[core] Improve spacelpa verification and error detection
* modified function configuration-layer//stable-elpa-verify-archive Gather errors along the verification steps and make a single call to configuration-layer//stable-elpa-ask-to-continue at the end of the function. Improve the scope of catched errors so now the users should be prompted when GPG is not available on the system.
This commit is contained in:
parent
f86d187a6d
commit
c975fc64ca
|
@ -2647,40 +2647,56 @@ Returns non nil if the verification succeeded.
|
|||
|
||||
If Spacemacs cannot verify the archive a prompt ask the user if they want to
|
||||
continue with the stable ELPA repository installation."
|
||||
(let ((result t)
|
||||
(archive (configuration-layer//stable-elpa-tarball-local-file))
|
||||
(sig-file (configuration-layer//stable-elpa-tarball-local-sign-file))
|
||||
large-file-warning-threshold)
|
||||
(let* (context
|
||||
good-signatures
|
||||
verification-err
|
||||
(archive (configuration-layer//stable-elpa-tarball-local-file))
|
||||
(sig-file (configuration-layer//stable-elpa-tarball-local-sign-file))
|
||||
(sig-string (with-current-buffer (find-file-noselect sig-file)
|
||||
(buffer-string)))
|
||||
large-file-warning-threshold)
|
||||
(with-current-buffer (find-file-noselect archive)
|
||||
(let (verification-err
|
||||
(sig-string (with-current-buffer (find-file-noselect sig-file)
|
||||
(buffer-string)))
|
||||
(context (epg-make-context 'OpenPGP)))
|
||||
(spacemacs-buffer/set-mode-line
|
||||
(format "Verifying %s archive..."
|
||||
configuration-layer-stable-elpa-name) t)
|
||||
(spacemacs-buffer/set-mode-line
|
||||
(format "Verifying %s archive..."
|
||||
configuration-layer-stable-elpa-name) t)
|
||||
(condition-case error
|
||||
(setq context (epg-make-context 'OpenPGP))
|
||||
(error (setq verification-err
|
||||
(format "GnuPGP seems not be available (%s)"
|
||||
(cdr error)))))
|
||||
(unless verification-err
|
||||
(condition-case error
|
||||
(epg-import-keys-from-file
|
||||
context configuration-layer--stable-elpa-gpg-keyring)
|
||||
(error
|
||||
(setq result (configuration-layer//stable-elpa-ask-to-continue
|
||||
(format "Cannot import keyring: %S" (cdr error))))))
|
||||
(condition-case error
|
||||
(epg-verify-string context sig-string (buffer-string))
|
||||
(error
|
||||
(setq verification-err (cdr error))))
|
||||
(let (good-signatures)
|
||||
(error (setq verification-err
|
||||
(format "Cannot import public key (%s)"
|
||||
(cdr error)))))
|
||||
(unless verification-err
|
||||
(condition-case error
|
||||
(epg-verify-string context sig-string (buffer-string))
|
||||
(error (setq verification-err
|
||||
(format "Error during verification phase (%s)"
|
||||
(cdr error)))))
|
||||
;; The .sig file may contain multiple signatures. Success if one
|
||||
;; of the signatures is good.
|
||||
(dolist (sig (epg-context-result-for context 'verify))
|
||||
(when (eq (epg-signature-status sig) 'good)
|
||||
(push sig good-signatures)))
|
||||
(when (null good-signatures)
|
||||
(unless verification-err
|
||||
;; `epg-verify-string' does not signal error when everything
|
||||
;; went fine but the verification in itself failed.
|
||||
;; This is a strong indicator that the archive may be
|
||||
;; compromised.
|
||||
(setq verification-err
|
||||
(concat "Verification failed! It is strongly advised to "
|
||||
"NOT install the stable ELPA repository and "
|
||||
"report it on GitHub.")))
|
||||
(when init-file-debug
|
||||
(package--display-verify-error context sig-file))
|
||||
(setq result (configuration-layer//stable-elpa-ask-to-continue
|
||||
verification-err))))))
|
||||
result))
|
||||
(package--display-verify-error context sig-file))))))
|
||||
(if verification-err
|
||||
(configuration-layer//stable-elpa-ask-to-continue verification-err)
|
||||
t)))
|
||||
|
||||
(defun configuration-layer//stable-elpa-untar-archive ()
|
||||
"Untar the downloaded archive of stable ELPA, returns non-nil if succeeded."
|
||||
|
|
Loading…
Reference in New Issue