Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/lib/libalpm
diff options
context:
space:
mode:
authorAllan McRae <allan@archlinux.org>2012-02-18 16:31:37 +1000
committerDan McGee <dan@archlinux.org>2012-03-08 17:58:04 -0600
commit5c404268d965d9ca012e4819ac0c2f289a4c768c (patch)
treeec83d7e1d7c88886fc4cf8438ba42ccb9627c8e2 /lib/libalpm
parentbc311a24ce536fbf30cc2356a62b08a6c0938ea9 (diff)
Add information on how an installed package was validated
When installing a package, store information on which validation method was used and output this on "pacman -Qi" operations. e.g. Validated By : SHA256 Sum Possible values are Unknown, None, MD5 Sum, SHA256 Sum, Signature. Dan: just a few very minor tweaks. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm')
-rw-r--r--lib/libalpm/alpm.h15
-rw-r--r--lib/libalpm/be_local.c43
-rw-r--r--lib/libalpm/be_package.c23
-rw-r--r--lib/libalpm/package.c9
-rw-r--r--lib/libalpm/package.h4
-rw-r--r--lib/libalpm/sync.c8
6 files changed, 97 insertions, 5 deletions
diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
index a6b7c789..2e666294 100644
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@@ -64,6 +64,15 @@ typedef enum _alpm_pkgfrom_t {
PKG_FROM_SYNCDB
} alpm_pkgfrom_t;
+/** Location a package object was loaded from. */
+typedef enum _alpm_pkgvalidation_t {
+ ALPM_PKG_VALIDATION_UNKNOWN = 0,
+ ALPM_PKG_VALIDATION_NONE = (1 << 0),
+ ALPM_PKG_VALIDATION_MD5SUM = (1 << 1),
+ ALPM_PKG_VALIDATION_SHA256SUM = (1 << 2),
+ ALPM_PKG_VALIDATION_SIGNATURE = (1 << 3)
+} alpm_pkgvalidation_t;
+
/** Types of version constraints in dependency specs. */
typedef enum _alpm_depmod_t {
/** No version constraint */
@@ -880,6 +889,12 @@ alpm_db_t *alpm_pkg_get_db(alpm_pkg_t *pkg);
*/
const char *alpm_pkg_get_base64_sig(alpm_pkg_t *pkg);
+/** Returns the method used to validate a package during install.
+ * @param pkg a pointer to package
+ * @return an enum member giving the validation method
+ */
+alpm_pkgvalidation_t alpm_pkg_get_validation(alpm_pkg_t *pkg);
+
/* End of alpm_pkg_t accessors */
/* @} */
diff --git a/lib/libalpm/be_local.c b/lib/libalpm/be_local.c
index 0d423fa7..51721d1f 100644
--- a/lib/libalpm/be_local.c
+++ b/lib/libalpm/be_local.c
@@ -102,6 +102,12 @@ static alpm_pkgreason_t _cache_get_reason(alpm_pkg_t *pkg)
return pkg->reason;
}
+static alpm_pkgvalidation_t _cache_get_validation(alpm_pkg_t *pkg)
+{
+ LAZY_LOAD(INFRQ_DESC, -1);
+ return pkg->validation;
+}
+
static alpm_list_t *_cache_get_licenses(alpm_pkg_t *pkg)
{
LAZY_LOAD(INFRQ_DESC, NULL);
@@ -223,6 +229,7 @@ static struct pkg_operations local_pkg_ops = {
.get_arch = _cache_get_arch,
.get_isize = _cache_get_isize,
.get_reason = _cache_get_reason,
+ .get_validation = _cache_get_validation,
.has_scriptlet = _cache_has_scriptlet,
.get_licenses = _cache_get_licenses,
