Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/lib/libalpm/signing.c
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-09-22 15:47:57 -0500
committerDan McGee <dan@archlinux.org>2011-09-22 16:01:10 -0500
commit1e0ed133f471c35fe6979612a4cb57926223c9b9 (patch)
tree8f37314c6bb88cd882c4d7fb7598d1f3af9090f1 /lib/libalpm/signing.c
parent907e8af5be7579129a257b4c9952e86a22df9bb9 (diff)
Handle key import errors correctly and with good error messages
This adds calls to gpgme_op_import_result() which we were not looking at before to ensure the key was actually imported. Additionally, we do some preemptive checks to ensure the keyring is even writable if we are going to prompt the user to add things to it. Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm/signing.c')
-rw-r--r--lib/libalpm/signing.c42
1 files changed, 36 insertions, 6 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 0bb7901f..92095655 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -136,7 +136,7 @@ static int init_gpgme(alpm_handle_t *handle)
sigdir = handle->gpgdir;
- if (_alpm_access(handle, sigdir, "pubring.gpg", R_OK)
+ if(_alpm_access(handle, sigdir, "pubring.gpg", R_OK)
|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
handle->pm_errno = ALPM_ERR_NOT_A_FILE;
_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");
@@ -285,8 +285,15 @@ static int key_import(alpm_handle_t *handle, alpm_pgpkey_t *key)
gpgme_error_t err;
gpgme_ctx_t ctx;
gpgme_key_t keys[2];
+ gpgme_import_result_t result;
int ret = -1;
+ if(_alpm_access(handle, handle->gpgdir, "pubring.gpg", W_OK)) {
+ /* no chance of import succeeding if pubring isn't writable */
+ _alpm_log(handle, ALPM_LOG_ERROR, _("keyring is not writable\n"));
+ return -1;
+ }
+
memset(&ctx, 0, sizeof(ctx));
err = gpgme_new(&ctx);
CHECK_ERR();
@@ -297,7 +304,18 @@ static int key_import(alpm_handle_t *handle, alpm_pgpkey_t *key)
keys[1] = NULL;
err = gpgme_op_import_keys(ctx, keys);
CHECK_ERR();
- ret = 0;
+ result = gpgme_op_import_result(ctx);
+ CHECK_ERR();
+ /* we know we tried to import exactly one key, so check for this */
+ if(result->considered != 1 || !result->imports) {
+ _alpm_log(handle, ALPM_LOG_DEBUG, "could not import key, 0 results\n");
+ ret = -1;
+ } else if(result->imports->result != GPG_ERR_NO_ERROR) {
+ _alpm_log(handle, ALPM_LOG_DEBUG, "gpg error: %s\n", gpgme_strerror(err));
+ ret = -1;
+ } else {
+ ret = 0;
+ }
error:
gpgme_release(ctx);
@@ -745,10 +763,22 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier,
if(key_search(handle, result->key.fingerprint, &fetch_key) == 1) {
_alpm_log(handle, ALPM_LOG_DEBUG,
"unknown key, found %s on keyserver\n", fetch_key.uid);
- QUESTION(handle, ALPM_QUESTION_IMPORT_KEY,
- &fetch_key, NULL, NULL, &answer);
- if(answer && !key_import(handle, &fetch_key)) {
- retry = 1;
+ if(!_alpm_access(handle, handle->gpgdir, "pubring.gpg", W_OK)) {
+ QUESTION(handle, ALPM_QUESTION_IMPORT_KEY,
+ &fetch_key, NULL, NULL, &answer);
+ if(answer) {
+ if(key_import(handle, &fetch_key) == 0) {
+ retry = 1;
+ } else {
+ _alpm_log(handle, ALPM_LOG_ERROR,
+ _("key \"%s\" could not be imported\n"), fetch_key.uid);
+ }
+ }
+ } else {
+ /* keyring directory was not writable, so we don't even try */
+ _alpm_log(handle, ALPM_LOG_WARNING,
+ _("key %s, \"%s\" found on keyserver, keyring is not writable\n"),
+ fetch_key.fingerprint, fetch_key.uid);
}
} else {
_alpm_log(handle, ALPM_LOG_DEBUG,