Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/lib/libalpm/be_package.c
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-04-21 23:39:01 -0500
committerDan McGee <dan@archlinux.org>2011-04-24 10:48:34 -0500
commit4d63ebe2fbe932412a7b8340af49bf30c8e17a91 (patch)
tree83555011c2e8205a4243ac389647af50e964761e /lib/libalpm/be_package.c
parent1cf79eb8c8c7894d238cd906613dc1cd5b7ced1a (diff)
Perform package verification at package load time
Both md5sum verification and PGP verification can and should be done at package load time. This allows verification to happen as early as possible for packages provided by filename and loaded in the frontend, and moves more stuff out of sync_commit that doesn't really belong there. This should also set the stage for simplified parallel loading of packages later down the road. Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm/be_package.c')
-rw-r--r--lib/libalpm/be_package.c34
1 files changed, 27 insertions, 7 deletions
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
index 6e65c7dd..20445756 100644
--- a/lib/libalpm/be_package.c
+++ b/lib/libalpm/be_package.c
@@ -226,9 +226,10 @@ static int parse_descfile(struct archive *a, pmpkg_t *newpkg)
* through the full archive
* @return An information filled pmpkg_t struct
*/
-static pmpkg_t *pkg_load(const char *pkgfile, int full)
+pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full,
+ const char *md5sum, const char *base64_sig, pgp_verify_t check_sig)
{
- int ret = ARCHIVE_OK;
+ int ret;
int config = 0;
struct archive *archive;
struct archive_entry *entry;
@@ -254,6 +255,27 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full)
RET_ERR(PM_ERR_PKG_OPEN, NULL);
}
+ /* first steps- validate the package file */
+ _alpm_log(PM_LOG_DEBUG, "md5sum: %s\n", md5sum);
+ if(md5sum) {
+ _alpm_log(PM_LOG_DEBUG, "checking md5sum for %s\n", pkgfile);
+ if(_alpm_test_md5sum(pkgfile, md5sum) != 0) {
+ alpm_pkg_free(newpkg);
+ RET_ERR(PM_ERR_PKG_INVALID, NULL);
+ }
+ }
+
+ _alpm_log(PM_LOG_DEBUG, "base64_sig: %s\n", base64_sig);
+ if(check_sig != PM_PGP_VERIFY_NEVER) {
+ _alpm_log(PM_LOG_DEBUG, "checking signature for %s\n", pkgfile);
+ ret = _alpm_gpgme_checksig(pkgfile, base64_sig);
+ if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) ||
+ (check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) {
+ RET_ERR(PM_ERR_SIG_INVALID, NULL);
+ }
+ }
+
+ /* next- try to create an archive object to read in the package */
if((archive = archive_read_new()) == NULL) {
alpm_pkg_free(newpkg);
RET_ERR(PM_ERR_LIBARCHIVE, NULL);
@@ -332,7 +354,6 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full)
/* internal fields for package struct */
newpkg->origin = PKG_FROM_FILE;
- /* TODO eventually kill/move this? */
newpkg->origin_data.file = strdup(pkgfile);
newpkg->ops = get_file_pkg_ops();
@@ -359,16 +380,15 @@ error:
return NULL;
}
-int SYMEXPORT alpm_pkg_load(const char *filename, int full, pmpkg_t **pkg)
+int SYMEXPORT alpm_pkg_load(const char *filename, int full,
+ pgp_verify_t check_sig, pmpkg_t **pkg)
{
ALPM_LOG_FUNC;
/* Sanity checks */
- ASSERT(filename != NULL && strlen(filename) != 0,
- RET_ERR(PM_ERR_WRONG_ARGS, -1));
ASSERT(pkg != NULL, RET_ERR(PM_ERR_WRONG_ARGS, -1));
- *pkg = pkg_load(filename, full);
+ *pkg = _alpm_pkg_load_internal(filename, full, NULL, NULL, check_sig);
if(*pkg == NULL) {
/* pm_errno is set by pkg_load */
return -1;