aboutsummaryrefslogtreecommitdiffstats
path: root/URPM.xs
diff options
context:
space:
mode:
Diffstat (limited to 'URPM.xs')
-rw-r--r--URPM.xs263
1 files changed, 255 insertions, 8 deletions
diff --git a/URPM.xs b/URPM.xs
index 5486ac0..f393978 100644
--- a/URPM.xs
+++ b/URPM.xs
@@ -81,6 +81,10 @@ typedef struct s_Package* URPM__Package;
#define FILTER_MODE_UPGRADE_FILES 1
#define FILTER_MODE_CONF_FILES 2
+/* these are in rpmlib but not in rpmlib.h */
+int readLead(FD_t fd, struct rpmlead *lead);
+int rpmReadSignature(FD_t fd, Header *header, short sig_type);
+
static void
get_fullname_parts(URPM__Package pkg, char **name, char **version, char **release, char **arch, char **eos) {
@@ -685,10 +689,10 @@ update_header(char *filename, URPM__Package pkg, HV *provides, int packing) {
}
static void
-read_config_files() {
+read_config_files(int force) {
static int already = 0;
- if (!already) {
+ if (!already || force) {
rpmReadConfigFiles(NULL, NULL);
already = 1;
}
@@ -868,7 +872,7 @@ int
Pkg_is_arch_compat(pkg)
URPM::Package pkg
CODE:
- read_config_files();
+ read_config_files(0);
if (pkg->info) {
char *arch;
char *eos;
@@ -1041,7 +1045,7 @@ Pkg_compare_pkg(lpkg, rpkg)
char *eolarch = strchr(larch, '@');
char *eorarch = strchr(rarch, '@');
- read_config_files();
+ read_config_files(0);
if (eolarch) *eolarch = 0; lscore = rpmMachineScore(RPM_MACHTABLE_INSTARCH, larch);
if (eorarch) *eorarch = 0; rscore = rpmMachineScore(RPM_MACHTABLE_INSTARCH, rarch);
if (lscore == 0) {
@@ -1680,14 +1684,14 @@ Pkg_set_rflags(pkg, ...)
MODULE = URPM PACKAGE = URPM::DB PREFIX = Db_
URPM::DB
-Db_open(prefix="/", write_perm=0)
+Db_open(prefix="", write_perm=0)
char *prefix
int write_perm
PREINIT:
rpmdb db;
rpmErrorCallBackType old_cb;
CODE:
- read_config_files();
+ read_config_files(0);
old_cb = rpmErrorSetCallback(callback_empty);
rpmSetVerbosity(RPMMESS_FATALERROR);
RETVAL = rpmdbOpen(prefix, &db, write_perm ? O_RDWR | O_CREAT : O_RDONLY, 0644) == 0 ? db : NULL;
@@ -1697,13 +1701,13 @@ Db_open(prefix="/", write_perm=0)
RETVAL
int
-Db_rebuild(prefix="/")
+Db_rebuild(prefix="")
char *prefix
PREINIT:
rpmdb db;
rpmErrorCallBackType old_cb;
CODE:
- read_config_files();
+ read_config_files(0);
old_cb = rpmErrorSetCallback(callback_empty);
rpmSetVerbosity(RPMMESS_FATALERROR);
RETVAL = rpmdbRebuild(prefix) == 0;
@@ -2055,6 +2059,12 @@ Trans_run(trans, data, ...)
MODULE = URPM PACKAGE = URPM PREFIX = Urpm_
+
+void
+Urpm_read_config_files()
+ CODE:
+ read_config_files(1); /* force re-read of configuration files */
+
int
Urpm_ranges_overlap(a, b)
char *a
@@ -2255,3 +2265,240 @@ Urpm_parse_rpm(urpm, filename, packing=0)
} else croak("first argument should contains a depslist ARRAY reference");
} else croak("first argument should be a reference to HASH");
+char *
+Urpm_verify_rpm(filename, ...)
