From d98468515a2f96c3a6c5bd824aada6817912a2ea Mon Sep 17 00:00:00 2001 From: Juan RP Date: Sat, 30 Nov 2013 08:30:25 +0100 Subject: [PATCH] Fix #25 correctly: compare against repo->signature. --- bin/xbps-rindex/sign.c | 20 ++++++++++---------- lib/repo.c | 3 --- 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/bin/xbps-rindex/sign.c b/bin/xbps-rindex/sign.c index 510b3265..6e678387 100644 --- a/bin/xbps-rindex/sign.c +++ b/bin/xbps-rindex/sign.c @@ -149,7 +149,7 @@ sign_repo(struct xbps_handle *xhp, const char *repodir, repo = xbps_repo_open(xhp, repodir); if (repo == NULL) { fprintf(stderr, "cannot read repository data: %s\n", strerror(errno)); - goto out; + return -1; } if (xbps_dictionary_count(repo->idx) == 0) { fprintf(stderr, "invalid number of objects in repository index!\n"); @@ -182,22 +182,22 @@ sign_repo(struct xbps_handle *xhp, const char *repodir, free(xml); goto out; } + /* + * If the signature in repo has not changed do not generate the + * repodata file again. + */ + if (xbps_data_equals_data(repo->signature, sig, siglen)) { + fprintf(stderr, "Not signing again, matched signature found.\n"); + rv = 0; + goto out; + } /* * Prepare the XBPS_REPOIDX_META for our repository data. */ meta = xbps_dictionary_create(); xbps_dictionary_set_cstring_nocopy(meta, "signature-by", signedby); xbps_dictionary_set_cstring_nocopy(meta, "signature-type", "rsa"); - /* - * If the signature in repo has not changed do not generate the - * repodata file again. - */ data = xbps_data_create_data_nocopy(sig, siglen); - if (xbps_data_equals_data(data, sig, siglen)) { - fprintf(stderr, "Not signing again, matched signature found.\n"); - rv = 0; - goto out; - } xbps_dictionary_set(meta, "signature", data); buf = pubkey_from_privkey(rsa); diff --git a/lib/repo.c b/lib/repo.c index 6e9f237b..34bdfa73 100644 --- a/lib/repo.c +++ b/lib/repo.c @@ -156,9 +156,6 @@ xbps_repo_open(struct xbps_handle *xhp, const char *url) repo = NULL; goto out; } - if (!is_remote) - goto out; - if ((meta = repo_get_dict(repo, XBPS_REPOIDX_META))) { repo->is_signed = true; repo->signature = xbps_dictionary_get(meta, "signature");