From db3b86e7f34f4c3ccb42e98465f2069aa642a85f Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Tue, 7 Jun 2011 17:29:55 -0500 Subject: Do database signature checking at load time This is the ideal place to do it as all clients should be checking the return value and ensuring there are no errors. This is similar to pkg_load(). We also add an additional step of validation after we download a new database; a subsequent '-y' operation can potentially invalidate the original check at registration time. Note that this implementation is still a bit naive; if a signature is invalid it is currently impossible to refresh and re-download the file without manually deleting it first. Similarly, if one downloads a database and the check fails, the database object is still there and can be used. These shortcomings will be addressed in a future commit. Signed-off-by: Dan McGee --- lib/libalpm/db.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/libalpm/db.h') diff --git a/lib/libalpm/db.h b/lib/libalpm/db.h index e3faeeb4..c5fcd5f0 100644 --- a/lib/libalpm/db.h +++ b/lib/libalpm/db.h @@ -77,7 +77,8 @@ int _alpm_db_version(pmdb_t *db); int _alpm_db_cmp(const void *d1, const void *d2); alpm_list_t *_alpm_db_search(pmdb_t *db, const alpm_list_t *needles); pmdb_t *_alpm_db_register_local(pmhandle_t *handle); -pmdb_t *_alpm_db_register_sync(pmhandle_t *handle, const char *treename); +pmdb_t *_alpm_db_register_sync(pmhandle_t *handle, const char *treename, + pgp_verify_t level); void _alpm_db_unregister(pmdb_t *db); /* be_*.c, backend specific calls */ -- cgit v1.2.3-24-g4f1b From 1150d9e15aaea2ae1f259995d11442f491ef0af7 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Wed, 20 Apr 2011 19:54:01 -0500 Subject: Move database 'version' check to registration time This is another step toward doing both local database validation (ensuring we don't have depends files) and sync database validation (via signatures if present) when the database is registered. Signed-off-by: Dan McGee --- lib/libalpm/db.h | 1 - 1 file changed, 1 deletion(-) (limited to 'lib/libalpm/db.h') diff --git a/lib/libalpm/db.h b/lib/libalpm/db.h index c5fcd5f0..4541c258 100644 --- a/lib/libalpm/db.h +++ b/lib/libalpm/db.h @@ -46,7 +46,6 @@ typedef enum _pmdbinfrq_t { struct db_operations { int (*populate) (pmdb_t *); void (*unregister) (pmdb_t *); - int (*version) (pmdb_t *); }; /* Database */ -- cgit v1.2.3-24-g4f1b From 79e98316ea89486d107466858543e965bcfbb0a9 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Tue, 7 Jun 2011 20:42:15 -0500 Subject: Add a 'valid' flag to the database object Start by converting all of our flags to a 'status' bitmask (pkgcache status, grpcache status). Add a new 'valid' flag as well. This will let us keep track if the database itself has been marked valid in whatever fashion. For local databases at the moment we ensure there are no depends files; for sync databases we ensure the PGP signature is valid if required/requested. The loading of the pkgcache is prohibited if the database is invalid. Signed-off-by: Dan McGee --- lib/libalpm/db.h | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'lib/libalpm/db.h') diff --git a/lib/libalpm/db.h b/lib/libalpm/db.h index 4541c258..03187342 100644 --- a/lib/libalpm/db.h +++ b/lib/libalpm/db.h @@ -43,6 +43,13 @@ typedef enum _pmdbinfrq_t { INFRQ_ALL = 0x1F } pmdbinfrq_t; +/** Database status. Bitflags. */ +enum _pmdbstatus_t { + DB_STATUS_VALID = (1 << 0), + DB_STATUS_PKGCACHE = (1 << 1), + DB_STATUS_GRPCACHE = (1 << 2) +}; + struct db_operations { int (*populate) (pmdb_t *); void (*unregister) (pmdb_t *); @@ -54,10 +61,10 @@ struct __pmdb_t { char *treename; /* do not access directly, use _alpm_db_path(db) for lazy access */ char *_path; - int pkgcache_loaded; - int grpcache_loaded; /* also indicates whether we are RO or RW */ int is_local; + /* flags determining validity, loaded caches, etc. */ + enum _pmdbstatus_t status; pmpkghash_t *pkgcache; alpm_list_t *grpcache; alpm_list_t *servers; @@ -72,7 +79,6 @@ pmdb_t *_alpm_db_new(const char *treename, int is_local); void _alpm_db_free(pmdb_t *db); const char *_alpm_db_path(pmdb_t *db); char *_alpm_db_sig_path(pmdb_t *db); -int _alpm_db_version(pmdb_t *db); int _alpm_db_cmp(const void *d1, const void *d2); alpm_list_t *_alpm_db_search(pmdb_t *db, const alpm_list_t *needles); pmdb_t *_alpm_db_register_local(pmhandle_t *handle); @@ -88,7 +94,6 @@ int _alpm_local_db_remove(pmdb_t *db, pmpkg_t *info); /* cache bullshit */ /* packages */ -int _alpm_db_load_pkgcache(pmdb_t *db); void _alpm_db_free_pkgcache(pmdb_t *db); int _alpm_db_add_pkgincache(pmdb_t *db, pmpkg_t *pkg); int _alpm_db_remove_pkgfromcache(pmdb_t *db, pmpkg_t *pkg); @@ -97,7 +102,6 @@ alpm_list_t *_alpm_db_get_pkgcache(pmdb_t *db); int _alpm_db_ensure_pkgcache(pmdb_t *db, pmdbinfrq_t infolevel); pmpkg_t *_alpm_db_get_pkgfromcache(pmdb_t *db, const char *target); /* groups */ -int _alpm_db_load_grpcache(pmdb_t *db); void _alpm_db_free_grpcache(pmdb_t *db); alpm_list_t *_alpm_db_get_grpcache(pmdb_t *db); pmgrp_t *_alpm_db_get_grpfromcache(pmdb_t *db, const char *target); -- cgit v1.2.3-24-g4f1b