+ char *filename
+ PREINIT:
+ int nopgp = 0, nogpg = 0, nomd5 = 0;
+ struct rpmlead lead;
+ Header sig;
+ HeaderIterator sigIter;
+ const void *ptr;
+ int_32 tag, type, count;
+ FD_t fd, ofd;
+ const char *tmpfile = NULL;
+ int i;
+ char result[8*BUFSIZ];
+ unsigned char buffer[8192];
+ CODE:
+ for (i = 1; i < items-1; i+=2) {
+ STRLEN len;
+ char *s = SvPV(ST(i), len);
+
+ if (len == 5) {
+ if (!memcmp(s, "nopgp", 5))
+ nopgp = SvIV(ST(i+1));
+ else if (!memcmp(s, "nogpg", 5))
+ nogpg = SvIV(ST(i+1));
+ else if (!memcmp(s, "nomd5", 5))
+ nomd5 = SvIV(ST(i+1));
+ } else if (len == 12 && !memcmp(s, "tmp_filename", 12))
+ tmpfile = SvPV_nolen(ST(i+1));
+ }
+ RETVAL = NULL;
+ fd = fdOpen(filename, O_RDONLY, 0);
+ if (fdFileno(fd) < 0) {
+ RETVAL = "Couldn't open file";
+ } else {
+ memset(&lead, 0, sizeof(lead));
+ if (readLead(fd, &lead)) {
+ RETVAL = "Could not read lead bytes";
+ } else if (lead.major == 1) {
+ RETVAL = "RPM version of package doesn't support signatures";
+ } else {
+ i = rpmReadSignature(fd, &sig, lead.signature_type);
+ if (i != RPMRC_OK && i != RPMRC_BADSIZE) {
+ RETVAL = "Could not read signature block (`rpmReadSignature' failed)";
+ } else if (!sig) {
+ RETVAL = "No signatures";
+ } else if (makeTempFile(NULL, &tmpfile, &ofd)) {
+ if (tmpfile) {
+ unlink(tmpfile);
+ ofd = Fopen(tmpfile, "w+x.ufdio");
+ if (ofd == NULL || Ferror(fd))
+ RETVAL = "Unable to create tempory file";
+ } else
+ if (makeTempFile(NULL, &tmpfile, &ofd))
+ RETVAL = "Unable to create tempory file";
+ }
+ if (!RETVAL) {
+ while ((i = fdRead(fd, buffer, sizeof(buffer))) != 0) {
+ if (i == -1) {
+ RETVAL = "Error reading file";
+ break;
+ }
+ if (fdWrite(ofd, buffer, i) < 0) {
+ RETVAL = "Error writing temp file";
+ break;
+ }
+ }
+ if (!RETVAL) {
+ int res2 = 0;
+ int res3;
+ unsigned char missingKeys[7164] = { 0 };
+ unsigned char untrustedKeys[7164] = { 0 };
+
+ buffer[0] = 0; /* reset buffer as it is used again */
+ for (sigIter = headerInitIterator(sig);
+ headerNextIterator(sigIter, &tag, &type, &ptr, &count);
+ ptr = headerFreeData(ptr, type)) {
+ switch (tag) {
+ case RPMSIGTAG_PGP5:
+ case RPMSIGTAG_PGP:
+ if (nopgp) continue;
+ break;
+
+ case RPMSIGTAG_GPG:
+ if (nogpg) continue;
+ break;
+
+ case RPMSIGTAG_LEMD5_2:
+ case RPMSIGTAG_LEMD5_1:
+ case RPMSIGTAG_MD5:
+ if (nomd5) continue;
+ break;
+
+ default:
+ continue;
+ }
+ if (ptr == NULL) continue;
+
+ if ((res3 = rpmVerifySignature(tmpfile, tag, ptr, count, result)) != RPMSIG_OK) {
+ /* all the following code directly taken from lib/rpmchecksig.c */
+ if (rpmIsVerbose()) {
+ strcat(buffer, result);
+ res2 = 1;
+ } else {
+ char *tempKey;
+ switch (tag) {
+ case RPMSIGTAG_SIZE:
