From 7af0ab1cde9398c938a7a221aca5787934a16121 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Mon, 27 Jun 2011 16:29:49 -0500 Subject: signing: move to new signing verification and return scheme This gives us more granularity than the former Never/Optional/Always trifecta. The frontend still uses these values temporarily but that will be changed in a future patch. * Use 'siglevel' consistenly in method names, 'level' as variable name * The level becomes an enum bitmask value for flexibility * Signature check methods now return a array of status codes rather than a simple integer success/failure value. This allows callers to determine whether things such as an unknown signature are valid. * Specific signature error codes mostly disappear in favor of the above returned status code; pm_errno is now set only to PKG_INVALID_SIG or DB_INVALID_SIG as appropriate. Signed-off-by: Dan McGee --- lib/libalpm/dload.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'lib/libalpm/dload.c') diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c index c7a1c2b2..4b4d8dff 100644 --- a/lib/libalpm/dload.c +++ b/lib/libalpm/dload.c @@ -363,11 +363,10 @@ char SYMEXPORT *alpm_fetch_pkgurl(alpm_handle_t *handle, const char *url) _alpm_log(handle, ALPM_LOG_DEBUG, "successfully downloaded %s\n", url); /* attempt to download the signature */ - if(ret == 0 && (handle->sigverify == PM_PGP_VERIFY_ALWAYS || - handle->sigverify == PM_PGP_VERIFY_OPTIONAL)) { + if(ret == 0 && (handle->siglevel & ALPM_SIG_PACKAGE)) { char *sig_url; size_t len; - int errors_ok = (handle->sigverify == PM_PGP_VERIFY_OPTIONAL); + int errors_ok = (handle->siglevel & ALPM_SIG_PACKAGE_OPTIONAL); len = strlen(url) + 5; CALLOC(sig_url, len, sizeof(char), RET_ERR(handle, ALPM_ERR_MEMORY, NULL)); -- cgit v1.2.3-24-g4f1b