| index : pacman | |
| Archlinux32 fork of pacman | gitolite user |
| summaryrefslogtreecommitdiff |
| -rw-r--r-- | lib/libalpm/signing.c | 90 |
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 9bb9d0ad..8124e674 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -35,6 +35,7 @@ #include "util.h" #include "log.h" #include "alpm.h" +#include "handle.h" #if HAVE_LIBGPGME #define CHECK_ERR(void) do { \ @@ -104,28 +105,26 @@ static alpm_list_t *gpgme_list_sigsum(gpgme_sigsum_t sigsum) return summary; } -static int gpgme_init(void) +static int gpgme_init(pmhandle_t *handle) { static int init = 0; const char *version; gpgme_error_t err; gpgme_engine_info_t enginfo; - ALPM_LOG_FUNC; - if(init) { /* we already successfully initialized the library */ return 0; } - if(!alpm_option_get_signaturedir()) { - RET_ERR(PM_ERR_SIG_MISSINGDIR, 1); + if(!alpm_option_get_signaturedir(handle)) { + RET_ERR(handle, PM_ERR_SIG_MISSINGDIR, 1); } /* calling gpgme_check_version() returns the current version and runs * some internal library setup code */ version = gpgme_check_version(NULL); - _alpm_log(PM_LOG_DEBUG, "GPGME version: %s\n", version); + _alpm_log(handle, PM_LOG_DEBUG, "GPGME version: %s\n", version); gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL)); #ifdef LC_MESSAGES gpgme_set_locale(NULL, LC_MESSAGES, setlocale(LC_MESSAGES, NULL)); @@ -144,19 +143,19 @@ static int gpgme_init(void) /* set and check engine information */ err = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL, - alpm_option_get_signaturedir()); + alpm_option_get_signaturedir(handle)); CHECK_ERR(); err = gpgme_get_engine_info(&enginfo); CHECK_ERR(); - _alpm_log(PM_LOG_DEBUG, "GPGME engine info: file=%s, home=%s\n", + _alpm_log(handle, PM_LOG_DEBUG, "GPGME engine info: file=%s, home=%s\n", enginfo->file_name, enginfo->home_dir); init = 1; return 0; error: - _alpm_log(PM_LOG_ERROR, _("GPGME error: %s\n"), gpgme_strerror(err)); - RET_ERR(PM_ERR_GPGME, 1); + _alpm_log(handle, PM_LOG_ERROR, _("GPGME error: %s\n"), gpgme_strerror(err)); + RET_ERR(handle, PM_ERR_GPGME, 1); } /** @@ -196,12 +195,14 @@ error: /** * Check the PGP signature for the given file. + * @param handle the context handle * @param path the full path to a file * @param base64_sig PGP signature data in base64 encoding; if NULL, expect a * signature file next to 'path' * @return a int value : 0 (valid), 1 (invalid), -1 (an error occured) */ -int _alpm_gpgme_checksig(const char *path, const char *base64_sig) +int _alpm_gpgme_checksig(pmhandle_t *handle, const char *path, + const char *base64_sig) { int ret = 0; gpgme_error_t err; @@ -213,29 +214,27 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig) unsigned char *decoded_sigdata = NULL; FILE *file = NULL, *sigfile = NULL; - ALPM_LOG_FUNC; - if(!path || access(path, R_OK) != 0) { - RET_ERR(PM_ERR_NOT_A_FILE, -1); + RET_ERR(handle, PM_ERR_NOT_A_FILE, -1); } if(!base64_sig) { size_t len = strlen(path) + 5; - CALLOC(sigpath, len, sizeof(char), RET_ERR(PM_ERR_MEMORY, -1)); + CALLOC(sigpath, len, sizeof(char), RET_ERR(handle, PM_ERR_MEMORY, -1)); snprintf(sigpath, len, "%s.sig", path); if(!access(sigpath, R_OK) == 0) { FREE(sigpath); - RET_ERR(PM_ERR_SIG_UNKNOWN, -1); + RET_ERR(handle, PM_ERR_SIG_UNKNOWN, -1); } } - if(gpgme_init()) { + if(gpgme_init(handle)) { /* pm_errno was set in gpgme_init() */ return -1; } - _alpm_log(PM_LOG_DEBUG, "checking signature for %s\n", path); + _alpm_log(handle, PM_LOG_DEBUG, "checking signature for %s\n", path); memset(&ctx, 0, sizeof(ctx)); memset(&sigdata, 0, sizeof(sigdata)); @@ -247,7 +246,7 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig) /* create our necessary data objects to verify the signature */ file = fopen(path, "rb"); if(file == NULL) { - pm_errno = PM_ERR_NOT_A_FILE; + handle->pm_errno = PM_ERR_NOT_A_FILE; ret = -1; goto error; } @@ -270,7 +269,7 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig) /* file-based, it is on disk */ sigfile = fopen(sigpath, "rb"); if(sigfile == NULL) { - pm_errno = PM_ERR_NOT_A_FILE; + handle->pm_errno = PM_ERR_NOT_A_FILE; ret = -1; goto error; } @@ -289,7 +288,7 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig) count++; gpgsig = gpgsig->next; } - _alpm_log(PM_LOG_ERROR, _("Unexpected number of signatures (%d)\n"), + _alpm_log(handle, PM_LOG_ERROR, _("Unexpected number of