aboutsummaryrefslogtreecommitdiffstats
path: root/URPM.xs
diff options
context:
space:
mode:
authorRafael Garcia-Suarez <rgarciasuarez@mandriva.org>2005-05-02 10:39:51 +0000
committerRafael Garcia-Suarez <rgarciasuarez@mandriva.org>2005-05-02 10:39:51 +0000
commitc3a8e35b917c7b3515b279d963696b162d1ea7c5 (patch)
treec35e8b0f625c8c6f03ca34ac1ff8e407b9d6e0fc /URPM.xs
parenta22dcbd1877fd4b0f08ef8de83a29edacb09ebba (diff)
downloadperl-URPM-c3a8e35b917c7b3515b279d963696b162d1ea7c5.tar
perl-URPM-c3a8e35b917c7b3515b279d963696b162d1ea7c5.tar.gz
perl-URPM-c3a8e35b917c7b3515b279d963696b162d1ea7c5.tar.bz2
perl-URPM-c3a8e35b917c7b3515b279d963696b162d1ea7c5.tar.xz
perl-URPM-c3a8e35b917c7b3515b279d963696b162d1ea7c5.zip
Patch by Olivier Thauvin to adapt URPM for rpm 4.4
Diffstat (limited to 'URPM.xs')
-rw-r--r--URPM.xs397
1 files changed, 71 insertions, 326 deletions
diff --git a/URPM.xs b/URPM.xs
index e75318f..e3df883 100644
--- a/URPM.xs
+++ b/URPM.xs
@@ -661,10 +661,9 @@ return_list_tag_modifier(Header header, int_32 tag_name) {
dSP;
int i;
int_32 *list;
- int_16 *list16;
int_32 count, type;
headerGetEntry(header, tag_name, &type, (void **) &list, &count);
-
+
for (i=0; i<count; i++) {
char *buff[15];
char *s= buff;
@@ -3507,23 +3506,18 @@ char *
Urpm_verify_rpm(filename, ...)
char *filename
PREINIT:
+ rpmVSFlags vsflags = RPMVSF_DEFAULT;
+ rpmVSFlags oldvsflags = RPMVSF_DEFAULT;
URPM__DB db = NULL;
- int nopgp = 0, nogpg = 0, nomd5 = 0, norsa = 0, nodsa = 0, nosha1 = 0;
- struct rpmlead lead;
- Header sigh;
- HeaderIterator sigIter;
- const void *ptr;
- int_32 tag, type, count;
+ Header ret = NULL;
+ rpmRC rc = 0;
FD_t fd;
- const char *tmpfile = NULL;
int i;
- char result[8*BUFSIZ];
- unsigned char buffer[8192];
- unsigned char *b = buffer;
+ const char *tmpfile = NULL;
+ char * fmtsig = NULL;
+ char buffer[8192];
#ifdef RPM_42
rpmts ts;
- pgpDig dig;
- pgpDigParams sigp;
#else
FD_t ofd;
#endif
@@ -3539,23 +3533,30 @@ Urpm_verify_rpm(filename, ...)
} else
croak("db is not of type URPM::DB");
} else if (len == 5) {
- if (!memcmp(s, "nopgp", 5))
- nopgp = SvIV(ST(i+1));
- else if (!memcmp(s, "nogpg", 5))
- nogpg = SvIV(ST(i+1));
- else if (!memcmp(s, "nomd5", 5))
- nomd5 = SvIV(ST(i+1));
- else if (!memcmp(s, "norsa", 5))
- norsa = SvIV(ST(i+1));
- else if (!memcmp(s, "nodsa", 5))
- nodsa = SvIV(ST(i+1));
- } else if (len == 9 && !memcmp(s, "nodigests", 9))
- nomd5 = nosha1 = SvIV(ST(i+1));
+ if (!memcmp(s, "nopgp", 5)) {
+ if (SvIV(ST(i+1))) vsflags |= (RPMVSF_NOSHA1 | RPMVSF_NOSHA1HEADER);
+ }
+ else if (!memcmp(s, "nogpg", 5)) {
+ if (SvIV(ST(i+1))) vsflags |= (RPMVSF_NOSHA1 | RPMVSF_NOSHA1HEADER);
+ }
+ else if (!memcmp(s, "nomd5", 5)) {
+ if (SvIV(ST(i+1))) vsflags |= (RPMVSF_NOMD5 | RPMVSF_NOMD5HEADER);
+ }
+ else if (!memcmp(s, "norsa", 5)) {
+ if (SvIV(ST(i+1))) vsflags |= (RPMVSF_NORSA | RPMVSF_NORSAHEADER);
+ }
+ else if (!memcmp(s, "nodsa", 5)) {
+ if (SvIV(ST(i+1))) vsflags |= (RPMVSF_NODSA | RPMVSF_NODSAHEADER);
+ }
+ }
+ else if (len == 9 && !memcmp(s, "nodigests", 9)) {
+ if (SvIV(ST(i+1))) vsflags |= _RPMVSF_NODIGESTS;
+ }
else if (len == 12) {
if (!memcmp(s, "tmp_filename", 12))
tmpfile = SvPV_nolen(ST(i+1));
else if (!memcmp(s, "nosignatures", 12))
- nopgp = nogpg = norsa = nodsa = 1;
+ vsflags |= _RPMVSF_NOSIGNATURES;
}
}
RETVAL = NULL;
@@ -3566,6 +3567,8 @@ Urpm_verify_rpm(filename, ...)
