33#include "xbps_api_impl.h"
37verify_binpkg(
struct xbps_handle *xhp, xbps_dictionary_t pkgd)
39 char binfile[PATH_MAX];
41 const char *pkgver, *repoloc, *sha256;
45 xbps_dictionary_get_cstring_nocopy(pkgd,
"repository", &repoloc);
46 xbps_dictionary_get_cstring_nocopy(pkgd,
"pkgver", &pkgver);
59 "%s: %s\n", pkgver, repoloc, strerror(errno));
64 xbps_set_cb_state(
xhp, XBPS_STATE_VERIFY, 0, pkgver,
65 "%s: verifying RSA signature...", pkgver);
69 xbps_set_cb_state(
xhp, XBPS_STATE_VERIFY_FAIL, rv, pkgver,
70 "%s: the RSA signature is not valid!", pkgver);
71 xbps_set_cb_state(
xhp, XBPS_STATE_VERIFY_FAIL, rv, pkgver,
72 "%s: removed pkg archive and its signature.", pkgver);
73 (void)remove(binfile);
74 if (
xbps_strlcat(binfile,
".sig2",
sizeof(binfile)) <
sizeof(binfile))
75 (void)remove(binfile);
80 xbps_set_cb_state(
xhp, XBPS_STATE_VERIFY, 0, pkgver,
81 "%s: verifying SHA256 hash...", pkgver);
82 xbps_dictionary_get_cstring_nocopy(pkgd,
"filename-sha256", &sha256);
85 xbps_set_cb_state(
xhp, XBPS_STATE_VERIFY_FAIL,
87 "%s: checksum does not match repository index",
90 xbps_set_cb_state(
xhp, XBPS_STATE_VERIFY_FAIL,
91 rv, pkgver,
"%s: failed to checksum: %s",
92 pkgver, strerror(errno));
103download_binpkg(
struct xbps_handle *
xhp, xbps_dictionary_t repo_pkgd)
108 const char *pkgver, *
arch, *fetchstr, *repoloc;
109 unsigned char digest[XBPS_SHA256_DIGEST_SIZE] = {0};
112 xbps_dictionary_get_cstring_nocopy(repo_pkgd,
"repository", &repoloc);
116 xbps_dictionary_get_cstring_nocopy(repo_pkgd,
"pkgver", &pkgver);
117 xbps_dictionary_get_cstring_nocopy(repo_pkgd,
"architecture", &
arch);
119 snprintf(buf,
sizeof buf,
"%s/%s.%s.xbps.sig2", repoloc, pkgver,
arch);
120 sigsuffix = buf+(strlen(buf)-
sizeof (
".sig2")+1);
122 xbps_set_cb_state(
xhp, XBPS_STATE_DOWNLOAD, 0, pkgver,
123 "Downloading `%s' signature (from `%s')...", pkgver, repoloc);
126 rv = fetchLastErrCode ? fetchLastErrCode : errno;
128 xbps_set_cb_state(
xhp, XBPS_STATE_DOWNLOAD_FAIL, rv,
129 pkgver,
"[trans] failed to download `%s' signature from `%s': %s",
130 pkgver, repoloc, fetchstr ? fetchstr : strerror(rv));
137 xbps_set_cb_state(
xhp, XBPS_STATE_DOWNLOAD, 0, pkgver,
138 "Downloading `%s' package (from `%s')...", pkgver, repoloc);
141 sizeof digest)) == -1) {
142 rv = fetchLastErrCode ? fetchLastErrCode : errno;
144 xbps_set_cb_state(
xhp, XBPS_STATE_DOWNLOAD_FAIL, rv,
145 pkgver,
"[trans] failed to download `%s' package from `%s': %s",
146 pkgver, repoloc, fetchstr ? fetchstr : strerror(rv));
151 xbps_set_cb_state(
xhp, XBPS_STATE_VERIFY, 0, pkgver,
152 "%s: verifying RSA signature...", pkgver);
154 snprintf(buf,
sizeof buf,
"%s/%s.%s.xbps.sig2",
xhp->
cachedir, pkgver,
arch);
155 sigsuffix = buf+(strlen(buf)-
sizeof (
".sig2")+1);
160 "%s: %s\n", pkgver, repoloc, strerror(errno));
168 if (fetchLastErrCode == FETCH_UNCHANGED) {
190 xbps_set_cb_state(
xhp, XBPS_STATE_VERIFY_FAIL, rv, pkgver,
191 "%s: the RSA signature is not valid!", pkgver);
192 xbps_set_cb_state(
xhp, XBPS_STATE_VERIFY_FAIL, rv, pkgver,
193 "%s: removed pkg archive and its signature.", pkgver);
200xbps_transaction_fetch(
struct xbps_handle *
xhp, xbps_object_iterator_t iter)
202 xbps_array_t fetch = NULL, verify = NULL;
209 xbps_object_iterator_reset(iter);
211 while ((obj = xbps_object_iterator_next(iter)) != NULL) {
213 if (ttype == XBPS_TRANS_REMOVE || ttype == XBPS_TRANS_HOLD ||
214 ttype == XBPS_TRANS_CONFIGURE) {
217 xbps_dictionary_get_cstring_nocopy(obj,
"repository", &repoloc);
225 if (!fetch && !(fetch = xbps_array_create())) {
229 xbps_array_add(fetch, obj);
236 if (!verify && !(verify = xbps_array_create())) {
240 xbps_array_add(verify, obj);
242 xbps_object_iterator_reset(iter);
248 n = xbps_array_count(fetch);
250 xbps_set_cb_state(
xhp, XBPS_STATE_TRANS_DOWNLOAD, 0, NULL, NULL);
253 for (i = 0; i < n; i++) {
254 if ((rv = download_binpkg(
xhp, xbps_array_get(fetch, i))) != 0) {
256 "%s\n", strerror(rv));
264 n = xbps_array_count(verify);
266 xbps_set_cb_state(
xhp, XBPS_STATE_TRANS_VERIFY, 0, NULL, NULL);
269 for (i = 0; i < n; i++) {
270 if ((rv = verify_binpkg(
xhp, xbps_array_get(verify, i))) != 0) {
272 "%s\n", strerror(rv));
279 xbps_object_release(fetch);
281 xbps_object_release(verify);
int xbps_fetch_file_sha256(struct xbps_handle *xhp, const char *uri, const char *flags, unsigned char *digest, size_t digestlen)
const char * xbps_fetch_error_string(void)
int xbps_fetch_file(struct xbps_handle *xhp, const char *uri, const char *flags)
char cachedir[XBPS_MAXPATH]
Generic XBPS structure handler for initialization.
void xbps_dbg_printf(const char *fmt,...)
Prints debug messages to stderr.
struct xbps_repo * xbps_rpool_get_repo(const char *url)
xbps_trans_type_t xbps_transaction_pkg_type(xbps_dictionary_t pkg_repod)
bool xbps_verify_file_signature(struct xbps_repo *repo, const char *fname)
int xbps_file_sha256_check(const char *file, const char *sha256)
bool xbps_verify_signature(struct xbps_repo *repo, const char *sigfile, unsigned char *digest)
bool xbps_remote_binpkg_exists(struct xbps_handle *xhp, xbps_dictionary_t pkgd)
ssize_t xbps_pkg_path(struct xbps_handle *xhp, char *dst, size_t dstsz, xbps_dictionary_t pkgd)
bool xbps_repository_is_remote(const char *uri)
size_t xbps_strlcat(char *dst, const char *src, size_t dstsize)