rpm 5.3.7

lib/verify.c

Go to the documentation of this file.
00001 
00006 #include "system.h"
00007 
00008 #include <rpmio.h>
00009 #include <rpmiotypes.h>
00010 #include <rpmcb.h>
00011 #include "ugid.h"
00012 
00013 #include <rpmtypes.h>
00014 #include <rpmtag.h>
00015 
00016 #define _RPMFI_INTERNAL
00017 #include <rpmfi.h>
00018 
00019 #define _RPMSQ_INTERNAL
00020 #include "psm.h"
00021 
00022 #include "legacy.h"     /* XXX dodigest(), uidToUname(), gnameToGid */
00023 
00024 #define _RPMPS_INTERNAL /* XXX rpmps needs iterator. */
00025 #define _RPMTS_INTERNAL /* XXX expose rpmtsSetScriptFd */
00026 #include <rpmcli.h>
00027 
00028 #include "debug.h"
00029 
00030 /*@access rpmts @*/     /* XXX cast */
00031 /*@access rpmpsm @*/    /* XXX for %verifyscript through rpmpsmStage() */
00032 
00033 #define S_ISDEV(m) (S_ISBLK((m)) || S_ISCHR((m)))
00034 
00035 /*@unchecked@*/
00036 extern int _rpmds_unspecified_epoch_noise;
00037 
00038 typedef struct rpmvf_s * rpmvf;
00039 struct rpmvf_s {
00040     struct rpmioItem_s _item;   
00041     const char * fn;
00042     const char * flink;
00043     struct stat  sb;
00044     rpmfileAttrs fflags;
00045     rpmfileState fstate;
00046     rpmVerifyAttrs vflags;
00047     int dalgo;
00048     size_t dlen;
00049     const unsigned char * digest;
00050     const char * fuser;
00051     const char * fgroup;
00052 #if defined(__LCLINT__NOTYET)
00053 /*@refs@*/
00054     int nrefs;                  
00055 #endif
00056 };
00057 
00058 static rpmvf rpmvfFree(/*@only@*/ rpmvf vf)
00059         /*@modifies vf @*/
00060 {
00061     if (vf) {
00062 #ifdef  NOTYET
00063         yarnPossess(vf->_item.use);
00064         if (yarnPeekLock(vf->_item.use) <= 1L) {
00065             yarnLock use = vf->_item.use;
00066             vf->fn = _free(vf->fn);
00067             vf = _free(vf);
00068             yarnTwist(use, TO, 0);
00069             use = yarnFreeLock(use);
00070         } else
00071             yarnTwist(vf->_item.use, BY, -1);
00072 #else
00073         vf->fn = _free(vf->fn);
00074         vf = _free(vf);
00075 #endif
00076     }
00077     return NULL;
00078 }
00079 
00080 /*@only@*/
00081 static rpmvf rpmvfNew(rpmts ts, rpmfi fi, int i, rpmVerifyAttrs omitMask)
00082         /*@*/
00083 {
00084     rpmvf vf = xcalloc(1, sizeof(*vf));
00085 
00086 #ifdef  NOTYET
00087     vf->_item.use = yarnNewLock(1);
00088     vf->_item.pool = NULL;
00089 #endif
00090 
00091 /*@-mods@*/
00092     vf->fn = rpmGetPath(rpmtsRootDir(ts), fi->dnl[fi->dil[i]], fi->bnl[i], NULL);
00093 /*@=mods@*/
00094     vf->flink = fi->flinks[i];
00095     vf->fuser = fi->fuser[i];
00096     vf->fgroup = fi->fgroup[i];
00097 
00098     {   struct stat *st = &vf->sb;
00099         st->st_dev =
00100         st->st_rdev = fi->frdevs[i];
00101         st->st_ino = fi->finodes[i];
00102         st->st_mode = fi->fmodes[i];
00103 #ifdef  NOTNEEDED
00104         st->st_nlink = rpmfiFNlink(fi) + (int)S_ISDIR(st->st_mode);
00105 #endif
00106         if (unameToUid(vf->fuser, &st->st_uid) == -1)
00107             st->st_uid = 0;             /* XXX */
00108         if (gnameToGid(vf->fgroup, &st->st_gid) == -1)
00109             st->st_gid = 0;             /* XXX */
00110         st->st_size = fi->fsizes[i];
00111         st->st_blksize = 4 * 1024;      /* XXX */
00112         st->st_blocks = (st->st_size + (st->st_blksize - 1)) / st->st_blksize;
00113         st->st_atime =
00114         st->st_ctime =
00115         st->st_mtime = fi->fmtimes[i];
00116     }
