From 7af0ab1cde9398c938a7a221aca5787934a16121 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Mon, 27 Jun 2011 16:29:49 -0500 Subject: signing: move to new signing verification and return scheme This gives us more granularity than the former Never/Optional/Always trifecta. The frontend still uses these values temporarily but that will be changed in a future patch. * Use 'siglevel' consistenly in method names, 'level' as variable name * The level becomes an enum bitmask value for flexibility * Signature check methods now return a array of status codes rather than a simple integer success/failure value. This allows callers to determine whether things such as an unknown signature are valid. * Specific signature error codes mostly disappear in favor of the above returned status code; pm_errno is now set only to PKG_INVALID_SIG or DB_INVALID_SIG as appropriate. Signed-off-by: Dan McGee --- lib/libalpm/be_sync.c | 30 +++++++++++++----------------- 1 file changed, 13 insertions(+), 17 deletions(-) (limited to 'lib/libalpm/be_sync.c') diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c index 368accea..d5d797cf 100644 --- a/lib/libalpm/be_sync.c +++ b/lib/libalpm/be_sync.c @@ -69,7 +69,7 @@ static char *get_sync_dir(alpm_handle_t *handle) static int sync_db_validate(alpm_db_t *db) { - pgp_verify_t check_sig; + alpm_siglevel_t level; if(db->status & DB_STATUS_VALID) { return 0; @@ -77,10 +77,9 @@ static int sync_db_validate(alpm_db_t *db) /* this takes into account the default verification level if UNKNOWN * was assigned to this db */ - check_sig = alpm_db_get_sigverify_level(db); + level = alpm_db_get_siglevel(db); - if(check_sig != PM_PGP_VERIFY_NEVER) { - int ret; + if(level & ALPM_SIG_DATABASE) { const char *dbpath = _alpm_db_path(db); if(!dbpath) { /* pm_errno set in _alpm_db_path() */ @@ -93,12 +92,10 @@ static int sync_db_validate(alpm_db_t *db) return 0; } - _alpm_log(db->handle, ALPM_LOG_DEBUG, "checking signature for %s\n", - db->treename); - ret = _alpm_gpgme_checksig(db->handle, dbpath, NULL); - if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) || - (check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) { - RET_ERR(db->handle, ALPM_ERR_SIG_INVALID, -1); + if(_alpm_check_pgp_helper(db->handle, dbpath, NULL, + level & ALPM_SIG_DATABASE_OPTIONAL, level & ALPM_SIG_DATABASE_MARGINAL_OK, + level & ALPM_SIG_DATABASE_UNKNOWN_OK, ALPM_ERR_DB_INVALID_SIG)) { + return 1; } } @@ -149,7 +146,7 @@ int SYMEXPORT alpm_db_update(int force, alpm_db_t *db) int ret = -1; mode_t oldmask; alpm_handle_t *handle; - pgp_verify_t check_sig; + alpm_siglevel_t level; /* Sanity checks */ ASSERT(db != NULL, return -1); @@ -166,7 +163,7 @@ int SYMEXPORT alpm_db_update(int force, alpm_db_t *db) /* make sure we have a sane umask */ oldmask = umask(0022); - check_sig = alpm_db_get_sigverify_level(db); + level = alpm_db_get_siglevel(db); /* attempt to grab a lock */ if(_alpm_handle_lock(handle)) { @@ -186,8 +183,7 @@ int SYMEXPORT alpm_db_update(int force, alpm_db_t *db) ret = _alpm_download(handle, fileurl, syncpath, force, 0, 0); - if(ret == 0 && (check_sig == PM_PGP_VERIFY_ALWAYS || - check_sig == PM_PGP_VERIFY_OPTIONAL)) { + if(ret == 0 && (level & ALPM_SIG_DATABASE)) { /* an existing sig file is no good at this point */ char *sigpath = _alpm_db_sig_path(db); if(!sigpath) { @@ -197,7 +193,7 @@ int SYMEXPORT alpm_db_update(int force, alpm_db_t *db) unlink(sigpath); free(sigpath); - int errors_ok = (check_sig == PM_PGP_VERIFY_OPTIONAL); + int errors_ok = (level & ALPM_SIG_DATABASE_OPTIONAL); /* if we downloaded a DB, we want the .sig from the same server */ snprintf(fileurl, len, "%s/%s.db.sig", server, db->treename); @@ -586,7 +582,7 @@ struct db_operations sync_db_ops = { }; alpm_db_t *_alpm_db_register_sync(alpm_handle_t *handle, const char *treename, - pgp_verify_t level) + alpm_siglevel_t level) { alpm_db_t *db; @@ -598,7 +594,7 @@ alpm_db_t *_alpm_db_register_sync(alpm_handle_t *handle, const char *treename, } db->ops = &sync_db_ops; db->handle = handle; - db->pgp_verify = level; + db->siglevel = level; if(sync_db_validate(db)) { _alpm_db_free(db); -- cgit v1.2.3-24-g4f1b