mirror of
https://github.com/moparisthebest/pacman
synced 2024-08-13 17:03:46 -04:00
Merge branch 'gpg-libalpm-basics'
This commit is contained in:
commit
f7b577dc77
@ -25,6 +25,7 @@ libalpm_la_SOURCES = \
|
||||
alpm.h alpm.c \
|
||||
alpm_list.h alpm_list.c \
|
||||
backup.h backup.c \
|
||||
base64.h base64.c \
|
||||
be_local.c \
|
||||
be_package.c \
|
||||
be_sync.c \
|
||||
|
@ -45,6 +45,7 @@ extern "C" {
|
||||
|
||||
typedef struct __pmdb_t pmdb_t;
|
||||
typedef struct __pmpkg_t pmpkg_t;
|
||||
typedef struct __pmpgpsig_t pmpgpsig_t;
|
||||
typedef struct __pmdelta_t pmdelta_t;
|
||||
typedef struct __pmgrp_t pmgrp_t;
|
||||
typedef struct __pmtrans_t pmtrans_t;
|
||||
@ -215,6 +216,7 @@ time_t alpm_pkg_get_builddate(pmpkg_t *pkg);
|
||||
time_t alpm_pkg_get_installdate(pmpkg_t *pkg);
|
||||
const char *alpm_pkg_get_packager(pmpkg_t *pkg);
|
||||
const char *alpm_pkg_get_md5sum(pmpkg_t *pkg);
|
||||
const pmpgpsig_t *alpm_pkg_get_pgpsig(pmpkg_t *pkg);
|
||||
const char *alpm_pkg_get_arch(pmpkg_t *pkg);
|
||||
off_t alpm_pkg_get_size(pmpkg_t *pkg);
|
||||
off_t alpm_pkg_get_isize(pmpkg_t *pkg);
|
||||
|
190
lib/libalpm/base64.c
Normal file
190
lib/libalpm/base64.c
Normal file
@ -0,0 +1,190 @@
|
||||
/*
|
||||
* RFC 1521 base64 encoding/decoding
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
/*
|
||||
* Pacman Notes:
|
||||
*
|
||||
* Taken from the PolarSSL project at www.polarssl.org under terms of the
|
||||
* GPL. This is from version 0.14.2 of the library, and has been modified
|
||||
* as following, which may be helpful for future updates:
|
||||
* * remove "polarssl/config.h" include
|
||||
* * change include from "polarssl/base64.h" to "base64.h"
|
||||
* * removal of SELF_TEST code
|
||||
*/
|
||||
|
||||
#include "base64.h"
|
||||
|
||||
static const unsigned char base64_enc_map[64] =
|
||||
{
|
||||
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
|
||||
'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',
|
||||
'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd',
|
||||
'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
|
||||
'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x',
|
||||
'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7',
|
||||
'8', '9', '+', '/'
|
||||
};
|
||||
|
||||
static const unsigned char base64_dec_map[128] =
|
||||
{
|
||||
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
|
||||
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
|
||||
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
|
||||
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
|
||||
127, 127, 127, 62, 127, 127, 127, 63, 52, 53,
|
||||
54, 55, 56, 57, 58, 59, 60, 61, 127, 127,
|
||||
127, 64, 127, 127, 127, 0, 1, 2, 3, 4,
|
||||
5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
|
||||
15, 16, 17, 18, 19, 20, 21, 22, 23, 24,
|
||||
25, 127, 127, 127, 127, 127, 127, 26, 27, 28,
|
||||
29, 30, 31, 32, 33, 34, 35, 36, 37, 38,
|
||||
39, 40, 41, 42, 43, 44, 45, 46, 47, 48,
|
||||
49, 50, 51, 127, 127, 127, 127, 127
|
||||
};
|
||||
|
||||
/*
|
||||
* Encode a buffer into base64 format
|
||||
*/
|
||||
int base64_encode( unsigned char *dst, int *dlen,
|
||||
const unsigned char *src, int slen )
|
||||
{
|
||||
int i, n;
|
||||
int C1, C2, C3;
|
||||
unsigned char *p;
|
||||
|
||||
