libpakfire: Add more debugging to archive verification

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/libpakfire/archive.c b/src/libpakfire/archive.c
index 405cd1969a7c6d3234117dcba40045cb54337807..08ce25f344bc5af697db7abf29c158c33754d91a 100644 (file)
--- a/src/libpakfire/archive.c
+++ b/src/libpakfire/archive.c
@@ -830,30 +830,38 @@ PAKFIRE_EXPORT PakfireArchiveSignature* pakfire_archive_get_signatures(PakfireAr
 }
 
 static pakfire_archive_verify_status_t pakfire_archive_verify_checksums(PakfireArchive archive) {
+       DEBUG(archive->pakfire, "Verifying checksums of %p\n", archive);
+
        pakfire_archive_verify_status_t status = PAKFIRE_ARCHIVE_VERIFY_INVALID;
 
        // Cannot validate anything if no signatures are available
        PakfireArchiveSignature* signatures = pakfire_archive_get_signatures(archive);
        if (!signatures) {
-               DEBUG(archive->pakfire, "Archive %p does not have any signatures\n", archive);
+               ERROR(archive->pakfire, "Archive %p does not have any signatures\n", archive);
                return PAKFIRE_ARCHIVE_VERIFY_OK;
        }
 
-       char* data = NULL;
+       const char* data = NULL;
        size_t size = 0;
        gpgme_error_t error;
 
        // Load the checksums file
        int r = pakfire_archive_read(archive, PAKFIRE_ARCHIVE_FN_CHECKSUMS,
                (void *)&data, &size, 0);
-       if (r)
+       if (r) {
+               ERROR(archive->pakfire, "Could not read %s from archive %p\n",
+                       PAKFIRE_ARCHIVE_FN_CHECKSUMS, archive);
                return status;
+       }
 
        // Convert into gpgme data object
        gpgme_data_t signed_text;
        error = gpgme_data_new_from_mem(&signed_text, data, size, 0);
-       if (error != GPG_ERR_NO_ERROR)
+       if (error != GPG_ERR_NO_ERROR) {
+               ERROR(archive->pakfire, "Could not load signed text: %s\n%s\n",
+                       gpgme_strerror(status), data);
                return -1;
+       }
 
        // Get GPG context
        gpgme_ctx_t gpgctx = pakfire_get_gpgctx(archive->pakfire);
@@ -864,8 +872,12 @@ static pakfire_archive_verify_status_t pakfire_archive_verify_checksums(PakfireA
 
                gpgme_data_t sigdata;
                error = gpgme_data_new_from_mem(&sigdata, signature->sigdata, strlen(signature->sigdata), 0);
-               if (error != GPG_ERR_NO_ERROR)
+               if (error != GPG_ERR_NO_ERROR) {
+                       ERROR(archive->pakfire, "Could not load signature:\n%s\n", signature->sigdata);
                        continue;
+               }
+
+               DEBUG(archive->pakfire, "Validating signature %p\n", signature);
 
                // Perform verification
                error = gpgme_op_verify(gpgctx, sigdata, signed_text, NULL);
@@ -1005,6 +1017,8 @@ FAIL:
 }
 
 PAKFIRE_EXPORT pakfire_archive_verify_status_t pakfire_archive_verify(PakfireArchive archive) {
+       DEBUG(archive->pakfire, "Verifying archive %p\n", archive);
+
        // Verify that checksums file is signed with a valid key
        pakfire_archive_verify_status_t status = pakfire_archive_verify_checksums(archive);
        if (status)