summaryrefslogtreecommitdiffstats
path: root/lib/libalpm/signing.c
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-08-15 15:56:58 +0200
committerDan McGee <dan@archlinux.org>2011-08-15 22:15:11 +0200
commit11f4a7a48ebd52c69345c3baced5b14974931643 (patch)
tree4250d09bf3f4cff6a606009a64238d70e7307e08 /lib/libalpm/signing.c
parent855bc16a9eb21348be8b43273668269383aaaf96 (diff)
downloadpacman-11f4a7a48ebd52c69345c3baced5b14974931643.tar.gz
pacman-11f4a7a48ebd52c69345c3baced5b14974931643.tar.xz
Only check necessary signatures and checksums
The precedence goes as follows: signature > sha256sum > md5sum Add some logic and helper methods to check what we have available when loading a package, and then only check what is necessary to verify the package. This should speed up sync database verifies as we no longer will be doing both a checksum and a signature validation. Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm/signing.c')
-rw-r--r--lib/libalpm/signing.c34
1 files changed, 27 insertions, 7 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 7521e3ad..cdbdc31a 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -186,6 +186,28 @@ error:
return 1;
}
+
+/**
+ * Form a signature path given a file path.
+ * Caller must free the result.
+ * @param handle the context handle
+ * @param path the full path to a file
+ * @return the path with '.sig' appended, NULL on errors
+ */
+char *_alpm_sigpath(alpm_handle_t *handle, const char *path)
+{
+ char *sigpath;
+ size_t len;
+
+ if(!path) {
+ return NULL;
+ }
+ len = strlen(path) + 5;
+ CALLOC(sigpath, len, sizeof(char), RET_ERR(handle, ALPM_ERR_MEMORY, NULL));
+ sprintf(sigpath, "%s.sig", path);
+ return sigpath;
+}
+
/**
* Check the PGP signature for the given file path.
* If base64_sig is provided, it will be used as the signature data after
@@ -226,13 +248,9 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path,
result->count = 0;
if(!base64_sig) {
- size_t len = strlen(path) + 5;
- CALLOC(sigpath, len, sizeof(char), RET_ERR(handle, ALPM_ERR_MEMORY, -1));
- snprintf(sigpath, len, "%s.sig", path);
-
- if(!_alpm_access(handle, NULL, sigpath, R_OK) == 0) {
- /* sigcount is 0 */
- }
+ sigpath = _alpm_sigpath(handle, path);
+ /* this will just help debugging */
+ _alpm_access(handle, NULL, sigpath, R_OK);
}
if(init_gpgme(handle)) {
@@ -274,6 +292,8 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path,
/* file-based, it is on disk */
sigfile = fopen(sigpath, "rb");
if(sigfile == NULL) {
+ _alpm_log(handle, ALPM_LOG_DEBUG, "sig path %s could not be opened\n",
+ sigpath);
handle->pm_errno = ALPM_ERR_SIG_MISSING;
goto error;
}