00117 
00118     vf->fflags = fi->fflags[i];
00119     vf->fstate = fi->fstates[i];
00120     vf->vflags = fi->vflags[i];
00121     vf->dalgo = fi->fdigestalgos
00122                 ? fi->fdigestalgos[i]
00123                 : fi->digestalgo;
00124     vf->dlen = fi->digestlen;
00125     vf->digest = fi->digests + (fi->digestlen * i);
00126 
00127     /* Don't verify any features in omitMask. */
00128     vf->vflags &= ~(omitMask | RPMVERIFY_FAILURES);
00129 
00130     /* Content checks of %ghost files are meaningless. */
00131     if (vf->fflags & RPMFILE_GHOST)
00132         vf->vflags &= ~(RPMVERIFY_FDIGEST | RPMVERIFY_FILESIZE | RPMVERIFY_MTIME |
00133                         RPMVERIFY_LINKTO | RPMVERIFY_HMAC);
00134 
00135     return vf;
00136 }
00137 
00144 static int rpmvfVerify(rpmvf vf, int spew)
00145         /*@globals h_errno, fileSystem, internalState @*/
00146         /*@modifies vf, fileSystem, internalState @*/
00147 {
00148     rpmVerifyAttrs res = RPMVERIFY_NONE;
00149     struct stat sb;
00150     int ec = 0;
00151 
00152     /* Check to see if the file was installed - if not pretend all is OK. */
00153     switch (vf->fstate) {
00154     default:
00155     case RPMFILE_STATE_NETSHARED:
00156     case RPMFILE_STATE_REPLACED:
00157     case RPMFILE_STATE_NOTINSTALLED:
00158     case RPMFILE_STATE_WRONGCOLOR:
00159         goto exit;
00160         /*@notreached@*/ break;
00161     case RPMFILE_STATE_NORMAL:
00162         break;
00163     }
00164 
00165 assert(vf->fn != NULL);
00166     if (vf->fn == NULL || Lstat(vf->fn, &sb) != 0) {
00167         res |= RPMVERIFY_LSTATFAIL;
00168         ec = 1;
00169         goto exit;
00170     }
00171 
00172     /* Not all attributes of non-regular files can be verified. */
00173     if (S_ISDIR(sb.st_mode))
00174         vf->vflags &= ~(RPMVERIFY_FDIGEST | RPMVERIFY_FILESIZE | RPMVERIFY_MTIME |
00175                         RPMVERIFY_LINKTO | RPMVERIFY_HMAC);
00176     else if (S_ISLNK(sb.st_mode)) {
00177         vf->vflags &= ~(RPMVERIFY_FDIGEST | RPMVERIFY_FILESIZE | RPMVERIFY_MTIME |
00178                 RPMVERIFY_MODE | RPMVERIFY_HMAC);
00179 #if CHOWN_FOLLOWS_SYMLINK
00180         vf->vflags &= ~(RPMVERIFY_USER | RPMVERIFY_GROUP);
00181 #endif
00182     }
00183     else if (S_ISFIFO(sb.st_mode))
00184         vf->vflags &= ~(RPMVERIFY_FDIGEST | RPMVERIFY_FILESIZE | RPMVERIFY_MTIME |
00185                         RPMVERIFY_LINKTO | RPMVERIFY_HMAC);
00186     else if (S_ISCHR(sb.st_mode))
00187         vf->vflags &= ~(RPMVERIFY_FDIGEST | RPMVERIFY_FILESIZE | RPMVERIFY_MTIME |
00188                         RPMVERIFY_LINKTO | RPMVERIFY_HMAC);
00189     else if (S_ISBLK(sb.st_mode))
00190         vf->vflags &= ~(RPMVERIFY_FDIGEST | RPMVERIFY_FILESIZE | RPMVERIFY_MTIME |
00191                         RPMVERIFY_LINKTO | RPMVERIFY_HMAC);
00192     else
00193         vf->vflags &= ~(RPMVERIFY_LINKTO);
00194 
00195     if (vf->vflags & (RPMVERIFY_FDIGEST | RPMVERIFY_HMAC)) {
00196         if (vf->digest == NULL || vf->dlen == 0)
00197             res |= RPMVERIFY_FDIGEST;
00198         else {
00199         /* XXX If --nofdigest, then prelinked library sizes fail to verify. */
00200             unsigned char * fdigest = memset(alloca(vf->dlen), 0, vf->dlen);
00201             size_t fsize = 0;
00202 #define _mask   (RPMVERIFY_FDIGEST|RPMVERIFY_HMAC)
00203             unsigned dflags = (vf->vflags & _mask) == RPMVERIFY_HMAC
00204                 ? 0x2 : 0x0;
00205 #undef  _mask
