summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPascal Rigaux <pixel@mandriva.com>2006-11-21 18:17:38 +0000
committerPascal Rigaux <pixel@mandriva.com>2006-11-21 18:17:38 +0000
commit50f1f0a9027dfcd3c67f49e31ad6ca8fdfe5a814 (patch)
treee0605e69388cf52ba137d733a1e316c7dbde0591
parent106088ec7089a961767fb19d83e9dc09ae02e076 (diff)
downloadurpmi-50f1f0a9027dfcd3c67f49e31ad6ca8fdfe5a814.tar
urpmi-50f1f0a9027dfcd3c67f49e31ad6ca8fdfe5a814.tar.gz
urpmi-50f1f0a9027dfcd3c67f49e31ad6ca8fdfe5a814.tar.bz2
urpmi-50f1f0a9027dfcd3c67f49e31ad6ca8fdfe5a814.tar.xz
urpmi-50f1f0a9027dfcd3c67f49e31ad6ca8fdfe5a814.zip
create urpm::signature out of urpm.pm
-rwxr-xr-xgurpmi23
-rw-r--r--urpm.pm65
-rw-r--r--urpm/signature.pm75
-rwxr-xr-xurpmi3
4 files changed, 79 insertions, 67 deletions
diff --git a/gurpmi2 b/gurpmi2
index 7a8172e5..323c73f7 100755
--- a/gurpmi2
+++ b/gurpmi2
@@ -14,6 +14,7 @@ BEGIN { #- set up a safe path and environment
use gurpmi;
use urpm::install;
use urpm::media;
+use urpm::signature;
use Gtk2;
#- GUI globals
@@ -259,7 +260,7 @@ sub do_install_3 () {
);
my %transaction_sources_install = %{$urpm->extract_packages_to_install(\%transaction_sources, $state) || {}};
if ($urpm->{options}{'verify-rpm'} || grep { $_->{'verify-rpm'} } @{$urpm->{media}}) {
- my @bad_signatures = $urpm->check_sources_signatures(\%transaction_sources_install, \%transaction_sources);
+ my @bad_signatures = urpm::signature::check($urpm, \%transaction_sources_install, \%transaction_sources);
if (@bad_signatures) {
ask_continue_blocking(N(
"The following packages have bad signatures:\n%s\n\nDo you want to continue installation ?",
diff --git a/urpm.pm b/urpm.pm
index efe60003..01294940 100644
--- a/urpm.pm
+++ b/urpm.pm
@@ -848,71 +848,6 @@ sub translate_why_removed_one {
$fullname . ($s ? "\n ($s)" : '');
}
-#- options: callback, basename
-sub check_sources_signatures {
- my ($urpm, $sources_install, $sources, %options) = @_;
- sort(_check_sources_signatures($urpm, $sources_install, %options),
- _check_sources_signatures($urpm, $sources, %options));
-}
-sub _check_sources_signatures {
- my ($urpm, $sources, %options) = @_;
- my ($medium, %invalid_sources);
-
- foreach my $id (keys %$sources) {
- my $filepath = $sources->{$id};
- my $verif = URPM::verify_signature($filepath);
-
- if ($verif =~ /NOT OK/) {
- $verif =~ s/\n//g;
- $invalid_sources{$filepath} = N("Invalid signature (%s)", $verif);
- } else {
- unless ($medium && urpm::media::is_valid_medium($medium) &&
- $medium->{start} <= $id && $id <= $medium->{end})
- {
- $medium = undef;
- foreach (@{$urpm->{media}}) {
- urpm::media::is_valid_medium($_) && $_->{start} <= $id && $id <= $_->{end}
- and $medium = $_, last;
- }
- }
- #- no medium found for this rpm ?
- next if !$medium;
- #- check whether verify-rpm is specifically disabled for this medium
- next if defined $medium->{'verify-rpm'} && !$medium->{'verify-rpm'};
-
- my $key_ids = $medium->{'key-ids'} || $urpm->{options}{'key-ids'};
- #- check that the key ids of the medium match the key ids of the package.
- if ($key_ids) {
- my $valid_ids = 0;
- my $invalid_ids = 0;
-
- foreach my $key_id ($verif =~ /(?:key id \w{8}|#)(\w+)/gi) {
- if (grep { hex($_) == hex($key_id) } split /[,\s]+/, $key_ids) {
- ++$valid_ids;
- } else {
- ++$invalid_ids;
- }
- }
-
- if ($invalid_ids) {
- $invalid_sources{$filepath} = N("Invalid Key ID (%s)", $verif);
- } elsif (!$valid_ids) {
- $invalid_sources{$filepath} = N("Missing signature (%s)", $verif);
- }
- }
- #- invoke check signature callback.
