libxbps: stop and error out if pkg signature is not valid.

2015-05-09 06:27:03 +02:00 · 2015-05-09 06:27:03 +02:00 · da74e3dd9e
commit da74e3dd9e
parent b22d557287
2 changed files with 5 additions and 3 deletions
--- a/3
+++ b/3
@ -1,5 +1,8 @@
 xbps-0.45 (???):

+ * libxbps: if a pkg signature file cannot be verified, don't continue processing
+   other files, stop and return error immediately.
+
 * xbps-remove(8): fixed regression while removing recursively packages, don't remove
   all package orphans, this task belongs to -o not -R.

--- a/lib/transaction_commit.c
+++ b/lib/transaction_commit.c
@ -95,10 +95,9 @@ check_binpkgs(struct xbps_handle *xhp, xbps_object_iterator_t iter)
 			    "%s: verifying RSA signature...", pkgver);

 			if (!xbps_verify_file_signature(repo, binfile)) {
-				rv = errno;
+				rv = EPERM;
 				xbps_set_cb_state(xhp, XBPS_STATE_VERIFY_FAIL, rv, pkgver,
-				    "%s: the RSA signature is not valid: %s", pkgver,
-				    strerror(rv));
+				    "%s: the RSA signature is not valid!", pkgver);
 				free(binfile);
 				break;
 			}