summaryrefslogtreecommitdiff
path: root/lib/libalpm
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2008-12-07 13:01:28 -0600
committerDan McGee <dan@archlinux.org>2011-03-23 02:22:00 -0500
commit88746ec067c00a9e81f4323aa857a5bcf37258ad (patch)
tree1d21b4adb24e5a45940e4b65295231199f146ba2 /lib/libalpm
parent39da0198cd132bbb72be234b584bc62c88db33b6 (diff)
Read in .sig files when opening a package file
If a .sig file sits side-by-side on the filesystem with a package archive, read it in during the package struct creation process so we can verify it at a later time if necessary. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'lib/libalpm')
-rw-r--r--lib/libalpm/be_package.c49
1 files changed, 48 insertions, 1 deletions
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
index fbd2c0c7..e8d26aa7 100644
--- a/lib/libalpm/be_package.c
+++ b/lib/libalpm/be_package.c
@@ -251,11 +251,57 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full)
RET_ERR(PM_ERR_WRONG_ARGS, NULL);
}
- if(stat(pkgfile, &st) != 0) {
+ /* attempt to stat the package file, ensure it exists */
+ if(stat(pkgfile, &st) == 0) {
+ char *pgpfile;
+
+ newpkg = _alpm_pkg_new();
+ if(newpkg == NULL) {
+ RET_ERR(PM_ERR_MEMORY, NULL);
+ }
+ newpkg->filename = strdup(pkgfile);
+ newpkg->size = st.st_size;
+
+ /* look around for a PGP signature file; load if available */
+ MALLOC(pgpfile, strlen(pkgfile) + 5, RET_ERR(PM_ERR_MEMORY, NULL));
+ sprintf(pgpfile, "%s.sig", pkgfile);
+ if(access(pgpfile, R_OK) == 0) {
+ FILE *f;
+ long bytes;
+ size_t bytes_read;
+ f = fopen(pgpfile, "rb");
+ fseek(f, 0L, SEEK_END);
+ bytes = ftell(f);
+ fseek(f, 0L, SEEK_SET);
+ /* don't read the file in if it is obviously not the size of a sig */
+ if(bytes == 72) {
+ CALLOC(newpkg->pgpsig.rawdata, bytes, sizeof(char),
+ RET_ERR(PM_ERR_MEMORY, NULL));
+ bytes_read = fread(newpkg->pgpsig.rawdata, sizeof(char), bytes, f);
+ if(bytes_read == (size_t)bytes) {
+ newpkg->pgpsig.rawlen = bytes;
+ _alpm_log(PM_LOG_DEBUG,
+ "loaded package .sig file, location %s\n", pgpfile);
+ } else {
+ _alpm_log(PM_LOG_WARNING, _("Failed reading PGP signature file for %s"),
+ pkgfile);
+ }
+ } else {
+ _alpm_log(PM_LOG_WARNING, _("PGP signature file for %s was abnormal"
+ " (had length %ld), skipping\n"), pkgfile, bytes);
+ }
+ fclose(f);
+ } else {
+ _alpm_log(PM_LOG_DEBUG, "no package signature file found\n");
+ }
+ FREE(pgpfile);
+ } else {
+ /* couldn't stat the pkgfile, return an error */
RET_ERR(PM_ERR_PKG_OPEN, NULL);
}
if((archive = archive_read_new()) == NULL) {
+ alpm_pkg_free(newpkg);
RET_ERR(PM_ERR_LIBARCHIVE, NULL);
}
@@ -264,6 +310,7 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full)
if (archive_read_open_filename(archive, pkgfile,
ARCHIVE_DEFAULT_BYTES_PER_BLOCK) != ARCHIVE_OK) {
+ alpm_pkg_free(newpkg);
RET_ERR(PM_ERR_PKG_OPEN, NULL);
}