- $options{callback} and $options{callback}->(
- $urpm, $filepath,
- id => $id,
- verif => $verif,
- why => $invalid_sources{$filepath},
- );
- }
- }
- map { ($options{basename} ? basename($_) : $_) . ": $invalid_sources{$_}" }
- keys %invalid_sources;
-}
-
#- get reason of update for packages to be updated
#- use all update medias if none given
sub get_updates_description {
diff --git a/urpm/signature.pm b/urpm/signature.pm
new file mode 100644
index 00000000..88f272c8
--- /dev/null
+++ b/urpm/signature.pm
@@ -0,0 +1,75 @@
+package urpm::signature;
+
+# $Id$
+
+use urpm::msg;
+use urpm::media;
+use urpm::util;
+
+
+#- options: callback, basename
+sub check {
+ my ($urpm, $sources_install, $sources, %options) = @_;
+ sort(_check($urpm, $sources_install, %options),
+ _check($urpm, $sources, %options));
+}
+sub _check {
+ my ($urpm, $sources, %options) = @_;
+ my ($medium, %invalid_sources);
+
+ foreach my $id (keys %$sources) {
+ my $filepath = $sources->{$id};
+ my $verif = URPM::verify_signature($filepath);
+
+ if ($verif =~ /NOT OK/) {
+ $verif =~ s/\n//g;
+ $invalid_sources{$filepath} = N("Invalid signature (%s)", $verif);
+ } else {
+ unless ($medium && urpm::media::is_valid_medium($medium) &&
+ $medium->{start} <= $id && $id <= $medium->{end})
+ {
+ $medium = undef;
+ foreach (@{$urpm->{media}}) {
+ urpm::media::is_valid_medium($_) && $_->{start} <= $id && $id <= $_->{end}
+ and $medium = $_, last;
+ }
+ }
+ #- no medium found for this rpm ?
+ next if !$medium;
+ #- check whether verify-rpm is specifically disabled for this medium
+ next if defined $medium->{'verify-rpm'} && !$medium->{'verify-rpm'};
+
+ my $key_ids = $medium->{'key-ids'} || $urpm->{options}{'key-ids'};
+ #- check that the key ids of the medium match the key ids of the package.
+ if ($key_ids) {
+ my $valid_ids = 0;
+ my $invalid_ids = 0;
+
+ foreach my $key_id ($verif =~ /(?:key id \w{8}|#)(\w+)/gi) {
+ if (grep { hex($_) == hex($key_id) } split /[,\s]+/, $key_ids) {
+ ++$valid_ids;
+ } else {
+ ++$invalid_ids;
+ }
+ }
+
+ if ($invalid_ids) {
+ $invalid_sources{$filepath} = N("Invalid Key ID (%s)", $verif);
+ } elsif (!$valid_ids) {
+ $invalid_sources{$filepath} = N("Missing signature (%s)", $verif);
+ }
+ }
+ #- invoke check signature callback.
+ $options{callback} and $options{callback}->(
+ $urpm, $filepath,
+ id => $id,
+ verif => $verif,
+ why => $invalid_sources{$filepath},
+ );
+ }
+ }
+ map { ($options{basename} ? basename($_) : $_) . ": $invalid_sources{$_}" }
+ keys %invalid_sources;
+}
+
+1;
diff --git a/urpmi b/urpmi
index 0431874d..c0120b07 100755
--- a/urpmi
+++ b/urpmi
@@ -25,6 +25,7 @@ use urpm::args;
use urpm::msg;
use urpm::install;
use urpm::media;
+use urpm::signature;
use urpm::util qw(untaint difference2 member);
#- contains informations to parse installed system.
@@ -641,7 +642,7 @@ foreach my $set (@{$state->{transaction} || []}) {
my %transaction_sources_install = %{$urpm->extract_packages_to_install(\%transaction_sources, $state) || {}};
if (!$force && ($urpm->{options}{'verify-rpm'} || grep { $_->{'verify-rpm'} } @{$urpm->{media}})) {
- my @bad_signatures = $urpm->check_sources_signatures(\%transaction_sources_install, \%transaction_sources);
+ my @bad_signatures = urpm::signature::check($urpm, \%transaction_sources_install, \%transaction_sources);
if (@bad_signatures) {
my $msg = N("The following packages have bad signatures");