Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/libalpm/alpm.h1
-rw-r--r--lib/libalpm/be_package.c6
-rw-r--r--lib/libalpm/error.c2
3 files changed, 8 insertions, 1 deletions
diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
index 2277a69c..806cd959 100644
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@@ -1267,6 +1267,7 @@ typedef enum _alpm_errno_t {
ALPM_ERR_PKG_INVALID,
ALPM_ERR_PKG_INVALID_CHECKSUM,
ALPM_ERR_PKG_INVALID_SIG,
+ ALPM_ERR_PKG_MISSING_SIG,
ALPM_ERR_PKG_OPEN,
ALPM_ERR_PKG_CANT_REMOVE,
ALPM_ERR_PKG_INVALID_NAME,
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
index cfe5fb36..5a709680 100644
--- a/lib/libalpm/be_package.c
+++ b/lib/libalpm/be_package.c
@@ -323,9 +323,13 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
}
/* even if we don't have a sig, run the check code if level tells us to */
- if(has_sig || level & ALPM_SIG_PACKAGE) {
+ if(level & ALPM_SIG_PACKAGE) {
const char *sig = syncpkg ? syncpkg->base64_sig : NULL;
_alpm_log(handle, ALPM_LOG_DEBUG, "sig data: %s\n", sig ? sig : "<from .sig>");
+ if(!has_sig && !(level & ALPM_SIG_PACKAGE_OPTIONAL)) {
+ handle->pm_errno = ALPM_ERR_PKG_MISSING_SIG;
+ return -1;
+ }
if(_alpm_check_pgp_helper(handle, pkgfile, sig,
level & ALPM_SIG_PACKAGE_OPTIONAL, level & ALPM_SIG_PACKAGE_MARGINAL_OK,
level & ALPM_SIG_PACKAGE_UNKNOWN_OK, sigdata)) {
diff --git a/lib/libalpm/error.c b/lib/libalpm/error.c
index a59f4fe1..86221807 100644
--- a/lib/libalpm/error.c
+++ b/lib/libalpm/error.c
@@ -111,6 +111,8 @@ const char SYMEXPORT *alpm_strerror(alpm_errno_t err)
return _("invalid or corrupted package (checksum)");
case ALPM_ERR_PKG_INVALID_SIG:
return _("invalid or corrupted package (PGP signature)");
+ case ALPM_ERR_PKG_MISSING_SIG:
+ return _("package missing required signature");
case ALPM_ERR_PKG_OPEN:
return _("cannot open package file");
case ALPM_ERR_PKG_CANT_REMOVE: