Add status and check for key being disabled

Because we aren't using gpgv and a dedicated keyring that is known to be all safe, we should honor this flag being set on a given key in the keyring to know to not honor it. This prevents a key from being reimported that a user does not want to be used- instead of deleting, one should mark it as disabled. Signed-off-by: Dan McGee <dan@archlinux.org>
2025-01-08 12:28:00 -05:00 · 2011-09-21 15:30:12 -05:00 · 2011-09-21 15:30:12 -05:00 · 6767de5380
commit 6767de5380
parent 213950afa3
3 changed files with 17 additions and 2 deletions
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@ -117,6 +117,7 @@ typedef enum _alpm_sigstatus_t {
 	ALPM_SIGSTATUS_KEY_EXPIRED,
 	ALPM_SIGSTATUS_SIG_EXPIRED,
 	ALPM_SIGSTATUS_KEY_UNKNOWN,
+	ALPM_SIGSTATUS_KEY_DISABLED,
 	ALPM_SIGSTATUS_INVALID
 } alpm_sigstatus_t;

--- a/lib/libalpm/signing.c
+++ b/lib/libalpm/signing.c
@ -476,8 +476,10 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path,
 				result->key.email = key->uids->email;
 				result->key.created = key->subkeys->timestamp;
 				result->key.expires = key->subkeys->expires;
-				_alpm_log(handle, ALPM_LOG_DEBUG, "key: %s, %s, owner_trust %s\n",
-						key->subkeys->fpr, key->uids->uid, string_validity(key->owner_trust));
+				_alpm_log(handle, ALPM_LOG_DEBUG,
+						"key: %s, %s, owner_trust %s, disabled %d\n",
+						key->subkeys->fpr, key->uids->uid,
+						string_validity(key->owner_trust), key->disabled);
 			}
 		}

@ -501,6 +503,10 @@ int _alpm_gpgme_checksig(alpm_handle_t *handle, const char *path,
 				status = ALPM_SIGSTATUS_INVALID;
 				break;
 		}
+		/* special case: key disabled is not returned in above status code */
+		if(result->key.data && key->disabled) {
+			status = ALPM_SIGSTATUS_KEY_DISABLED;
+		}

 		switch(gpgsig->validity) {
 			case GPGME_VALIDITY_ULTIMATE:
@ -642,6 +648,7 @@ int _alpm_check_pgp_helper(alpm_handle_t *handle, const char *path,
 					break;
 				case ALPM_SIGSTATUS_SIG_EXPIRED:
 				case ALPM_SIGSTATUS_KEY_UNKNOWN:
+				case ALPM_SIGSTATUS_KEY_DISABLED:
 				case ALPM_SIGSTATUS_INVALID:
 					_alpm_log(handle, ALPM_LOG_DEBUG, "signature is not valid\n");
 					ret = -1;
@ -745,6 +752,10 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier,
 					gpgme_key_unref(fetch_key.data);
 				}
 				break;
+			case ALPM_SIGSTATUS_KEY_DISABLED:
+				_alpm_log(handle, ALPM_LOG_ERROR,
+						_("%s: key \"%s\" is disabled\n"), identifier, name);
+				break;
 			case ALPM_SIGSTATUS_SIG_EXPIRED:
 				_alpm_log(handle, ALPM_LOG_ERROR,
 						_("%s: signature from \"%s\" is expired\n"), identifier, name);
--- a/src/pacman/util.c
+++ b/src/pacman/util.c
@ -707,6 +707,9 @@ void signature_display(const char *title, alpm_siglist_t *siglist)
 				case ALPM_SIGSTATUS_KEY_UNKNOWN:
 					status = _("Key unknown");
 					break;
+				case ALPM_SIGSTATUS_KEY_DISABLED:
+					status = _("Key disabled");
+					break;
 				default:
 					status = _("Signature error");
 					break;