if( slen == 0 )
|
||||
return( 0 );
|
||||
|
||||
n = (slen << 3) / 6;
|
||||
|
||||
switch( (slen << 3) - (n * 6) )
|
||||
{
|
||||
case 2: n += 3; break;
|
||||
case 4: n += 2; break;
|
||||
default: break;
|
||||
}
|
||||
|
||||
if( *dlen < n + 1 )
|
||||
{
|
||||
*dlen = n + 1;
|
||||
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
|
||||
}
|
||||
|
||||
n = (slen / 3) * 3;
|
||||
|
||||
for( i = 0, p = dst; i < n; i += 3 )
|
||||
{
|
||||
C1 = *src++;
|
||||
C2 = *src++;
|
||||
C3 = *src++;
|
||||
|
||||
*p++ = base64_enc_map[(C1 >> 2) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C2 & 15) << 2) + (C3 >> 6)) & 0x3F];
|
||||
*p++ = base64_enc_map[C3 & 0x3F];
|
||||
}
|
||||
|
||||
if( i < slen )
|
||||
{
|
||||
C1 = *src++;
|
||||
C2 = ((i + 1) < slen) ? *src++ : 0;
|
||||
|
||||
*p++ = base64_enc_map[(C1 >> 2) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
|
||||
|
||||
if( (i + 1) < slen )
|
||||
*p++ = base64_enc_map[((C2 & 15) << 2) & 0x3F];
|
||||
else *p++ = '=';
|
||||
|
||||
*p++ = '=';
|
||||
}
|
||||
|
||||
*dlen = p - dst;
|
||||
*p = 0;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Decode a base64-formatted buffer
|
||||
*/
|
||||
int base64_decode( unsigned char *dst, int *dlen,
|
||||
const unsigned char *src, int slen )
|
||||
{
|
||||
int i, j, n;
|
||||
unsigned long x;
|
||||
unsigned char *p;
|
||||
|
||||
for( i = j = n = 0; i < slen; i++ )
|
||||
{
|
||||
if( ( slen - i ) >= 2 &&
|
||||
src[i] == '\r' && src[i + 1] == '\n' )
|
||||
continue;
|
||||
|
||||
if( src[i] == '\n' )
|
||||
continue;
|
||||
|
||||
if( src[i] == '=' && ++j > 2 )
|
||||
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
if( src[i] > 127 || base64_dec_map[src[i]] == 127 )
|
||||
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
if( base64_dec_map[src[i]] < 64 && j != 0 )
|
||||
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
n++;
|
||||
}
|
||||
|
||||
if( n == 0 )
|
||||
return( 0 );
|
||||
|
||||
n = ((n * 6) + 7) >> 3;
|
||||
|
||||
if( *dlen < n )
|
||||
{
|
||||
*dlen = n;
|
||||
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
|
||||
}
|
||||
|
||||
for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ )
|
||||
{
|
||||
if( *src == '\r' || *src == '\n' )
|
||||
continue;
|
||||
|
||||
j -= ( base64_dec_map[*src] == 64 );
|
||||
x = (x << 6) | ( base64_dec_map[*src] & 0x3F );
|
||||
|
||||
if( ++n == 4 )
|
||||
{
|
||||
n = 0;
|
||||
if( j > 0 ) *p++ = (unsigned char)( x >> 16 );
|
||||
if( j > 1 ) *p++ = (unsigned char)( x >> 8 );
|
||||
if( j > 2 ) *p++ = (unsigned char)( x );
|
||||
}
|
||||
}
|
||||
|
||||
*dlen = p - dst;
|
||||
|
||||
return( 0 );
|
||||
}
|
68
lib/libalpm/base64.h
Normal file
68
lib/libalpm/base64.h
Normal file
@ -0,0 +1,68 @@
|
||||
/**
|
||||
* \file base64.h
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef _BASE64_H
|
||||
#define _BASE64_H
|
||||
|
||||
#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL 0x0010
|
||||
#define POLARSSL_ERR_BASE64_INVALID_CHARACTER 0x0012
|
||||
|
||||
/**
|
||||
* \brief Encode a buffer into base64 format
|
||||
*
|
||||
* \param dst destination buffer
|
||||
* \param dlen size of the buffer
|
||||
* \param src source buffer
|
||||
* \param slen amount of data to be encoded
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL.
