[pacman-dev] [PATCH] Improve error message when package is missing required signature

Sun May 19 08:44:21 EDT 2013

When attempting to install a package (either via -S or -U) and the
signature is missing, the current error message "invalid or corrupted
package (PGP signature)" is very unclear.  Instead inform the user
that the package is missing the required signature.

Partial fix for FS#34741.

Signed-off-by: Allan McRae <allan at archlinux.org>
---
 lib/libalpm/alpm.h       | 1 +
 lib/libalpm/be_package.c | 6 +++++-
 lib/libalpm/error.c      | 2 ++
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
index 2277a69..806cd95 100644
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@@ -1267,6 +1267,7 @@ typedef enum _alpm_errno_t {
 	ALPM_ERR_PKG_INVALID,
 	ALPM_ERR_PKG_INVALID_CHECKSUM,
 	ALPM_ERR_PKG_INVALID_SIG,
+	ALPM_ERR_PKG_MISSING_SIG,
 	ALPM_ERR_PKG_OPEN,
 	ALPM_ERR_PKG_CANT_REMOVE,
 	ALPM_ERR_PKG_INVALID_NAME,
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
index cfe5fb3..ea48b6e 100644
--- a/lib/libalpm/be_package.c
+++ b/lib/libalpm/be_package.c
@@ -323,9 +323,13 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
 	}
 
 	/* even if we don't have a sig, run the check code if level tells us to */
-	if(has_sig || level & ALPM_SIG_PACKAGE) {
+	if(level & ALPM_SIG_PACKAGE) {
 		const char *sig = syncpkg ? syncpkg->base64_sig : NULL;
 		_alpm_log(handle, ALPM_LOG_DEBUG, "sig data: %s\n", sig ? sig : "<from .sig>");
+		if(!sig) {
+			handle->pm_errno = ALPM_ERR_PKG_MISSING_SIG;
+			return -1;
+		}
 		if(_alpm_check_pgp_helper(handle, pkgfile, sig,
 					level & ALPM_SIG_PACKAGE_OPTIONAL, level & ALPM_SIG_PACKAGE_MARGINAL_OK,
 					level & ALPM_SIG_PACKAGE_UNKNOWN_OK, sigdata)) {
diff --git a/lib/libalpm/error.c b/lib/libalpm/error.c
index a59f4fe..8622180 100644
--- a/lib/libalpm/error.c
+++ b/lib/libalpm/error.c
@@ -111,6 +111,8 @@ const char SYMEXPORT *alpm_strerror(alpm_errno_t err)
 			return _("invalid or corrupted package (checksum)");
 		case ALPM_ERR_PKG_INVALID_SIG:
 			return _("invalid or corrupted package (PGP signature)");
+		case ALPM_ERR_PKG_MISSING_SIG:
+			return _("package missing required signature");
 		case ALPM_ERR_PKG_OPEN:
 			return _("cannot open package file");
 		case ALPM_ERR_PKG_CANT_REMOVE:
-- 
1.8.2.3

