diff options
author | Dan McGee <dan@archlinux.org> | 2011-10-03 17:52:16 +0200 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2011-10-12 21:20:47 +0200 |
commit | 2a18171afa9ba8acf1123355f252b1189aefeeeb (patch) | |
tree | a44468c6b6d2a28fae8310a2bc1f29df102bf6ab /lib/libalpm | |
parent | 61c6ae01b3315c5db38ef5d313ac6f0b75fe2209 (diff) | |
download | pacman-2a18171afa9ba8acf1123355f252b1189aefeeeb.tar.gz pacman-2a18171afa9ba8acf1123355f252b1189aefeeeb.tar.xz |
signing: delay gpgme_init() until latest possible moment
In the default configuration, we can enter the signing code but still
have nothing to do with GPGME- for example, if database signatures are
optional but none are present. Delay initialization of GPGME until we
know there is a signature file present or we were passed base64-encoded
data.
This also makes debugging with valgrind a lot easier as you don't have
to deal with all the GPGME error noise because their code leaks like a
sieve.
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm')
-rw-r--r-- | lib/libalpm/signing.c | 46 |
1 files changed, 27 insertions, 19 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index c30cda09..4042efbd 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -370,7 +370,7 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path, const char *base64_sig, alpm_siglist_t *siglist) { int ret = -1, sigcount; - gpgme_error_t err; + gpgme_error_t err = 0; gpgme_ctx_t ctx; gpgme_data_t filedata, sigdata; gpgme_verify_result_t verify_result; @@ -394,9 +394,27 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path, _alpm_access(handle, NULL, sigpath, R_OK); } + /* does the file we are verifying exist? */ + file = fopen(path, "rb"); + if(file == NULL) { + handle->pm_errno = ALPM_ERR_NOT_A_FILE; + goto error; + } + + /* does the sig file exist (if we didn't get the data directly)? */ + if(!base64_sig) { + sigfile = fopen(sigpath, "rb"); + if(sigfile == NULL) { + _alpm_log(handle, ALPM_LOG_DEBUG, "sig path %s could not be opened\n", + sigpath); + handle->pm_errno = ALPM_ERR_SIG_MISSING; + goto error; + } + } + if(init_gpgme(handle)) { /* pm_errno was set in gpgme_init() */ - return -1; + goto error; } _alpm_log(handle, ALPM_LOG_DEBUG, "checking signature for %s\n", path); @@ -409,11 +427,6 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path, CHECK_ERR(); /* create our necessary data objects to verify the signature */ - file = fopen(path, "rb"); - if(file == NULL) { - handle->pm_errno = ALPM_ERR_NOT_A_FILE; - goto error; - } err = gpgme_data_new_from_stream(&filedata, file); CHECK_ERR(); @@ -425,19 +438,12 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path, &decoded_sigdata, &data_len); if(decode_ret) { handle->pm_errno = ALPM_ERR_SIG_INVALID; - goto error; + goto gpg_error; } err = gpgme_data_new_from_mem(&sigdata, (char *)decoded_sigdata, data_len, 0); } else { /* file-based, it is on disk */ - sigfile = fopen(sigpath, "rb"); - if(sigfile == NULL) { - _alpm_log(handle, ALPM_LOG_DEBUG, "sig path %s could not be opened\n", - sigpath); - handle->pm_errno = ALPM_ERR_SIG_MISSING; - goto error; - } err = gpgme_data_new_from_stream(&sigdata, sigfile); } CHECK_ERR(); @@ -450,14 +456,14 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path, if(!verify_result || !verify_result->signatures) { _alpm_log(handle, ALPM_LOG_DEBUG, "no signatures returned\n"); handle->pm_errno = ALPM_ERR_SIG_MISSING; - goto error; + goto gpg_error; } for(gpgsig = verify_result->signatures, sigcount = 0; gpgsig; gpgsig = gpgsig->next, sigcount++); _alpm_log(handle, ALPM_LOG_DEBUG, "%d signatures returned\n", sigcount); CALLOC(siglist->results, sigcount, sizeof(alpm_sigresult_t), - handle->pm_errno = ALPM_ERR_MEMORY; goto error); + handle->pm_errno = ALPM_ERR_MEMORY; goto gpg_error); siglist->count = sigcount; for(gpgsig = verify_result->signatures, sigcount = 0; gpgsig; @@ -488,7 +494,7 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path, err = GPG_ERR_NO_ERROR; /* we dupe the fpr in this case since we have no key to point at */ STRDUP(result->key.fingerprint, gpgsig->fpr, - handle->pm_errno = ALPM_ERR_MEMORY; goto error); + handle->pm_errno = ALPM_ERR_MEMORY; goto gpg_error); } else { CHECK_ERR(); if(key->uids) { @@ -555,10 +561,12 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path, ret = 0; -error: +gpg_error: gpgme_data_release(sigdata); gpgme_data_release(filedata); gpgme_release(ctx); + +error: if(sigfile) { fclose(sigfile); } |