summaryrefslogtreecommitdiff
path: root/lib/libalpm/signing.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libalpm/signing.c')
-rw-r--r--lib/libalpm/signing.c90
1 files changed, 43 insertions, 47 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 9bb9d0ad..8124e674 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -35,6 +35,7 @@
#include "util.h"
#include "log.h"
#include "alpm.h"
+#include "handle.h"
#if HAVE_LIBGPGME
#define CHECK_ERR(void) do { \
@@ -104,28 +105,26 @@ static alpm_list_t *gpgme_list_sigsum(gpgme_sigsum_t sigsum)
return summary;
}
-static int gpgme_init(void)
+static int gpgme_init(pmhandle_t *handle)
{
static int init = 0;
const char *version;
gpgme_error_t err;
gpgme_engine_info_t enginfo;
- ALPM_LOG_FUNC;
-
if(init) {
/* we already successfully initialized the library */
return 0;
}
- if(!alpm_option_get_signaturedir()) {
- RET_ERR(PM_ERR_SIG_MISSINGDIR, 1);
+ if(!alpm_option_get_signaturedir(handle)) {
+ RET_ERR(handle, PM_ERR_SIG_MISSINGDIR, 1);
}
/* calling gpgme_check_version() returns the current version and runs
* some internal library setup code */
version = gpgme_check_version(NULL);
- _alpm_log(PM_LOG_DEBUG, "GPGME version: %s\n", version);
+ _alpm_log(handle, PM_LOG_DEBUG, "GPGME version: %s\n", version);
gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
#ifdef LC_MESSAGES
gpgme_set_locale(NULL, LC_MESSAGES, setlocale(LC_MESSAGES, NULL));
@@ -144,19 +143,19 @@ static int gpgme_init(void)
/* set and check engine information */
err = gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, NULL,
- alpm_option_get_signaturedir());
+ alpm_option_get_signaturedir(handle));
CHECK_ERR();
err = gpgme_get_engine_info(&enginfo);
CHECK_ERR();
- _alpm_log(PM_LOG_DEBUG, "GPGME engine info: file=%s, home=%s\n",
+ _alpm_log(handle, PM_LOG_DEBUG, "GPGME engine info: file=%s, home=%s\n",
enginfo->file_name, enginfo->home_dir);
init = 1;
return 0;
error:
- _alpm_log(PM_LOG_ERROR, _("GPGME error: %s\n"), gpgme_strerror(err));
- RET_ERR(PM_ERR_GPGME, 1);
+ _alpm_log(handle, PM_LOG_ERROR, _("GPGME error: %s\n"), gpgme_strerror(err));
+ RET_ERR(handle, PM_ERR_GPGME, 1);
}
/**
@@ -196,12 +195,14 @@ error:
/**
* Check the PGP signature for the given file.
