Rein in the complexity of the signature type

Given that we offer no transparency into the pmpgpsig_t type, we don't
really need to expose it outside of the library, and at this point, we
don't need it at all. Don't decode anything except when checking
signatures. For packages/files not from a sync database, we now just
read the signature file directly anyway.

Also push the decoding logic down further into the check method so we
don't need this hanging out in a less than ideal place. This will make
it easier to conditionally compile things down the road.

Signed-off-by: Dan McGee <dan@archlinux.org>

1 files changed, 1 insertions, 2 deletions

diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c
index 4ce62e64..0ff0c79e 100644
--- a/lib/libalpm/sync.c
+++ b/lib/libalpm/sync.c
@@ -856,7 +856,6 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
 		const char *filename = alpm_pkg_get_filename(spkg);
 		char *filepath = _alpm_filecache_find(filename);
 		const char *md5sum = alpm_pkg_get_md5sum(spkg);
-		const pmpgpsig_t *pgpsig = alpm_pkg_get_pgpsig(spkg);
 		pgp_verify_t check_sig;
 
 		/* check md5sum first */
@@ -872,7 +871,7 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
 		check_sig = _alpm_db_get_sigverify_level(sdb);
 
 		if(check_sig != PM_PGP_VERIFY_NEVER) {
-			int ret = _alpm_gpgme_checksig(filepath, pgpsig);
+			int ret = _alpm_gpgme_checksig(filepath, spkg->base64_sig);
 			if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) ||
 					(check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) {
 				errors++;