/*@-mods@*/
rpmRC rpmReadPackageFile(rpmts ts, FD_t fd, const char * fn, Header * hdrp)
{
HE_t he = (HE_t) memset(alloca(sizeof(*he)), 0, sizeof(*he));
HE_t she = (HE_t) memset(alloca(sizeof(*she)), 0, sizeof(*she));
pgpDig dig = rpmtsDig(ts);
char buf[8*BUFSIZ];
ssize_t count;
Header sigh = NULL;
rpmtsOpX opx;
rpmop op = NULL;
size_t nb;
unsigned ix;
Header h = NULL;
const char * msg = NULL;
rpmVSFlags vsflags;
rpmRC rc = RPMRC_FAIL; /* assume failure */
rpmop opsave = (rpmop) memset(alloca(sizeof(*opsave)), 0, sizeof(*opsave));
int xx;
pgpPkt pp = (pgpPkt) alloca(sizeof(*pp));
if (hdrp) *hdrp = NULL;
assert(dig != NULL);
(void) fdSetDig(fd, dig);
/* Snapshot current I/O counters (cached persistent I/O reuses counters) */
(void) rpmswAdd(opsave, fdstat_op(fd, FDSTAT_READ));
{ const char item[] = "Lead";
msg = NULL;
rc = rpmpkgRead(item, fd, NULL, &msg);
switch (rc) {
default:
rpmlog(RPMLOG_ERR, "%s: %s: %s\n", fn, item, msg);
/*@fallthrough@*/
case RPMRC_NOTFOUND:
msg = _free(msg);
goto exit;
/*@notreached@*/ break;
case RPMRC_OK:
break;
}
msg = _free(msg);
}
{ const char item[] = "Signature";
msg = NULL;
rc = rpmpkgRead(item, fd, &sigh, &msg);
switch (rc) {
default:
rpmlog(RPMLOG_ERR, "%s: %s: %s", fn, item,
(msg && *msg ? msg : _("read failed\n")));
msg = _free(msg);
goto exit;
/*@notreached@*/ break;
case RPMRC_OK:
if (sigh == NULL) {
rpmlog(RPMLOG_ERR, _("%s: No signature available\n"), fn);
rc = RPMRC_FAIL;
goto exit;
}
break;
}
msg = _free(msg);
}
#define _chk(_mask) (she->tag == 0 && !(vsflags & (_mask)))
/*
* Figger the most effective available signature.
* Prefer signatures over digests, then header-only over header+payload.
* DSA will be preferred over RSA if both exist because tested first.
* Note that NEEDPAYLOAD prevents header+payload signatures and digests.
*/
she->tag = (rpmTag)0;
opx = (rpmtsOpX)0;
vsflags = pgpDigVSFlags;
if (_chk(RPMVSF_NOECDSAHEADER) && headerIsEntry(sigh, (rpmTag)RPMSIGTAG_ECDSA)) {
she->tag = (rpmTag)RPMSIGTAG_ECDSA;
} else
if (_chk(RPMVSF_NODSAHEADER) && headerIsEntry(sigh, (rpmTag)RPMSIGTAG_DSA)) {
she->tag = (rpmTag)RPMSIGTAG_DSA;
} else
if (_chk(RPMVSF_NORSAHEADER) && headerIsEntry(sigh, (rpmTag)RPMSIGTAG_RSA)) {
she->tag = (rpmTag)RPMSIGTAG_RSA;
} else
if (_chk(RPMVSF_NOSHA1HEADER) && headerIsEntry(sigh, (rpmTag)RPMSIGTAG_SHA1)) {
she->tag = (rpmTag)RPMSIGTAG_SHA1;
} else
if (_chk(RPMVSF_NOMD5|RPMVSF_NEEDPAYLOAD) &&
headerIsEntry(sigh, (rpmTag)RPMSIGTAG_MD5))
{
she->tag = (rpmTag)RPMSIGTAG_MD5;
fdInitDigest(fd, PGPHASHALGO_MD5, 0);
opx = RPMTS_OP_DIGEST;
}
/* Read the metadata, computing digest(s) on the fly. */
h = NULL;
msg = NULL;
/* XXX stats will include header i/o and setup overhead. */
/* XXX repackaged packages have appended tags, legacy dig/sig check fails */
if (opx > 0) {
op = (rpmop) pgpStatsAccumulator(dig, opx);
(void) rpmswEnter(op, 0);
}