+ * @param handle the context handle
* @param path the full path to a file
* @param base64_sig PGP signature data in base64 encoding; if NULL, expect a
* signature file next to 'path'
* @return a int value : 0 (valid), 1 (invalid), -1 (an error occured)
*/
-int _alpm_gpgme_checksig(const char *path, const char *base64_sig)
+int _alpm_gpgme_checksig(pmhandle_t *handle, const char *path,
+ const char *base64_sig)
{
int ret = 0;
gpgme_error_t err;
@@ -213,29 +214,27 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig)
unsigned char *decoded_sigdata = NULL;
FILE *file = NULL, *sigfile = NULL;
- ALPM_LOG_FUNC;
-
if(!path || access(path, R_OK) != 0) {
- RET_ERR(PM_ERR_NOT_A_FILE, -1);
+ RET_ERR(handle, PM_ERR_NOT_A_FILE, -1);
}
if(!base64_sig) {
size_t len = strlen(path) + 5;
- CALLOC(sigpath, len, sizeof(char), RET_ERR(PM_ERR_MEMORY, -1));
+ CALLOC(sigpath, len, sizeof(char), RET_ERR(handle, PM_ERR_MEMORY, -1));
snprintf(sigpath, len, "%s.sig", path);
if(!access(sigpath, R_OK) == 0) {
FREE(sigpath);
- RET_ERR(PM_ERR_SIG_UNKNOWN, -1);
+ RET_ERR(handle, PM_ERR_SIG_UNKNOWN, -1);
}
}
- if(gpgme_init()) {
+ if(gpgme_init(handle)) {
/* pm_errno was set in gpgme_init() */
return -1;
}
- _alpm_log(PM_LOG_DEBUG, "checking signature for %s\n", path);
+ _alpm_log(handle, PM_LOG_DEBUG, "checking signature for %s\n", path);
memset(&ctx, 0, sizeof(ctx));
memset(&sigdata, 0, sizeof(sigdata));
@@ -247,7 +246,7 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig)
/* create our necessary data objects to verify the signature */
file = fopen(path, "rb");
if(file == NULL) {
- pm_errno = PM_ERR_NOT_A_FILE;
+ handle->pm_errno = PM_ERR_NOT_A_FILE;
ret = -1;
goto error;
}
@@ -270,7 +269,7 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig)
/* file-based, it is on disk */
sigfile = fopen(sigpath, "rb");
if(sigfile == NULL) {
- pm_errno = PM_ERR_NOT_A_FILE;
+ handle->pm_errno = PM_ERR_NOT_A_FILE;
ret = -1;
goto error;
}
@@ -289,7 +288,7 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig)
count++;
gpgsig = gpgsig->next;
}
- _alpm_log(PM_LOG_ERROR, _("Unexpected number of signatures (%d)\n"),
+ _alpm_log(handle, PM_LOG_ERROR, _("Unexpected number of signatures (%d)\n"),
count);
ret = -1;
goto error;
@@ -298,42 +297,42 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig)
{
alpm_list_t *summary_list, *summary;
- _alpm_log(PM_LOG_DEBUG, "fingerprint: %s\n", gpgsig->fpr);
+ _alpm_log(handle, PM_LOG_DEBUG, "fingerprint: %s\n", gpgsig->fpr);
summary_list = gpgme_list_sigsum(gpgsig->summary);
for(summary = summary_list; summary; summary = summary->next) {
- _alpm_log(PM_LOG_DEBUG, "summary: %s\n", (const char *)summary->data);
+ _alpm_log(handle, PM_LOG_DEBUG, "summary: %s\n", (const char *)summary->data);
}
alpm_list_free(summary_list);
- _alpm_log(PM_LOG_DEBUG, "status: %s\n", gpgme_strerror(gpgsig->status));
- _alpm_log(PM_LOG_DEBUG, "timestamp: %lu\n", gpgsig->timestamp);
- _alpm_log(PM_LOG_DEBUG, "exp_timestamp: %lu\n", gpgsig->exp_timestamp);
- _alpm_log(PM_LOG_DEBUG, "validity: %s\n",
+ _alpm_log(handle, PM_LOG_DEBUG, "status: %s\n", gpgme_strerror(gpgsig->status));
+ _alpm_log(handle, PM_LOG_DEBUG, "timestamp: %lu\n", gpgsig->timestamp);
+ _alpm_log(handle, PM_LOG_DEBUG, "exp_timestamp: %lu\n", gpgsig->exp_timestamp);