.get_groups = _cache_get_groups,
@@ -603,6 +610,26 @@ static int local_db_read(alpm_pkg_t *info, alpm_dbinfrq_t inforeq)
} else if(strcmp(line, "%REASON%") == 0) {
READ_NEXT();
info->reason = (alpm_pkgreason_t)atoi(line);
+ } else if(strcmp(line, "%VALIDATION%") == 0) {
+ alpm_list_t *i, *v = NULL;
+ READ_AND_STORE_ALL(v);
+ for(i = v; i; i = alpm_list_next(i))
+ {
+ if(strcmp(i->data, "none") == 0) {
+ info->validation |= ALPM_PKG_VALIDATION_NONE;
+ } else if(strcmp(i->data, "md5") == 0) {
+ info->validation |= ALPM_PKG_VALIDATION_MD5SUM;
+ } else if(strcmp(i->data, "sha256") == 0) {
+ info->validation |= ALPM_PKG_VALIDATION_SHA256SUM;
+ } else if(strcmp(i->data, "pgp") == 0) {
+ info->validation |= ALPM_PKG_VALIDATION_SIGNATURE;
+ } else {
+ _alpm_log(db->handle, ALPM_LOG_WARNING,
+ _("unknown validation type for package %s: %s\n"),
+ info->name, (const char *)i->data);
+ }
+ }
+ FREELIST(v);
} else if(strcmp(line, "%SIZE%") == 0) {
READ_NEXT();
info->isize = _alpm_strtoofft(line);
@@ -817,6 +844,22 @@ int _alpm_local_db_write(alpm_db_t *db, alpm_pkg_t *info, alpm_dbinfrq_t inforeq
fprintf(fp, "%%REASON%%\n"
"%u\n\n", info->reason);
}
+ if(info->validation) {
+ fputs("%VALIDATION%\n", fp);
+ if(info->validation & ALPM_PKG_VALIDATION_NONE) {
+ fputs("none\n", fp);
+ }
+ if(info->validation & ALPM_PKG_VALIDATION_MD5SUM) {
+ fputs("md5\n", fp);
+ }
+ if(info->validation & ALPM_PKG_VALIDATION_SHA256SUM) {
+ fputs("sha256\n", fp);
+ }
+ if(info->validation & ALPM_PKG_VALIDATION_SIGNATURE) {
+ fputs("pgp\n", fp);
+ }
+ fprintf(fp, "\n");
+ }
if(info->depends) {
fputs("%DEPENDS%\n", fp);
for(lp = info->depends; lp; lp = lp->next) {
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
index c076f610..e4469600 100644
--- a/lib/libalpm/be_package.c
+++ b/lib/libalpm/be_package.c
@@ -303,11 +303,12 @@ static alpm_file_t *files_msort(alpm_file_t *files, size_t n)
* sha256sum, and/or base64 signature)
* @param level the required level of signature verification
* @param sigdata signature data from the package to pass back
+ * @param validation successful validations performed on the package file
* @return 0 if package is fully valid, -1 and pm_errno otherwise
*/
int _alpm_pkg_validate_internal(alpm_handle_t *handle,
const char *pkgfile, alpm_pkg_t *syncpkg, alpm_siglevel_t level,
- alpm_siglist_t **sigdata)
+ alpm_siglist_t **sigdata, alpm_pkgvalidation_t *validation)
{
int has_sig;
handle->pm_errno = 0;
@@ -342,6 +343,9 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
if(_alpm_test_checksum(pkgfile, syncpkg->md5sum, ALPM_CSUM_MD5) != 0) {
RET_ERR(handle, ALPM_ERR_PKG_INVALID_CHECKSUM, -1);
}
+ if(validation) {
+ *validation |= ALPM_PKG_VALIDATION_MD5SUM;
+ }
}
if(syncpkg->sha256sum) {
@@ -350,6 +354,9 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
