diff options
| author | Panu Matilainen <pmatilai@redhat.com> | 2012-02-02 13:53:38 +0200 |
|---|---|---|
| committer | Panu Matilainen <pmatilai@redhat.com> | 2012-02-02 14:18:50 +0200 |
| commit | 290fcbbe6b3ca2fb1d5e4a7269a32a94f8a1563a (patch) | |
| tree | b61377ab8e1a9d6995529f69d69f6a4c090d0986 /lib/rpmts.c | |
| parent | cef18c94807af0935b7796c462aab8ed39f0f376 (diff) | |
| download | librpm-tizen-290fcbbe6b3ca2fb1d5e4a7269a32a94f8a1563a.tar.gz librpm-tizen-290fcbbe6b3ca2fb1d5e4a7269a32a94f8a1563a.tar.bz2 librpm-tizen-290fcbbe6b3ca2fb1d5e4a7269a32a94f8a1563a.zip | |
Never load ts keyring if signature checking is disabled
- Loading the pubkeys from database numerous often unwanted side-effects,
if signature checking is disabled then there's no point loading
the keys either.
- Commit cad147070e5513312d851f44998012e8f0cdf1e3 did this for
rpmReadPackageFile() specifically but we really want it honored
for all operations including headerCheck() and friends, handle
it centrally in loadKeys() for simplicity.
Diffstat (limited to 'lib/rpmts.c')
| -rw-r--r-- | lib/rpmts.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/lib/rpmts.c b/lib/rpmts.c index 5619c9103..4b0751729 100644 --- a/lib/rpmts.c +++ b/lib/rpmts.c @@ -341,11 +341,14 @@ static int loadKeyringFromDB(rpmts ts) static void loadKeyring(rpmts ts) { - ts->keyring = rpmKeyringNew(); - if (loadKeyringFromFiles(ts) == 0) { - if (loadKeyringFromDB(ts) > 0) { - /* XXX make this a warning someday... */ - rpmlog(RPMLOG_DEBUG, "Using legacy gpg-pubkey(s) from rpmdb\n"); + /* Never load the keyring if signature checking is disabled */ + if ((rpmtsVSFlags(ts) & _RPMVSF_NOSIGNATURES) != _RPMVSF_NOSIGNATURES) { + ts->keyring = rpmKeyringNew(); + if (loadKeyringFromFiles(ts) == 0) { + if (loadKeyringFromDB(ts) > 0) { + /* XXX make this a warning someday... */ + rpmlog(RPMLOG_DEBUG, "Using legacy gpg-pubkey(s) from rpmdb\n"); + } } } } |