[Rpm-maint] [rpm-software-management/rpm] Implement openpgp.cert.d based keystore (PR #3437)
Michal Domonkos
notifications at github.com
Mon Nov 11 12:33:08 UTC 2024
@dmnks commented on this pull request.
Overall LGTM, some comments in line.
> return rc;
}
+rpmRC keystore_openpgp_cert_d::import_key(rpmtxn txn, rpmPubkey key, int replace, rpmFlags flags)
+{
+ rpmRC rc = RPMRC_NOTFOUND;
+
+ if ((rc = acquire_write_lock(txn)) == RPMRC_OK) {
I'd suggest using a "bail out" conditional like in `delete_key()`, it avoids the extra indentation level and would be more consistent with the other method.
> +}
+
+rpmRC keystore_openpgp_cert_d::load_keys(rpmtxn txn, rpmKeyring keyring)
+{
+ return load_keys_from_glob(txn, keyring, "%{_keyringpath}/*/*");
+}
+
+rpmRC keystore_openpgp_cert_d::delete_key(rpmtxn txn, rpmPubkey key)
+{
+ rpmRC rc = RPMRC_NOTFOUND;
+
+ if (acquire_write_lock(txn) != RPMRC_OK)
+ return RPMRC_FAIL;
+
+ string fp = rpmPubkeyFingerprintAsHex(key);
+ string dir = fp.substr(0, 2);
This routine of obtaining the storage location (where the first two hex chars are the directory name) is a specific thing in this keystore implementation and it's currently duplicated in two places so maybe deserves a separate private method.
That said, we can always do that later, when there's the [third use](https://en.wikipedia.org/wiki/Rule_of_three_(computer_programming)), so feel free to ignore.
> @@ -275,6 +275,8 @@ static keystore *getKeystore(rpmts ts)
ts->keystore = new keystore_fs();
} else if (rstreq(krtype, "rpmdb")) {
ts->keystore = new keystore_rpmdb();
+ } else if (rstreq(krtype, "openpgp")) {
+ ts->keystore = new keystore_openpgp_cert_d();
The class name seems a bit verbose to me, how about just `keystore_openpgp`? I suppose this would be the defacto standard openpgp keystore implementation so it doesn't have to be more specific than that.
> +rpmRC keystore_openpgp_cert_d::load_keys(rpmtxn txn, rpmKeyring keyring)
+{
+ return load_keys_from_glob(txn, keyring, "%{_keyringpath}/*/*");
+}
+
+rpmRC keystore_openpgp_cert_d::delete_key(rpmtxn txn, rpmPubkey key)
+{
+ rpmRC rc = RPMRC_NOTFOUND;
+
+ if (acquire_write_lock(txn) != RPMRC_OK)
+ return RPMRC_FAIL;
+
+ string fp = rpmPubkeyFingerprintAsHex(key);
+ string dir = fp.substr(0, 2);
+ string filename = fp.substr(2);
+ char * filepath = rpmGetPath(rpmtxnRootDir(txn), "%{_keyringpath}/", dir.c_str(), "/", filename.c_str(), NULL);
I see a mixed used of `rpmGetPath()` and `rpmGenPath()` in the keystore.cc module. Is there a reason for preferring one over the other in those places?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3437#pullrequestreview-2427135821
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/3437/review/2427135821 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20241111/8c4ab146/attachment.html>
More information about the Rpm-maint
mailing list