+ strcat(buffer, "SIZE ");
+ res2 = 1;
+ break;
+ case RPMSIGTAG_LEMD5_2:
+ case RPMSIGTAG_LEMD5_1:
+ case RPMSIGTAG_MD5:
+ strcat(buffer, "MD5 ");
+ res2 = 1;
+ break;
+ case RPMSIGTAG_PGP5: /* XXX legacy */
+ case RPMSIGTAG_PGP:
+ switch (res3) {
+ case RPMSIG_NOKEY:
+ res2 = 1;
+ /*@fallthrough@*/
+ case RPMSIG_NOTTRUSTED:
+ { int offset = 7;
+ strcat(buffer, "(PGP) ");
+ tempKey = strstr(result, "Key ID");
+ if (tempKey == NULL) {
+ tempKey = strstr(result, "keyid:");
+ offset = 9;
+ }
+ if (tempKey) {
+ if (res3 == RPMSIG_NOKEY) {
+ strcat(missingKeys, " PGP#");
+ /*@-compdef@*/
+ strncat(missingKeys, tempKey + offset, 8);
+ /*@=compdef@*/
+ } else {
+ strcat(untrustedKeys, " PGP#");
+ /*@-compdef@*/
+ strncat(untrustedKeys, tempKey + offset, 8);
+ /*@=compdef@*/
+ }
+ }
+ } break;
+ default:
+ strcat(buffer, "PGP ");
+ res2 = 1;
+ break;
+ }
+ break;
+ case RPMSIGTAG_GPG:
+ /* Do not consider this a failure */
+ switch (res3) {
+ case RPMSIG_NOKEY:
+ strcat(buffer, "(GPG) ");
+ strcat(missingKeys, " GPG#");
+ tempKey = strstr(result, "key ID");
+ if (tempKey)
+ /*@-compdef@*/
+ strncat(missingKeys, tempKey+7, 8);
+ /*@=compdef@*/
+ res2 = 1;
+ break;
+ default:
+ strcat(buffer, "GPG ");
+ res2 = 1;
+ break;
+ }
+ break;
+ default:
+ strcat(buffer, "?UnknownSignatureType? ");
+ res2 = 1;
+ break;
+ }
+ }
+ } else {
+ if (rpmIsVerbose()) {
+ strcat(buffer, result);
+ } else {
+ switch (tag) {
+ case RPMSIGTAG_SIZE:
+ strcat(buffer, "size ");
+ break;
+ case RPMSIGTAG_LEMD5_2:
+ case RPMSIGTAG_LEMD5_1:
+ case RPMSIGTAG_MD5:
+ strcat(buffer, "md5 ");
+ break;
+ case RPMSIGTAG_PGP5: /* XXX legacy */
+ case RPMSIGTAG_PGP:
+ strcat(buffer, "pgp ");
+ break;
+ case RPMSIGTAG_GPG:
+ strcat(buffer, "gpg ");
+ break;
+ default:
+ strcat(buffer, "??? ");
+ break;
+ }
+ }
+ }
+ }
+ sigIter = headerFreeIterator(sigIter);
+
+ if (!rpmIsVerbose()) {
+ if (res2) {
+ sprintf(buffer+strlen(buffer), "%s%s%s%s%s%s%s",
+ _("NOT OK"),
+ (missingKeys[0] != '\0') ? _(" (MISSING KEYS:") : "",
+ (char *)missingKeys,
+ (missingKeys[0] != '\0') ? _(") ") : "",
+ (untrustedKeys[0] != '\0') ? _(" (UNTRUSTED KEYS:") : "",
+ (char *)untrustedKeys,
+ (untrustedKeys[0] != '\0') ? _(")") : "");
+ } else {
+ sprintf(buffer+strlen(buffer), "%s%s%s%s%s%s%s",
+ _("OK"),
+ (missingKeys[0] != '\0') ? _(" (MISSING KEYS:") : "",
+ (char *)missingKeys,
+ (missingKeys[0] != '\0') ? _(") ") : "",
+ (untrustedKeys[0] != '\0') ? _(" (UNTRUSTED KEYS:") : "",
+ (char *)untrustedKeys,
+ (untrustedKeys[0] != '\0') ? _(")") : "");
+ }
+ }
+
+ RETVAL = buffer;
+ }
+ }
+ fdClose(ofd);
+ unlink(tmpfile);
+ }
+ fdClose(fd);
+ }
+ if (!RETVAL) RETVAL = "";
+ OUTPUT:
+ RETVAL