Do not reuse old signature

After updating a database, remove the old signature to prevent it
being used in validation if the new signature fails to download.

Signed-off-by: Allan McRae <allan@archlinux.org>

2 files changed, 10 insertions, 3 deletions

diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c
index ed55b3bb..756f784f 100644
--- a/lib/libalpm/be_sync.c
+++ b/lib/libalpm/be_sync.c
@@ -139,14 +139,21 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db)
 
 	/* Download and check the signature of the database if needed */
 	if(db->pgp_verify != PM_PGP_VERIFY_NEVER) {
-		char *sigfile;
+		char *sigfile, *sigfilepath;
 		int sigret;
 
 		len = strlen(dbfile) + 5;
 		MALLOC(sigfile, len, RET_ERR(PM_ERR_MEMORY, -1));
 		sprintf(sigfile, "%s.sig", dbfile);
 
-		sigret = _alpm_download_single_file(sigfile, db->servers, syncpath, 1);
+		/* prevent old signature being used if the following download fails */
+		len = strlen(syncpath) + strlen(sigfile) + 1;
+		MALLOC(sigfilepath, len, RET_ERR(PM_ERR_MEMORY, -1));
+		sprintf(sigfilepath, "%s%s", syncpath, sigfile);
+		_alpm_rmrf(sigfilepath);
+		free(sigfilepath);
+
+		sigret = _alpm_download_single_file(sigfile, db->servers, syncpath, 0);
 		free(sigfile);
 
 		if(sigret == -1 && db->pgp_verify == PM_PGP_VERIFY_ALWAYS) {
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c
index 0434d996..c30650b1 100644
--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@@ -147,7 +147,7 @@ int _alpm_gpgme_checksig(const char *path, const pmpgpsig_t *sig)
 	err = gpgme_op_verify(ctx, sigdata, filedata, NULL);
 	CHECK_ERR();
 	result = gpgme_op_verify_result(ctx);
-		gpgsig = result->signatures;
+	gpgsig = result->signatures;
 	if (!gpgsig || gpgsig->next) {
 		_alpm_log(PM_LOG_ERROR, _("Unexpected number of signatures\n"));
 		ret = -1;