}
static PyObject* Archive_verify(ArchiveObject* self) {
- pakfire_archive_verify_status_t status = pakfire_archive_verify(self->archive);
+ pakfire_archive_verify_status_t status;
- // Return True if everything is fine
- if (status == PAKFIRE_ARCHIVE_VERIFY_OK || status == PAKFIRE_ARCHIVE_VERIFY_KEY_EXPIRED)
- Py_RETURN_TRUE;
+ // Verify this archive
+ int r = pakfire_archive_verify(self->archive, &status);
+ if (r) {
+ PyErr_SetFromErrno(PyExc_OSError);
+ return NULL;
+ }
- // Raise an exception if not okay
- PyErr_SetString(PyExc_BadSignatureError, pakfire_archive_verify_strerror(status));
+ // Evaluate result
+ switch (status) {
+ // Good
+ case PAKFIRE_ARCHIVE_VERIFY_OK:
+ case PAKFIRE_ARCHIVE_VERIFY_KEY_EXPIRED:
+ Py_RETURN_TRUE;
+
+ // Bad
+ default:
+ PyErr_SetString(PyExc_BadSignatureError,
+ pakfire_archive_verify_strerror(status));
+ break;
+ }
return NULL;
}
return r;
}
-PAKFIRE_EXPORT pakfire_archive_verify_status_t pakfire_archive_verify(struct pakfire_archive* archive) {
+PAKFIRE_EXPORT int pakfire_archive_verify(struct pakfire_archive* archive,
+ pakfire_archive_verify_status_t* status) {
DEBUG(archive->pakfire, "Verifying archive %p\n", archive);
// Return previous result if this has already been called
- if (archive->verify != PAKFIRE_ARCHIVE_VERIFY_UNKNOWN)
- return archive->verify;
-
- int r = pakfire_archive_verify_signatures(archive);
- if (r)
- return r;
+ if (archive->verify == PAKFIRE_ARCHIVE_VERIFY_UNKNOWN) {
+ // Verify all sigantures
+ int r = pakfire_archive_verify_signatures(archive);
+ if (r)
+ return r;
+ }
- return PAKFIRE_ARCHIVE_VERIFY_OK; // XXX DEBUG
+ // Store result
+ *status = archive->verify;
- int status = 0;
+ return 0;
+#if 0
// Open the archive file
struct archive* a;
- r = open_archive(archive, &a);
+ int r = open_archive(archive, &a);
if (r)
return PAKFIRE_ARCHIVE_VERIFY_ERROR;
struct pakfire_filelist* pakfire_archive_get_filelist(struct pakfire_archive* archive);
-pakfire_archive_verify_status_t pakfire_archive_verify(struct pakfire_archive* archive);
+int pakfire_archive_verify(struct pakfire_archive* archive,
+ pakfire_archive_verify_status_t* status);
const char* pakfire_archive_verify_strerror(pakfire_archive_verify_status_t status);
size_t pakfire_archive_get_size(struct pakfire_archive* archive);
if (!archive)
return 0;
+ pakfire_archive_verify_status_t status;
+
// Verify the archive
- pakfire_archive_verify_status_t status = pakfire_archive_verify(archive);
+ int r = pakfire_archive_verify(archive, &status);
+ if (r)
+ return r;
+
+ // This function will return a binary status which is zero for success and
+ // anything else for errors, etc...
+ switch (status) {
+ // Good
+ case PAKFIRE_ARCHIVE_VERIFY_OK:
+ case PAKFIRE_ARCHIVE_VERIFY_KEY_EXPIRED:
+ return 0;
- // Log error
- if (status) {
- const char* error = pakfire_archive_verify_strerror(status);
- ERROR(transaction->pakfire, "Archive verification failed: %s\n", error);
+ // Bad
+ default:
+ ERROR(transaction->pakfire, "Archive verification failed: %s\n",
+ pakfire_archive_verify_strerror(status));
+ break;
}
- return status;
+ return 1;
}
static int pakfire_transaction_run_script(struct pakfire_transaction* transaction,
projects / pakfire.git / commitdiff
