From 7af0ab1cde9398c938a7a221aca5787934a16121 Mon Sep 17 00:00:00 2001
From: Dan McGee <dan@archlinux.org>
Date: Mon, 27 Jun 2011 16:29:49 -0500
Subject: signing: move to new signing verification and return scheme

This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.

* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
  a simple integer success/failure value. This allows callers to
  determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
  returned status code; pm_errno is now set only to PKG_INVALID_SIG or
  DB_INVALID_SIG as appropriate.

Signed-off-by: Dan McGee <dan@archlinux.org>
---
 lib/libalpm/db.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'lib/libalpm/db.c')

diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c
index 17f26e90..af27047f 100644
--- a/lib/libalpm/db.c
+++ b/lib/libalpm/db.c
@@ -45,8 +45,8 @@
  */
 
 /** Register a sync database of packages. */
-alpm_db_t SYMEXPORT *alpm_db_register_sync(alpm_handle_t *handle, const char *treename,
-		pgp_verify_t check_sig)
+alpm_db_t SYMEXPORT *alpm_db_register_sync(alpm_handle_t *handle,
+		const char *treename, alpm_siglevel_t level)
 {
 	/* Sanity checks */
 	CHECK_HANDLE(handle, return NULL);
@@ -55,7 +55,7 @@ alpm_db_t SYMEXPORT *alpm_db_register_sync(alpm_handle_t *handle, const char *tr
 	/* Do not register a database if a transaction is on-going */
 	ASSERT(handle->trans == NULL, RET_ERR(handle, ALPM_ERR_TRANS_NOT_NULL, NULL));
 
-	return _alpm_db_register_sync(handle, treename, check_sig);
+	return _alpm_db_register_sync(handle, treename, level);
 }
 
 /* Helper function for alpm_db_unregister{_all} */
@@ -220,13 +220,13 @@ const char SYMEXPORT *alpm_db_get_name(const alpm_db_t *db)
 }
 
 /** Get the signature verification level for a database. */
-pgp_verify_t SYMEXPORT alpm_db_get_sigverify_level(alpm_db_t *db)
+alpm_siglevel_t SYMEXPORT alpm_db_get_siglevel(alpm_db_t *db)
 {
 	ASSERT(db != NULL, return -1);
-	if(db->pgp_verify == PM_PGP_VERIFY_UNKNOWN) {
-		return alpm_option_get_default_sigverify(db->handle);
+	if(db->siglevel & ALPM_SIG_USE_DEFAULT) {
+		return alpm_option_get_default_siglevel(db->handle);
 	} else {
-		return db->pgp_verify;
+		return db->siglevel;
 	}
 }
 
@@ -323,7 +323,7 @@ alpm_db_t *_alpm_db_new(const char *treename, int is_local)
 	CALLOC(db, 1, sizeof(alpm_db_t), return NULL);
 	STRDUP(db->treename, treename, return NULL);
 	db->is_local = is_local;
-	db->pgp_verify = PM_PGP_VERIFY_UNKNOWN;
+	db->siglevel = 0;
 
 	return db;
 }
-- 
cgit v1.2.3-24-g4f1b