[pacman-dev] [PATCH] Improve error message when package is missing required signature
Andrew Gregory
andrew.gregory.8 at gmail.com
Sun May 19 20:33:25 EDT 2013
On 05/19/13 at 10:44pm, Allan McRae wrote:
> When attempting to install a package (either via -S or -U) and the
> signature is missing, the current error message "invalid or corrupted
> package (PGP signature)" is very unclear. Instead inform the user
> that the package is missing the required signature.
>
> Partial fix for FS#34741.
>
> Signed-off-by: Allan McRae <allan at archlinux.org>
> ---
> lib/libalpm/alpm.h | 1 +
> lib/libalpm/be_package.c | 6 +++++-
> lib/libalpm/error.c | 2 ++
> 3 files changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
> index 2277a69..806cd95 100644
> --- a/lib/libalpm/alpm.h
> +++ b/lib/libalpm/alpm.h
> @@ -1267,6 +1267,7 @@ typedef enum _alpm_errno_t {
> ALPM_ERR_PKG_INVALID,
> ALPM_ERR_PKG_INVALID_CHECKSUM,
> ALPM_ERR_PKG_INVALID_SIG,
> + ALPM_ERR_PKG_MISSING_SIG,
> ALPM_ERR_PKG_OPEN,
> ALPM_ERR_PKG_CANT_REMOVE,
> ALPM_ERR_PKG_INVALID_NAME,
> diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
> index cfe5fb3..ea48b6e 100644
> --- a/lib/libalpm/be_package.c
> +++ b/lib/libalpm/be_package.c
> @@ -323,9 +323,13 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
> }
>
> /* even if we don't have a sig, run the check code if level tells us to */
> - if(has_sig || level & ALPM_SIG_PACKAGE) {
> + if(level & ALPM_SIG_PACKAGE) {
I'm pretty sure we don't want to change this. If we have a sig we
don't do md5/sha256 checks. So if we have a sig we need to do this
regardless of what level is set to.
> const char *sig = syncpkg ? syncpkg->base64_sig : NULL;
> _alpm_log(handle, ALPM_LOG_DEBUG, "sig data: %s\n", sig ? sig : "<from .sig>");
> + if(!sig) {
> + handle->pm_errno = ALPM_ERR_PKG_MISSING_SIG;
> + return -1;
> + }
> if(_alpm_check_pgp_helper(handle, pkgfile, sig,
> level & ALPM_SIG_PACKAGE_OPTIONAL, level & ALPM_SIG_PACKAGE_MARGINAL_OK,
> level & ALPM_SIG_PACKAGE_UNKNOWN_OK, sigdata)) {
> diff --git a/lib/libalpm/error.c b/lib/libalpm/error.c
> index a59f4fe..8622180 100644
> --- a/lib/libalpm/error.c
> +++ b/lib/libalpm/error.c
> @@ -111,6 +111,8 @@ const char SYMEXPORT *alpm_strerror(alpm_errno_t err)
> return _("invalid or corrupted package (checksum)");
> case ALPM_ERR_PKG_INVALID_SIG:
> return _("invalid or corrupted package (PGP signature)");
> + case ALPM_ERR_PKG_MISSING_SIG:
> + return _("package missing required signature");
> case ALPM_ERR_PKG_OPEN:
> return _("cannot open package file");
> case ALPM_ERR_PKG_CANT_REMOVE:
> --
> 1.8.2.3
More information about the pacman-dev
mailing list