[asdf-install-devel] Infinite loop in VERIFY-GPG-SIGNATURE/URL
Pascal Bourguignon
pjb at informatimago.com
Fri Sep 15 23:40:54 UTC 2006
When (VERIFY-GPG-SIGNATURES-P URL) return NIL (for example, when
*VERIFY-GPG-SIGNATURES* is NIL), the following function never exits.
(defun verify-gpg-signature/url (url file-name)
(block verify
(loop
(restart-case
(when (verify-gpg-signatures-p url)
(let ((sig-url (concatenate 'string url ".asc")))
(destructuring-bind (response headers stream)
(url-connection sig-url)
(unwind-protect
(flet (#-:digitool
(read-signature (data stream)
(read-sequence data stream))
#+:digitool
(read-signature (data stream)
(multiple-value-bind (reader arg)
(ccl:stream-reader stream)
(let ((byte 0))
(dotimes (i (length data))
(unless (setf byte (funcall reader arg))
(error 'download-error :url sig-url
:response 200))
(setf (char data i) (code-char byte)))))))
(if (= response 200)
(let ((data (make-string (parse-integer
(header-value :content-length headers)
:junk-allowed t))))
(read-signature data stream)
(verify-gpg-signature/string data file-name))
(error 'download-error :url sig-url
:response response)))
(close stream)))))
(install-anyways (&rest rest)
:report "Don't check GPG signature for this package"
(declare (ignore rest))
(return-from verify t))
(retry-gpg-check (&rest args)
:report "Retry GPG check \(e.g., after fixing the network connection\)"
(declare (ignore args))
nil)))))
I'd sugest to do the test first thing:
(when (verify-gpg-signatures-p url)
(loop
(restart-case
...
)))
Also, the RETURN-FROM could use the function block name,
or LOOP could be named: (LOOP :NAMED VERIFY :DO ...).
--
__Pascal Bourguignon__ http://www.informatimago.com/
Small brave carnivores
Kill pine cones and mosquitoes
Fear vacuum cleaner
More information about the asdf-install-devel
mailing list