Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/lib/libalpm/db.c
diff options
context:
space:
mode:
authorAllan McRae <allan@archlinux.org>2010-11-22 15:06:09 +1000
committerDan McGee <dan@archlinux.org>2011-03-23 22:22:33 -0500
commited6fda2f98bdcde56a67e43a6bcf644c549892a2 (patch)
tree1e28badd92918a5a1e53eb48f8b3d0423cd2a484 /lib/libalpm/db.c
parentef26c445245d0d25dfbca8f6feb590d3288d76d4 (diff)
Add functions for verifying database signature
Add a pmpgpsig_t struct to the database entry struct and functions for the lazy loading of database signatures. Add a function for checking database signatures, reusing (and generalizing) the code currently used for checking package signatures. TODO: The code for reading in signature files from the filesystem is duplicated for local packages and database and needs refactoring. Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'lib/libalpm/db.c')
-rw-r--r--lib/libalpm/db.c65
1 files changed, 65 insertions, 0 deletions
diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c
index f61ea918..2c9b25f3 100644
--- a/lib/libalpm/db.c
+++ b/lib/libalpm/db.c
@@ -365,6 +365,69 @@ pmdb_t *_alpm_db_new(const char *treename, int is_local)
return db;
}
+static int load_pgpsig(pmdb_t *db) {
+ size_t len;
+ const char *dbfile;
+ char *sigfile;
+
+ dbfile = _alpm_db_path(db);
+ len = strlen(dbfile) + 5;
+ MALLOC(sigfile, len, RET_ERR(PM_ERR_MEMORY, -1));
+ sprintf(sigfile, "%s.sig", dbfile);
+
+ if(access(sigfile, R_OK) == 0) {
+ FILE *f;
+ long bytes;
+ size_t bytes_read;
+ f = fopen(sigfile, "rb");
+ fseek(f, 0L, SEEK_END);
+ bytes = ftell(f);
+ if(bytes == -1) {
+ _alpm_log(PM_LOG_WARNING, _("Failed reading PGP signature file for %s"),
+ dbfile);
+ goto cleanup;
+ }
+ fseek(f, 0L, SEEK_SET);
+ CALLOC(db->pgpsig.rawdata, bytes, sizeof(char),
+ goto error);
+ bytes_read = fread(db->pgpsig.rawdata, sizeof(char), bytes, f);
+ if(bytes_read == (size_t)bytes) {
+ db->pgpsig.rawlen = bytes;
+ _alpm_log(PM_LOG_DEBUG,
+ "loaded database .sig file, location %s\n", sigfile);
+ } else {
+ _alpm_log(PM_LOG_WARNING, _("Failed reading PGP signature file for %s"),
+ dbfile);
+ }
+
+cleanup:
+ fclose(f);
+ } else {
+ _alpm_log(PM_LOG_DEBUG, "no database signature file found\n");
+ }
+
+ return(0);
+
+error:
+ FREE(db->pgpsig.rawdata);
+ db->pgpsig.rawlen = 0;
+ return(1);
+}
+
+const pmpgpsig_t *_alpm_db_pgpsig(pmdb_t *db)
+{
+ ALPM_LOG_FUNC;
+
+ /* Sanity checks */
+ ASSERT(db != NULL, return(NULL));
+
+ if(db->pgpsig.rawdata == NULL) {
+ load_pgpsig(db);
+ }
+
+ return &(db->pgpsig);
+}
+
void _alpm_db_free(pmdb_t *db)
{
ALPM_LOG_FUNC;
@@ -373,6 +436,8 @@ void _alpm_db_free(pmdb_t *db)
_alpm_db_free_pkgcache(db);
/* cleanup server list */
FREELIST(db->servers);
+ /* only need to free rawdata */
+ FREE(db->pgpsig.rawdata);
FREE(db->_path);
FREE(db->treename);
FREE(db);