From 6760ec2b770e65f2aae9cfd39135cefd49961195 Mon Sep 17 00:00:00 2001
From: Dave Reisner <d@falconindy.com>
Date: Fri, 25 Mar 2011 21:40:16 -0400
Subject: Allow VerifySig to act as a default verification in [options]

* add _alpm_db_get_sigverify_level
* add alpm_option_{get,set}_default_sigverify

And set the default verification level to OPTIONAL if not set otherwise.

Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
---
 lib/libalpm/alpm.h    |  3 +++
 lib/libalpm/handle.c  | 15 +++++++++++++++
 lib/libalpm/handle.h  |  9 +++++----
 lib/libalpm/signing.c | 25 +++++++++++++++++++++----
 lib/libalpm/signing.h |  1 +
 lib/libalpm/sync.c    | 16 +++++++++++++---
 6 files changed, 58 insertions(+), 11 deletions(-)

(limited to 'lib/libalpm')

diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
index ca696250..fefb9c57 100644
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@@ -225,6 +225,9 @@ int alpm_option_set_usedelta(int usedelta);
 int alpm_option_get_checkspace(void);
 int alpm_option_set_checkspace(int checkspace);
 
+pgp_verify_t alpm_option_get_default_sigverify(void);
+int alpm_option_set_default_sigverify(pgp_verify_t level);
+
 /** @} */
 
 /** @addtogroup alpm_api_databases Database Functions
diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c
index b55b02a4..c4b98631 100644
--- a/lib/libalpm/handle.c
+++ b/lib/libalpm/handle.c
@@ -50,6 +50,8 @@ pmhandle_t *_alpm_handle_new()
 
 	CALLOC(handle, 1, sizeof(pmhandle_t), RET_ERR(PM_ERR_MEMORY, NULL));
 
+	handle->sigverify = PM_PGP_VERIFY_OPTIONAL;
+
 	return handle;
 }
 
@@ -625,4 +627,17 @@ int SYMEXPORT alpm_option_set_checkspace(int checkspace)
 	return 0;
 }
 
+int SYMEXPORT alpm_option_set_default_sigverify(pgp_verify_t level)
+{
+	ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, -1));
+	handle->sigverify = level;
+	return 0;
+}
+
+pgp_verify_t SYMEXPORT alpm_option_get_default_sigverify()
+{
+	ASSERT(handle != NULL, RET_ERR(PM_ERR_HANDLE_NULL, PM_PGP_VERIFY_UNKNOWN));
+	return handle->sigverify;
+}
+
 /* vim: set ts=2 sw=2 noet: */
diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h
index cf192bce..aa00b6f0 100644
--- a/lib/libalpm/handle.h
+++ b/lib/libalpm/handle.h
@@ -68,10 +68,11 @@ typedef struct _pmhandle_t {
 	alpm_list_t *ignoregrp;   /* List of groups to ignore */
 
 	/* options */
-	int usesyslog;    /* Use syslog instead of logfile? */ /* TODO move to frontend */
-	char *arch;       /* Architecture of packages we should allow */
-	int usedelta;     /* Download deltas if possible */
-	int checkspace;   /* Check disk space before installing */
+	int usesyslog;           /* Use syslog instead of logfile? */ /* TODO move to frontend */
+	char *arch;              /* Architecture of packages we should allow */
+	int usedelta;            /* Download deltas if possible */
+	int checkspace;          /* Check disk space before installing */
+	pgp_verify_t sigverify;  /* Default signature verification level */
 } pmhandle_t;
 
 /* global handle variable */
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 2301bba4..a7cb041d 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -248,10 +248,28 @@ int _alpm_load_signature(const char *sigfile, pmpgpsig_t *pgpsig) {
 	return 0;
 }
 
