diff --git a/src/archive.c b/src/archive.c index af0055e..26419d4 100644 --- a/src/archive.c +++ b/src/archive.c @@ -93,7 +93,7 @@ static size_t tar_entry_read(void *stream, void *ptr, size_t size) return -1; teis->bytes_left -= size; - if (teis->csum != NULL) + if (teis->csum == NULL) return size; EVP_DigestUpdate(&teis->mdctx, ptr, size); diff --git a/src/database.c b/src/database.c index b9eef79..4f9bb37 100644 --- a/src/database.c +++ b/src/database.c @@ -1284,8 +1284,7 @@ static int apk_db_install_archive_entry(void *_ctx, const char *p; int r = 0, type = APK_SCRIPT_INVALID; - if (apk_sign_ctx_process_file(&ctx->sctx, ae, is) == 0) - return 0; + apk_sign_ctx_verify_tar(&ctx->sctx, ae, is); /* Package metainfo and script processing */ if (ae->name[0] == '.') { diff --git a/src/package.c b/src/package.c index 44b4232..16d72f9 100644 --- a/src/package.c +++ b/src/package.c @@ -330,7 +330,8 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx, ctx->num_signatures++; /* Found already a trusted key */ - if (ctx->signature.pkey != NULL) + if (ctx->action != APK_SIGN_VERIFY || + ctx->signature.pkey != NULL) return 0; if (strncmp(&fi->name[6], "RSA.", 4) == 0 ||