diff options
| author | ticktock35 <ticktock35@e8e0d7a0-c8d9-11dd-a880-a1081c7ac358> | 2008-12-14 23:20:10 (EST) |
|---|---|---|
| committer | ticktock35 <ticktock35@e8e0d7a0-c8d9-11dd-a880-a1081c7ac358> | 2008-12-14 23:20:10 (EST) |
| commit | 080a13effc327e8d9c2419d425e81aedc37c6c89 (patch) | |
| tree | 3a4a7b04e2b393d8695809e084efd8c75abe8d44 /opkg_download.c | |
| parent | 41a2d0807aace08c3f2895d7768594c929edf3cd (diff) | |
opkg: initial implementation of package list signature verification
git-svn-id: http://opkg.googlecode.com/svn/trunk@21 e8e0d7a0-c8d9-11dd-a880-a1081c7ac358
Diffstat (limited to 'opkg_download.c')
| -rw-r--r-- | opkg_download.c | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/opkg_download.c b/opkg_download.c index 8195e51..6370250 100644 --- a/opkg_download.c +++ b/opkg_download.c @@ -18,6 +18,7 @@ */ #include <curl/curl.h> +#include <gpgme.h> #include "opkg.h" #include "opkg_download.h" @@ -152,6 +153,7 @@ int opkg_download(opkg_conf_t *conf, const char *src, const char *dest_file_name curl_easy_setopt (curl, CURLOPT_NOPROGRESS, 0); curl_easy_setopt (curl, CURLOPT_PROGRESSDATA, src); curl_easy_setopt (curl, CURLOPT_PROGRESSFUNCTION, curl_progress_func); + curl_easy_setopt (curl, CURLOPT_FAILONERROR, 1); if (conf->http_proxy || conf->ftp_proxy) { char *userpwd; @@ -163,6 +165,8 @@ int opkg_download(opkg_conf_t *conf, const char *src, const char *dest_file_name res = curl_easy_perform (curl); curl_easy_cleanup (curl); fclose (file); + if (res) + return res; } else @@ -271,3 +275,47 @@ int opkg_prepare_url_for_install(opkg_conf_t *conf, const char *url, char **name } return 0; } + +int +opkg_verify_file (char *text_file, char *sig_file) +{ + int status = -1; + gpgme_ctx_t ctx; + gpgme_data_t sig, text; + gpgme_error_t err = -1; + gpgme_verify_result_t result; + gpgme_signature_t s; + + err = gpgme_new (&ctx); + + if (err) + return -1; + + err = gpgme_data_new_from_file (&sig, sig_file, 1); + if (err) + return -1; + + err = gpgme_data_new_from_file (&text, text_file, 1); + if (err) + return -1; + + err = gpgme_op_verify (ctx, sig, text, NULL); + + result = gpgme_op_verify_result (ctx); + + /* see if any of the signitures matched */ + s = result->signatures; + while (s) + { + status = gpg_err_code (s->status); + if (status == GPG_ERR_NO_ERROR) + break; + s = s->next; + } + + gpgme_data_release (sig); + gpgme_data_release (text); + gpgme_release (ctx); + + return status; +} |