Use to override the global SigLevel value for upgrade operations.

e.g. when installing a package without a signature:

Fails to install:
SigLevel = Optional
UpgradeSigLevel = Required

Fails to install:
SigLevel = Required

Installs:
SigLevel = Required
UpgradeSigLevel = Optional

Installs:
SigLevel = Optional

Signed-off-by: Allan McRae <allan@archlinux.org>
---

The main issue I see here is that UpgradeSigLevel must come after the global
SigLevel value. Otherwise the only way I see to use the value of SigLevel as
a default for UpgradeSigLevel requires much code duplication.

lib/libalpm/alpm.h | 3 +++
lib/libalpm/handle.c | 21 +++++++++++++++++++++
lib/libalpm/handle.h | 1 +
src/pacman/conf.c | 10 ++++++++++
src/pacman/conf.h | 1 +
src/pacman/upgrade.c | 2 +-
6 files changed, 37 insertions(+), 1 deletions(-)

diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h
index 1751c81..d201748 100644
--- a/lib/libalpm/alpm.h
+++ b/lib/libalpm/alpm.h
@@ -544,6 +544,9 @@ int alpm_option_set_checkspace(alpm_handle_t *handle, int checkspace);
alpm_siglevel_t alpm_option_get_default_siglevel(alpm_handle_t *handle);
int alpm_option_set_default_siglevel(alpm_handle_t *handle, alpm_siglevel_t level);

+alpm_siglevel_t alpm_option_get_upgrade_siglevel(alpm_handle_t *handle);
+int alpm_option_set_upgrade_siglevel(alpm_handle_t *handle, alpm_siglevel_t level);
+
/** @} */

/** @addtogroup alpm_api_databases Database Functions
diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c
index 6518b7d..e574551 100644
--- a/lib/libalpm/handle.c
+++ b/lib/libalpm/handle.c
@@ -628,4 +628,25 @@ alpm_siglevel_t SYMEXPORT alpm_option_get_default_siglevel(alpm_handle_t *handle
return handle->siglevel;
}

+int SYMEXPORT alpm_option_set_upgrade_siglevel(alpm_handle_t *handle,
+ alpm_siglevel_t level)
+{
+ CHECK_HANDLE(handle, return -1);
+#ifdef HAVE_LIBGPGME
+ handle->upgradesiglevel = level;
+#else
+ if(level != 0 && level != ALPM_SIG_USE_DEFAULT) {
+ RET_ERR(handle, ALPM_ERR_WRONG_ARGS, -1);
+ }
+#endif
+ return 0;
+}
+
+alpm_siglevel_t SYMEXPORT alpm_option_get_upgrade_siglevel(alpm_handle_t *handle)
+{
+ CHECK_HANDLE(handle, return -1);
+ return handle->upgradesiglevel;
+}
+
+
/* vim: set ts=2 sw=2 noet: */
diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h
index 1f147d6..8535c2b 100644
--- a/lib/libalpm/handle.h
+++ b/lib/libalpm/handle.h
@@ -91,6 +91,7 @@ struct __alpm_handle_t {
int usedelta; /* Download deltas if possible */
int checkspace; /* Check disk space before installing */
alpm_siglevel_t siglevel; /* Default signature verification level */
+ alpm_siglevel_t upgradesiglevel; /* Signature verification level for upgrade operations */

/* error code */
alpm_errno_t pm_errno;
diff --git a/src/pacman/conf.c b/src/pacman/conf.c
index 117aecd4..abcc4fd 100644
--- a/src/pacman/conf.c
+++ b/src/pacman/conf.c
@@ -469,6 +469,15 @@ static int _parse_options(const char *key, char *value,
FREELIST(values);
return 1;
}
+ config->upgradesiglevel = config->siglevel;
+ FREELIST(values);
+ } else if(strcmp(key, "UpgradeSigLevel") == 0) {
+ alpm_list_t *values = NULL;
+ setrepeatingoption(value, "UpgradeSigLevel", &values);
+ if(process_siglevel(values, &config->upgradesiglevel, file, linenum)) {
+ FREELIST(values);
+ return 1;
+ }
FREELIST(values);
} else {
pm_printf(ALPM_LOG_WARNING,
@@ -591,6 +600,7 @@ static int setup_libalpm(void)
}

alpm_option_set_default_siglevel(handle, config->siglevel);
+ alpm_option_set_upgrade_siglevel(handle, config->upgradesiglevel);

if(config->xfercommand) {
alpm_option_set_fetchcb(handle, download_with_xfercommand);
diff --git a/src/pacman/conf.h b/src/pacman/conf.h
index 325fbb6..9c8d944 100644
--- a/src/pacman/conf.h
+++ b/src/pacman/conf.h
@@ -72,6 +72,7 @@ typedef struct __config_t {
unsigned int ask;
alpm_transflag_t flags;
alpm_siglevel_t siglevel;
+ alpm_siglevel_t upgradesiglevel;

/* conf file options */
/* I Love Candy! */
diff --git a/src/pacman/upgrade.c b/src/pacman/upgrade.c
index 87f7c39..12bd421 100644
--- a/src/pacman/upgrade.c
+++ b/src/pacman/upgrade.c
@@ -41,7 +41,7 @@ int pacman_upgrade(alpm_list_t *targets)
{
int retval = 0;
alpm_list_t *i;
- alpm_siglevel_t level = alpm_option_get_default_siglevel(config->handle);
+ alpm_siglevel_t level = alpm_option_get_upgrade_siglevel(config->handle);

if(targets == NULL) {
pm_printf(ALPM_LOG_ERROR, _("no targets specified (use -h for help)
"));
--
1.7.8.1

