From 88746ec067c00a9e81f4323aa857a5bcf37258ad Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Sun, 7 Dec 2008 13:01:28 -0600 Subject: Read in .sig files when opening a package file If a .sig file sits side-by-side on the filesystem with a package archive, read it in during the package struct creation process so we can verify it at a later time if necessary. Signed-off-by: Dan McGee Signed-off-by: Allan McRae --- lib/libalpm/be_package.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 48 insertions(+), 1 deletion(-) (limited to 'lib/libalpm/be_package.c') diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index fbd2c0c7..e8d26aa7 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -251,11 +251,57 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full) RET_ERR(PM_ERR_WRONG_ARGS, NULL); } - if(stat(pkgfile, &st) != 0) { + /* attempt to stat the package file, ensure it exists */ + if(stat(pkgfile, &st) == 0) { + char *pgpfile; + + newpkg = _alpm_pkg_new(); + if(newpkg == NULL) { + RET_ERR(PM_ERR_MEMORY, NULL); + } + newpkg->filename = strdup(pkgfile); + newpkg->size = st.st_size; + + /* look around for a PGP signature file; load if available */ + MALLOC(pgpfile, strlen(pkgfile) + 5, RET_ERR(PM_ERR_MEMORY, NULL)); + sprintf(pgpfile, "%s.sig", pkgfile); + if(access(pgpfile, R_OK) == 0) { + FILE *f; + long bytes; + size_t bytes_read; + f = fopen(pgpfile, "rb"); + fseek(f, 0L, SEEK_END); + bytes = ftell(f); + fseek(f, 0L, SEEK_SET); + /* don't read the file in if it is obviously not the size of a sig */ + if(bytes == 72) { + CALLOC(newpkg->pgpsig.rawdata, bytes, sizeof(char), + RET_ERR(PM_ERR_MEMORY, NULL)); + bytes_read = fread(newpkg->pgpsig.rawdata, sizeof(char), bytes, f); + if(bytes_read == (size_t)bytes) { + newpkg->pgpsig.rawlen = bytes; + _alpm_log(PM_LOG_DEBUG, + "loaded package .sig file, location %s\n", pgpfile); + } else { + _alpm_log(PM_LOG_WARNING, _("Failed reading PGP signature file for %s"), + pkgfile); + } + } else { + _alpm_log(PM_LOG_WARNING, _("PGP signature file for %s was abnormal" + " (had length %ld), skipping\n"), pkgfile, bytes); + } + fclose(f); + } else { + _alpm_log(PM_LOG_DEBUG, "no package signature file found\n"); + } + FREE(pgpfile); + } else { + /* couldn't stat the pkgfile, return an error */ RET_ERR(PM_ERR_PKG_OPEN, NULL); } if((archive = archive_read_new()) == NULL) { + alpm_pkg_free(newpkg); RET_ERR(PM_ERR_LIBARCHIVE, NULL); } @@ -264,6 +310,7 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full) if (archive_read_open_filename(archive, pkgfile, ARCHIVE_DEFAULT_BYTES_PER_BLOCK) != ARCHIVE_OK) { + alpm_pkg_free(newpkg); RET_ERR(PM_ERR_PKG_OPEN, NULL); } -- cgit v1.2.3-24-g4f1b