#ifdef RPM_42
if (db) {
ts = db->ts;
+ /* setting verify flags, keeping trace of current flags */
+ oldvsflags = rpmtsSetVSFlags(ts, vsflags);
} else {
/* compabilty mode to use rpmdb installed on / */
ts = rpmtsCreate();
@@ -3575,309 +3578,51 @@ Urpm_verify_rpm(filename, ...)
}
#endif
- memset(&lead, 0, sizeof(lead));
- if (readLead(fd, &lead)) {
- RETVAL = "Could not read lead bytes";
- } else if (lead.major == 1) {
- RETVAL = "RPM version of package doesn't support signatures";
- } else {
-#ifdef RPM_42
- i = rpmReadSignature(fd, &sigh, lead.signature_type, NULL);
-#else
- i = rpmReadSignature(fd, &sigh, lead.signature_type);
-#endif
- if (i != RPMRC_OK) {
- RETVAL = "Could not read signature block (`rpmReadSignature' failed)";
- } else if (!sigh) {
- RETVAL = "No signatures";
-#ifdef RPM_42
- }
- /* Grab a hint of what needs doing to avoid duplication. */
- tag = 0;
- if (tag == 0) {
- if (!nodsa && headerIsEntry(sigh, RPMSIGTAG_DSA))
- tag = RPMSIGTAG_DSA;
- else if (!norsa && headerIsEntry(sigh, RPMSIGTAG_RSA))
- tag = RPMSIGTAG_RSA;
- else if (!nogpg && headerIsEntry(sigh, RPMSIGTAG_GPG))
- tag = RPMSIGTAG_GPG;
- else if (!nopgp && headerIsEntry(sigh, RPMSIGTAG_PGP))
- tag = RPMSIGTAG_PGP;
- }
- if (tag == 0) {
- if (!nomd5 && headerIsEntry(sigh, RPMSIGTAG_MD5))
- tag = RPMSIGTAG_MD5;
- else if (!nosha1 && headerIsEntry(sigh, RPMSIGTAG_SHA1))
- tag = RPMSIGTAG_SHA1; /* XXX never happens */
- }
-
- if (headerIsEntry(sigh, RPMSIGTAG_PGP)
- || headerIsEntry(sigh, RPMSIGTAG_PGP5)
- || headerIsEntry(sigh, RPMSIGTAG_MD5))
- fdInitDigest(fd, PGPHASHALGO_MD5, 0);
- if (headerIsEntry(sigh, RPMSIGTAG_GPG))
- fdInitDigest(fd, PGPHASHALGO_SHA1, 0);
-
- dig = rpmtsDig(ts);
- sigp = rpmtsSignature(ts);
-
- /* Read the file, generating digest(s) on the fly. */
- if (dig == NULL || sigp == NULL || readFile(fd, filename, dig)) {
- RETVAL = "Unable to read rpm file";
- } else {
-#else
- } else if (makeTempFile(NULL, &tmpfile, &ofd)) {
- if (tmpfile) {
- unlink(tmpfile);
- ofd = Fopen(tmpfile, "w+x.ufdio");
- if (ofd == NULL || Ferror(fd))
- RETVAL = "Unable to create tempory file";
- } else
- if (makeTempFile(NULL, &tmpfile, &ofd))
- RETVAL = "Unable to create tempory file";
- }
- if (!RETVAL) {
- while ((i = fdRead(fd, buffer, sizeof(buffer))) != 0) {
- if (i == -1) {
- RETVAL = "Error reading file";
- break;
- }
- if (fdWrite(ofd, buffer, i) < 0) {
- RETVAL = "Error writing temp file";
- break;
- }
- }
-#endif
- if (!RETVAL) {
- int res2 = 0;
- int res3;
- char *tempKey;
-
- buffer[0] = 0; /* reset buffer as it is used again */
- for (sigIter = headerInitIterator(sigh);
- headerNextIterator(sigIter, &tag, &type, &ptr, &count);
