From 0b385002cc04254ce9f994efe1c2400edd9d1516 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 1 Jul 2008 15:25:06 +0300
Subject: [PATCH] Proof of concept rpmtsFindPubkey() implementation with the
 new keyring - ifdeffed out for now, needs a bit more flesh and a working  
 import routine

---
 lib/rpmts.c          | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
 lib/rpmts_internal.h |  2 ++
 macros.in            |  2 ++
 3 files changed, 54 insertions(+)

diff --git a/lib/rpmts.c b/lib/rpmts.c
index ea15c17..1c54bb5 100644
--- a/lib/rpmts.c
+++ b/lib/rpmts.c
@@ -263,8 +263,55 @@ exit:
     return mi;
 }
 
+#ifdef USE_SEPARATE_KEYRING
+static void loadKeyring(rpmts ts)
+{
+    ARGV_t files = NULL;
+    /* XXX TODO: deal with chroot path issues */
+    char *pkpath = rpmGetPath(ts->rootDir, "%{_keyringpath}/*.key", NULL);
+
+    ts->keyring = rpmKeyringNew();
+    if (rpmGlob(pkpath, NULL, &files)) {
+	rpmlog(RPMLOG_DEBUG, "couldn't find any keys in %s\n", pkpath);
+	goto exit;
+    }
+
+    for (char **f = files; *f; f++) {
+	rpmPubkey key = rpmPubkeyRead(*f);
+	if (!key) {
+	    rpmlog(RPMLOG_ERR, _("%s: reading of public key failed.\n"), *f);
+	    continue;
+	}
+	if (rpmKeyringAddKey(ts->keyring, key)) {
+	    rpmlog(RPMLOG_DEBUG, "added key %s to keyring\n", *f);
+	}
+    }
+exit:
+    free(pkpath);
+    argvFree(files);
+}
+
+rpmRC rpmtsFindPubkey(rpmts ts, pgpDig dig)
+{
+    rpmRC res = RPMRC_NOKEY;
+
+    if (dig == NULL)
+	goto exit;
+
+    if (ts->keyring == NULL) {
+	loadKeyring(ts);
+    }
+    res = rpmKeyringLookup(ts->keyring, dig);
+
+exit:
+    return res;
+}
+
+#else
 rpmRC rpmtsFindPubkey(rpmts ts, pgpDig dig)
 {
+
+
     pgpDigParams sigp = dig ? &dig->signature : NULL;
     pgpDigParams pubp = dig ? &dig->pubkey : NULL;
     rpmRC res = RPMRC_NOKEY;
@@ -364,6 +411,7 @@ exit:
     }
     return res;
 }
+#endif
 
 rpmRC rpmtsImportPubkey(const rpmts ts, const unsigned char * pkt, size_t pktlen)
 {
@@ -871,6 +919,7 @@ rpmts rpmtsFree(rpmts ts)
 	ts->pkpkt = _free(ts->pkpkt);
     ts->pkpktlen = 0;
     memset(ts->pksignid, 0, sizeof(ts->pksignid));
+    ts->keyring = rpmKeyringFree(ts->keyring);
 
     if (_rpmts_stats)
 	rpmtsPrintStats(ts);
@@ -1405,6 +1454,7 @@ rpmts rpmtsCreate(void)
 
     ts->probs = NULL;
 
+    ts->keyring = NULL;
     ts->pkpkt = NULL;
     ts->pkpktlen = 0;
     memset(ts->pksignid, 0, sizeof(ts->pksignid));
diff --git a/lib/rpmts_internal.h b/lib/rpmts_internal.h
index aa5d984..4753997 100644
--- a/lib/rpmts_internal.h
+++ b/lib/rpmts_internal.h
@@ -4,6 +4,7 @@
 #include <rpm/rpmts.h>
 #include <rpm/rpmal.h>	/* XXX availablePackage/relocateFileList ,*/
 
+#include "rpmio/rpmkeyring.h"
 #include "lib/rpmhash.h"	/* XXX hashTable */
 
 /** \ingroup rpmts
@@ -95,6 +96,7 @@ struct rpmts_s {
 
     const char * fn;		/*!< Current package fn. */
 
+    rpmKeyring keyring;		/*!< Keyring in use. */
     uint8_t * pkpkt;/*!< Current pubkey packet. */
     size_t pkpktlen;		/*!< Current pubkey packet length. */
     pgpKeyID_t pksignid;	/*!< Current pubkey fingerprint. */
diff --git a/macros.in b/macros.in
index 8fe2c1d..3295dea 100644
--- a/macros.in
+++ b/macros.in
@@ -156,6 +156,8 @@
 #	The location of the rpm database file(s) after "rpm --rebuilddb".
 %_dbpath_rebuild	%{_dbpath}
 
+%_keyringpath		%{_dbpath}/pubkeys/
+
 #
 #	Path to script that creates debug symbols in a /usr/lib/debug
 #	shadow tree.
-- 
2.7.4