Am 22.12.2011 11:26, schrieb Allan McRae:
> Use to override the global SigLevel value for upgrade operations.
>
> e.g. when installing a package without a signature:
>
> Fails to install:
> SigLevel = Optional
> UpgradeSigLevel = Required
>
> Fails to install:
> SigLevel = Required
>
> Installs:
> SigLevel = Required
> UpgradeSigLevel = Optional
>
> Installs:
> SigLevel = Optional

I'll repeat some things that I said in the bug report - I have no idea
if this is feasible and should be done now:

I would love to distinguish between -U <local file> and -U <URL>. The
rationale is that I want automatically the highest security when I
download something (meaning: 'Required' for -U <URL>) but more
convenience when installing a local package that I build from AUR and
thus never signed (meaning: 'Optional' for -U <local file>).

If you think this is too hard for now, I think that this patch is better
than nothing.

Apart from that, I find the name UpgradeSigLevel confusing: People might
think it refers to upgrades in general, as opposed to the pacman
'upgrade' operation.

On Thu, 22 Dec 2011 11:53:38 +0100
Thomas Bächler <thomas@archlinux.org> wrote:

> Am 22.12.2011 11:26, schrieb Allan McRae:
> > Use to override the global SigLevel value for upgrade operations.
> >
> > e.g. when installing a package without a signature:
> >
> > Fails to install:
> > SigLevel = Optional
> > UpgradeSigLevel = Required
> >
> > Fails to install:
> > SigLevel = Required
> >
> > Installs:
> > SigLevel = Required
> > UpgradeSigLevel = Optional
> >
> > Installs:
> > SigLevel = Optional
>
> I'll repeat some things that I said in the bug report - I have no idea
> if this is feasible and should be done now:
>
> I would love to distinguish between -U <local file> and -U <URL>. The
> rationale is that I want automatically the highest security when I
> download something (meaning: 'Required' for -U <URL>) but more
> convenience when installing a local package that I build from AUR and
> thus never signed (meaning: 'Optional' for -U <local file>).

just some thoughts..
if you built a package yourself, you can also just sign it and verify the signature when installing.
though this is a bit more computationally intensive...

also, what if somebody sends you a package by mail or through some other medium than http?
then it will also be the '-U <local file>' case but very different from the other '-U <local file>' case where you built yourself.

Dieter

On 22/12/11 20:26, Allan McRae wrote:
> Use to override the global SigLevel value for upgrade operations.
>
> e.g. when installing a package without a signature:
>
> Fails to install:
> SigLevel = Optional
> UpgradeSigLevel = Required
>
> Fails to install:
> SigLevel = Required
>
> Installs:
> SigLevel = Required
> UpgradeSigLevel = Optional
>
> Installs:
> SigLevel = Optional
>
> Signed-off-by: Allan McRae <allan@archlinux.org>
> ---
>
> The main issue I see here is that UpgradeSigLevel must come after the global
> SigLevel value. Otherwise the only way I see to use the value of SigLevel as
> a default for UpgradeSigLevel requires much code duplication.


So, any further comments on this before I take a stab at improving
things further. So far the comments were:

1) distinguish between "pacman -U <url>" and "pacman -U <file>"
2) change name of option as "Upgrade" is confusing

What about using:
LocalFileSigLevel
RemoteFileSigLevel

Is RemoteFile too confusing with packages from repos?

Allan

On 13.01.2012 02:30, Allan McRae wrote:
> On 22/12/11 20:26, Allan McRae wrote:
>> Use to override the global SigLevel value for upgrade operations.
>>
>> e.g. when installing a package without a signature:
>>
>> Fails to install:
>> SigLevel = Optional
>> UpgradeSigLevel = Required
>>
>> Fails to install:
>> SigLevel = Required
>>
>> Installs:
>> SigLevel = Required
>> UpgradeSigLevel = Optional
>>
>> Installs:
>> SigLevel = Optional
>>
>> Signed-off-by: Allan McRae <allan@archlinux.org>
>> ---
>>
>> The main issue I see here is that UpgradeSigLevel must come after the global
>> SigLevel value. Otherwise the only way I see to use the value of SigLevel as
>> a default for UpgradeSigLevel requires much code duplication.
>
>
> So, any further comments on this before I take a stab at improving
> things further. So far the comments were:
>
> 1) distinguish between "pacman -U <url>" and "pacman -U <file>"
> 2) change name of option as "Upgrade" is confusing
>
> What about using:
> LocalFileSigLevel
> RemoteFileSigLevel
>
> Is RemoteFile too confusing with packages from repos?

Yes. Even in this context I wondered for a moment if that applies to -S
as well, but then I guess you will keep SigLevel for that.

UpgradeSigLevel is also confusing because that should/could/might apply
to -Su, but not -S. This (wrong idea) would even make sense right now
because not all old packages are signed, but all new ones are.

--
Florian Pritz

Am 13.01.2012 02:30, schrieb Allan McRae:
> So, any further comments on this before I take a stab at improving
> things further. So far the comments were:
>
> 1) distinguish between "pacman -U <url>" and "pacman -U <file>"
> 2) change name of option as "Upgrade" is confusing
>
> What about using:
> LocalFileSigLevel
> RemoteFileSigLevel
>
> Is RemoteFile too confusing with packages from repos?
>
> Allan

Might be. LocalUrlSigLevel and RemoteUrlSigLevel maybe? Some other word
that indicates that we use -U?

Personally, if we don't come up with anything better, I am okay with
{Local,Remote}FileSigLevel - just add a nice comment in the pacman.conf
template.