Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAllan McRae <allan@archlinux.org>2012-10-29 22:24:55 +1000
committerAllan McRae <allan@archlinux.org>2013-02-09 12:43:36 +1000
commit4ec6848f91ed85ab113185bb74b83a5faf21160f (patch)
treee20ce3de75a07d298ed31797522def5a4d5dace7
parent45b6d36cf7f228190dc3d20952d1e001c91bd12d (diff)
Move key importing into separate function
This will be useful for checking the availablity of all keys before perfoming validation in sync operations and for downloading a needed key in upgrade operations. Signed-off-by: Allan McRae <allan@archlinux.org>
-rw-r--r--lib/libalpm/signing.c81
-rw-r--r--lib/libalpm/signing.h1
2 files changed, 50 insertions, 32 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 883d62d0..6534fe51 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -372,6 +372,46 @@ error:
}
/**
+ * Import a key defined by a fingerprint into the local keyring.
+ * @param handle the context handle
+ * @param fpr the fingerprint key ID to import
+ * @return 0 on success, -1 on error
+ */
+int _alpm_key_import(alpm_handle_t *handle, const char *fpr) {
+ int answer = 0, ret = -1;
+ alpm_pgpkey_t fetch_key;
+ memset(&fetch_key, 0, sizeof(fetch_key));
+
+ if(key_search(handle, fpr, &fetch_key) == 1) {
+ _alpm_log(handle, ALPM_LOG_DEBUG,
+ "unknown key, found %s on keyserver\n", fetch_key.uid);
+ if(!_alpm_access(handle, handle->gpgdir, "pubring.gpg", W_OK)) {
+ QUESTION(handle, ALPM_QUESTION_IMPORT_KEY,
+ &fetch_key, NULL, NULL, &answer);
+ if(answer) {
+ if(key_import(handle, &fetch_key) == 0) {
+ ret = 0;
+ } else {
+ _alpm_log(handle, ALPM_LOG_ERROR,
+ _("key \"%s\" could not be imported\n"), fetch_key.uid);
+ }
+ }
+ } else {
+ /* keyring directory was not writable, so we don't even try */
+ _alpm_log(handle, ALPM_LOG_WARNING,
+ _("key %s, \"%s\" found on keyserver, keyring is not writable\n"),
+ fetch_key.fingerprint, fetch_key.uid);
+ }
+ } else {
+ _alpm_log(handle, ALPM_LOG_ERROR,
+ _("key \"%s\" could not be looked up remotely\n"), fpr);
+ }
+ gpgme_key_unref(fetch_key.data);
+
+ return ret;
+}
+
+/**
* Decode a loaded signature in base64 form.
* @param base64_data the signature to attempt to decode
* @param data the decoded data; must be freed by the caller
@@ -638,6 +678,11 @@ int _alpm_key_in_keychain(alpm_handle_t UNUSED *handle, const char UNUSED *fpr)
return -1;
}
+int _alpm_key_import(alpm_handle_t UNUSED *handle, const char UNUSED *fpr)
+{
+ return -1;
+}
+
int _alpm_gpgme_checksig(alpm_handle_t UNUSED *handle, const char UNUSED *path,
const char UNUSED *base64_sig, alpm_siglist_t UNUSED *siglist)
{
@@ -818,39 +863,11 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier,
}
_alpm_log(handle, ALPM_LOG_ERROR,
_("%s: key \"%s\" is unknown\n"), identifier, name);
-#ifdef HAVE_LIBGPGME
- {
- int answer = 0;
- alpm_pgpkey_t fetch_key;
- memset(&fetch_key, 0, sizeof(fetch_key));
-
- if(key_search(handle, result->key.fingerprint, &fetch_key) == 1) {
- _alpm_log(handle, ALPM_LOG_DEBUG,
- "unknown key, found %s on keyserver\n", fetch_key.uid);
- if(!_alpm_access(handle, handle->gpgdir, "pubring.gpg", W_OK)) {
- QUESTION(handle, ALPM_QUESTION_IMPORT_KEY,
- &fetch_key, NULL, NULL, &answer);
- if(answer) {
- if(key_import(handle, &fetch_key) == 0) {
- retry = 1;
- } else {
- _alpm_log(handle, ALPM_LOG_ERROR,
- _("key \"%s\" could not be imported\n"), fetch_key.uid);
- }
- }
- } else {
- /* keyring directory was not writable, so we don't even try */
- _alpm_log(handle, ALPM_LOG_WARNING,
- _("key %s, \"%s\" found on keyserver, keyring is not writable\n"),
- fetch_key.fingerprint, fetch_key.uid);
- }
- } else {
- _alpm_log(handle, ALPM_LOG_ERROR,
- _("key \"%s\" could not be looked up remotely\n"), name);
- }
- gpgme_key_unref(fetch_key.data);
+
+ if(_alpm_key_import(handle, result->key.fingerprint) == 0) {
+ retry = 1;
}
-#endif
+
break;
case ALPM_SIGSTATUS_KEY_DISABLED:
_alpm_log(handle, ALPM_LOG_ERROR,
diff --git a/lib/libalpm/signing.h b/lib/libalpm/signing.h
index a07eca6e..42b60b1f 100644
--- a/lib/libalpm/signing.h
+++ b/lib/libalpm/signing.h
@@ -32,6 +32,7 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier,
alpm_siglist_t *siglist, int optional, int marginal, int unknown);
int _alpm_key_in_keychain(alpm_handle_t *handle, const char *fpr);
+int _alpm_key_import(alpm_handle_t *handle, const char *fpr);
#endif /* _ALPM_SIGNING_H */