-#ifdef RPM_42
- (void) rpmtsSetSig(ts, tag, type, NULL, count)) {
-#else
- ptr = headerFreeData(ptr, type)) {
-#endif
- if (ptr == NULL) continue;
-#ifdef RPM_42
- (void) rpmtsSetSig(ts, tag, type, ptr, count);
- pgpCleanDig(dig);
-#endif
- switch (tag) {
- case RPMSIGTAG_PGP5:
- case RPMSIGTAG_PGP:
- if (nopgp) continue;
- break;
-
- case RPMSIGTAG_GPG:
- if (nogpg) continue;
- break;
-#ifdef RPM_42
- case RPMSIGTAG_RSA:
- if (norsa) continue;
- break;
-
- case RPMSIGTAG_DSA:
- if (nodsa) continue;
- break;
-#endif
- case RPMSIGTAG_LEMD5_2:
- case RPMSIGTAG_LEMD5_1:
- case RPMSIGTAG_MD5:
- if (nomd5) continue;
- break;
-#ifdef RPM_42
- case RPMSIGTAG_SHA1:
- if (nosha1) continue;
- break;
-#endif
-
- default:
- continue;
- }
-#ifdef RPM_42
- switch (tag) {
- case RPMSIGTAG_PGP5:
- case RPMSIGTAG_PGP:
- case RPMSIGTAG_GPG:
- case RPMSIGTAG_RSA:
- case RPMSIGTAG_DSA:
- pgpPrtPkts(ptr, count, dig, 0); if (sigp->version != 3) continue;
- break;
-
- default:
- break;
- }
- res3 = rpmVerifySignature(ts, result);
-#else
- res3 = rpmVerifySignature(tmpfile, tag, ptr, count, result);
-#endif
- tempKey = strstr(result, "ey ID");
- if (tempKey) tempKey += 6;
- else {
- tempKey = strstr(result, "keyid:");
- if (tempKey) tempKey += 9;
- }
- if (res3) {
- switch (tag) {
-#ifdef RPM_42
- case RPMSIGTAG_SHA1:
- b = stpcpy(b, "SHA1 ");
- res2 = 1;
- /*@switchbreak@*/ break;
- case RPMSIGTAG_RSA:
- b = stpcpy(b, "RSA ");
- res2 = 1;
- /*@switchbreak@*/ break;
- case RPMSIGTAG_DSA:
- b = stpcpy(b, "(SHA1) DSA ");
- res2 = 1;
- /*@switchbreak@*/ break;
-#endif
- case RPMSIGTAG_SIZE:
- b = stpcpy(b, "SIZE ");
- res2 = 1;
- /*@switchbreak@*/ break;
- case RPMSIGTAG_LEMD5_2:
- case RPMSIGTAG_LEMD5_1:
- case RPMSIGTAG_MD5:
- b = stpcpy(b, "MD5 ");
- res2 = 1;
- /*@switchbreak@*/ break;
- case RPMSIGTAG_PGP5: /* XXX legacy */
- case RPMSIGTAG_PGP:
- switch (res3) {
-#ifdef RPM_42
- case RPMRC_NOKEY:
-#else
- case RPMSIG_NOKEY:
-#endif
- res2 = 1;
- /*@fallthrough@*/
-#ifdef RPM_42
- case RPMRC_NOTTRUSTED:
-#else
- case RPMSIG_NOTTRUSTED:
-#endif
- b = stpcpy(b, "(MD5) (PGP) ");
- if (tempKey) {
-#ifdef RPM_42
- if (res3 == RPMRC_NOKEY)
-#else
- if (res3 == RPMSIG_NOKEY)
-#endif
- b = stpcpy(b, "(MISSING KEY) ");
- else
- b = stpcpy(b, "(UNTRUSTED KEY) ");
- }
- default:
- b = stpcpy(b, "MD5 PGP ");
- res2 = 1;
- /*@innerbreak@*/ break;
- }
- if (tempKey) {
- b = stpcpy(b, "PGP#");
- b = stpncpy(b, tempKey, 8);
- b = stpcpy(b, " ");
- }
- /*@switchbreak@*/ break;
- case RPMSIGTAG_GPG:
- /* Do not consider this a failure */
- switch (res3) {
-#ifdef RPM_42
- case RPMRC_NOKEY:
-#else
- case RPMSIG_NOKEY:
-#endif
- b = stpcpy(b, "(GPG) (MISSING KEY) ");
