[pacman-dev] [PATCH] Improve error message when package is missing required signature

Sun May 19 20:33:25 EDT 2013

On 05/19/13 at 10:44pm, Allan McRae wrote:
> When attempting to install a package (either via -S or -U) and the
> signature is missing, the current error message "invalid or corrupted
> package (PGP signature)" is very unclear.  Instead inform the user
> that the package is missing the required signature.
> 
> Partial fix for FS#34741.
> 
> Signed-off-by: Allan McRae <allan at archlinux.org>
> ---
>  lib/libalpm/alpm.h       | 1 +
>  lib/libalpm/be_package.c | 6 +++++-
>  lib/libalpm/error.c      | 2 ++
>  3 files changed, 8 insertions(+), 1 deletion(-)
> 
> diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
> index 2277a69..806cd95 100644
> --- a/lib/libalpm/alpm.h
> +++ b/lib/libalpm/alpm.h
> @@ -1267,6 +1267,7 @@ typedef enum _alpm_errno_t {
>  	ALPM_ERR_PKG_INVALID,
>  	ALPM_ERR_PKG_INVALID_CHECKSUM,
>  	ALPM_ERR_PKG_INVALID_SIG,
> +	ALPM_ERR_PKG_MISSING_SIG,
>  	ALPM_ERR_PKG_OPEN,
>  	ALPM_ERR_PKG_CANT_REMOVE,
>  	ALPM_ERR_PKG_INVALID_NAME,
> diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
> index cfe5fb3..ea48b6e 100644
> --- a/lib/libalpm/be_package.c
> +++ b/lib/libalpm/be_package.c
> @@ -323,9 +323,13 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
>  	}
>  
>  	/* even if we don't have a sig, run the check code if level tells us to */
> -	if(has_sig || level & ALPM_SIG_PACKAGE) {
> +	if(level & ALPM_SIG_PACKAGE) {

I'm pretty sure we don't want to change this.  If we have a sig we
don't do md5/sha256 checks.  So if we have a sig we need to do this
regardless of what level is set to.

>  		const char *sig = syncpkg ? syncpkg->base64_sig : NULL;
>  		_alpm_log(handle, ALPM_LOG_DEBUG, "sig data: %s\n", sig ? sig : "<from .sig>");
> +		if(!sig) {
> +			handle->pm_errno = ALPM_ERR_PKG_MISSING_SIG;
> +			return -1;
> +		}
>  		if(_alpm_check_pgp_helper(handle, pkgfile, sig,
>  					level & ALPM_SIG_PACKAGE_OPTIONAL, level & ALPM_SIG_PACKAGE_MARGINAL_OK,
>  					level & ALPM_SIG_PACKAGE_UNKNOWN_OK, sigdata)) {
> diff --git a/lib/libalpm/error.c b/lib/libalpm/error.c
> index a59f4fe..8622180 100644
> --- a/lib/libalpm/error.c
> +++ b/lib/libalpm/error.c
> @@ -111,6 +111,8 @@ const char SYMEXPORT *alpm_strerror(alpm_errno_t err)
>  			return _("invalid or corrupted package (checksum)");
>  		case ALPM_ERR_PKG_INVALID_SIG:
>  			return _("invalid or corrupted package (PGP signature)");
> +		case ALPM_ERR_PKG_MISSING_SIG:
> +			return _("package missing required signature");
>  		case ALPM_ERR_PKG_OPEN:
>  			return _("cannot open package file");
>  		case ALPM_ERR_PKG_CANT_REMOVE:
> -- 
> 1.8.2.3