00206             int rc = dodigest(vf->dalgo, vf->fn, fdigest, dflags, &fsize);
00207             sb.st_size = fsize;
00208             if (rc)
00209                 res |= (RPMVERIFY_READFAIL|RPMVERIFY_FDIGEST);
00210             else
00211             if (memcmp(fdigest, vf->digest, vf->dlen))
00212                 res |= RPMVERIFY_FDIGEST;
00213         }
00214     }
00215 
00216     if (vf->vflags & RPMVERIFY_LINKTO) {
00217         char linkto[1024+1];
00218         int size = 0;
00219 
00220         if ((size = Readlink(vf->fn, linkto, sizeof(linkto)-1)) == -1)
00221             res |= (RPMVERIFY_READLINKFAIL|RPMVERIFY_LINKTO);
00222         else {
00223             linkto[size] = '\0';
00224             if (vf->flink == NULL || strcmp(linkto, vf->flink))
00225                 res |= RPMVERIFY_LINKTO;
00226         }
00227     }
00228 
00229     if (vf->vflags & RPMVERIFY_FILESIZE) {
00230         if (sb.st_size != vf->sb.st_size)
00231             res |= RPMVERIFY_FILESIZE;
00232     }
00233 
00234     if (vf->vflags & RPMVERIFY_MODE) {
00235         /* XXX AIX has sizeof(mode_t) > sizeof(unsigned short) */
00236         unsigned short metamode = (unsigned short)vf->sb.st_mode;
00237         unsigned short filemode = (unsigned short)sb.st_mode;
00238 
00239         /* Comparing type of %ghost files is meaningless, but perms are OK. */
00240         if (vf->fflags & RPMFILE_GHOST) {
00241             metamode &= ~0xf000;
00242             filemode &= ~0xf000;
00243         }
00244         if (metamode != filemode)
00245             res |= RPMVERIFY_MODE;
00246     }
00247 
00248     if (vf->vflags & RPMVERIFY_RDEV) {
00249         if (S_ISCHR(vf->sb.st_mode) != S_ISCHR(sb.st_mode)
00250          || S_ISBLK(vf->sb.st_mode) != S_ISBLK(sb.st_mode))
00251             res |= RPMVERIFY_RDEV;
00252         else if (S_ISDEV(vf->sb.st_mode) && S_ISDEV(sb.st_mode)) {
00253             rpmuint16_t st_rdev = (rpmuint16_t)(sb.st_rdev & 0xffff);
00254             rpmuint16_t frdev = (rpmuint16_t)(vf->sb.st_rdev & 0xffff);
00255             if (st_rdev != frdev)
00256                 res |= RPMVERIFY_RDEV;
00257         }
00258     }
00259 
00260     if (vf->vflags & RPMVERIFY_MTIME) {
00261         if (sb.st_mtime != vf->sb.st_mtime)
00262             res |= RPMVERIFY_MTIME;
00263     }
00264 
00265     if (vf->vflags & RPMVERIFY_USER) {
00266         const char * fuser = uidToUname(sb.st_uid);
00267         if (fuser == NULL || vf->fuser == NULL || strcmp(fuser, vf->fuser))
00268             res |= RPMVERIFY_USER;
00269     }
00270 
00271     if (vf->vflags & RPMVERIFY_GROUP) {
00272         const char * fgroup = gidToGname(sb.st_gid);
00273         if (fgroup == NULL || vf->fgroup == NULL || strcmp(fgroup, vf->fgroup))
00274             res |= RPMVERIFY_GROUP;
00275     }
00276 
00277 exit:
00278 
00279     if (spew) { /* XXX no output w verify(...) probe. */
00280         char buf[BUFSIZ];
00281         char * t = buf;
00282         char * te = t;
00283         *te = '\0';
00284         if (ec) {
00285             if (!(vf->fflags & (RPMFILE_MISSINGOK|RPMFILE_GHOST))
00286              || rpmIsVerbose())
00287             {
00288                 sprintf(te, _("missing   %c %s"),
00289                         ((vf->fflags & RPMFILE_CONFIG)  ? 'c' :
00290                          (vf->fflags & RPMFILE_DOC)     ? 'd' :
00291                          (vf->fflags & RPMFILE_GHOST)   ? 'g' :
00292                          (vf->fflags & RPMFILE_LICENSE) ? 'l' :
