pakfire_archive_verify_status_t status;
// Verify this archive
- int r = pakfire_archive_verify(self->archive, &status);
+ int r = pakfire_archive_verify(self->archive, &status, NULL);
if (r) {
PyErr_SetFromErrno(PyExc_OSError);
return NULL;
/*
This function walks through the archive looking for signatures and verifies them
*/
-static int pakfire_archive_verify_signatures(struct pakfire_archive* archive) {
+static int pakfire_archive_verify_signatures(struct pakfire_archive* archive,
+ struct pakfire_key*** keys) {
char* buffer = NULL;
size_t size = 0;
}
PAKFIRE_EXPORT int pakfire_archive_verify(struct pakfire_archive* archive,
- pakfire_archive_verify_status_t* status) {
+ pakfire_archive_verify_status_t* status, struct pakfire_key*** keys) {
+ int r;
+
DEBUG(archive->pakfire, "Verifying archive %p\n", archive);
// Return previous result if this has already been called
if (archive->verify == PAKFIRE_ARCHIVE_VERIFY_UNKNOWN) {
// Verify all signatures
- int r = pakfire_archive_verify_signatures(archive);
+ int r = pakfire_archive_verify_signatures(archive, keys);
if (r)
- return r;
+ goto ERROR;
// Verify checksums
r = pakfire_archive_verify_checksums(archive, PAKFIRE_ARCHIVE_VERIFY_BEST);
if (r)
- return r;
+ goto ERROR;
}
// Store result
*status = archive->verify;
return 0;
+
+ERROR:
+ if (keys && *keys) {
+ for (struct pakfire_key** key = *keys; *key; key++)
+ pakfire_key_unref(*key);
+ free(*keys);
+ }
+
+ return r;
}
PAKFIRE_EXPORT const char* pakfire_archive_verify_strerror(pakfire_archive_verify_status_t status) {
struct pakfire_archive;
#include <pakfire/filelist.h>
+#include <pakfire/key.h>
#include <pakfire/package.h>
#include <pakfire/repo.h>
#include <pakfire/scriptlet.h>
struct pakfire_filelist* pakfire_archive_get_filelist(struct pakfire_archive* archive);
int pakfire_archive_verify(struct pakfire_archive* archive,
- pakfire_archive_verify_status_t* status);
+ pakfire_archive_verify_status_t* status, struct pakfire_key*** keys);
const char* pakfire_archive_verify_strerror(pakfire_archive_verify_status_t status);
int pakfire_archive_sign(struct pakfire_archive* archive, struct pakfire_key* key);
pakfire_archive_verify_status_t status;
// Verify the archive
- int r = pakfire_archive_verify(archive, &status);
+ int r = pakfire_archive_verify(archive, &status, NULL);
if (r)
return r;
projects / pakfire.git / commitdiff
