static const char * rpmcliEvalSlurp(const char * arg) /*@globals rpmGlobalMacroContext @*/ /*@modifies rpmGlobalMacroContext @*/ { const char * pre = ""; const char * post = ""; rpmiob iob = NULL; const char * val = NULL; struct stat sb; int xx; if (!strcmp(arg, "-")) { /* Macros from stdin arg. */ xx = rpmiobSlurp(arg, &iob); } else if ((arg[0] == '/' || strchr(arg, ' ') == NULL) && !Stat(arg, &sb) && S_ISREG(sb.st_mode)) { /* Macros from a file arg. */ xx = rpmiobSlurp(arg, &iob); } else { /* Macros from string arg. */ iob = rpmiobAppend(rpmiobNew(strlen(arg)+1), arg, 0); } val = rpmExpand(pre, iob->b, post, NULL); iob = rpmiobFree(iob); return val; }
rpmRC rpmpythonRunFile(rpmpython python, const char * fn, const char ** resultp) { rpmRC rc = RPMRC_FAIL; if (_rpmpython_debug) fprintf(stderr, "==> %s(%p,%s)\n", __FUNCTION__, python, fn); if (python == NULL) python = rpmpythonI(); if (fn != NULL) { #if defined(WITH_PYTHONEMBED) const char * pyfn = ((fn == NULL || !strcmp(fn, "-")) ? "<stdin>" : fn); FILE * pyfp = (!strcmp(pyfn, "<stdin>") ? stdin : fopen(fn, "rb")); int closeit = (pyfp != stdin); PyCompilerFlags cf = { .cf_flags = 0 }; if (pyfp != NULL) { PyRun_AnyFileExFlags(pyfp, pyfn, closeit, &cf); rc = RPMRC_OK; } #endif } return rc; } static const char * rpmpythonSlurp(const char * arg) /*@*/ { rpmiob iob = NULL; const char * val = NULL; struct stat sb; int xx; if (!strcmp(arg, "-")) { /* Macros from stdin arg. */ xx = rpmiobSlurp(arg, &iob); } else if ((arg[0] == '/' || strchr(arg, ' ') == NULL) && !Stat(arg, &sb) && S_ISREG(sb.st_mode)) { /* Macros from a file arg. */ xx = rpmiobSlurp(arg, &iob); } else { /* Macros from string arg. */ iob = rpmiobAppend(rpmiobNew(strlen(arg)+1), arg, 0); } val = xstrdup(rpmiobStr(iob)); iob = rpmiobFree(iob); return val; }
static int rpm_slurp(lua_State *L) /*@globals fileSystem, internalState @*/ /*@modifies L, fileSystem, internalState @*/ { rpmiob iob = NULL; const char *fn; int rc; if (lua_isstring(L, 1)) fn = lua_tostring(L, 1); else { (void)luaL_argerror(L, 1, "filename"); return 0; } /*@-globs@*/ rc = rpmiobSlurp(fn, &iob); /*@=globs@*/ if (rc || iob == NULL) { (void)luaL_error(L, "failed to slurp data"); return 0; } lua_pushlstring(L, (const char *)rpmiobStr(iob), rpmiobLen(iob)); iob = rpmiobFree(iob); return 1; }
static void integrity_check(const char *progname, enum modes progmode_num) { rpmts ts = NULL; rpmlua lua = NULL; char *spec_fn = NULL; char *proc_fn = NULL; char *pkey_fn = NULL; char *spec = NULL; char *proc = NULL; rpmiob spec_iob = NULL; rpmiob proc_iob = NULL; const char *result = NULL; const char *error = NULL; int xx; const char *progmode; int rc = INTEGRITY_ERROR; /* determine paths of integrity checking related files */ spec_fn = rpmExpand("%{?_integrity_spec_cfg}%{!?_integrity_spec_cfg:scripts/integrity.cfg}", NULL); if (spec_fn == NULL || spec_fn[0] == '\0') { integrity_check_message("ERROR: Integrity Configuration Specification file not configured.\n" "rpm: HINT: macro %%{_integrity_spec_cfg} not configured correctly.\n"); goto failure; } proc_fn = rpmExpand("%{?_integrity_proc_lua}%{!?_integrity_proc_lua:scripts/integrity.lua}", NULL); if (proc_fn == NULL || proc_fn[0] == '\0') { integrity_check_message("ERROR: Integrity Validation Processor file not configured.\n" "rpm: HINT: macro %%{_integrity_proc_lua} not configured correctly.\n"); goto failure; } pkey_fn = rpmExpand("%{?_integrity_pkey_pgp}%{!?_integrity_pkey_pgp:scripts/integrity.pgp}", NULL); if (pkey_fn == NULL || pkey_fn[0] == '\0') { integrity_check_message("ERROR: Integrity Autority Public-Key file not configured.\n" "rpm: HINT: macro %%{_integrity_pkey_pgp} not configured correctly.