[pacman-dev] [PATCH] Improve error message when package is missing required signature

Sun May 19 19:46:35 EDT 2013

On 20/05/13 03:03, William Giokas wrote:
> On Sun, May 19, 2013 at 10:44:21PM +1000, Allan McRae wrote:
>> When attempting to install a package (either via -S or -U) and the
>> signature is missing, the current error message "invalid or corrupted
>> package (PGP signature)" is very unclear.  Instead inform the user
>> that the package is missing the required signature.
>>
>> Partial fix for FS#34741.
>>
>> Signed-off-by: Allan McRae <allan at archlinux.org>
>> ---
> 
> This causes a whole bunch of tests to fail. I ran a bisect on your working
> branch, and e35a061 (this commit) was bad. The full output of the
> make check results is at the bottom.
> 
>>  lib/libalpm/alpm.h       | 1 +
>>  lib/libalpm/be_package.c | 6 +++++-
>>  lib/libalpm/error.c      | 2 ++
>>  3 files changed, 8 insertions(+), 1 deletion(-)
>>
>> diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
>> index 2277a69..806cd95 100644
>> --- a/lib/libalpm/alpm.h
>> +++ b/lib/libalpm/alpm.h
>> @@ -1267,6 +1267,7 @@ typedef enum _alpm_errno_t {
>>  	ALPM_ERR_PKG_INVALID,
>>  	ALPM_ERR_PKG_INVALID_CHECKSUM,
>>  	ALPM_ERR_PKG_INVALID_SIG,
>> +	ALPM_ERR_PKG_MISSING_SIG,
>>  	ALPM_ERR_PKG_OPEN,
>>  	ALPM_ERR_PKG_CANT_REMOVE,
>>  	ALPM_ERR_PKG_INVALID_NAME,
>> diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
>> index cfe5fb3..ea48b6e 100644
>> --- a/lib/libalpm/be_package.c
>> +++ b/lib/libalpm/be_package.c
>> @@ -323,9 +323,13 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
>>  	}
>>  
>>  	/* even if we don't have a sig, run the check code if level tells us to */
>> -	if(has_sig || level & ALPM_SIG_PACKAGE) {
>> +	if(level & ALPM_SIG_PACKAGE) {
>>  		const char *sig = syncpkg ? syncpkg->base64_sig : NULL;
>>  		_alpm_log(handle, ALPM_LOG_DEBUG, "sig data: %s\n", sig ? sig : "<from .sig>");
>> +		if(!sig) {

Fix now pushed to my working branch:

if(!has_sig && !(level & ALPM_SIG_PACKAGE_OPTIONAL)) {

>> +			handle->pm_errno = ALPM_ERR_PKG_MISSING_SIG;
>> +			return -1;
>> +		}
>>  		if(_alpm_check_pgp_helper(handle, pkgfile, sig,
>>  					level & ALPM_SIG_PACKAGE_OPTIONAL, level & ALPM_SIG_PACKAGE_MARGINAL_OK,
>>  					level & ALPM_SIG_PACKAGE_UNKNOWN_OK, sigdata)) {
>> diff --git a/lib/libalpm/error.c b/lib/libalpm/error.c
>> index a59f4fe..8622180 100644
>> --- a/lib/libalpm/error.c
>> +++ b/lib/libalpm/error.c
>> @@ -111,6 +111,8 @@ const char SYMEXPORT *alpm_strerror(alpm_errno_t err)
>>  			return _("invalid or corrupted package (checksum)");
>>  		case ALPM_ERR_PKG_INVALID_SIG:
>>  			return _("invalid or corrupted package (PGP signature)");
>> +		case ALPM_ERR_PKG_MISSING_SIG:
>> +			return _("package missing required signature");
>>  		case ALPM_ERR_PKG_OPEN:
>>  			return _("cannot open package file");
>>  		case ALPM_ERR_PKG_CANT_REMOVE:
> 
> 