signatures (%d)\n"), count); ret = -1; goto error; @@ -298,42 +297,42 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig) { alpm_list_t *summary_list, *summary; - _alpm_log(PM_LOG_DEBUG, "fingerprint: %s\n", gpgsig->fpr); + _alpm_log(handle, PM_LOG_DEBUG, "fingerprint: %s\n", gpgsig->fpr); summary_list = gpgme_list_sigsum(gpgsig->summary); for(summary = summary_list; summary; summary = summary->next) { - _alpm_log(PM_LOG_DEBUG, "summary: %s\n", (const char *)summary->data); + _alpm_log(handle, PM_LOG_DEBUG, "summary: %s\n", (const char *)summary->data); } alpm_list_free(summary_list); - _alpm_log(PM_LOG_DEBUG, "status: %s\n", gpgme_strerror(gpgsig->status)); - _alpm_log(PM_LOG_DEBUG, "timestamp: %lu\n", gpgsig->timestamp); - _alpm_log(PM_LOG_DEBUG, "exp_timestamp: %lu\n", gpgsig->exp_timestamp); - _alpm_log(PM_LOG_DEBUG, "validity: %s\n", + _alpm_log(handle, PM_LOG_DEBUG, "status: %s\n", gpgme_strerror(gpgsig->status)); + _alpm_log(handle, PM_LOG_DEBUG, "timestamp: %lu\n", gpgsig->timestamp); + _alpm_log(handle, PM_LOG_DEBUG, "exp_timestamp: %lu\n", gpgsig->exp_timestamp); + _alpm_log(handle, PM_LOG_DEBUG, "validity: %s\n", gpgme_string_validity(gpgsig->validity)); - _alpm_log(PM_LOG_DEBUG, "validity_reason: %s\n", + _alpm_log(handle, PM_LOG_DEBUG, "validity_reason: %s\n", gpgme_strerror(gpgsig->validity_reason)); - _alpm_log(PM_LOG_DEBUG, "pubkey algo: %s\n", + _alpm_log(handle, PM_LOG_DEBUG, "pubkey algo: %s\n", gpgme_pubkey_algo_name(gpgsig->pubkey_algo)); - _alpm_log(PM_LOG_DEBUG, "hash algo: %s\n", + _alpm_log(handle, PM_LOG_DEBUG, "hash algo: %s\n", gpgme_hash_algo_name(gpgsig->hash_algo)); } if(gpgsig->summary & GPGME_SIGSUM_VALID) { /* good signature, continue */ - _alpm_log(PM_LOG_DEBUG, _("File %s has a valid signature.\n"), + _alpm_log(handle, PM_LOG_DEBUG, _("File %s has a valid signature.\n"), path); } else if(gpgsig->summary & GPGME_SIGSUM_GREEN) { /* 'green' signature, not sure what to do here */ - _alpm_log(PM_LOG_WARNING, _("File %s has a green signature.\n"), + _alpm_log(handle, PM_LOG_WARNING, _("File %s has a green signature.\n"), path); } else if(gpgsig->summary & GPGME_SIGSUM_KEY_MISSING) { - pm_errno = PM_ERR_SIG_UNKNOWN; - _alpm_log(PM_LOG_WARNING, _("File %s has a signature from an unknown key.\n"), + handle->pm_errno = PM_ERR_SIG_UNKNOWN; + _alpm_log(handle, PM_LOG_WARNING, _("File %s has a signature from an unknown key.\n"), path); ret = -1; } else { /* we'll capture everything else here */ - pm_errno = PM_ERR_SIG_INVALID; - _alpm_log(PM_LOG_ERROR, _("File %s has an invalid signature.\n"), + handle->pm_errno = PM_ERR_SIG_INVALID; + _alpm_log(handle, PM_LOG_ERROR, _("File %s has an invalid signature.\n"), path); ret = 1; } @@ -351,13 +350,14 @@ error: FREE(sigpath); FREE(decoded_sigdata); if(err != GPG_ERR_NO_ERROR) { - _alpm_log(PM_LOG_ERROR, _("GPGME error: %s\n"), gpgme_strerror(err)); - RET_ERR(PM_ERR_GPGME, -1); + _alpm_log(handle, PM_LOG_ERROR, _("GPGME error: %s\n"), gpgme_strerror(err)); + RET_ERR(handle, PM_ERR_GPGME, -1); } return ret; } #else -int _alpm_gpgme_checksig(const char *path, const char *base64_sig) +int _alpm_gpgme_checksig(pmhandle_t *handle, const char *path, + const char *base64_sig) { return -1; } @@ -371,13 +371,10 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig) */ pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db) { - ALPM_LOG_FUNC; - ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_PGP_VERIFY_UNKNOWN)); - if(db->pgp_verify != PM_PGP_VERIFY_UNKNOWN) { return db->pgp_verify; } else { - return alpm_option_get_default_sigverify(); + return alpm_option_get_default_sigverify(db->handle); } } @@ -388,10 +385,10 @@ pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db) */ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) { - ALPM_LOG_FUNC; ASSERT(pkg != NULL, return 0); - return _alpm_gpgme_checksig(alpm_pkg_get_filename(pkg), pkg->base64_sig); + return _alpm_gpgme_checksig(pkg->handle, alpm_pkg_get_filename(pkg), + pkg->base64_sig); } /** @@ -401,10 +398,9 @@ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) */ int SYMEXPORT alpm_db_check_pgp_signature(pmdb_t *db) { - ALPM_LOG_FUNC; ASSERT(db != NULL, return 0); - return _alpm_gpgme_checksig(_alpm_db_path(db), NULL); + return _alpm_gpgme_checksig(db->handle, _alpm_db_path(db), NULL); } /* vim: set ts=2 sw=2 noet: */ |