[pacman-dev] [PATCH 2/8] Move key importing into separate function

Allan McRae allan at archlinux.org
Fri Nov 2 11:28:16 EDT 2012


This will be useful for checking the availablity of all keys before
perfoming validation in sync operations and for downloading a needed
key in upgrade operations.

Signed-off-by: Allan McRae <allan at archlinux.org>
---
 lib/libalpm/signing.c | 81 +++++++++++++++++++++++++++++++--------------------
 lib/libalpm/signing.h |  1 +
 2 files changed, 50 insertions(+), 32 deletions(-)

diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 09463ff..9d56aba 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -372,6 +372,46 @@ error:
 }
 
 /**
+ * Import a key defined by a fingerprint into the local keyring.
+ * @param handle the context handle
+ * @param fpr the fingerprint key ID to import
+ * @return 0 on success, -1 on error
+ */
+int _alpm_key_import(alpm_handle_t *handle, const char *fpr) {
+	int answer = 0, ret = -1;
+	alpm_pgpkey_t fetch_key;
+	memset(&fetch_key, 0, sizeof(fetch_key));
+
+	if(key_search(handle, fpr, &fetch_key) == 1) {
+		_alpm_log(handle, ALPM_LOG_DEBUG,
+				"unknown key, found %s on keyserver\n", fetch_key.uid);
+		if(!_alpm_access(handle, handle->gpgdir, "pubring.gpg", W_OK)) {
+			QUESTION(handle, ALPM_QUESTION_IMPORT_KEY,
+					&fetch_key, NULL, NULL, &answer);
+			if(answer) {
+				if(key_import(handle, &fetch_key) == 0) {
+					ret = 0;
+				} else {
+					_alpm_log(handle, ALPM_LOG_ERROR,
+							_("key \"%s\" could not be imported\n"), fetch_key.uid);
+				}
+			}
+		} else {
+			/* keyring directory was not writable, so we don't even try */
+			_alpm_log(handle, ALPM_LOG_WARNING,
+					_("key %s, \"%s\" found on keyserver, keyring is not writable\n"),
+					fetch_key.fingerprint, fetch_key.uid);
+		}
+	} else {
+		_alpm_log(handle, ALPM_LOG_ERROR,
+				_("key \"%s\" could not be looked up remotely\n"), fpr);
+	}
+	gpgme_key_unref(fetch_key.data);
+
+	return ret;
+}
+
+/**
  * Decode a loaded signature in base64 form.
  * @param base64_data the signature to attempt to decode
  * @param data the decoded data; must be freed by the caller
@@ -636,6 +676,11 @@ int _alpm_key_in_keychain(alpm_handle_t UNUSED *handle, const char UNUSED *fpr)
 	return -1;
 }
 
+int _alpm_key_import(alpm_handle_t UNUSED *handle, const char UNUSED *fpr)
+{
+	return -1;
+}
+
 int _alpm_gpgme_checksig(alpm_handle_t UNUSED *handle, const char UNUSED *path,
 		const char UNUSED *base64_sig, alpm_siglist_t UNUSED *siglist)
 {
@@ -816,39 +861,11 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier,
 				}
 				_alpm_log(handle, ALPM_LOG_ERROR,
 						_("%s: key \"%s\" is unknown\n"), identifier, name);
-#ifdef HAVE_LIBGPGME
-				{
-					int answer = 0;
-					alpm_pgpkey_t fetch_key;
-					memset(&fetch_key, 0, sizeof(fetch_key));
-
-					if(key_search(handle, result->key.fingerprint, &fetch_key) == 1) {
-						_alpm_log(handle, ALPM_LOG_DEBUG,
-								"unknown key, found %s on keyserver\n", fetch_key.uid);
-						if(!_alpm_access(handle, handle->gpgdir, "pubring.gpg", W_OK)) {
-							QUESTION(handle, ALPM_QUESTION_IMPORT_KEY,
-									&fetch_key, NULL, NULL, &answer);
-							if(answer) {
-								if(key_import(handle, &fetch_key) == 0) {
-									retry = 1;
-								} else {
-									_alpm_log(handle, ALPM_LOG_ERROR,
-											_("key \"%s\" could not be imported\n"), fetch_key.uid);
-								}
-							}
-						} else {
-							/* keyring directory was not writable, so we don't even try */
-							_alpm_log(handle, ALPM_LOG_WARNING,
-									_("key %s, \"%s\" found on keyserver, keyring is not writable\n"),
-									fetch_key.fingerprint, fetch_key.uid);
-						}
-					} else {
-						_alpm_log(handle, ALPM_LOG_ERROR,
-								_("key \"%s\" could not be looked up remotely\n"), name);
-					}
-					gpgme_key_unref(fetch_key.data);
+
+				if(_alpm_key_import(handle, result->key.fingerprint) == 0) {
+					retry = 1;
 				}
-#endif
+
 				break;
 			case ALPM_SIGSTATUS_KEY_DISABLED:
 				_alpm_log(handle, ALPM_LOG_ERROR,
diff --git a/lib/libalpm/signing.h b/lib/libalpm/signing.h
index cc3e979..a78e4b7 100644
--- a/lib/libalpm/signing.h
+++ b/lib/libalpm/signing.h
@@ -32,6 +32,7 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier,
 		alpm_siglist_t *siglist, int optional, int marginal, int unknown);
 
 int _alpm_key_in_keychain(alpm_handle_t *handle, const char *fpr);
+int _alpm_key_import(alpm_handle_t *handle, const char *fpr);
 
 #endif /* _ALPM_SIGNING_H */
 
-- 
1.8.0



More information about the pacman-dev mailing list