if(_alpm_test_checksum(pkgfile, syncpkg->sha256sum, ALPM_CSUM_SHA256) != 0) {
RET_ERR(handle, ALPM_ERR_PKG_INVALID_CHECKSUM, -1);
}
+ if(validation) {
+ *validation |= ALPM_PKG_VALIDATION_SHA256SUM;
+ }
}
}
@@ -363,6 +370,13 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
handle->pm_errno = ALPM_ERR_PKG_INVALID_SIG;
return -1;
}
+ if(validation && has_sig) {
+ *validation |= ALPM_PKG_VALIDATION_SIGNATURE;
+ }
+ }
+
+ if (validation && !*validation) {
+ *validation = ALPM_PKG_VALIDATION_NONE;
}
return 0;
@@ -496,6 +510,7 @@ alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle,
newpkg->ops = get_file_pkg_ops();
newpkg->handle = handle;
newpkg->infolevel = INFRQ_BASE | INFRQ_DESC | INFRQ_SCRIPTLET;
+ newpkg->validation = ALPM_PKG_VALIDATION_NONE;
if(full) {
if(files) {
@@ -527,10 +542,13 @@ error:
int SYMEXPORT alpm_pkg_load(alpm_handle_t *handle, const char *filename, int full,
alpm_siglevel_t level, alpm_pkg_t **pkg)
{
+ alpm_pkgvalidation_t validation = 0;
+
CHECK_HANDLE(handle, return -1);
ASSERT(pkg != NULL, RET_ERR(handle, ALPM_ERR_WRONG_ARGS, -1));
- if(_alpm_pkg_validate_internal(handle, filename, NULL, level, NULL) == -1) {
+ if(_alpm_pkg_validate_internal(handle, filename, NULL, level, NULL,
+ &validation) == -1) {
/* pm_errno is set by pkg_validate */
return -1;
}
@@ -539,6 +557,7 @@ int SYMEXPORT alpm_pkg_load(alpm_handle_t *handle, const char *filename, int ful
/* pm_errno is set by pkg_load */
return -1;
}
+ (*pkg)->validation = validation;
return 0;
}
diff --git a/lib/libalpm/package.c b/lib/libalpm/package.c
index 5b075634..dbf0d928 100644
--- a/lib/libalpm/package.c
+++ b/lib/libalpm/package.c
@@ -91,6 +91,7 @@ static const char *_pkg_get_packager(alpm_pkg_t *pkg) { return pkg->packager;
static const char *_pkg_get_arch(alpm_pkg_t *pkg) { return pkg->arch; }
static off_t _pkg_get_isize(alpm_pkg_t *pkg) { return pkg->isize; }
static alpm_pkgreason_t _pkg_get_reason(alpm_pkg_t *pkg) { return pkg->reason; }
+static alpm_pkgvalidation_t _pkg_get_validation(alpm_pkg_t *pkg) { return pkg->validation; }
static int _pkg_has_scriptlet(alpm_pkg_t *pkg) { return pkg->scriptlet; }
static alpm_list_t *_pkg_get_licenses(alpm_pkg_t *pkg) { return pkg->licenses; }
@@ -134,6 +135,7 @@ struct pkg_operations default_pkg_ops = {
.get_arch = _pkg_get_arch,
.get_isize = _pkg_get_isize,
.get_reason = _pkg_get_reason,
+ .get_validation = _pkg_get_validation,
.has_scriptlet = _pkg_has_scriptlet,
.get_licenses = _pkg_get_licenses,
@@ -268,6 +270,13 @@ alpm_pkgreason_t SYMEXPORT alpm_pkg_get_reason(alpm_pkg_t *pkg)
return pkg->ops->get_reason(pkg);
}
+alpm_pkgvalidation_t SYMEXPORT alpm_pkg_get_validation(alpm_pkg_t *pkg)
+{
+ ASSERT(pkg != NULL, return -1);
+ pkg->handle->pm_errno = 0;
+ return pkg->ops->get_validation(pkg);
+}
+
