Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/lib/libalpm/be_package.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libalpm/be_package.c')
-rw-r--r--lib/libalpm/be_package.c34
1 files changed, 27 insertions, 7 deletions
diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c
index 6e65c7dd..20445756 100644
--- a/lib/libalpm/be_package.c
+++ b/lib/libalpm/be_package.c
@@ -226,9 +226,10 @@ static int parse_descfile(struct archive *a, pmpkg_t *newpkg)
* through the full archive
* @return An information filled pmpkg_t struct
*/
-static pmpkg_t *pkg_load(const char *pkgfile, int full)
+pmpkg_t *_alpm_pkg_load_internal(const char *pkgfile, int full,
+ const char *md5sum, const char *base64_sig, pgp_verify_t check_sig)
{
- int ret = ARCHIVE_OK;
+ int ret;
int config = 0;
struct archive *archive;
struct archive_entry *entry;
@@ -254,6 +255,27 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full)
RET_ERR(PM_ERR_PKG_OPEN, NULL);
}
+ /* first steps- validate the package file */
+ _alpm_log(PM_LOG_DEBUG, "md5sum: %s\n", md5sum);
+ if(md5sum) {
+ _alpm_log(PM_LOG_DEBUG, "checking md5sum for %s\n", pkgfile);
+ if(_alpm_test_md5sum(pkgfile, md5sum) != 0) {
+ alpm_pkg_free(newpkg);
+ RET_ERR(PM_ERR_PKG_INVALID, NULL);
+ }
+ }
+
+ _alpm_log(PM_LOG_DEBUG, "base64_sig: %s\n", base64_sig);
+ if(check_sig != PM_PGP_VERIFY_NEVER) {
+ _alpm_log(PM_LOG_DEBUG, "checking signature for %s\n", pkgfile);
+ ret = _alpm_gpgme_checksig(pkgfile, base64_sig);
+ if((check_sig == PM_PGP_VERIFY_ALWAYS && ret != 0) ||
+ (check_sig == PM_PGP_VERIFY_OPTIONAL && ret == 1)) {
+ RET_ERR(PM_ERR_SIG_INVALID, NULL);
+ }
+ }
+
+ /* next- try to create an archive object to read in the package */
if((archive = archive_read_new()) == NULL) {
alpm_pkg_free(newpkg);
RET_ERR(PM_ERR_LIBARCHIVE, NULL);
@@ -332,7 +354,6 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full)
/* internal fields for package struct */
newpkg->origin = PKG_FROM_FILE;
- /* TODO eventually kill/move this? */
newpkg->origin_data.file = strdup(pkgfile);
newpkg->ops = get_file_pkg_ops();
@@ -359,16 +380,15 @@ error:
return NULL;
}
-int SYMEXPORT alpm_pkg_load(const char *filename, int full, pmpkg_t **pkg)
+int SYMEXPORT alpm_pkg_load(const char *filename, int full,
+ pgp_verify_t check_sig, pmpkg_t **pkg)
{
ALPM_LOG_FUNC;
/* Sanity checks */
- ASSERT(filename != NULL && strlen(filename) != 0,
- RET_ERR(PM_ERR_WRONG_ARGS, -1));
ASSERT(pkg != NULL, RET_ERR(PM_ERR_WRONG_ARGS, -1));
- *pkg = pkg_load(filename, full);
+ *pkg = _alpm_pkg_load_internal(filename, full, NULL, NULL, check_sig);
if(*pkg == NULL) {
/* pm_errno is set by pkg_load */
return -1;