+ _alpm_log(handle, PM_LOG_DEBUG, "validity: %s\n",
gpgme_string_validity(gpgsig->validity));
- _alpm_log(PM_LOG_DEBUG, "validity_reason: %s\n",
+ _alpm_log(handle, PM_LOG_DEBUG, "validity_reason: %s\n",
gpgme_strerror(gpgsig->validity_reason));
- _alpm_log(PM_LOG_DEBUG, "pubkey algo: %s\n",
+ _alpm_log(handle, PM_LOG_DEBUG, "pubkey algo: %s\n",
gpgme_pubkey_algo_name(gpgsig->pubkey_algo));
- _alpm_log(PM_LOG_DEBUG, "hash algo: %s\n",
+ _alpm_log(handle, PM_LOG_DEBUG, "hash algo: %s\n",
gpgme_hash_algo_name(gpgsig->hash_algo));
}
if(gpgsig->summary & GPGME_SIGSUM_VALID) {
/* good signature, continue */
- _alpm_log(PM_LOG_DEBUG, _("File %s has a valid signature.\n"),
+ _alpm_log(handle, PM_LOG_DEBUG, _("File %s has a valid signature.\n"),
path);
} else if(gpgsig->summary & GPGME_SIGSUM_GREEN) {
/* 'green' signature, not sure what to do here */
- _alpm_log(PM_LOG_WARNING, _("File %s has a green signature.\n"),
+ _alpm_log(handle, PM_LOG_WARNING, _("File %s has a green signature.\n"),
path);
} else if(gpgsig->summary & GPGME_SIGSUM_KEY_MISSING) {
- pm_errno = PM_ERR_SIG_UNKNOWN;
- _alpm_log(PM_LOG_WARNING, _("File %s has a signature from an unknown key.\n"),
+ handle->pm_errno = PM_ERR_SIG_UNKNOWN;
+ _alpm_log(handle, PM_LOG_WARNING, _("File %s has a signature from an unknown key.\n"),
path);
ret = -1;
} else {
/* we'll capture everything else here */
- pm_errno = PM_ERR_SIG_INVALID;
- _alpm_log(PM_LOG_ERROR, _("File %s has an invalid signature.\n"),
+ handle->pm_errno = PM_ERR_SIG_INVALID;
+ _alpm_log(handle, PM_LOG_ERROR, _("File %s has an invalid signature.\n"),
path);
ret = 1;
}
@@ -351,13 +350,14 @@ error:
FREE(sigpath);
FREE(decoded_sigdata);
if(err != GPG_ERR_NO_ERROR) {
- _alpm_log(PM_LOG_ERROR, _("GPGME error: %s\n"), gpgme_strerror(err));
- RET_ERR(PM_ERR_GPGME, -1);
+ _alpm_log(handle, PM_LOG_ERROR, _("GPGME error: %s\n"), gpgme_strerror(err));
+ RET_ERR(handle, PM_ERR_GPGME, -1);
}
return ret;
}
#else
-int _alpm_gpgme_checksig(const char *path, const char *base64_sig)
+int _alpm_gpgme_checksig(pmhandle_t *handle, const char *path,
+ const char *base64_sig)
{
return -1;
}
@@ -371,13 +371,10 @@ int _alpm_gpgme_checksig(const char *path, const char *base64_sig)
*/
pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db)
{
- ALPM_LOG_FUNC;
- ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_PGP_VERIFY_UNKNOWN));
-
if(db->pgp_verify != PM_PGP_VERIFY_UNKNOWN) {
return db->pgp_verify;
} else {
- return alpm_option_get_default_sigverify();
+ return alpm_option_get_default_sigverify(db->handle);
}
}
@@ -388,10 +385,10 @@ pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db)
*/
int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg)
{
- ALPM_LOG_FUNC;
ASSERT(pkg != NULL, return 0);
- return _alpm_gpgme_checksig(alpm_pkg_get_filename(pkg), pkg->base64_sig);
+ return _alpm_gpgme_checksig(pkg->handle, alpm_pkg_get_filename(pkg),
+ pkg->base64_sig);
}
/**
@@ -401,10 +398,9 @@ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg)
*/
int SYMEXPORT alpm_db_check_pgp_signature(pmdb_t *db)
{
- ALPM_LOG_FUNC;
ASSERT(db != NULL, return 0);
- return _alpm_gpgme_checksig(_alpm_db_path(db), NULL);
+ return _alpm_gpgme_checksig(db->handle, _alpm_db_path(db), NULL);
}
/* vim: set ts=2 sw=2 noet: */