alpm_list_t SYMEXPORT *alpm_pkg_get_licenses(alpm_pkg_t *pkg)
{
ASSERT(pkg != NULL, return NULL);
diff --git a/lib/libalpm/package.h b/lib/libalpm/package.h
index ba0779a3..be779b46 100644
--- a/lib/libalpm/package.h
+++ b/lib/libalpm/package.h
@@ -47,6 +47,7 @@ struct pkg_operations {
const char *(*get_arch) (alpm_pkg_t *);
off_t (*get_isize) (alpm_pkg_t *);
alpm_pkgreason_t (*get_reason) (alpm_pkg_t *);
+ alpm_pkgvalidation_t (*get_validation) (alpm_pkg_t *);
int (*has_scriptlet) (alpm_pkg_t *);
alpm_list_t *(*get_licenses) (alpm_pkg_t *);
@@ -96,6 +97,7 @@ struct __alpm_pkg_t {
int scriptlet;
alpm_pkgreason_t reason;
+ alpm_pkgvalidation_t validation;
alpm_dbinfrq_t infolevel;
alpm_pkgfrom_t origin;
/* origin == PKG_FROM_FILE, use pkg->origin_data.file
@@ -133,7 +135,7 @@ void _alpm_pkg_free_trans(alpm_pkg_t *pkg);
int _alpm_pkg_validate_internal(alpm_handle_t *handle,
const char *pkgfile, alpm_pkg_t *syncpkg, alpm_siglevel_t level,
- alpm_siglist_t **sigdata);
+ alpm_siglist_t **sigdata, alpm_pkgvalidation_t *validation);
alpm_pkg_t *_alpm_pkg_load_internal(alpm_handle_t *handle,
const char *pkgfile, int full);
diff --git a/lib/libalpm/sync.c b/lib/libalpm/sync.c
index 7f4ef055..5f698008 100644
--- a/lib/libalpm/sync.c
+++ b/lib/libalpm/sync.c
@@ -972,6 +972,7 @@ static int check_validity(alpm_handle_t *handle,
char *path;
alpm_siglist_t *siglist;
alpm_siglevel_t level;
+ alpm_pkgvalidation_t validation;
alpm_errno_t error;
};
size_t current = 0, current_bytes = 0;
@@ -981,7 +982,7 @@ static int check_validity(alpm_handle_t *handle,
EVENT(handle, ALPM_EVENT_INTEGRITY_START, NULL, NULL);
for(i = handle->trans->add; i; i = i->next, current++) {
- struct validity v = { i->data, NULL, NULL, 0, 0 };
+ struct validity v = { i->data, NULL, NULL, 0, 0, 0 };
int percent = (int)(((double)current_bytes / total_bytes) * 100);
PROGRESS(handle, ALPM_PROGRESS_INTEGRITY_START, "", percent,
@@ -995,7 +996,7 @@ static int check_validity(alpm_handle_t *handle,
v.level = alpm_db_get_siglevel(alpm_pkg_get_db(v.pkg));
if(_alpm_pkg_validate_internal(handle, v.path, v.pkg,
- v.level, &v.siglist) == -1) {
+ v.level, &v.siglist, &v.validation) == -1) {
v.error = handle->pm_errno;
struct validity *invalid = malloc(sizeof(struct validity));
memcpy(invalid, &v, sizeof(struct validity));
@@ -1004,6 +1005,7 @@ static int check_validity(alpm_handle_t *handle,
alpm_siglist_cleanup(v.siglist);
free(v.siglist);
free(v.path);
+ v.pkg->validation = v.validation;
}
}
@@ -1083,6 +1085,8 @@ static int load_packages(alpm_handle_t *handle, alpm_list_t **data,
free(filepath);
/* copy over the install reason */
pkgfile->reason = spkg->reason;
+ /* copy over validation method */
+ pkgfile->validation = spkg->validation;
i->data = pkgfile;
/* spkg has been removed from the target list, so we can free the
* sync-specific fields */