[pacman-dev] [PATCH 2/3] pacman: Add --verifylvl option
Pang Yan Han
pangyanhan at gmail.com
Sun Jun 12 00:15:18 EDT 2011
The --verifylvl option allows the user to change pacman's signature
verification level. It can take in one of "always", "optional", "never", or
their capitalized counterparts.
Signed-off-by: Pang Yan Han <pangyanhan at gmail.com>
---
doc/pacman.8.txt | 7 +++++++
src/pacman/conf.c | 9 +++++++++
src/pacman/conf.h | 4 +++-
src/pacman/pacman.c | 6 ++++++
4 files changed, 25 insertions(+), 1 deletions(-)
diff --git a/doc/pacman.8.txt b/doc/pacman.8.txt
index 531c992..96f4c12 100644
--- a/doc/pacman.8.txt
+++ b/doc/pacman.8.txt
@@ -165,6 +165,13 @@ Options
Bypass any and all ``Are you sure?'' messages. It's not a good idea to do
this unless you want to run pacman from a script.
+*\--verifylvl* <level>::
+ Sets pacman's signature verification level to <level>. Valid values for level
+ are "always", "optional", "never" and their capitalized counterparts. This
+ can be used to override the "VerifySig" option in linkman:pacman.conf[5].
+ If an invalid level is given, pacman will fallback to using the level given
+ in the "VerifySig" option in linkman:pacman.conf[5].
+
Transaction Options (apply to '-S', '-R' and '-U')
--------------------------------------------------
*-d, \--nodeps*::
diff --git a/src/pacman/conf.c b/src/pacman/conf.c
index 13707d0..cf507d9 100644
--- a/src/pacman/conf.c
+++ b/src/pacman/conf.c
@@ -74,6 +74,7 @@ int config_free(config_t *oldconfig)
free(oldconfig->dbpath);
free(oldconfig->logfile);
free(oldconfig->gpgdir);
+ free(oldconfig->verifylvl);
FREELIST(oldconfig->cachedirs);
free(oldconfig->xfercommand);
free(oldconfig->print_format);
@@ -481,6 +482,14 @@ static int setup_libalpm(void)
alpm_option_set_cachedirs(handle, config->cachedirs);
}
+ /* Override signature verification level from command line */
+ if(config->verifylvl) {
+ pgp_verify_t verifylvl = option_verifysig(config->verifylvl);
+ if(verifylvl != PM_PGP_VERIFY_UNKNOWN) {
+ config->sigverify = verifylvl;
+ }
+ }
+
if(config->sigverify != PM_PGP_VERIFY_UNKNOWN) {
alpm_option_set_default_sigverify(handle, config->sigverify);
}
diff --git a/src/pacman/conf.h b/src/pacman/conf.h
index 4c44bfd..7d98729 100644
--- a/src/pacman/conf.h
+++ b/src/pacman/conf.h
@@ -45,6 +45,7 @@ typedef struct __config_t {
char *dbpath;
char *logfile;
char *gpgdir;
+ char *verifylvl;
alpm_list_t *cachedirs;
unsigned short op_q_isfile;
@@ -123,7 +124,8 @@ enum {
OP_ASEXPLICIT,
OP_ARCH,
OP_PRINTFORMAT,
- OP_GPGDIR
+ OP_GPGDIR,
+ OP_VERIFYLVL
};
/* clean method */
diff --git a/src/pacman/pacman.c b/src/pacman/pacman.c
index afc79f6..0c200db 100644
--- a/src/pacman/pacman.c
+++ b/src/pacman/pacman.c
@@ -205,6 +205,8 @@ static void usage(int op, const char * const myname)
addlist(_(" --gpgdir <path> set an alternate home directory for GnuPG\n"));
addlist(_(" --logfile <path> set an alternate log file\n"));
addlist(_(" --noconfirm do not ask for any confirmation\n"));
+ addlist(_(" --verifylvl <lvl>\n"
+ " set an alternate signature verification level\n"));
}
list = alpm_list_msort(list, alpm_list_count(list), options_cmp);
for (i = list; i; i = alpm_list_next(i)) {
@@ -431,6 +433,9 @@ static int parsearg_global(int opt)
config->logfile = strndup(optarg, PATH_MAX);
break;
case OP_NOCONFIRM: config->noconfirm = 1; break;
+ case OP_VERIFYLVL:
+ config->verifylvl = strdup(optarg);
+ break;
case 'b':
check_optarg();
config->dbpath = strdup(optarg);
@@ -628,6 +633,7 @@ static int parseargs(int argc, char *argv[])
{"arch", required_argument, 0, OP_ARCH},
{"print-format", required_argument, 0, OP_PRINTFORMAT},
{"gpgdir", required_argument, 0, OP_GPGDIR},
+ {"verifylvl", required_argument, 0, OP_VERIFYLVL},
{0, 0, 0, 0}
};
--
1.7.6.rc0
More information about the pacman-dev
mailing list