00293                          (vf->fflags & RPMFILE_PUBKEY)  ? 'P' :
00294                          (vf->fflags & RPMFILE_README)  ? 'r' : ' '),
00295                         vf->fn);
00296                 if ((res & RPMVERIFY_LSTATFAIL) != 0 && errno != ENOENT) {
00297                     te += strlen(te);
00298                     sprintf(te, " (%s)", strerror(errno));
00299                 }
00300             }
00301         } else if (res || rpmIsVerbose()) {
00302             /*@observer@*/ static const char aok[] = ".";
00303             /*@observer@*/ static const char unknown[] = "?";
00304 
00305 #define _verify(_RPMVERIFY_F, _C)       \
00306         ((res & _RPMVERIFY_F) ? _C : aok)
00307 #define _verifylink(_RPMVERIFY_F, _C)   \
00308         ((res & RPMVERIFY_READLINKFAIL) ? unknown : \
00309          (res & _RPMVERIFY_F) ? _C : aok)
00310 #define _verifyfile(_RPMVERIFY_F, _C)   \
00311         ((res & RPMVERIFY_READFAIL) ? unknown : \
00312          (res & _RPMVERIFY_F) ? _C : aok)
00313         
00314             const char * digest = _verifyfile(RPMVERIFY_FDIGEST, "5");
00315             const char * size = _verify(RPMVERIFY_FILESIZE, "S");
00316             const char * link = _verifylink(RPMVERIFY_LINKTO, "L");
00317             const char * mtime = _verify(RPMVERIFY_MTIME, "T");
00318             const char * rdev = _verify(RPMVERIFY_RDEV, "D");
00319             const char * user = _verify(RPMVERIFY_USER, "U");
00320             const char * group = _verify(RPMVERIFY_GROUP, "G");
00321             const char * mode = _verify(RPMVERIFY_MODE, "M");
00322 
00323 #undef _verifyfile
00324 #undef _verifylink
00325 #undef _verify
00326 
00327             sprintf(te, "%s%s%s%s%s%s%s%s  %c %s",
00328                     size, mode, digest, rdev, link, user, group, mtime,
00329                         ((vf->fflags & RPMFILE_CONFIG)  ? 'c' :
00330                          (vf->fflags & RPMFILE_DOC)     ? 'd' :
00331                          (vf->fflags & RPMFILE_GHOST)   ? 'g' :
00332                          (vf->fflags & RPMFILE_LICENSE) ? 'l' :
00333                          (vf->fflags & RPMFILE_PUBKEY)  ? 'P' :
00334                          (vf->fflags & RPMFILE_README)  ? 'r' : ' '),
00335                         vf->fn);
00336 
00337         }
00338 
00339         if (t && *t)
00340             rpmlog(RPMLOG_NOTICE, "%s\n", t);
00341 
00342     }
00343 
00344     return (res != 0);
00345 }
00346 
00356 static int rpmVerifyScript(/*@unused@*/ QVA_t qva, rpmts ts,
00357                 rpmfi fi, /*@null@*/ FD_t scriptFd)
00358         /*@globals rpmGlobalMacroContext, h_errno, fileSystem, internalState @*/
00359         /*@modifies ts, fi, scriptFd, rpmGlobalMacroContext,
00360                 fileSystem, internalState @*/
00361 {
00362     rpmpsm psm;
00363     rpmRC rc;
00364     int ec = 0;
00365 
00366     if (scriptFd != NULL)
00367         rpmtsSetScriptFd(ts, scriptFd);
00368 
00369     psm = rpmpsmNew(ts, NULL, fi);
00370 
00371     rc = rpmpsmScriptStage(psm, RPMTAG_VERIFYSCRIPT, RPMTAG_VERIFYSCRIPTPROG);
00372     if (rc != RPMRC_OK)
00373         ec = 1;
00374 
00375     rc = rpmpsmScriptStage(psm, RPMTAG_SANITYCHECK, RPMTAG_SANITYCHECKPROG);
00376     if (rc != RPMRC_OK)
00377         ec = 1;
00378 
00379     psm = rpmpsmFree(psm, __FUNCTION__);
00380 
00381     if (scriptFd != NULL)
00382         rpmtsSetScriptFd(ts, NULL);
00383 
00384     return ec;
00385 }
00386 
00394 static int verifyDependencies(/*@unused@*/ QVA_t qva, rpmts ts,
