Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-04-21 15:37:32 -0500
committerDan McGee <dan@archlinux.org>2011-04-22 15:58:09 -0500
commit1ff04b980f65769ae63b162f7206579da2f57e1c (patch)
tree287a758de6b732683f83908c9095b34146a7c6d8
parent10b8cd75b36d5a87032780058321fccdc90210c7 (diff)
be_sync: use _alpm_db_get_sigverify_level()
Signed-off-by: Dan McGee <dan@archlinux.org>
-rw-r--r--lib/libalpm/be_sync.c11
1 files changed, 7 insertions, 4 deletions
diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c
index 11e28078..d4841854 100644
--- a/lib/libalpm/be_sync.c
+++ b/lib/libalpm/be_sync.c
@@ -84,6 +84,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db)
size_t len;
int ret;
mode_t oldmask;
+ pgp_verify_t check_sig;
ALPM_LOG_FUNC;
@@ -136,8 +137,10 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db)
goto cleanup;
}
+ check_sig = _alpm_db_get_sigverify_level(db);
+
/* Download and check the signature of the database if needed */
- if(db->pgp_verify != PM_PGP_VERIFY_NEVER) {
+ if(check_sig != PM_PGP_VERIFY_NEVER) {
char *sigfile, *sigfilepath;
int sigret;
@@ -155,7 +158,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db)
sigret = _alpm_download_single_file(sigfile, db->servers, syncpath, 0);
free(sigfile);
- if(sigret == -1 && db->pgp_verify == PM_PGP_VERIFY_ALWAYS) {
+ if(sigret == -1 && check_sig == PM_PGP_VERIFY_ALWAYS) {
_alpm_log(PM_LOG_ERROR, _("Failed to download signature for db: %s\n"),
alpm_strerrorlast());
pm_errno = PM_ERR_SIG_INVALID;
@@ -164,8 +167,8 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db)
}
sigret = alpm_db_check_pgp_signature(db);
- if((db->pgp_verify == PM_PGP_VERIFY_ALWAYS && sigret != 0) ||
- (db->pgp_verify == PM_PGP_VERIFY_OPTIONAL && sigret == 1)) {
+ if((check_sig == PM_PGP_VERIFY_ALWAYS && sigret != 0) ||
+ (check_sig == PM_PGP_VERIFY_OPTIONAL && sigret == 1)) {
/* pm_errno was set by the checking code */
/* TODO: should we just leave the unverified database */
ret = -1;