\n"); goto failure; } /* create RPM transaction environment and open RPM database */ ts = rpmtsCreate(); (void)rpmtsOpenDB(ts, O_RDONLY); /* check signature on integrity configuration specification file */ if (rpmnsProbeSignature(ts, spec_fn, NULL, pkey_fn, RPM_INTEGRITY_FP, 0) != RPMRC_OK) { integrity_check_message("ERROR: Integrity Configuration Specification file contains invalid signature.\n" "rpm: HINT: Check file \"%s\".\n", spec_fn); goto failure; } /* check signature on integrity validation processor file */ if (rpmnsProbeSignature(ts, proc_fn, NULL, pkey_fn, RPM_INTEGRITY_FP, 0) != RPMRC_OK) { integrity_check_message("ERROR: Integrity Validation Processor file contains invalid signature.\n" "rpm: HINT: Check file \"%s\".\n", proc_fn); goto failure; } /* load integrity configuration specification file */ xx = rpmiobSlurp(spec_fn, &spec_iob); if (!(xx == 0 && spec_iob != NULL)) { integrity_check_message("ERROR: Unable to load Integrity Configuration Specification file.\n" "rpm: HINT: Check file \"%s\".\n", spec_fn); goto failure; } spec = rpmiobStr(spec_iob); /* load integrity validation processor file */ xx = rpmiobSlurp(proc_fn, &proc_iob); if (!(xx == 0 && proc_iob != NULL)) { integrity_check_message("ERROR: Unable to load Integrity Validation Processor file.\n" "rpm: HINT: Check file \"%s\".\n", proc_fn); goto failure; } proc = rpmiobStr(proc_iob); /* provision program name and mode */ if (progname == NULL || progname[0] == '\0') progname = "rpm"; switch (progmode_num) { case MODE_QUERY: progmode = "query"; break; case MODE_VERIFY: progmode = "verify"; break; case MODE_CHECKSIG: progmode = "checksig"; break; case MODE_RESIGN: progmode = "resign"; break; case MODE_INSTALL: progmode = "install"; break; case MODE_ERASE: progmode = "erase"; break; case MODE_BUILD: progmode = "build"; break; case MODE_REBUILD: progmode = "rebuild"; break; case MODE_RECOMPILE: progmode = "recompile"; break; case MODE_TARBUILD: progmode = "tarbuild"; break; case MODE_REBUILDDB: progmode = "rebuilddb"; break; case MODE_UNKNOWN: progmode = "unknown"; break; default: progmode = "unknown"; break; } /* execute Integrity Validation Processor via Lua glue code */ lua = rpmluaNew(); rpmluaSetPrintBuffer(lua, 1); rpmluaextActivate(lua); lua_getfield(lua->L, LUA_GLOBALSINDEX, "integrity"); lua_getfield(lua->L, -1, "processor"); lua_remove(lua->L, -2); lua_pushstring(lua->L, progname); lua_pushstring(lua->L, progmode); lua_pushstring(lua->L, spec_fn); lua_pushstring(lua->L, spec); lua_pushstring(lua->L, proc_fn); lua_pushstring(lua->L, proc); #ifdef RPM_INTEGRITY_MV lua_pushstring(lua->L, RPM_INTEGRITY_MV); #else lua_pushstring(lua->L, "0"); #endif if (lua_pcall(lua->L, 7, 1, 0) != 0) { error = lua_isstring(lua->L, -1) ? lua_tostring(lua->L, -1) : "unknown error"; lua_pop(lua->L, 1); integrity_check_message("ERROR: Failed to execute Integrity Validation Processor.\n" "rpm: ERROR: Lua: %s.\n" "rpm: HINT: Check file \"%s\".\n", error, proc_fn); goto failure; } /* check Integrity Validation Processor results */ if (!lua_isstring(lua->L, -1)) { integrity_check_message("ERROR: Failed to fetch Integrity Validation Processor results.\n" "rpm: HINT: Check file \"%s\".\n", proc_fn); goto failure; } result = lua_tostring(lua->L, -1); if (strcmp(result, "OK") == 0) rc = INTEGRITY_OK; else if (strncmp(result, "WARNING:", 8) == 0) { rc = INTEGRITY_WARNING; integrity_check_message("%s\n", result); } else { rc = INTEGRITY_ERROR; integrity_check_message("%s\n", result); } /* cleanup processing */ failure: if (lua != NULL) rpmluaFree(lua); if (ts != NULL) (void)rpmtsFree(ts); ts = NULL; if (spec_iob != NULL) spec_iob = rpmiobFree(spec_iob); if (proc_iob != NULL) proc_iob = rpmiobFree(proc_iob); /* final result handling */ if (rc != INTEGRITY_OK) { if (isatty(STDIN_FILENO) || isatty(STDOUT_FILENO)) sleep(4); if (rc == INTEGRITY_ERROR) exit(42); } return; }