Mercurial > hg > xemacs-beta

changeset 681:c00aa0615465

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
[xemacs-hg @ 2001-12-02 07:27:14 by youngs] 2001-12-02 Steve Youngs <youngs@xemacs.org> * package-get.el (package-get-base-filename): Rename default file to 'package-index.LATEST.gpg' (package-get-require-signed-base-updates): Update doc string. 2001-11-29 Steve Youngs <youngs@xemacs.org> * package-get.el (package-entries-are-signed): New. (package-get-continue-update-base): New. (package-get-update-base-from-buffer): Use them. Fix PGP code.
author youngs
date Sun, 02 Dec 2001 07:27:15 +0000
parents 455cef6481bd
children e558c78d22f8
files lisp/ChangeLog lisp/package-get.el
diffstat 2 files changed, 47 insertions(+), 32 deletions(-) [+]
line wrap: on
line diff
--- a/lisp/ChangeLog	Thu Nov 29 18:48:46 2001 +0000
+++ b/lisp/ChangeLog	Sun Dec 02 07:27:15 2001 +0000
@@ -1,3 +1,15 @@
+2001-12-02  Steve Youngs  <youngs@xemacs.org>
+
+	* package-get.el (package-get-base-filename): Rename default file
+	to 'package-index.LATEST.gpg'
+	(package-get-require-signed-base-updates): Update doc string.
+
+2001-11-29  Steve Youngs  <youngs@xemacs.org>
+
+	* package-get.el (package-entries-are-signed): New.
+	(package-get-continue-update-base): New.
+	(package-get-update-base-from-buffer): Use them.  Fix PGP code. 
+
 2001-11-29  Adrian Aichner  <adrian@xemacs.org>
 
 	* menubar-items.el (Menubar-items-truncate-list): Removed.
--- a/lisp/package-get.el	Thu Nov 29 18:48:46 2001 +0000
+++ b/lisp/package-get.el	Sun Dec 02 07:27:15 2001 +0000
@@ -252,7 +252,7 @@
 ;; #### it may make sense for this to be a list of names.
 ;; #### also, should we rename "*base*" to "*index*" or "*db*"?
 ;;      "base" is a pretty poor name.
-(defcustom package-get-base-filename "package-index.LATEST.pgp"
+(defcustom package-get-base-filename "package-index.LATEST.gpg"
   "*Name of the default package-get database file.
 This may either be a relative path, in which case it is interpreted
 with respect to `package-get-remote', or an absolute path."
@@ -272,10 +272,16 @@
 (defcustom package-get-require-signed-base-updates nil
   "*If set to a non-nil value, require explicit user confirmation for updates
 to the package-get database which cannot have their signature verified via PGP.
-When nil, updates which are not PGP signed are allowed without confirmation."
+When nil, no PGP verification will be done."
   :type 'boolean
   :group 'package-get)
 
+(defvar package-entries-are-signed nil
+  "Non-nil when the package index file has been PGP signed.")
+
+(defvar package-get-continue-update-base nil
+  "Non-nil update the index even if it hasn't been signed.")
+
 (defvar package-get-was-current nil
   "Non-nil we did our best to fetch a current database.")
 
@@ -426,39 +432,36 @@
         (setq beg (match-beginning 0))
         (setq content-beg (match-end 0)))
       (when (re-search-forward package-get-pgp-signature-begin-line nil t)
-        (setq content-end (match-beginning 0)))
+        (setq content-end (match-beginning 0))
+	(setq package-entries-are-signed t))
       (when (re-search-forward package-get-pgp-signature-end-line nil t)
         (setq end (point)))
-      (if (not (and content-beg content-end beg end))
-          (or (not package-get-require-signed-base-updates)
-              (yes-or-no-p "Package-get entries not PGP signed, continue? ")
-              (error "Package-get database not updated")))
-      (if (and content-beg content-end beg end)
-          (if (not (condition-case nil
-                       (or (fboundp 'mc-pgp-verify-region)
-                           (load-library "mc-pgp")
-                           (fboundp 'mc-pgp-verify-region))
-                     (error nil)))
-              (or (not package-get-require-signed-base-updates)
-                  (yes-or-no-p
-                   "No mailcrypt; can't verify package-get DB signature, continue? ")
-                  (error "Package-get database not updated"))))
-      (if (and beg end
-               (fboundp 'mc-pgp-verify-region)
-               (or (not
-                    (condition-case err
-                        (declare-fboundp (mc-pgp-verify-region beg end))
-                      (file-error
-                       (and (string-match "No such file" (nth 2 err))
-                            (or (not package-get-require-signed-base-updates)
-                                (yes-or-no-p
-                                 (concat "Can't find PGP, continue without "
-                                         "package-get DB verification? ")))))
-                      (t nil)))))
-          (error "Package-get PGP signature failed to verify"))
+      (setq package-get-continue-update-base t)
+      (if package-get-require-signed-base-updates 
+	  (if package-entries-are-signed
+	      (progn
+		(setq package-get-continue-update-base nil)
+		(autoload 'mc-setversion "mc-setversion")
+		(or
+		 (cond ((locate-file "gpg" exec-path)
+			(mc-setversion "gpg"))
+		       ((locate-file "pgpe" exec-path)
+			(mc-setversion "5.0"))
+		       ((locate-file "pgp" exec-path)
+			(mc-setversion "2.6")))
+		 (error "Can't find a suitable pgp executable"))
+		(mc-verify)
+		(setq package-get-continue-update-base t))
+	    (if (yes-or-no-p
+		 "Package Index is not PGP signed.  Continue anyway? ")
+		(setq package-get-continue-update-base t)
+	      (error "Package database not updated")
+	      (setq package-get-continue-update-base nil))))
       ;; ToDo: We should call package-get-maybe-save-index on the region
-      (package-get-update-base-entries content-beg content-end)
-      (message "Updated package-get database"))))
+      (if package-get-continue-update-base
+	  (progn
+	    (package-get-update-base-entries content-beg content-end)
+	    (message "Updated package-get database"))))))
 
 (defun package-get-update-base-entries (start end)
   "Update the package-get database with the entries found between