diff options
| -rw-r--r-- | lib/libalpm/alpm.h | 7 | ||||
| -rw-r--r-- | lib/libalpm/be_package.c | 34 | ||||
| -rw-r--r-- | lib/libalpm/package.h | 4 | ||||
| -rw-r--r-- | lib/libalpm/sync.c | 40 | ||||
| -rw-r--r-- | src/pacman/query.c | 2 | ||||
| -rw-r--r-- | src/pacman/sync.c | 3 | ||||
| -rw-r--r-- | src/pacman/upgrade.c | 3 | ||||
| -rw-r--r-- | src/util/testpkg.c | 3 |
8 files changed, 54 insertions, 42 deletions
diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 8d58b7c4..c4f6cc0f 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -382,11 +382,14 @@ int alpm_db_set_pkgreason(pmdb_t *db, const char *name, pmpkgreason_t reason); * The allocated structure should be freed using alpm_pkg_free(). * @param filename location of the package tarball * @param full whether to stop the load after metadata is read or continue - * through the full archive + * through the full archive + * @param check_sig what level of package signature checking to perform on the + * package; note that this must be a '.sig' file type verification * @param pkg address of the package pointer * @return 0 on success, -1 on error (pm_errno is set accordingly) */ -int alpm_pkg_load(const char *filename, int full, pmpkg_t **pkg); +int alpm_pkg_load(const char *filename, int full, pgp_verify_t check_sig, + pmpkg_t **pkg); /** Free a package. * @param pkg package pointer to free diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 6e65c7dd..20445756 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -226,9 +226,10 @@ static int parse_descfile(struct archive *a, pmpkg_t *newpkg) * through the full archive * @return An information filled pmpkg_t struct */ -static pmpkg_t *pkg_load(const char *pkgfile, int full) +pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full, + const char *md5sum, const char *base64_sig, pgp_verify_t check_sig) { - int ret = ARCHIVE_OK; + int ret; int config = 0; struct archive *archive; struct archive_entry *entry; @@ -254,6 +255,27 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full) RET_ERR(PM_ERR_PKG_OPEN, NULL); } + /* first steps- validate the package file */ + _alpm_log(PM_LOG_DEBUG, "md5sum: %s\n", md5sum); + if(md5sum) { + _alpm_log(PM_LOG_DEBUG, "checking md5sum for %s\n", pkgfile); + if(_alpm_test_md5sum(pkgfile, md5sum) != 0) { + alpm_pkg_free(newpkg); + RET_ERR(PM_ERR_PKG_INVALID, NULL); + } + } + + _alpm_log(PM_LOG_DEBUG, "base64_sig: %s\n", base64_sig); + if(check_sig != PM_PGP_VERIFY_NEVER) { + _alpm_log(PM_LOG_DEBUG, "checking signature for %s\n", pkgfile); + ret = _alpm_gpgme_checksig(pkgfile, base64_sig); + if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) || + (check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) { + RET_ERR(PM_ERR_SIG_INVALID, NULL); + } + } + + /* next- try to create an archive object to read in the package */ if((archive = archive_read_new()) == NULL) { alpm_pkg_free(newpkg); RET_ERR(PM_ERR_LIBARCHIVE, NULL); @@ -332,7 +354,6 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full) /* internal fields for package struct */ newpkg->origin = PKG_FROM_FILE; - /* TODO eventually kill/move this? */ newpkg->origin_data.file = strdup(pkgfile); newpkg->ops = get_file_pkg_ops(); @@ -359,16 +380,15 @@ error: return NULL; } -int SYMEXPORT alpm_pkg_load(const char *filename, int full, pmpkg_t **pkg) +int SYMEXPORT alpm_pkg_load(const char *filename, int full, + pgp_verify_t check_sig, pmpkg_t **pkg) { ALPM_LOG_FUNC; /* Sanity checks */ - ASSERT(filename != NULL && strlen(filename) != 0, - RET_ERR(PM_ERR_WRONG_ARGS, -1)); ASSERT(pkg != NULL, RET_ERR(PM_ERR_WRONG_ARGS, -1)); - *pkg = pkg_load(filename, full); + *pkg = _alpm_pkg_load_internal(filename, full, NULL, NULL, check_sig); if(*pkg == NULL) { /* pm_errno is set by pkg_load */ return -1; diff --git a/lib/libalpm/package.h b/lib/libalpm/package.h index 390dcd95..debb239c 100644 --- a/lib/libalpm/package.h +++ b/lib/libalpm/package.h @@ -139,6 +139,10 @@ pmpkg_t* _alpm_pkg_new(void); pmpkg_t *_alpm_pkg_dup(pmpkg_t *pkg); void _alpm_pkg_free(pmpkg_t *pkg); void _alpm_pkg_free_trans(pmpkg_t *pkg); + +pmpkg_t *_alpm_pkg_load_internal(const char *filename, int full, + const char *md5sum, const char *base64_sig, pgp_verify_t check_sig); + int _alpm_pkg_cmp(const void *p1, const void *p2); int _alpm_pkg_compare_versions(pmpkg_t *local_pkg, pmpkg_t *pkg); pmpkg_t *_alpm_pkg_find(alpm_list_t *haystack, const char *needle); diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c index a702bac5..4b42af4d 100644 --- a/lib/libalpm/sync.c +++ b/lib/libalpm/sync.c @@ -862,45 +862,27 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data) for(i = trans->add; i; i = i->next, current++) { pmpkg_t *spkg = i->data; int percent = (current * 100) / numtargs; + const char *filename; + char *filepath; + pgp_verify_t check_sig; + + PROGRESS(trans, PM_TRANS_PROGRESS_INTEGRITY_START, "", percent, + numtargs, current); if(spkg->origin == PKG_FROM_FILE) { continue; /* pkg_load() has been already called, this package is valid */ } - PROGRESS(trans, PM_TRANS_PROGRESS_INTEGRITY_START, "", percent, - numtargs, current); - const char *filename = alpm_pkg_get_filename(spkg); - char *filepath = _alpm_filecache_find(filename); - const char *md5sum = alpm_pkg_get_md5sum(spkg); - pgp_verify_t check_sig; - - /* check md5sum first */ - if(test_md5sum(trans, filepath, md5sum) != 0) { - errors++; - *data = alpm_list_add(*data, strdup(filename)); - FREE(filepath); - continue; - } - /* check PGP signature next */ + filename = alpm_pkg_get_filename(spkg); + filepath = _alpm_filecache_find(filename); pmdb_t *sdb = alpm_pkg_get_db(spkg); - check_sig = _alpm_db_get_sigverify_level(sdb); - if(check_sig != PM_PGP_VERIFY_NEVER) { - int ret = _alpm_gpgme_checksig(filepath, spkg->base64_sig); - if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) || - (check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) { - errors++; - *data = alpm_list_add(*data, strdup(filename)); - FREE(filepath); - continue; - } - } /* load the package file and replace pkgcache entry with it in the target list */ /* TODO: alpm_pkg_get_db() will not work on this target anymore */ _alpm_log(PM_LOG_DEBUG, "replacing pkgcache entry with package file for target %s\n", spkg->name); - pmpkg_t *pkgfile; - if(alpm_pkg_load(filepath, 1, &pkgfile) != 0) { - _alpm_pkg_free(pkgfile); + pmpkg_t *pkgfile =_alpm_pkg_load_internal(filepath, 1, spkg->md5sum, + spkg->base64_sig, check_sig); + if(!pkgfile) { errors++; *data = alpm_list_add(*data, strdup(filename)); FREE(filepath); diff --git a/src/pacman/query.c b/src/pacman/query.c index eaf3b9e0..5ca52c38 100644 --- a/src/pacman/query.c +++ b/src/pacman/query.c @@ -547,7 +547,7 @@ int pacman_query(alpm_list_t *targets) char *strname = alpm_list_getdata(i); if(config->op_q_isfile) { - alpm_pkg_load(strname, 1, &pkg); + alpm_pkg_load(strname, 1, PM_PGP_VERIFY_OPTIONAL, &pkg); } else { pkg = alpm_db_get_pkg(db_local, strname); } diff --git a/src/pacman/sync.c b/src/pacman/sync.c index 5529288b..5fb8c346 100644 --- a/src/pacman/sync.c +++ b/src/pacman/sync.c @@ -211,7 +211,8 @@ static int sync_cleancache(int level) /* attempt to load the package, prompt removal on failures as we may have * files here that aren't valid packages. we also don't need a full * load of the package, just the metadata. */ - if(alpm_pkg_load(path, 0, &localpkg) != 0 || localpkg == NULL) { + if(alpm_pkg_load(path, 0, PM_PGP_VERIFY_NEVER, &localpkg) != 0 + || localpkg == NULL) { if(yesno(_("File %s does not seem to be a valid package, remove it?"), path)) { if(localpkg) { alpm_pkg_free(localpkg); diff --git a/src/pacman/upgrade.c b/src/pacman/upgrade.c index 5b894001..0ffc94c4 100644 --- a/src/pacman/upgrade.c +++ b/src/pacman/upgrade.c @@ -42,6 +42,7 @@ int pacman_upgrade(alpm_list_t *targets) { alpm_list_t *i, *data = NULL; + pgp_verify_t check_sig = alpm_option_get_default_sigverify(); int retval = 0; if(targets == NULL) { @@ -75,7 +76,7 @@ int pacman_upgrade(alpm_list_t *targets) char *targ = alpm_list_getdata(i); pmpkg_t *pkg; - if(alpm_pkg_load(targ, 1, &pkg) != 0) { + if(alpm_pkg_load(targ, 1, check_sig, &pkg) != 0) { pm_fprintf(stderr, PM_LOG_ERROR, "'%s': %s\n", targ, alpm_strerrorlast()); trans_release(); diff --git a/src/util/testpkg.c b/src/util/testpkg.c index e562dde2..ad6ec30b 100644 --- a/src/util/testpkg.c +++ b/src/util/testpkg.c @@ -55,7 +55,8 @@ int main(int argc, char *argv[]) /* let us get log messages from libalpm */ alpm_option_set_logcb(output_cb); - if(alpm_pkg_load(argv[1], 1, &pkg) == -1 || pkg == NULL) { + if(alpm_pkg_load(argv[1], 1, PM_PGP_VERIFY_OPTIONAL, &pkg) == -1 + || pkg == NULL) { switch(pm_errno) { case PM_ERR_PKG_OPEN: printf("Cannot open the given file.\n"); |