diff options
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | URPM.xs | 219 | ||||
| -rw-r--r-- | URPM/Signature.pm | 49 |
3 files changed, 59 insertions, 212 deletions
@@ -1,3 +1,6 @@ +- replace ->import_needed_pubkeys and ->import_pubkey in favor of + import_needed_pubkeys_from_file() and ->import_pubkey_file + (! this breaks API !) - drop $package->upgrade_files() (unused for a long time afaik) Version 2.10 - 22 November 2007, by Pascal "Pixel" Rigaux @@ -128,11 +128,9 @@ typedef struct s_Package* URPM__Package; static ssize_t write_nocheck(int fd, const void *buf, size_t count) { return write(fd, buf, count); } -#ifdef RPM_ORG static const void* unused_variable(const void *p) { return p; } -#endif static int rpmError_callback_data; void rpmError_callback() { @@ -142,10 +140,6 @@ void rpmError_callback() { write_nocheck(rpmError_callback_data, rpmlogMessage(), strlen(rpmlogMessage())); } -/* needed for importing keys (from rpmio) */ -int rpmioSlurp(const char * fn, const byte ** bp, ssize_t * blenp); -int b64decode (const char * s, void ** datap, size_t *lenp); - static int rpm_codeset_is_utf8 = 0; static SV* @@ -3674,193 +3668,40 @@ Urpm_verify_signature(filename) OUTPUT: RETVAL + int -Urpm_import_pubkey(...) - PREINIT: - int i; - URPM__DB db = NULL; - char *root = "/"; - STRLEN block_len = 0; - char *block = NULL; - STRLEN filename_len = 0; - char *filename = NULL; - rpmts ts; - const unsigned char *pkt = NULL; - ssize_t pktlen = 0; - const byte * b = NULL; - ssize_t blen; - int rc; - CODE: - for (i = 0; i < items-1; i+=2) { - STRLEN len; - char *s = SvPV(ST(i), len); +Urpm_import_pubkey_file(db, filename) + URPM::DB db + char * filename + PREINIT: + const byte * pkt = NULL; + size_t pktlen = 0; + int rc; + CODE: - if (len == 2 && !memcmp(s, "db", 2)) { - if (sv_derived_from(ST(i+1), "URPM::DB")) { - IV tmp = SvIV((SV*)SvRV(ST(i+1))); - db = INT2PTR(URPM__DB, tmp); - } - } else if (len == 4) { - if (!memcmp(s, "root", 4)) - root = SvPV_nolen(ST(i+1)); - } else if (len == 5) { - if (!memcmp(s, "block", 5)) - block = SvPV(ST(i+1), block_len); - } else if (len == 8) { - if (!memcmp(s, "filename", 8)) - filename = SvPV(ST(i+1), filename_len); - } - } - RETVAL = 1; - /* get transaction for importing keys, open rpmdb in write mode */ - if (db) { - ts = db->ts = rpmtsLink(db->ts, "URPM::import_pubkey"); - } else { - /* compabilty mode to use rpmdb installed on / */ - ts = rpmtsCreate(); - read_config_files(0); - rpmtsSetRootDir(ts, root); - rpmtsOpenDB(ts, O_RDWR | O_CREAT); - } - rpmtsClean(ts); - /* from pgpReadPkts the filename should be slurped directly in memory */ - if (filename) { - rc = rpmioSlurp(filename, &b, &blen); - } else if (block) { - blen = block_len; - b = memcpy(malloc(blen+1), block, blen+1); /* XXX should use xmalloc instead */ - rc = 0; - } else { - rc = 0; - } - if (rc || b == NULL || blen <= 0) { - /* error reading file, or no file or block */ - RETVAL = 0; - } else { - /* from pgpReadPkts the remaining of method */ - const char * enc = NULL; - const char * crcenc = NULL; - byte * dec; - byte * crcdec; - size_t declen; - size_t crclen; - u_int32_t crcpkt, crc; - const char * armortype = NULL; - char * t, * te; - int pstate = 0; - int _rc; - - rc = PGPARMOR_ERROR; /* XXX assume failure */ - - if (pgpIsPkt(b)) { -#ifdef NOTYET /* XXX ASCII Pubkeys only, please. */ - rc = 0; /* XXX fish out pkt type. */ -#endif - goto exit; - } -#define TOKEQ(_s, _tok) (!strncmp((_s), (_tok), sizeof(_tok)-1)) - for (t = (char *)b; t && *t; t = te) { - if ((te = strchr(t, '\n')) == NULL) - te = t + strlen(t); - else - te++; - - switch (pstate) { - case 0: - armortype = NULL; - if (!TOKEQ(t, "-----BEGIN PGP ")) - continue; - t += sizeof("-----BEGIN PGP ")-1; - - _rc = pgpValTok(pgpArmorTbl, t, te); - if (_rc < 0) - goto exit; - if (_rc != PGPARMOR_PUBKEY) /* XXX ASCII Pubkeys only, please. */ - continue; - armortype = t; - - t = te - (sizeof("-----\n")-1); - if (!TOKEQ(t, "-----\n")) - continue; - *t = '\0'; - pstate++; - /*@switchbreak@*/ break; - case 1: - enc = NULL; - _rc = pgpValTok(pgpArmorKeyTbl, t, te); - if (_rc >= 0) - continue; - if (*t != '\n') { - pstate = 0; - continue; - } - enc = te; /* Start of encoded packets */ - pstate++; - /*@switchbreak@*/ break; - case 2: - crcenc = NULL; - if (*t != '=') - continue; - *t++ = '\0'; /* Terminate encoded packets */ - crcenc = t; /* Start of encoded crc */ - pstate++; - /*@switchbreak@*/ break; - case 3: - pstate = 0; - if (!TOKEQ(t, "-----END PGP ")) - goto exit; - *t = '\0'; /* Terminate encoded crc */ - t += sizeof("-----END PGP ")-1; - - if (armortype == NULL) /* XXX can't happen */ - continue; - _rc = strncmp(t, armortype, strlen(armortype)); - if (_rc) - continue; - - t = te - (sizeof("-----\n")-1); - if (!TOKEQ(t, "-----\n")) - goto exit; - - if (b64decode(crcenc, (void **)&crcdec, &crclen) != 0) - continue; - crcpkt = pgpGrab(crcdec, crclen); - crcdec = _free(crcdec); - if (b64decode(enc, (void **)&dec, &declen) != 0) - goto exit; - crc = pgpCRC(dec, declen); - if (crcpkt != crc) - goto exit; - b = _free(b); - b = dec; - blen = declen; - rc = PGPARMOR_PUBKEY; /* XXX ASCII Pubkeys only, please. */ - goto exit; - /*@notreached@*/ /*@switchbreak@*/ break; - } + rpmts ts = rpmtsLink(db->ts, "URPM::import_pubkey_file"); + rpmtsClean(ts); + + if ((rc = pgpReadPkts(filename, &pkt, &pktlen)) <= 0) { + RETVAL = 0; + } else if (rc != PGPARMOR_PUBKEY) { + RETVAL = 0; + } else if (rpmcliImportPubkey(ts, pkt, pktlen) != RPMRC_OK) { + RETVAL = 0; + } else { + RETVAL = 1; } - rc = PGPARMOR_NONE; + _free(pkt); + rpmtsFree(ts); + OUTPUT: + RETVAL - exit: - if (rc > PGPARMOR_NONE) - pkt = b; - else if (b != NULL) - b = _free(b); - pktlen = blen; - } - if (rc < 0) { - /* import read failed */ - RETVAL = 0; - } else if (rc != PGPARMOR_PUBKEY) { - /* not armored public key */ - RETVAL = 0; - } else if ((rc = rpmcliImportPubkey(ts, pkt, pktlen)) != 0) { - /* import failed */ - RETVAL = 0; - } - rpmtsClean(ts); - _free(pkt); - rpmtsFree(ts); +int +Urpm_import_pubkey(...) + CODE: + unused_variable(&items); + croak("import_pubkey() is dead. use import_pubkey_file() instead"); + RETVAL = 1; OUTPUT: RETVAL diff --git a/URPM/Signature.pm b/URPM/Signature.pm index 66f717b..4a0fdbe 100644 --- a/URPM/Signature.pm +++ b/URPM/Signature.pm @@ -5,12 +5,12 @@ use strict; #- compare keys to avoid glitches introduced during the importation where #- some characters may be modified on the fly by rpm --import... sub compare_pubkeys { - my ($a, $b, %options) = @_; + my ($a, $b) = @_; my $diff = 0; my @a = unpack "C*", $a->{content}; my @b = unpack "C*", $b->{content}; - #- default options to use. + my %options; $options{start} ||= 0; $options{end} ||= @a < @b ? scalar(@b) : scalar(@a); $options{diff} ||= 1; @@ -105,33 +105,36 @@ sub parse_pubkeys_ { values %keys; } -#- import pubkeys only if it is needed. +#- obsoleted sub import_needed_pubkeys { - my ($urpm, $l, %options) = @_; + warn "import_needed_pubkeys prototype has changed, please give a file directly\n"; + return; +} - #- use the same database handle to avoid re-opening multiple times the database. - my $db = $options{db}; - $db ||= URPM::DB::open($options{root}, 1) - or die "Can't open RPM DB, aborting\n"; - - #- assume $l is a reference to an array containing all the keys to import - #- if needed. - foreach my $k (@{$l || []}) { - my ($id, $imported); - foreach my $kv (values %{$urpm->{keys} || {}}) { - compare_pubkeys($k, $kv, %options) == 0 and $id = $kv->{id}, last; - } - unless ($id) { +#- import pubkeys only if it is needed. +sub import_needed_pubkeys_from_file { + my ($db, $pubkey_file, $o_callback) = @_; + + my @keys = parse_pubkeys_($db); + + my $find_key = sub { + my ($k) = @_; + my ($kv) = grep { compare_pubkeys($k, $_) == 0 } @keys; + $kv && $kv->{id}; + }; + + foreach my $k (parse_armored_file(undef, $pubkey_file)) { + my $imported; + my $id = $find_key->($k); + if (!$id) { $imported = 1; - import_pubkey(block => $k->{block}, db => $db); - $urpm->parse_pubkeys(db => $db); - foreach my $kv (values %{$urpm->{keys} || {}}) { - compare_pubkeys($k, $kv, %options) == 0 and $id = $kv->{id}, last; - } + import_pubkey_file($db, $pubkey_file); + @keys = parse_pubkeys_($db); + $id = $find_key->($k); } #- let the caller know about what has been found. #- this is an error if the key is not found. - $options{callback} and $options{callback}->($urpm, $db, $k, $id, $imported, %options); + $o_callback and $o_callback->($id, $imported); } } |