summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAllan McRae <allan@archlinux.org>2012-10-29 22:24:55 +1000
committerAllan McRae <allan@archlinux.org>2013-02-09 12:43:36 +1000
commit4ec6848f91ed85ab113185bb74b83a5faf21160f (patch)
treee20ce3de75a07d298ed31797522def5a4d5dace7
parent45b6d36cf7f228190dc3d20952d1e001c91bd12d (diff)
downloadpacman-4ec6848f91ed85ab113185bb74b83a5faf21160f.tar.xz
Move key importing into separate function
This will be useful for checking the availablity of all keys before perfoming validation in sync operations and for downloading a needed key in upgrade operations. Signed-off-by: Allan McRae <allan@archlinux.org>
-rw-r--r--lib/libalpm/signing.c81
-rw-r--r--lib/libalpm/signing.h1
2 files changed, 50 insertions, 32 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 883d62d0..6534fe51 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -372,6 +372,46 @@ error:
}
/**
+ * Import a key defined by a fingerprint into the local keyring.
+ * @param handle the context handle
+ * @param fpr the fingerprint key ID to import
+ * @return 0 on success, -1 on error
+ */
+int _alpm_key_import(alpm_handle_t *handle, const char *fpr) {
+ int answer = 0, ret = -1;
+ alpm_pgpkey_t fetch_key;
+ memset(&fetch_key, 0, sizeof(fetch_key));
+
+ if(key_search(handle, fpr, &fetch_key) == 1) {
+ _alpm_log(handle, ALPM_LOG_DEBUG,
+ "unknown key, found %s on keyserver\n", fetch_key.uid);
+ if(!_alpm_access(handle, handle->gpgdir, "pubring.gpg", W_OK)) {
+ QUESTION(handle, ALPM_QUESTION_IMPORT_KEY,
+ &fetch_key, NULL, NULL, &answer);
+ if(answer) {
+ if(key_import(handle, &fetch_key) == 0) {
+ ret = 0;
+ } else {
+ _alpm_log(handle, ALPM_LOG_ERROR,
+ _("key \"%s\" could not be imported\n"), fetch_key.uid);
+ }
+ }
+ } else {
+ /* keyring directory was not writable, so we don't even try */
+ _alpm_log(handle, ALPM_LOG_WARNING,
+ _("key %s, \"%s\" found on keyserver, keyring is not writable\n"),
+ fetch_key.fingerprint, fetch_key.uid);
+ }
+ } else {
+ _alpm_log(handle, ALPM_LOG_ERROR,
+ _("key \"%s\" could not be looked up remotely\n"), fpr);
+ }
+ gpgme_key_unref(fetch_key.data);
+
+ return ret;
+}
+
+/**
* Decode a loaded signature in base64 form.
* @param base64_data the signature to attempt to decode
* @param data the decoded data; must be freed by the caller
@@ -638,6 +678,11 @@ int _alpm_key_in_keychain(alpm_handle_t UNUSED *handle, const char UNUSED *fpr)
return -1;
}
+int _alpm_key_import(alpm_handle_t UNUSED *handle, const char UNUSED *fpr)
+{
+ return -1;
+}
+
int _alpm_gpgme_checksig(alpm_handle_t UNUSED *handle, const char UNUSED *path,
const char UNUSED *base64_sig, alpm_siglist_t UNUSED *siglist)
{
@@ -818,39 +863,11 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier,
}
_alpm_log(handle, ALPM_LOG_ERROR,
_("%s: key \"%s\" is unknown\n"), identifier, name);
-#ifdef HAVE_LIBGPGME
- {
- int answer = 0;
- alpm_pgpkey_t fetch_key;
- memset(&fetch_key, 0, sizeof(fetch_key));
-
- if(key_search(handle, result->key.fingerprint, &fetch_key) == 1) {
- _alpm_log(handle, ALPM_LOG_DEBUG,
- "unknown key, found %s on keyserver\n", fetch_key.uid);
- if(!_alpm_access(handle, handle->gpgdir, "pubring.gpg", W_OK)) {
- QUESTION(handle, ALPM_QUESTION_IMPORT_KEY,
- &fetch_key, NULL, NULL, &answer);
- if(answer) {
- if(key_import(handle, &fetch_key) == 0) {
- retry = 1;
- } else {
- _alpm_log(handle, ALPM_LOG_ERROR,
- _("key \"%s\" could not be imported\n"), fetch_key.uid);
- }
- }
- } else {
- /* keyring directory was not writable, so we don't even try */
- _alpm_log(handle, ALPM_LOG_WARNING,
- _("key %s, \"%s\" found on keyserver, keyring is not writable\n"),
- fetch_key.fingerprint, fetch_key.uid);
- }
- } else {
- _alpm_log(handle, ALPM_LOG_ERROR,
- _("key \"%s\" could not be looked up remotely\n"), name);
- }
- gpgme_key_unref(fetch_key.data);
+
+ if(_alpm_key_import(handle, result->key.fingerprint) == 0) {
+ retry = 1;
}
-#endif
+
break;
case ALPM_SIGSTATUS_KEY_DISABLED:
_alpm_log(handle, ALPM_LOG_ERROR,
diff --git a/lib/libalpm/signing.h b/lib/libalpm/signing.h
index a07eca6e..42b60b1f 100644
--- a/lib/libalpm/signing.h
+++ b/lib/libalpm/signing.h
@@ -32,6 +32,7 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier,
alpm_siglist_t *siglist, int optional, int marginal, int unknown);
int _alpm_key_in_keychain(alpm_handle_t *handle, const char *fpr);
+int _alpm_key_import(alpm_handle_t *handle, const char *fpr);
#endif /* _ALPM_SIGNING_H */