- res2 = 1;
- /*@innerbreak@*/ break;
- default:
- b = stpcpy(b, "GPG ");
- res2 = 1;
- /*@innerbreak@*/ break;
- }
- if (tempKey) {
- b = stpcpy(b, "GPG#");
- b = stpncpy(b, tempKey, 8);
- b = stpcpy(b, " ");
- }
- /*@switchbreak@*/ break;
- default:
- b = stpcpy(b, "?UnknownSignatureType? ");
- res2 = 1;
- /*@switchbreak@*/ break;
- }
- } else {
- switch (tag) {
-#ifdef RPM_42
- case RPMSIGTAG_SHA1:
- b = stpcpy(b, "sha1 ");
- /*@switchbreak@*/ break;
- case RPMSIGTAG_RSA:
- b = stpcpy(b, "rsa ");
- /*@switchbreak@*/ break;
- case RPMSIGTAG_DSA:
- b = stpcpy(b, "(sha1) dsa ");
- /*@switchbreak@*/ break;
-#endif
- case RPMSIGTAG_SIZE:
- b = stpcpy(b, "size ");
- /*@switchbreak@*/ break;
- case RPMSIGTAG_LEMD5_2:
- case RPMSIGTAG_LEMD5_1:
- case RPMSIGTAG_MD5:
- b = stpcpy(b, "md5 ");
- /*@switchbreak@*/ break;
- case RPMSIGTAG_PGP5: /* XXX legacy */
- case RPMSIGTAG_PGP:
- b = stpcpy(b, "(md5) pgp ");
- if (tempKey) {
- b = stpcpy(b, "PGP#");
- b = stpncpy(b, tempKey, 8);
- b = stpcpy(b, " ");
- }
- /*@switchbreak@*/ break;
- case RPMSIGTAG_GPG:
- b = stpcpy(b, "gpg ");
- if (tempKey) {
- b = stpcpy(b, "GPG#");
- b = stpncpy(b, tempKey, 8);
- b = stpcpy(b, " ");
- }
- /*@switchbreak@*/ break;
- default:
- b = stpcpy(b, "??? ");
- /*@switchbreak@*/ break;
- }
- }
- }
- sigIter = headerFreeIterator(sigIter);
-
- if (res2) {
- b = stpcpy(b, "NOT OK");
- } else {
- b = stpcpy(b, "OK");
- }
+ rc = rpmReadPackageFile(ts, fd, filename, &ret);
+ fdClose(fd);
- RETVAL = buffer;
- }
+ if (ret) {
+ fmtsig = headerSprintf(
+ ret,
+ "%|DSAHEADER?{%{DSAHEADER:pgpsig}}:{%|RSAHEADER?{%{RSAHEADER:pgpsig}}:"
+ "{%|SIGGPG?{%{SIGGPG:pgpsig}}:{%|SIGPGP?{%{SIGPGP:pgpsig}}:{(none)}|}|}|}|",
+ rpmTagTable, rpmHeaderFormats, NULL);
+ headerFree(ret);
+ switch(rc) {
+ case RPMRC_OK:
+ sprintf(buffer, "%s", fmtsig);
+ RETVAL = buffer;
+ break;
+ case RPMRC_NOTFOUND:
+ sprintf(buffer, "%s (missing key) NOT OK", fmtsig);
+ RETVAL = buffer;
+ break;
+ case RPMRC_FAIL:
+ RETVAL = "(can't get key) NOT OK";
+ break;
+ case RPMRC_NOTTRUSTED:
+ sprintf(buffer, "%s (Key not trusted) OK", fmtsig);
+ RETVAL = buffer;
+ break;
+ case RPMRC_NOKEY:
+ sprintf(buffer, "(no key found) OK");
+ RETVAL = buffer;
+ break;
+ default: /* can't happen */
+ break;
}
-#ifndef RPM_42
- fdClose(ofd);
- unlink(tmpfile);
-#endif
- sigh = rpmFreeSignature(sigh);
-#ifdef RPM_42
- rpmtsCleanDig(ts);
- if (!db) rpmtsFree(ts);
-#endif
+ } else {
+ RETVAL = "Unable to read rpm file";
}
- fdClose(fd);
}
+
+ if (!db)
+ ts = rpmtsFree(ts);
+ else
+ /* Restoring verification flag to the ts */
+ (void) rpmtsSetVSFlags(ts, oldvsflags);
+
+ _free(fmtsig);
if (!RETVAL) RETVAL = "";
OUTPUT:
RETVAL