Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/lib/libalpm/be_sync.c
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-09-19 22:53:15 -0500
committerDan McGee <dan@archlinux.org>2011-09-20 10:23:11 -0500
commitec790ced7cee00269234cb1ed476e29256433923 (patch)
treea2acb54dc4d26c62bbcc285b4a9d88ae637628a8 /lib/libalpm/be_sync.c
parent994cb4da4f6bc8efbb6a649cb7d99d95bce5c37a (diff)
signing: add a process and retry loop for database signatures
In reality, there is no retrying that happens as of now because we don't have any import or changing of the keyring going on, but the code is set up so we can drop this in our new _alpm_process_siglist() function. Wire up the basics to the sync database validation code, so we see something like the following: $ pacman -Ss unknowntrust error: core: signature from "Dan McGee <dpmcgee@gmail.com>" is unknown trust error: core: signature from "Dan McGee <dpmcgee@gmail.com>" is unknown trust error: database 'core' is not valid (invalid or corrupted database (PGP signature)) $ pacman -Ss missingsig error: core: missing required signature error: core: missing required signature error: database 'core' is not valid (invalid or corrupted database (PGP signature)) Yes, there is some double output, but this should be fixable in the future. Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm/be_sync.c')
-rw-r--r--lib/libalpm/be_sync.c21
1 files changed, 15 insertions, 6 deletions
diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c
index ef0f1ef4..5477eff4 100644
--- a/lib/libalpm/be_sync.c
+++ b/lib/libalpm/be_sync.c
@@ -70,7 +70,6 @@ static int sync_db_validate(alpm_db_t *db)
{
alpm_siglevel_t level;
const char *dbpath;
- alpm_siglist_t *siglist;
if(db->status & DB_STATUS_VALID || db->status & DB_STATUS_MISSING) {
return 0;
@@ -101,16 +100,26 @@ static int sync_db_validate(alpm_db_t *db)
level = alpm_db_get_siglevel(db);
if(level & ALPM_SIG_DATABASE) {
- if(_alpm_check_pgp_helper(db->handle, dbpath, NULL,
+ int retry, ret;
+ do {
+ retry = 0;
+ alpm_siglist_t *siglist;
+ ret = _alpm_check_pgp_helper(db->handle, dbpath, NULL,
level & ALPM_SIG_DATABASE_OPTIONAL, level & ALPM_SIG_DATABASE_MARGINAL_OK,
- level & ALPM_SIG_DATABASE_UNKNOWN_OK, &siglist)) {
- db->handle->pm_errno = ALPM_ERR_DB_INVALID_SIG;
+ level & ALPM_SIG_DATABASE_UNKNOWN_OK, &siglist);
+ if(ret) {
+ retry = _alpm_process_siglist(db->handle, db->treename, siglist,
+ level & ALPM_SIG_DATABASE_OPTIONAL, level & ALPM_SIG_DATABASE_MARGINAL_OK,
+ level & ALPM_SIG_DATABASE_UNKNOWN_OK);
+ }
alpm_siglist_cleanup(siglist);
free(siglist);
+ } while(retry);
+
+ if(ret) {
+ db->handle->pm_errno = ALPM_ERR_DB_INVALID_SIG;
return 1;
}
- alpm_siglist_cleanup(siglist);
- free(siglist);
}
valid: