Pathname sigpath = masterIndex_r.extend( ".asc" );
Pathname keypath = masterIndex_r.extend( ".key" );
- // always download them, even if repoGpgCheck is disabled
+ SignatureFileChecker sigchecker;
+
enqueue( OnMediaLocation( sigpath, 1 ).setOptional( true ) );
- enqueue( OnMediaLocation( keypath, 1 ).setOptional( true ) );
start( destdir_r, media_r );
reset();
- FileChecker checker; // set to sigchecker if appropriate, else Null.
- SignatureFileChecker sigchecker;
- bool isSigned = PathInfo(destdir_r / sigpath).isExist();
+ // only add the signature if it exists
+ if ( PathInfo(destdir_r / sigpath).isExist() )
+ sigchecker = SignatureFileChecker( destdir_r / sigpath );
- if ( repoInfo().repoGpgCheck() )
- {
- if ( isSigned || !repoInfo().pkgGpgCheck() )
- {
- // only add the signature if it exists
- if ( isSigned )
- sigchecker = SignatureFileChecker( destdir_r / sigpath );
-
- KeyContext context;
- context.setRepoInfo( repoInfo() );
- // only add the key if it exists
- if ( PathInfo(destdir_r / keypath).isExist() )
- sigchecker.addPublicKey( destdir_r / keypath, context );
- else
- // set the checker context even if the key is not known (unsigned repo, key
- // file missing; bnc #495977)
- sigchecker.setKeyContext( context );
-
- checker = FileChecker( ref(sigchecker) ); // ref() to the local sigchecker is important as we want back fileValidated!
- }
- else
- {
- WAR << "Accept unsigned repository because pkgGpgCheck is on for " << repoInfo().alias() << endl;
- }
- }
+ enqueue( OnMediaLocation( keypath, 1 ).setOptional( true ) );
+ start( destdir_r, media_r );
+ reset();
+
+ KeyContext context;
+ context.setRepoInfo( repoInfo() );
+ // only add the key if it exists
+ if ( PathInfo(destdir_r / keypath).isExist() )
+ sigchecker.addPublicKey( destdir_r / keypath, context );
else
+ // set the checker context even if the key is not known (unsigned repo, key
+ // file missing; bnc #495977)
+ sigchecker.setKeyContext( context );
+
+ if ( ! repoInfo().gpgCheck() )
{
WAR << "Signature checking disabled in config of repository " << repoInfo().alias() << endl;
}
-
- enqueue( OnMediaLocation( masterIndex_r, 1 ), checker ? checker : FileChecker(NullFileChecker()) );
+ enqueue( OnMediaLocation( masterIndex_r, 1 ),
+ repoInfo().gpgCheck() ? FileChecker(sigchecker) : FileChecker(NullFileChecker()) );
start( destdir_r, media_r );
reset();
-
- // Accepted!
- _repoinfo.setMetadataPath( destdir_r );
- if ( isSigned )
- _repoinfo.setValidRepoSignature( sigchecker.fileValidated() );
- else
- _repoinfo.setValidRepoSignature( indeterminate );
}