[pacman-dev] [PATCH] Improve error message when package is missing required signature

Sun May 19 20:33:47 EDT 2013

On 20/05/13 10:33, Andrew Gregory wrote:
> On 05/19/13 at 10:44pm, Allan McRae wrote:
>> When attempting to install a package (either via -S or -U) and the
>> signature is missing, the current error message "invalid or corrupted
>> package (PGP signature)" is very unclear.  Instead inform the user
>> that the package is missing the required signature.
>>
>> Partial fix for FS#34741.
>>
>> Signed-off-by: Allan McRae <allan at archlinux.org>
>> ---
>>  lib/libalpm/alpm.h       | 1 +
>>  lib/libalpm/be_package.c | 6 +++++-
>>  lib/libalpm/error.c      | 2 ++
>>  3 files changed, 8 insertions(+), 1 deletion(-)
>>
>> diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
>> index 2277a69..806cd95 100644
>> --- a/lib/libalpm/alpm.h
>> +++ b/lib/libalpm/alpm.h
>> @@ -1267,6 +1267,7 @@ typedef enum _alpm_errno_t {
>>  	ALPM_ERR_PKG_INVALID,
>>  	ALPM_ERR_PKG_INVALID_CHECKSUM,
>>  	ALPM_ERR_PKG_INVALID_SIG,
>> +	ALPM_ERR_PKG_MISSING_SIG,
>>  	ALPM_ERR_PKG_OPEN,
>>  	ALPM_ERR_PKG_CANT_REMOVE,
>>  	ALPM_ERR_PKG_INVALID_NAME,
>> diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
>> index cfe5fb3..ea48b6e 100644
>> --- a/lib/libalpm/be_package.c
>> +++ b/lib/libalpm/be_package.c
>> @@ -323,9 +323,13 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
>>  	}
>>  
>>  	/* even if we don't have a sig, run the check code if level tells us to */
>> -	if(has_sig || level & ALPM_SIG_PACKAGE) {
>> +	if(level & ALPM_SIG_PACKAGE) {
> 
> I'm pretty sure we don't want to change this.  If we have a sig we
> don't do md5/sha256 checks.  So if we have a sig we need to do this
> regardless of what level is set to.

Setting "has_sig = 1" only occurs in a "if(level & ALPM_SIG_PACKAGE)"
block.  So testing both is redundant.

>>  		const char *sig = syncpkg ? syncpkg->base64_sig : NULL;
>>  		_alpm_log(handle, ALPM_LOG_DEBUG, "sig data: %s\n", sig ? sig : "<from .sig>");
>> +		if(!sig) {
>> +			handle->pm_errno = ALPM_ERR_PKG_MISSING_SIG;
>> +			return -1;
>> +		}
>>  		if(_alpm_check_pgp_helper(handle, pkgfile, sig,
>>  					level & ALPM_SIG_PACKAGE_OPTIONAL, level & ALPM_SIG_PACKAGE_MARGINAL_OK,
>>  					level & ALPM_SIG_PACKAGE_UNKNOWN_OK, sigdata)) {
>> diff --git a/lib/libalpm/error.c b/lib/libalpm/error.c
>> index a59f4fe..8622180 100644
>> --- a/lib/libalpm/error.c
>> +++ b/lib/libalpm/error.c
>> @@ -111,6 +111,8 @@ const char SYMEXPORT *alpm_strerror(alpm_errno_t err)
>>  			return _("invalid or corrupted package (checksum)");
>>  		case ALPM_ERR_PKG_INVALID_SIG:
>>  			return _("invalid or corrupted package (PGP signature)");
>> +		case ALPM_ERR_PKG_MISSING_SIG:
>> +			return _("package missing required signature");
>>  		case ALPM_ERR_PKG_OPEN:
>>  			return _("cannot open package file");
>>  		case ALPM_ERR_PKG_CANT_REMOVE:
>> -- 
>> 1.8.2.3
> 
> 
> 