|
||||
* *dlen is always updated to reflect the amount
|
||||
* of data that has (or would have) been written.
|
||||
*
|
||||
* \note Call this function with *dlen = 0 to obtain the
|
||||
* required buffer size in *dlen
|
||||
*/
|
||||
int base64_encode( unsigned char *dst, int *dlen,
|
||||
const unsigned char *src, int slen );
|
||||
|
||||
/**
|
||||
* \brief Decode a base64-formatted buffer
|
||||
*
|
||||
* \param dst destination buffer
|
||||
* \param dlen size of the buffer
|
||||
* \param src source buffer
|
||||
* \param slen amount of data to be decoded
|
||||
*
|
||||
* \return 0 if successful, POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL, or
|
||||
* POLARSSL_ERR_BASE64_INVALID_DATA if the input data is not
|
||||
* correct. *dlen is always updated to reflect the amount
|
||||
* of data that has (or would have) been written.
|
||||
*
|
||||
* \note Call this function with *dlen = 0 to obtain the
|
||||
* required buffer size in *dlen
|
||||
*/
|
||||
int base64_decode( unsigned char *dst, int *dlen,
|
||||
const unsigned char *src, int slen );
|
||||
|
||||
#endif /* base64.h */
|
@ -251,11 +251,57 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full)
|
||||
RET_ERR(PM_ERR_WRONG_ARGS, NULL);
|
||||
}
|
||||
|
||||
if(stat(pkgfile, &st) != 0) {
|
||||
/* attempt to stat the package file, ensure it exists */
|
||||
if(stat(pkgfile, &st) == 0) {
|
||||
char *pgpfile;
|
||||
|
||||
newpkg = _alpm_pkg_new();
|
||||
if(newpkg == NULL) {
|
||||
RET_ERR(PM_ERR_MEMORY, NULL);
|
||||
}
|
||||
newpkg->filename = strdup(pkgfile);
|
||||
newpkg->size = st.st_size;
|
||||
|
||||
/* look around for a PGP signature file; load if available */
|
||||
MALLOC(pgpfile, strlen(pkgfile) + 5, RET_ERR(PM_ERR_MEMORY, NULL));
|
||||
sprintf(pgpfile, "%s.sig", pkgfile);
|
||||
if(access(pgpfile, R_OK) == 0) {
|
||||
FILE *f;
|
||||
long bytes;
|
||||
size_t bytes_read;
|
||||
f = fopen(pgpfile, "rb");
|
||||
fseek(f, 0L, SEEK_END);
|
||||
bytes = ftell(f);
|
||||
fseek(f, 0L, SEEK_SET);
|
||||
/* don't read the file in if it is obviously not the size of a sig */
|
||||
if(bytes == 72) {
|
||||
CALLOC(newpkg->pgpsig.rawdata, bytes, sizeof(char),
|
||||
RET_ERR(PM_ERR_MEMORY, NULL));
|
||||
bytes_read = fread(newpkg->pgpsig.rawdata, sizeof(char), bytes, f);
|
||||
if(bytes_read == (size_t)bytes) {
|
||||
newpkg->pgpsig.rawlen = bytes;
|
||||
_alpm_log(PM_LOG_DEBUG,
|
||||
"loaded package .sig file, location %s\n", pgpfile);
|
||||
} else {
|
||||
_alpm_log(PM_LOG_WARNING, _("Failed reading PGP signature file for %s"),
|
||||
pkgfile);
|
||||
}
|
||||
} else {
|
||||
