summaryrefslogtreecommitdiff
path: root/lib/libalpm/be_sync.c
diff options
context:
space:
mode:
authorAllan McRae <allan@archlinux.org>2010-11-24 17:22:32 +1000
committerDan McGee <dan@archlinux.org>2011-03-23 22:58:32 -0500
commita8b22e16efbffee84ff8647846196958d871c64b (patch)
tree9641d8ec10ed8da18ebecb83222d2d0d063c3c56 /lib/libalpm/be_sync.c
parent38da050f31fad7fd9252cced698a66c3e3729d98 (diff)
downloadpacman-a8b22e16efbffee84ff8647846196958d871c64b.tar.xz
Do not reuse old signature
After updating a database, remove the old signature to prevent it being used in validation if the new signature fails to download. Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'lib/libalpm/be_sync.c')
-rw-r--r--lib/libalpm/be_sync.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c
index ed55b3bb..756f784f 100644
--- a/lib/libalpm/be_sync.c
+++ b/lib/libalpm/be_sync.c
@@ -139,14 +139,21 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db)
/* Download and check the signature of the database if needed */
if(db->pgp_verify != PM_PGP_VERIFY_NEVER) {
- char *sigfile;
+ char *sigfile, *sigfilepath;
int sigret;
len = strlen(dbfile) + 5;
MALLOC(sigfile, len, RET_ERR(PM_ERR_MEMORY, -1));
sprintf(sigfile, "%s.sig", dbfile);
- sigret = _alpm_download_single_file(sigfile, db->servers, syncpath, 1);
+ /* prevent old signature being used if the following download fails */
+ len = strlen(syncpath) + strlen(sigfile) + 1;
+ MALLOC(sigfilepath, len, RET_ERR(PM_ERR_MEMORY, -1));
+ sprintf(sigfilepath, "%s%s", syncpath, sigfile);
+ _alpm_rmrf(sigfilepath);
+ free(sigfilepath);
+
+ sigret = _alpm_download_single_file(sigfile, db->servers, syncpath, 0);
free(sigfile);
if(sigret == -1 && db->pgp_verify == PM_PGP_VERIFY_ALWAYS) {