libalpm
Arch Linux Package Manager Library
|
#include "alpm.h"
Go to the source code of this file.
Functions | |
char * | _alpm_sigpath (alpm_handle_t *handle, const char *path) |
Form a signature path given a file path. | |
int | _alpm_gpgme_checksig (alpm_handle_t *handle, const char *path, const char *base64_sig, alpm_siglist_t *result) |
Check the PGP signature for the given file path. | |
int | _alpm_check_pgp_helper (alpm_handle_t *handle, const char *path, const char *base64_sig, int optional, int marginal, int unknown, alpm_siglist_t **sigdata) |
Helper for checking the PGP signature for the given file path. | |
int | _alpm_process_siglist (alpm_handle_t *handle, const char *identifier, alpm_siglist_t *siglist, int optional, int marginal, int unknown) |
Examine a signature result list and take any appropriate or necessary actions. |
int _alpm_check_pgp_helper | ( | alpm_handle_t * | handle, |
const char * | path, | ||
const char * | base64_sig, | ||
int | optional, | ||
int | marginal, | ||
int | unknown, | ||
alpm_siglist_t ** | sigdata | ||
) |
Helper for checking the PGP signature for the given file path.
This wraps _alpm_gpgme_checksig in a slightly friendlier manner to simplify handling of optional signatures and marginal/unknown trust levels and handling the correct error code return values.
handle | the context handle |
path | the full path to a file |
base64_sig | optional PGP signature data in base64 encoding |
optional | whether signatures are optional (e.g., missing OK) |
marginal | whether signatures with marginal trust are acceptable |
unknown | whether signatures with unknown trust are acceptable |
sigdata | a pointer to storage for signature results |
Definition at line 672 of file signing.c.
References _alpm_gpgme_checksig(), _alpm_log(), ALPM_ERR_MEMORY, ALPM_ERR_SIG_MISSING, ALPM_LOG_DEBUG, alpm_siglist_cleanup(), ALPM_SIGSTATUS_INVALID, ALPM_SIGSTATUS_KEY_DISABLED, ALPM_SIGSTATUS_KEY_EXPIRED, ALPM_SIGSTATUS_KEY_UNKNOWN, ALPM_SIGSTATUS_SIG_EXPIRED, ALPM_SIGSTATUS_VALID, ALPM_SIGVALIDITY_FULL, ALPM_SIGVALIDITY_MARGINAL, ALPM_SIGVALIDITY_NEVER, ALPM_SIGVALIDITY_UNKNOWN, CALLOC, _alpm_siglist_t::count, __alpm_handle_t::pm_errno, _alpm_siglist_t::results, RET_ERR, _alpm_sigresult_t::status, and _alpm_sigresult_t::validity.
Referenced by _alpm_pkg_validate_internal().
int _alpm_gpgme_checksig | ( | alpm_handle_t * | handle, |
const char * | path, | ||
const char * | base64_sig, | ||
alpm_siglist_t * | siglist | ||
) |
Check the PGP signature for the given file path.
If base64_sig is provided, it will be used as the signature data after decoding. If base64_sig is NULL, expect a signature file next to path (e.g. "%s.sig").
The return value will be 0 if nothing abnormal happened during the signature check, and -1 if an error occurred while checking signatures or if a signature could not be found; pm_errno will be set. Note that "abnormal" does not include a failed signature; the value in siglist should be checked to determine if the signature(s) are good.
handle | the context handle |
path | the full path to a file |
base64_sig | optional PGP signature data in base64 encoding |
siglist | a pointer to storage for signature results |
Definition at line 409 of file signing.c.
References _, _alpm_access(), _alpm_log(), _alpm_sigpath(), ALPM_ERR_GPGME, ALPM_ERR_MEMORY, ALPM_ERR_NOT_A_FILE, ALPM_ERR_SIG_INVALID, ALPM_ERR_SIG_MISSING, ALPM_ERR_WRONG_ARGS, alpm_list_free(), ALPM_LOG_DEBUG, ALPM_LOG_ERROR, ALPM_SIGSTATUS_INVALID, ALPM_SIGSTATUS_KEY_DISABLED, ALPM_SIGSTATUS_KEY_EXPIRED, ALPM_SIGSTATUS_KEY_UNKNOWN, ALPM_SIGSTATUS_SIG_EXPIRED, ALPM_SIGSTATUS_VALID, ALPM_SIGVALIDITY_FULL, ALPM_SIGVALIDITY_MARGINAL, ALPM_SIGVALIDITY_NEVER, ALPM_SIGVALIDITY_UNKNOWN, CALLOC, CHECK_ERR, _alpm_siglist_t::count, _alpm_pgpkey_t::created, __alpm_list_t::data, _alpm_pgpkey_t::data, _alpm_pgpkey_t::email, _alpm_pgpkey_t::expires, _alpm_pgpkey_t::fingerprint, FREE, _alpm_sigresult_t::key, _alpm_pgpkey_t::name, __alpm_list_t::next, __alpm_handle_t::pm_errno, _alpm_siglist_t::results, RET_ERR, _alpm_sigresult_t::status, STRDUP, _alpm_pgpkey_t::uid, and _alpm_sigresult_t::validity.
Referenced by _alpm_check_pgp_helper(), alpm_db_check_pgp_signature(), and alpm_pkg_check_pgp_signature().
int _alpm_process_siglist | ( | alpm_handle_t * | handle, |
const char * | identifier, | ||
alpm_siglist_t * | siglist, | ||
int | optional, | ||
int | marginal, | ||
int | unknown | ||
) |
Examine a signature result list and take any appropriate or necessary actions.
This may include asking the user to import a key or simply printing helpful failure messages so the user can take action out of band.
handle | the context handle |
identifier | a friendly name for the signed resource; usually a database or package name |
siglist | a pointer to storage for signature results |
optional | whether signatures are optional (e.g., missing OK) |
marginal | whether signatures with marginal trust are acceptable |
unknown | whether signatures with unknown trust are acceptable |
Definition at line 759 of file signing.c.
References _, _alpm_access(), _alpm_log(), ALPM_LOG_DEBUG, ALPM_LOG_ERROR, ALPM_LOG_WARNING, ALPM_QUESTION_IMPORT_KEY, ALPM_SIGSTATUS_INVALID, ALPM_SIGSTATUS_KEY_DISABLED, ALPM_SIGSTATUS_KEY_EXPIRED, ALPM_SIGSTATUS_KEY_UNKNOWN, ALPM_SIGSTATUS_SIG_EXPIRED, ALPM_SIGSTATUS_VALID, ALPM_SIGVALIDITY_FULL, ALPM_SIGVALIDITY_MARGINAL, ALPM_SIGVALIDITY_NEVER, ALPM_SIGVALIDITY_UNKNOWN, _alpm_siglist_t::count, _alpm_pgpkey_t::data, _alpm_pgpkey_t::fingerprint, __alpm_handle_t::gpgdir, _alpm_sigresult_t::key, QUESTION, _alpm_siglist_t::results, _alpm_sigresult_t::status, _alpm_pgpkey_t::uid, and _alpm_sigresult_t::validity.
char* _alpm_sigpath | ( | alpm_handle_t * | handle, |
const char * | path | ||
) |
Form a signature path given a file path.
Caller must free the result.
handle | the context handle |
path | the full path to a file |
Definition at line 644 of file signing.c.
References ALPM_ERR_MEMORY, CALLOC, and RET_ERR.
Referenced by _alpm_gpgme_checksig(), _alpm_pkg_validate_internal(), and alpm_db_update().