_alpm_log(PM_LOG_WARNING, _("PGP signature file for %s was abnormal"
|
||||
" (had length %ld), skipping\n"), pkgfile, bytes);
|
||||
}
|
||||
fclose(f);
|
||||
} else {
|
||||
_alpm_log(PM_LOG_DEBUG, "no package signature file found\n");
|
||||
}
|
||||
FREE(pgpfile);
|
||||
} else {
|
||||
/* couldn't stat the pkgfile, return an error */
|
||||
RET_ERR(PM_ERR_PKG_OPEN, NULL);
|
||||
}
|
||||
|
||||
if((archive = archive_read_new()) == NULL) {
|
||||
alpm_pkg_free(newpkg);
|
||||
RET_ERR(PM_ERR_LIBARCHIVE, NULL);
|
||||
}
|
||||
|
||||
@ -264,6 +310,7 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full)
|
||||
|
||||
if (archive_read_open_filename(archive, pkgfile,
|
||||
ARCHIVE_DEFAULT_BYTES_PER_BLOCK) != ARCHIVE_OK) {
|
||||
alpm_pkg_free(newpkg);
|
||||
RET_ERR(PM_ERR_PKG_OPEN, NULL);
|
||||
}
|
||||
|
||||
|
@ -40,6 +40,7 @@
|
||||
#include "delta.h"
|
||||
#include "handle.h"
|
||||
#include "deps.h"
|
||||
#include "base64.h"
|
||||
|
||||
/** \addtogroup alpm_packages Package Functions
|
||||
* @brief Functions to manipulate libalpm packages
|
||||
@ -201,6 +202,42 @@ const char SYMEXPORT *alpm_pkg_get_md5sum(pmpkg_t *pkg)
|
||||
return pkg->ops->get_md5sum(pkg);
|
||||
}
|
||||
|
||||
static int decode_pgpsig(pmpkg_t *pkg) {
|
||||
int len = strlen(pkg->pgpsig.encdata);
|
||||
const unsigned char *usline = (const unsigned char*)pkg->pgpsig.encdata;
|
||||
int destlen = 0;
|
||||
/* get the necessary size for the buffer by passing 0 */
|
||||
int ret = base64_decode(NULL, &destlen, usline, len);
|
||||
/* alloc our memory and repeat the call to decode */
|
||||
MALLOC(pkg->pgpsig.rawdata, (size_t)destlen, goto error);
|
||||
ret = base64_decode(pkg->pgpsig.rawdata, &destlen, usline, len);
|
||||
pkg->pgpsig.rawlen = destlen;
|
||||
if(ret != 0) {
|
||||
goto error;
|
||||
}
|
||||
|
||||
FREE(pkg->pgpsig.encdata);
|
||||
return 0;
|
||||
|
||||
error:
|
||||
FREE(pkg->pgpsig.rawdata);
|
||||
pkg->pgpsig.rawlen = 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
const pmpgpsig_t SYMEXPORT *alpm_pkg_get_pgpsig(pmpkg_t *pkg)
|
||||
{
|
||||
ALPM_LOG_FUNC;
|
||||
|
||||
/* Sanity checks */
|
||||
ASSERT(pkg != NULL, RET_ERR(PM_ERR_WRONG_ARGS, NULL));
|
||||
|
||||
if(pkg->pgpsig.rawdata == NULL && pkg->pgpsig.encdata != NULL) {
|
||||
decode_pgpsig(pkg);
|
||||
}
|
||||
return &(pkg->pgpsig);
|
||||
}
|
||||
|
||||
const char SYMEXPORT *alpm_pkg_get_arch(pmpkg_t *pkg)
|
||||
{
|
||||
return pkg->ops->get_arch(pkg);
|
||||
@ -463,6 +500,8 @@ void _alpm_pkg_free(pmpkg_t *pkg)
|
||||
FREE(pkg->url);
|
||||
FREE(pkg->packager);
|
||||
FREE(pkg->md5sum);
|
||||
FREE(pkg->pgpsig.encdata);
|
||||
FREE(pkg->pgpsig.rawdata);
|
||||