00395                 Header h)
00396         /*@globals rpmGlobalMacroContext, h_errno, fileSystem, internalState @*/
00397         /*@modifies ts, h, rpmGlobalMacroContext, fileSystem, internalState @*/
00398 {
00399 #ifdef  NOTYET
00400     uint32_t hdrNum = headerGetInstance(h);
00401 #endif
00402     rpmps ps;
00403     int rc = 0;         /* assume no problems */
00404     int xx;
00405 
00406     rpmtsEmpty(ts);
00407 #ifdef  NOTYET
00408     if (hdrNum > 0)
00409         (void) rpmtsAddEraseElement(ts, h, hdrNum);
00410     else
00411 #endif
00412         (void) rpmtsAddInstallElement(ts, h, NULL, 0, NULL);
00413 
00414     xx = rpmtsCheck(ts);
00415     ps = rpmtsProblems(ts);
00416 
00417     if (rpmpsNumProblems(ps) > 0) {
00418         const char * altNEVR;
00419         const char * pkgNEVR = NULL;
00420         rpmpsi psi;
00421         rpmProblem prob;
00422         char * t, * te;
00423         int nb = 512;
00424 
00425         psi = rpmpsInitIterator(ps);
00426         while (rpmpsNextIterator(psi) >= 0) {
00427             prob = rpmpsProblem(psi);
00428             if (pkgNEVR == NULL)
00429                 pkgNEVR = rpmProblemGetPkgNEVR(prob);
00430 
00431             altNEVR = rpmProblemGetAltNEVR(prob);
00432 assert(altNEVR != NULL);
00433             if (altNEVR[0] == 'R' && altNEVR[1] == ' ')
00434                 nb += sizeof("\tRequires: ")-1;
00435             if (altNEVR[0] == 'C' && altNEVR[1] == ' ')
00436                 nb += sizeof("\tConflicts: ")-1;
00437             nb += strlen(altNEVR+2) + sizeof("\n") - 1;
00438 
00439         }
00440         psi = rpmpsFreeIterator(psi);
00441 
00442         te = t = alloca(nb);
00443         *te = '\0';
00444         sprintf(te, _("Unsatisfied dependencies for %s:\n"), pkgNEVR);
00445         te += strlen(te);
00446 
00447         psi = rpmpsInitIterator(ps);
00448         while (rpmpsNextIterator(psi) >= 0) {
00449             prob = rpmpsProblem(psi);
00450 
00451             if ((altNEVR = rpmProblemGetAltNEVR(prob)) == NULL)
00452                 altNEVR = "? ?altNEVR?";
00453             if (altNEVR[0] == 'R' && altNEVR[1] == ' ')
00454                 te = stpcpy(te, "\tRequires: ");
00455             if (altNEVR[0] == 'C' && altNEVR[1] == ' ')
00456                 te = stpcpy(te, "\tConflicts: ");
00457             te = stpcpy( stpcpy(te, altNEVR+2), "\n");
00458 
00459             rc++;
00460         }
00461         psi = rpmpsFreeIterator(psi);
00462 
00463         if (te > t) {
00464             *te++ = '\n';
00465             *te = '\0';
00466             rpmlog(RPMLOG_NOTICE, "%s", t);
00467             te = t;
00468             *t = '\0';
00469         }
00470     }
00471 
00472     ps = rpmpsFree(ps);
00473 
00474     rpmtsEmpty(ts);
00475 
00476     return rc;
00477 }
00478 
00479 int showVerifyPackage(QVA_t qva, rpmts ts, Header h)
00480 {
00481     rpmVerifyAttrs omitMask = ((qva->qva_flags & VERIFY_ATTRS) ^ VERIFY_ATTRS);
00482     int spew = (qva->qva_mode != 'v');  /* XXX no output w verify(...) probe. */
00483     static int scareMem = 0;
00484     rpmfi fi = rpmfiNew(ts, h, RPMTAG_BASENAMES, scareMem);
00485     rpmvf vf;
00486     int ec = 0;
00487     int rc;
00488     int i;
00489 
00490   if (fi != NULL)
00491 #if defined(_OPENMP)
00492   #pragma omp parallel
00493 #endif
00494   {
00495     if (qva->qva_flags & VERIFY_FILES)
00496 #if defined(_OPENMP)
00497     #pragma omp for reduction(+:ec) private(vf,rc,i) nowait
00498 #endif
00499     for (i = 0; i < rpmfiFC(fi); i++) {
