From d98468515a2f96c3a6c5bd824aada6817912a2ea Mon Sep 17 00:00:00 2001 From: Juan RP Date: Sat, 30 Nov 2013 08:30:25 +0100 Subject: [PATCH] Fix #25 correctly: compare against repo->signature. --- bin/xbps-rindex/sign.c | 18 +++++++++--------- lib/repo.c | 3 --- 2 files changed, 9 insertions(+), 12 deletions(-) diff --git a/bin/xbps-rindex/sign.c b/bin/xbps-rindex/sign.c index 510b326..6e67838 100644 --- bin/xbps-rindex/sign.c +++ bin/xbps-rindex/sign.c @@ -149,7 +149,7 @@ sign_repo(struct xbps_handle *xhp, const char *repodir, repo = xbps_repo_open(xhp, repodir); if (repo == NULL) { fprintf(stderr, "cannot read repository data: %s\n", strerror(errno)); - goto out; + return -1; } if (xbps_dictionary_count(repo->idx) == 0) { fprintf(stderr, "invalid number of objects in repository index!\n"); @@ -183,21 +183,21 @@ sign_repo(struct xbps_handle *xhp, const char *repodir, goto out; } /* - * Prepare the XBPS_REPOIDX_META for our repository data. - */ - meta = xbps_dictionary_create(); - xbps_dictionary_set_cstring_nocopy(meta, "signature-by", signedby); - xbps_dictionary_set_cstring_nocopy(meta, "signature-type", "rsa"); - /* * If the signature in repo has not changed do not generate the * repodata file again. */ - data = xbps_data_create_data_nocopy(sig, siglen); - if (xbps_data_equals_data(data, sig, siglen)) { + if (xbps_data_equals_data(repo->signature, sig, siglen)) { fprintf(stderr, "Not signing again, matched signature found.\n"); rv = 0; goto out; } + /* + * Prepare the XBPS_REPOIDX_META for our repository data. + */ + meta = xbps_dictionary_create(); + xbps_dictionary_set_cstring_nocopy(meta, "signature-by", signedby); + xbps_dictionary_set_cstring_nocopy(meta, "signature-type", "rsa"); + data = xbps_data_create_data_nocopy(sig, siglen); xbps_dictionary_set(meta, "signature", data); buf = pubkey_from_privkey(rsa); diff --git a/lib/repo.c b/lib/repo.c index 6e9f237..34bdfa7 100644 --- lib/repo.c +++ lib/repo.c @@ -156,9 +156,6 @@ xbps_repo_open(struct xbps_handle *xhp, const char *url) repo = NULL; goto out; } - if (!is_remote) - goto out; - if ((meta = repo_get_dict(repo, XBPS_REPOIDX_META))) { repo->is_signed = true; repo->signature = xbps_dictionary_get(meta, "signature"); -- 1.8.4.1