Am Mittwoch 03 September 2008 15:06:39 schrieb Michael Andres:
Looking at the zypp code, gpgCheck has no effect ;( I don't see any location that evaluates the value. uh ... ;)
Signature verification may trigger some callbacks, to ask whether to accept unsigned files, unkown keys, etc. The default to all these questions is 'NO'. Which is a good idea (if i think at what happened <insert another big rpm-based distro here>.
You want to say 'YES'. In my case - yes. But for later use with signed packages i would also need a way to add a cert via python.
In C++ you'd create a KeyRingReceiver that connects to the callback and answers the questions as needed. But I don't know if the bindings support this:
struct KeyRingReceiver : public callback::ReceiveReport<KeyRingReport> { KeyRingReceiver() { connect(); }
virtual bool askUserToAcceptUnsignedFile( const std::string & file ) { return true; }
virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id ) { return true; }
virtual bool askUserToTrustKey( const PublicKey & key ) { return true; }
virtual bool askUserToImportKey( const PublicKey & key ) { return true; }
virtual bool askUserToAcceptVerificationFailed( const std::string & file, const PublicKey & key ) { return true; } };
Without this you need a valid signature.
Do you build libzypp and libzypp-bindings from svn?
yes - if i can remember how i did it last time ;).
I can provide some methods in KeyRing to change the default answers. I suppose this is easier for the bindings than dealing with callbacks. what about setGpgCheck() :D calling these then ? (/me full cover)
Big tnx! Best regards Jan-Simon -- To unsubscribe, e-mail: zypp-devel+unsubscribe@opensuse.org For additional commands, e-mail: zypp-devel+help@opensuse.org