diff options
author | Dan McGee <dan@archlinux.org> | 2011-08-15 15:56:58 +0200 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2011-08-15 22:15:11 +0200 |
commit | 11f4a7a48ebd52c69345c3baced5b14974931643 (patch) | |
tree | 4250d09bf3f4cff6a606009a64238d70e7307e08 /lib/libalpm/be_package.c | |
parent | 855bc16a9eb21348be8b43273668269383aaaf96 (diff) | |
download | pacman-11f4a7a48ebd52c69345c3baced5b14974931643.tar.gz pacman-11f4a7a48ebd52c69345c3baced5b14974931643.tar.xz |
Only check necessary signatures and checksums
The precedence goes as follows: signature > sha256sum > md5sum
Add some logic and helper methods to check what we have available when
loading a package, and then only check what is necessary to verify the
package. This should speed up sync database verifies as we no longer
will be doing both a checksum and a signature validation.
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm/be_package.c')
-rw-r--r-- | lib/libalpm/be_package.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 3b5b0d0c..80287542 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -288,8 +288,7 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle, const char *pkgfile, int full, const char *md5sum, const char *sha256sum, const char *base64_sig, alpm_siglevel_t level) { - int ret; - int config = 0; + int ret, skip_checksums, config = 0; struct archive *archive; struct archive_entry *entry; alpm_pkg_t *newpkg = NULL; @@ -314,9 +313,22 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle, const char *pkgfile, RET_ERR(handle, ALPM_ERR_PKG_OPEN, NULL); } - /* first steps- validate the package file */ + /* can we get away with skipping checksums? */ + skip_checksums = 0; + if(level & ALPM_SIG_PACKAGE) { + if(base64_sig) { + skip_checksums = 1; + } else { + char *sigpath = _alpm_sigpath(handle, pkgfile); + if(sigpath && !_alpm_access(handle, NULL, sigpath, R_OK)) { + skip_checksums = 1; + } + free(sigpath); + } + } + _alpm_log(handle, ALPM_LOG_DEBUG, "md5sum: %s\n", md5sum); - if(md5sum) { + if(!skip_checksums && md5sum && !sha256sum) { _alpm_log(handle, ALPM_LOG_DEBUG, "checking md5sum for %s\n", pkgfile); if(_alpm_test_checksum(pkgfile, md5sum, ALPM_CSUM_MD5) != 0) { alpm_pkg_free(newpkg); @@ -325,7 +337,7 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle, const char *pkgfile, } _alpm_log(handle, ALPM_LOG_DEBUG, "sha256sum: %s\n", sha256sum); - if(sha256sum) { + if(!skip_checksums && sha256sum) { _alpm_log(handle, ALPM_LOG_DEBUG, "checking sha256sum for %s\n", pkgfile); if(_alpm_test_checksum(pkgfile, sha256sum, ALPM_CSUM_SHA256) != 0) { alpm_pkg_free(newpkg); |