From 11f4a7a48ebd52c69345c3baced5b14974931643 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Mon, 15 Aug 2011 08:56:58 -0500 Subject: Only check necessary signatures and checksums The precedence goes as follows: signature > sha256sum > md5sum Add some logic and helper methods to check what we have available when loading a package, and then only check what is necessary to verify the package. This should speed up sync database verifies as we no longer will be doing both a checksum and a signature validation. Signed-off-by: Dan McGee --- lib/libalpm/be_package.c | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) (limited to 'lib/libalpm/be_package.c') diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index 3b5b0d0c..80287542 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -288,8 +288,7 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle, const char *pkgfile, int full, const char *md5sum, const char *sha256sum, const char *base64_sig, alpm_siglevel_t level) { - int ret; - int config = 0; + int ret, skip_checksums, config = 0; struct archive *archive; struct archive_entry *entry; alpm_pkg_t *newpkg = NULL; @@ -314,9 +313,22 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle, const char *pkgfile, RET_ERR(handle, ALPM_ERR_PKG_OPEN, NULL); } - /* first steps- validate the package file */ + /* can we get away with skipping checksums? */ + skip_checksums = 0; + if(level & ALPM_SIG_PACKAGE) { + if(base64_sig) { + skip_checksums = 1; + } else { + char *sigpath = _alpm_sigpath(handle, pkgfile); + if(sigpath && !_alpm_access(handle, NULL, sigpath, R_OK)) { + skip_checksums = 1; + } + free(sigpath); + } + } + _alpm_log(handle, ALPM_LOG_DEBUG, "md5sum: %s\n", md5sum); - if(md5sum) { + if(!skip_checksums && md5sum && !sha256sum) { _alpm_log(handle, ALPM_LOG_DEBUG, "checking md5sum for %s\n", pkgfile); if(_alpm_test_checksum(pkgfile, md5sum, ALPM_CSUM_MD5) != 0) { alpm_pkg_free(newpkg); @@ -325,7 +337,7 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle, const char *pkgfile, } _alpm_log(handle, ALPM_LOG_DEBUG, "sha256sum: %s\n", sha256sum); - if(sha256sum) { + if(!skip_checksums && sha256sum) { _alpm_log(handle, ALPM_LOG_DEBUG, "checking sha256sum for %s\n", pkgfile); if(_alpm_test_checksum(pkgfile, sha256sum, ALPM_CSUM_SHA256) != 0) { alpm_pkg_free(newpkg); -- cgit v1.2.3-24-g4f1b