+/**
+ * Determines the necessity of checking for a valid PGP signature
+ * @param db the sync database to query
+ *
+ * @return signature verification level
+ */
+pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db)
+{
+	ALPM_LOG_FUNC;
+	ASSERT(db != NULL, RET_ERR(PM_ERR_DB_NULL, PM_PGP_VERIFY_UNKNOWN));
+
+	if(db->pgp_verify != PM_PGP_VERIFY_UNKNOWN) {
+		return db->pgp_verify;
+	} else {
+		return alpm_option_get_default_sigverify();
+	}
+}
+
 /**
  * Check the PGP package signature for the given package file.
  * @param pkg the package to check
- * @return a int value : 0 (valid), 1 (invalid), -1 (an error occured)
+ * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred)
  */
 int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg)
 {
@@ -265,16 +283,15 @@ int SYMEXPORT alpm_pkg_check_pgp_signature(pmpkg_t *pkg)
 /**
  * Check the PGP package signature for the given database.
  * @param db the database to check
- * @return a int value : 0 (valid), 1 (invalid), -1 (an error occured)
+ * @return a int value : 0 (valid), 1 (invalid), -1 (an error occurred)
  */
 int SYMEXPORT alpm_db_check_pgp_signature(pmdb_t *db)
 {
 	ALPM_LOG_FUNC;
-	ASSERT(db != NULL, return(0));
+	ASSERT(db != NULL, return 0);
 
 	return _alpm_gpgme_checksig(_alpm_db_path(db),
 			_alpm_db_pgpsig(db));
 }
 
-
 /* vim: set ts=2 sw=2 noet: */
diff --git a/lib/libalpm/signing.h b/lib/libalpm/signing.h
index b37abf0f..42b56508 100644
--- a/lib/libalpm/signing.h
+++ b/lib/libalpm/signing.h
@@ -33,6 +33,7 @@ struct __pmpgpsig_t {
 
 int _alpm_gpgme_checksig(const char *path, const pmpgpsig_t *sig);
 int _alpm_load_signature(const char *sigfile, pmpgpsig_t *pgpsig);
+pgp_verify_t _alpm_db_get_sigverify_level(pmdb_t *db);
 
 #endif /* _ALPM_SIGNING_H */
 
diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c
index a8284987..0143eed1 100644
--- a/lib/libalpm/sync.c
+++ b/lib/libalpm/sync.c
@@ -842,6 +842,7 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
 		char *filepath = _alpm_filecache_find(filename);
 		const char *md5sum = alpm_pkg_get_md5sum(spkg);
 		const pmpgpsig_t *pgpsig = alpm_pkg_get_pgpsig(spkg);
+		pgp_verify_t check_sig;
 
 		/* check md5sum first */
 		if(test_md5sum(trans, filepath, md5sum) != 0) {
@@ -853,10 +854,19 @@ int _alpm_sync_commit(pmtrans_t *trans, pmdb_t *db_local, alpm_list_t **data)
 		/* check PGP signature next */
 		pmdb_t *sdb = alpm_pkg_get_db(spkg);
 
-		if(sdb->pgp_verify != PM_PGP_VERIFY_NEVER) {
+		check_sig = _alpm_db_get_sigverify_level(sdb);
+
+		if(check_sig == PM_PGP_VERIFY_UNKNOWN) {
+			_alpm_log(PM_LOG_ERROR, _("failed to determine signature verification "
+						"level for database: %s\n"), sdb->treename);
+			pm_errno = PM_ERR_PKG_INVALID;
+			goto error;
+		}
+
+		if(check_sig != PM_PGP_VERIFY_NEVER) {
 			int ret = _alpm_gpgme_checksig(filepath, pgpsig);
-			if((sdb->pgp_verify == PM_PGP_VERIFY_ALWAYS && ret != 0) ||
-					(sdb->pgp_verify == PM_PGP_VERIFY_OPTIONAL && ret == 1)) {
+			if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) ||
+					(check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) {
 				errors++;
 				*data = alpm_list_add(*data, strdup(filename));
 				FREE(filepath);
-- 
cgit v1.2.3-2-g168b