[pacman-dev] [PATCH 3/3] _alpm_key_in_keychain: cache known keys

Tue Sep 30 19:24:20 UTC 2014

Implements FS#38042

Signed-off-by: Andrew Gregory <andrew.gregory.8 at gmail.com>
---
 lib/libalpm/handle.c  | 5 +++++
 lib/libalpm/handle.h  | 4 ++++
 lib/libalpm/signing.c | 6 ++++++
 3 files changed, 15 insertions(+)

diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c
index 0d8ea34..0dd0e7f 100644
--- a/lib/libalpm/handle.c
+++ b/lib/libalpm/handle.c
@@ -70,6 +70,10 @@ void _alpm_handle_free(alpm_handle_t *handle)
 	curl_easy_cleanup(handle->curl);
 #endif
 
+#ifdef HAVE_LIBGPGME
+	FREELIST(handle->known_keys);
+#endif
+
 	regfree(&handle->delta_regex);
 
 	/* free memory */
@@ -85,6 +89,7 @@ void _alpm_handle_free(alpm_handle_t *handle)
 	FREELIST(handle->noextract);
 	FREELIST(handle->ignorepkg);
 	FREELIST(handle->ignoregroup);
+	FREELIST(handle->known_keys);
 	FREE(handle);
 }
 
diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h
index 9cd3a21..1860e6b 100644
--- a/lib/libalpm/handle.h
+++ b/lib/libalpm/handle.h
@@ -62,6 +62,10 @@ struct __alpm_handle_t {
 	CURL *curl;             /* reusable curl_easy handle */
 #endif
 
+#ifdef HAVE_LIBGPGME
+	alpm_list_t *known_keys;  /* keys verified to be in our keychain */
+#endif
+
 	/* callback functions */
 	alpm_cb_log logcb;          /* Log callback function */
 	alpm_cb_download dlcb;      /* Download callback function */
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index c0fb006..8391315 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -221,6 +221,11 @@ int _alpm_key_in_keychain(alpm_handle_t *handle, const char *fpr)
 	gpgme_key_t key;
 	int ret = -1;
 
+	if(alpm_list_find_str(handle->known_keys, fpr)) {
+		_alpm_log(handle, ALPM_LOG_DEBUG, "key %s found in cache\n", fpr);
+		return 1;
+	}
+
 	if(init_gpgme(handle)) {
 		/* pm_errno was set in gpgme_init() */
 		goto error;
@@ -238,6 +243,7 @@ int _alpm_key_in_keychain(alpm_handle_t *handle, const char *fpr)
 		ret = 0;
 	} else if(gpg_err_code(gpg_err) == GPG_ERR_NO_ERROR) {
 		_alpm_log(handle, ALPM_LOG_DEBUG, "key lookup success, key exists\n");
+		handle->known_keys = alpm_list_add(handle->known_keys, strdup(fpr));
 		ret = 1;
 	} else {
 		_alpm_log(handle, ALPM_LOG_DEBUG, "gpg error: %s\n", gpgme_strerror(gpg_err));
-- 
2.1.1
