{
private:
string VerifyGetSigners(const char *file, const char *outfile,
- vector<string> &GoodSigners,
+ std::string const &key,
+ vector<string> &GoodSigners,
vector<string> &BadSigners,
vector<string> &WorthlessSigners,
vector<string> &NoPubKeySigners);
protected:
- virtual bool Fetch(FetchItem *Itm);
+ virtual bool URIAcquire(std::string const &Message, FetchItem *Itm);
virtual bool Configuration(string Message);
public:
}
string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
+ std::string const &key,
vector<string> &GoodSigners,
vector<string> &BadSigners,
vector<string> &WorthlessSigners,
if (pid < 0)
return string("Couldn't spawn new process") + strerror(errno);
else if (pid == 0)
- ExecGPGV(outfile, file, 3, fd);
+ ExecGPGV(outfile, file, 3, fd, key);
close(fd[1]);
FILE *pipein = fdopen(fd[0], "r");
return _("Unknown error executing apt-key");
}
-bool GPGVMethod::Fetch(FetchItem *Itm)
+bool GPGVMethod::URIAcquire(std::string const &Message, FetchItem *Itm)
{
- URI Get = Itm->Uri;
- string Path = Get.Host + Get.Path; // To account for relative paths
- string keyID;
+ URI const Get = Itm->Uri;
+ string const Path = Get.Host + Get.Path; // To account for relative paths
+ std::string const key = LookupTag(Message, "Signed-By");
vector<string> GoodSigners;
vector<string> BadSigners;
// a worthless signature is a expired or revoked one
URIStart(Res);
// Run apt-key on file, extract contents and get the key ID of the signer
- string msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(),
+ string msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(), key,
GoodSigners, BadSigners, WorthlessSigners,
NoPubKeySigners);
if (GoodSigners.empty() || !BadSigners.empty() || !NoPubKeySigners.empty())
projects / apt.git / blobdiff