[pacman-dev] [PATCH] signing: cope with gpg2's failure at life

Dave Reisner d at falconindy.com
Tue Mar 27 23:11:42 EDT 2012 

For key searches only, gpg2 will fail to lookup any and all keys that
are not prefixed with 0x.

Signed-off-by: Dave Reisner <dreisner at archlinux.org>
---
 lib/libalpm/signing.c |   17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 3ec957d..ef9f080 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -234,6 +234,8 @@ static int key_search(alpm_handle_t *handle, const char *fpr,
 	gpgme_keylist_mode_t mode;
 	gpgme_key_t key;
 	int ret = -1;
+	size_t fpr_len;
+	char *full_fpr;
 
 	memset(&ctx, 0, sizeof(ctx));
 	err = gpgme_new(&ctx);
@@ -248,14 +250,21 @@ static int key_search(alpm_handle_t *handle, const char *fpr,
 
 	_alpm_log(handle, ALPM_LOG_DEBUG, "looking up key %s remotely\n", fpr);
 
-	err = gpgme_get_key(ctx, fpr, &key, 0);
+	/* gpg2 goes full retard here. For key searches ONLY, we need to prefix the
+	 * key fingerprint with 0x, or the lookup will fail. */
+	fpr_len = strlen(fpr);
+	MALLOC(full_fpr, fpr_len + 3, RET_ERR(handle, ALPM_ERR_MEMORY, -1));
+	sprintf(full_fpr, "0x%s", fpr);
+
+	err = gpgme_get_key(ctx, full_fpr, &key, 0);
+
 	if(gpg_err_code(err) == GPG_ERR_EOF) {
 		_alpm_log(handle, ALPM_LOG_DEBUG, "key lookup failed, unknown key\n");
 		/* Try an alternate lookup using the 8 character fingerprint value, since
 		 * busted-ass keyservers can't support lookups using subkeys with the full
 		 * value as of now. This is why 2012 is not the year of PGP encryption. */
-		if(strlen(fpr) > 8) {
-			const char *short_fpr = fpr + strlen(fpr) - 8;
+		if(fpr_len - 2 > 8) {
+			const char *short_fpr = memcpy(&full_fpr[fpr_len - 8], "0x", 2);
 			_alpm_log(handle, ALPM_LOG_DEBUG,
 					"looking up key %s remotely\n", short_fpr);
 			err = gpgme_get_key(ctx, short_fpr, &key, 0);
@@ -268,6 +277,8 @@ static int key_search(alpm_handle_t *handle, const char *fpr,
 		}
 	}
 
+	free(full_fpr);
+
 	if(gpg_err_code(err) != GPG_ERR_NO_ERROR) {
 		goto error;
 	}
-- 
1.7.9.5

More information about the pacman-dev mailing list