FREE(pkg->arch);
|
||||
FREELIST(pkg->licenses);
|
||||
FREELIST(pkg->replaces);
|
||||
|
@ -87,6 +87,16 @@ struct pkg_operations {
|
||||
*/
|
||||
extern struct pkg_operations default_pkg_ops;
|
||||
|
||||
struct __pmpgpsig_t {
|
||||
/* we will either store the encoded data or the raw data-
|
||||
* this way we can decode on an as-needed basis since most
|
||||
* operations won't require the overhead of base64 decodes
|
||||
* on all packages in a sync repository. */
|
||||
char *encdata;
|
||||
size_t rawlen;
|
||||
unsigned char *rawdata;
|
||||
};
|
||||
|
||||
struct __pmpkg_t {
|
||||
unsigned long name_hash;
|
||||
char *filename;
|
||||
@ -98,6 +108,8 @@ struct __pmpkg_t {
|
||||
char *md5sum;
|
||||
char *arch;
|
||||
|
||||
pmpgpsig_t pgpsig;
|
||||
|
||||
time_t builddate;
|
||||
time_t installdate;
|
||||
|
||||
|
@ -150,6 +150,8 @@ class pmdb(object):
|
||||
pkg.size = int(fd.readline().strip("\n"))
|
||||
elif line == "%MD5SUM%":
|
||||
pkg.md5sum = fd.readline().strip("\n")
|
||||
elif line == "%PGPSIG%":
|
||||
pkg.pgpsig = fd.readline().strip("\n")
|
||||
elif line == "%REPLACES%":
|
||||
pkg.replaces = _getsection(fd)
|
||||
elif line == "%DEPENDS%":
|
||||
@ -241,6 +243,8 @@ class pmdb(object):
|
||||
data.append(_mksection("CSIZE", pkg.csize))
|
||||
if pkg.md5sum:
|
||||
data.append(_mksection("MD5SUM", pkg.md5sum))
|
||||
if pkg.pgpsig:
|
||||
data.append(_mksection("PGPSIG", pkg.pgpsig))
|
||||
if data:
|
||||
data.append("")
|
||||
filename = os.path.join(path, "desc")
|
||||
|
@ -47,6 +47,7 @@ class pmpkg(object):
|
||||
self.csize = 0
|
||||
self.reason = 0
|
||||
self.md5sum = "" # sync only
|
||||
self.pgpsig = "" # sync only
|
||||
self.replaces = []
|
||||
self.depends = []
|
||||
self.optdepends = []
|
||||
|
9
test/pacman/tests/sign001.py
Normal file
9
test/pacman/tests/sign001.py
Normal file
@ -0,0 +1,9 @@
|
||||
self.description = "Add a signature to a package DB"
|
||||
|
||||
sp = pmpkg("pkg1")
|
||||
sp.pgpsig = "asdfasdfsdfasdfsdafasdfsdfasd"
|
||||
self.addpkg2db("sync", sp)
|
||||
|
||||
self.args = "-Ss"
|
||||
|
||||
self.addrule("PACMAN_RETCODE=0")
|
11
test/pacman/tests/smoke004.py
Normal file
11
test/pacman/tests/smoke004.py
Normal file
@ -0,0 +1,11 @@
|
||||
self.description = "Read a package DB with several PGP signatures"
|
||||
|
||||
for i in range(1000):
|
||||
sp = pmpkg("pkg%03d" % i)
|
||||
sp.desc = "test description for package %d" % i
|
||||
sp.pgpsig = "asdfasdfsdfasdfsdafasdfsdfasd"
|
||||
self.addpkg2db("sync", sp)
|
||||
|
||||
self.args = "-Ss"
|
||||
|
||||
self.addrule("PACMAN_RETCODE=0")
|
Loading…
Reference in New Issue
Block a user