <level>::
+ Sets the default signature verification level to <level>. Valid values for level
+ are "never", "optional" and "always". This can be used to override the "VerifySig"
+ option in linkman:pacman.conf[5].
+
Transaction Options (apply to '-S', '-R' and '-U')
--------------------------------------------------
*-d, \--nodeps*::
diff --git a/src/pacman/conf.h b/src/pacman/conf.h
index 76c76cf..f741ae6 100644
--- a/src/pacman/conf.h
+++ b/src/pacman/conf.h
@@ -111,7 +111,8 @@ enum {
OP_ASEXPLICIT,
OP_ARCH,
OP_PRINTFORMAT,
- OP_GPGDIR
+ OP_GPGDIR,
+ OP_VERIFY
};
/* clean method */
diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c
index 8458c97..13dded1 100644
--- a/src/pacman/pacman.c
+++ b/src/pacman/pacman.c
@@ -438,6 +438,20 @@ static int parsearg_global(int opt)
config->logfile = strndup(optarg, PATH_MAX);
break;
case OP_NOCONFIRM: config->noconfirm = 1; break;
+ case OP_VERIFY:
+ if (!strcmp(optarg, "always")) {
+ alpm_option_set_default_sigverify(PM_PGP_VERIFY_ALWAYS);
+ } else if (!strcmp(optarg, "optional")) {
+ alpm_option_set_default_sigverify(PM_PGP_VERIFY_OPTIONAL);
+ } else if (!strcmp(optarg, "never")) {
+ alpm_option_set_default_sigverify(PM_PGP_VERIFY_NEVER);
+ } else {
+ pm_printf(PM_LOG_ERROR, _("'%s' is not a valid verify level\n"),
+ optarg);
+ return 1;
+ }
+
+ break;
case 'b':
check_optarg();
config->dbpath = strdup(optarg);
@@ -635,6 +649,7 @@ static int parseargs(int argc, char *argv[])
{"arch", required_argument, 0, OP_ARCH},
{"print-format", required_argument, 0, OP_PRINTFORMAT},
{"gpgdir", required_argument, 0, OP_GPGDIR},
+ {"verify", required_argument, 0, OP_VERIFY},
{0, 0, 0, 0}
};
--
1.7.5.rc0.101.g3d23c
More information about the pacman-dev
mailing list