Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-04-29 18:25:44 -0500
committerDan McGee <dan@archlinux.org>2011-06-30 17:25:53 -0500
commitcf1401a04d5179c89af6460b812e171cc2da19f0 (patch)
tree4cbcca31fefb64b8b0c2cbbfd2334f44cda2c7d0
parent23a2d2c16a87dc8744b8307bded9fabb503dde13 (diff)
signing: check validity of all available signatures
Change the check into a loop over all signatures present and returned by GPGME. Also modify the return values and checks slightly now that I know a little bit more about what type of values are returned. Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--lib/libalpm/signing.c57
1 files changed, 29 insertions, 28 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 24ca4a0d..4e03ddcc 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -292,7 +292,7 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path,
goto error;
}
- {
+ while(gpgsig) {
alpm_list_t *summary_list, *summary;
_alpm_log(handle, PM_LOG_DEBUG, "fingerprint: %s\n", gpgsig->fpr);
@@ -304,35 +304,36 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path,
_alpm_log(handle, PM_LOG_DEBUG, "status: %s\n", gpgme_strerror(gpgsig->status));
_alpm_log(handle, PM_LOG_DEBUG, "timestamp: %lu\n", gpgsig->timestamp);
_alpm_log(handle, PM_LOG_DEBUG, "exp_timestamp: %lu\n", gpgsig->exp_timestamp);
- _alpm_log(handle, PM_LOG_DEBUG, "validity: %s\n",
- string_validity(gpgsig->validity));
- _alpm_log(handle, PM_LOG_DEBUG, "validity_reason: %s\n",
+ _alpm_log(handle, PM_LOG_DEBUG, "validity: %s; reason: %s\n",
+ string_validity(gpgsig->validity),
gpgme_strerror(gpgsig->validity_reason));
- _alpm_log(handle, PM_LOG_DEBUG, "pubkey algo: %s\n",
- gpgme_pubkey_algo_name(gpgsig->pubkey_algo));
- _alpm_log(handle, PM_LOG_DEBUG, "hash algo: %s\n",
- gpgme_hash_algo_name(gpgsig->hash_algo));
- }
- if(gpgsig->summary & GPGME_SIGSUM_VALID) {
- /* good signature, continue */
- _alpm_log(handle, PM_LOG_DEBUG, _("File %s has a valid signature.\n"),
- path);
- } else if(gpgsig->summary & GPGME_SIGSUM_GREEN) {
- /* 'green' signature, not sure what to do here */
- _alpm_log(handle, PM_LOG_WARNING, _("File %s has a green signature.\n"),
- path);
- } else if(gpgsig->summary & GPGME_SIGSUM_KEY_MISSING) {
- handle->pm_errno = PM_ERR_SIG_UNKNOWN;
- _alpm_log(handle, PM_LOG_WARNING, _("File %s has a signature from an unknown key.\n"),
- path);
- ret = -1;
- } else {
- /* we'll capture everything else here */
- handle->pm_errno = PM_ERR_SIG_INVALID;
- _alpm_log(handle, PM_LOG_ERROR, _("File %s has an invalid signature.\n"),
- path);
- ret = 1;
+ /* Note: this is structured so any bad signature will set the return code
+ * to a bad one, but good ones just leave the default value in place; e.g.
+ * worst case wins out. */
+ if(gpgsig->summary & GPGME_SIGSUM_VALID) {
+ /* definite good signature */
+ _alpm_log(handle, PM_LOG_DEBUG, "result: valid signature\n");
+ } else if(gpgsig->summary & GPGME_SIGSUM_GREEN) {
+ /* good signature */
+ _alpm_log(handle, PM_LOG_DEBUG, "result: green signature\n");
+ } else if(gpgsig->summary & GPGME_SIGSUM_RED) {
+ /* definite bad signature, error */
+ _alpm_log(handle, PM_LOG_DEBUG, "result: red signature\n");
+ handle->pm_errno = PM_ERR_SIG_INVALID;
+ ret = 1;
+ } else if(gpgsig->summary & GPGME_SIGSUM_KEY_MISSING) {
+ _alpm_log(handle, PM_LOG_DEBUG, "result: signature from unknown key\n");
+ handle->pm_errno = PM_ERR_SIG_UNKNOWN;
+ ret = 1;
+ } else {
+ /* we'll capture everything else here */
+ _alpm_log(handle, PM_LOG_DEBUG, "result: invalid signature\n");
+ handle->pm_errno = PM_ERR_SIG_INVALID;
+ ret = 1;
+ }
+
+ gpgsig = gpgsig->next;
}
error: