summaryrefslogtreecommitdiff
path: root/lib/libalpm/signing.c
diff options
context:
space:
mode:
authorDave Reisner <d@falconindy.com>2011-03-25 21:40:16 -0400
committerDan McGee <dan@archlinux.org>2011-04-20 19:42:01 -0500
commit6760ec2b770e65f2aae9cfd39135cefd49961195 (patch)
tree1cff3dd732c5a4e6a7c262c8163e32e52eb7f6d5 /lib/libalpm/signing.c
parent2c8c763723b43ddcb865aab325afc9c76907cb64 (diff)
downloadpacman-6760ec2b770e65f2aae9cfd39135cefd49961195.tar.xz
Allow VerifySig to act as a default verification in [options]
* add _alpm_db_get_sigverify_level * add alpm_option_{get,set}_default_sigverify And set the default verification level to OPTIONAL if not set otherwise. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm/signing.c')
-rw-r--r--lib/libalpm/signing.c25
1 files changed, 21 insertions, 4 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 2301bba4..a7cb041d 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -249,9 +249,27 @@ int _alpm_load_signature(const char *sigfile, pmpgpsig_t *pgpsig) {
}
/**
+ * Determines the necessity of checking for a valid PGP signature
+ * @param db the sync database to query
+ *
+ * @return signature verification level
+ */
+pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db)
+{
+ ALPM_LOG_FUNC;
+ ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_PGP_VERIFY_UNKNOWN));
+
+ if(db->pgp_verify != PM_PGP_VERIFY_UNKNOWN) {
+ return db->pgp_verify;
+ } else {
+ return alpm_option_get_default_sigverify();
+ }
+}
+
+/**
* Check the PGP package signature for the given package file.
* @param pkg the package to check
- * @return a int value : 0 (valid), 1 (invalid), -1 (an error occured)
+ * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred)
*/
int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg)
{
@@ -265,16 +283,15 @@ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg)
/**
* Check the PGP package signature for the given database.
* @param db the database to check
- * @return a int value : 0 (valid), 1 (invalid), -1 (an error occured)
+ * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred)
*/
int SYMEXPORT alpm_db_check_pgp_signature(pmdb_t *db)
{
ALPM_LOG_FUNC;
- ASSERT(db != NULL, return(0));
+ ASSERT(db != NULL, return 0);
return _alpm_gpgme_checksig(_alpm_db_path(db),
_alpm_db_pgpsig(db));
}
-
/* vim: set ts=2 sw=2 noet: */