diff options
| author | Dave Reisner <d@falconindy.com> | 2011-03-26 02:40:16 +0100 |
|---|---|---|
| committer | Dan McGee <dan@archlinux.org> | 2011-04-21 02:42:01 +0200 |
| commit | 6760ec2b770e65f2aae9cfd39135cefd49961195 (patch) | |
| tree | 1cff3dd732c5a4e6a7c262c8163e32e52eb7f6d5 /lib/libalpm/signing.c | |
| parent | 2c8c763723b43ddcb865aab325afc9c76907cb64 (diff) | |
| download | pacman-6760ec2b770e65f2aae9cfd39135cefd49961195.tar.gz pacman-6760ec2b770e65f2aae9cfd39135cefd49961195.tar.xz | |
Allow VerifySig to act as a default verification in [options]
* add _alpm_db_get_sigverify_level
* add alpm_option_{get,set}_default_sigverify
And set the default verification level to OPTIONAL if not set otherwise.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm/signing.c')
| -rw-r--r-- | lib/libalpm/signing.c | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 2301bba4..a7cb041d 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -249,9 +249,27 @@ int _alpm_load_signature(const char *sigfile, pmpgpsig_t *pgpsig) { } /** + * Determines the necessity of checking for a valid PGP signature + * @param db the sync database to query + * + * @return signature verification level + */ +pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db) +{ + ALPM_LOG_FUNC; + ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_PGP_VERIFY_UNKNOWN)); + + if(db->pgp_verify != PM_PGP_VERIFY_UNKNOWN) { + return db->pgp_verify; + } else { + return alpm_option_get_default_sigverify(); + } +} + +/** * Check the PGP package signature for the given package file. * @param pkg the package to check - * @return a int value : 0 (valid), 1 (invalid), -1 (an error occured) + * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred) */ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) { @@ -265,16 +283,15 @@ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg) /** * Check the PGP package signature for the given database. * @param db the database to check - * @return a int value : 0 (valid), 1 (invalid), -1 (an error occured) + * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred) */ int SYMEXPORT alpm_db_check_pgp_signature(pmdb_t *db) { ALPM_LOG_FUNC; - ASSERT(db != NULL, return(0)); + ASSERT(db != NULL, return 0); return _alpm_gpgme_checksig(_alpm_db_path(db), _alpm_db_pgpsig(db)); } - /* vim: set ts=2 sw=2 noet: */ |