00500         int fflags = fi->fflags[i];
00501 
00502         /* If not querying %config, skip config files. */
00503         if ((qva->qva_fflags & RPMFILE_CONFIG) && (fflags & RPMFILE_CONFIG))
00504             continue;
00505 
00506         /* If not querying %doc, skip doc files. */
00507         if ((qva->qva_fflags & RPMFILE_DOC) && (fflags & RPMFILE_DOC))
00508             continue;
00509 
00510         /* If not verifying %ghost, skip ghost files. */
00511         /* XXX the broken!!! logic disables %ghost queries always. */
00512         if (!(qva->qva_fflags & RPMFILE_GHOST) && (fflags & RPMFILE_GHOST))
00513             continue;
00514 
00515         /* Gather per-file data into a carrier. */
00516         vf = rpmvfNew(ts, fi, i, omitMask);
00517 
00518         /* Verify per-file metadata. */
00519         rc = rpmvfVerify(vf, spew);
00520         if (rc)
00521             ec += rc;
00522 
00523         (void) rpmvfFree(vf);
00524     }
00525     if (qva->qva_flags & VERIFY_SCRIPT)
00526 #if defined(_OPENMP)
00527     #pragma omp master
00528 #endif
00529     {
00530         if (headerIsEntry(h, RPMTAG_VERIFYSCRIPT) ||
00531             headerIsEntry(h, RPMTAG_SANITYCHECK))
00532         {
00533             FD_t fdo = fdDup(STDOUT_FILENO);
00534 
00535             rc = rpmfiSetHeader(fi, h);
00536             if ((rc = rpmVerifyScript(qva, ts, fi, fdo)) != 0)
00537                 ec += rc;
00538             if (fdo != NULL)
00539                 rc = Fclose(fdo);
00540             rc = rpmfiSetHeader(fi, NULL);
00541         }
00542     }
00543     if (qva->qva_flags & VERIFY_DEPS)
00544 #if defined(_OPENMP)
00545     #pragma omp master
00546 #endif
00547     {
00548         int save_noise = _rpmds_unspecified_epoch_noise;
00549 /*@-mods@*/
00550         if (rpmIsVerbose())
00551             _rpmds_unspecified_epoch_noise = 1;
00552         if ((rc = verifyDependencies(qva, ts, h)) != 0)
00553             ec += rc;
00554         _rpmds_unspecified_epoch_noise = save_noise;
00555 /*@=mods@*/
00556     }
00557   }
00558 
00559     fi = rpmfiFree(fi);
00560 
00561     return ec;
00562 }
00563 
00564 int rpmcliVerify(rpmts ts, QVA_t qva, const char ** argv)
00565 {
00566     rpmdepFlags depFlags = qva->depFlags, odepFlags;
00567     rpmtransFlags transFlags = qva->transFlags, otransFlags;
00568     rpmVSFlags vsflags, ovsflags;
00569     int ec = 0;
00570 
00571     if (qva->qva_showPackage == NULL)
00572         qva->qva_showPackage = showVerifyPackage;
00573 
00574     /* XXX verify flags are inverted from query. */
00575     vsflags = rpmExpandNumeric("%{?_vsflags_verify}");
00576     if (!(qva->qva_flags & VERIFY_DIGEST))
00577         vsflags |= _RPMVSF_NODIGESTS;
00578     if (!(qva->qva_flags & VERIFY_SIGNATURE))
00579         vsflags |= _RPMVSF_NOSIGNATURES;
00580     if (!(qva->qva_flags & VERIFY_HDRCHK))
00581         vsflags |= RPMVSF_NOHDRCHK;
00582     vsflags &= ~RPMVSF_NEEDPAYLOAD;
00583 
00584     odepFlags = rpmtsSetDFlags(ts, depFlags);
00585     otransFlags = rpmtsSetFlags(ts, transFlags);
00586     ovsflags = rpmtsSetVSFlags(ts, vsflags);
00587     ec = rpmcliArgIter(ts, qva, argv);
00588     vsflags = rpmtsSetVSFlags(ts, ovsflags);
00589     transFlags = rpmtsSetFlags(ts, otransFlags);
00590     depFlags = rpmtsSetDFlags(ts, odepFlags);
00591 
00592     if (qva->qva_showPackage == showVerifyPackage)
00593         qva->qva_showPackage = NULL;
00594 
00595     rpmtsEmpty(ts);
00596 
00597     return ec;
00598 }