/*@-type@*/ /* XXX arrow access of non-pointer (FDSTAT_t) */
nb = fd->stats->ops[FDSTAT_READ].bytes;
{ const char item[] = "Header";
msg = NULL;
rc = rpmpkgRead(item, fd, &h, &msg);
if (rc != RPMRC_OK) {
rpmlog(RPMLOG_ERR, "%s: %s: %s\n", fn, item, msg);
msg = _free(msg);
goto exit;
}
msg = _free(msg);
}
nb = fd->stats->ops[FDSTAT_READ].bytes - nb;
/*@=type@*/
if (opx > 0 && op != NULL) {
(void) rpmswExit(op, nb);
op = NULL;
}
/* Any digests or signatures to check? */
if (she->tag == 0) {
rc = RPMRC_OK;
goto exit;
}
dig->nbytes = 0;
/* Fish out the autosign pubkey (if present). */
he->tag = RPMTAG_PUBKEYS;
xx = headerGet(h, he, 0);
if (xx && he->p.argv != NULL && he->c > 0)
switch (he->t) {
default:
break;
case RPM_STRING_ARRAY_TYPE:
ix = he->c - 1; /* XXX FIXME: assumes last pubkey */
dig->pub = _free(dig->pub);
dig->publen = 0;
{ rpmiob iob = rpmiobNew(0);
iob = rpmiobAppend(iob, he->p.argv[ix], 0);
xx = pgpArmorUnwrap(iob, (rpmuint8_t **)&dig->pub, &dig->publen);
iob = rpmiobFree(iob);
}
if (xx != PGPARMOR_PUBKEY) {
dig->pub = _free(dig->pub);
dig->publen = 0;
}
break;
}
he->p.ptr = _free(he->p.ptr);
/* Retrieve the tag parameters from the signature header. */
xx = headerGet(sigh, she, 0);
if (she->p.ptr == NULL) {
rc = RPMRC_FAIL;
goto exit;
}
/*@-ownedtrans -noeffect@*/
xx = pgpSetSig(dig, she->tag, she->t, she->p.ptr, she->c);
/*@=ownedtrans =noeffect@*/
switch ((rpmSigTag)she->tag) {
default: /* XXX keep gcc quiet. */
assert(0);
/*@notreached@*/ break;
case RPMSIGTAG_RSA:
/* Parse the parameters from the OpenPGP packets that will be needed. */
xx = pgpPktLen(she->p.ui8p, she->c, pp);
xx = rpmhkpLoadSignature(NULL, dig, pp);
if (dig->signature.version != 3 && dig->signature.version != 4) {
rpmlog(RPMLOG_ERR,
_("skipping package %s with unverifiable V%u signature\n"),
fn, dig->signature.version);
rc = RPMRC_FAIL;
goto exit;
}
xx = hBlobDigest(h, dig, dig->signature.hash_algo, &dig->hrsa);
break;
case RPMSIGTAG_DSA:
/* Parse the parameters from the OpenPGP packets that will be needed. */
xx = pgpPktLen(she->p.ui8p, she->c, pp);
xx = rpmhkpLoadSignature(NULL, dig, pp);
if (dig->signature.version != 3 && dig->signature.version != 4) {
rpmlog(RPMLOG_ERR,
_("skipping package %s with unverifiable V%u signature\n"),
fn, dig->signature.version);
rc = RPMRC_FAIL;
goto exit;
}
xx = hBlobDigest(h, dig, dig->signature.hash_algo, &dig->hdsa);
break;
case RPMSIGTAG_ECDSA:
/* Parse the parameters from the OpenPGP packets that will be needed. */
xx = pgpPktLen(she->p.ui8p, she->c, pp);
xx = rpmhkpLoadSignature(NULL, dig, pp);
if (dig->signature.version != 3 && dig->signature.version != 4) {
rpmlog(RPMLOG_ERR,
_("skipping package %s with unverifiable V%u signature\n"),
fn, dig->signature.version);
rc = RPMRC_FAIL;
goto exit;
}
xx = hBlobDigest(h, dig, dig->signature.hash_algo, &dig->hecdsa);
break;
case RPMSIGTAG_SHA1:
/* XXX dig->hsha? */
xx = hBlobDigest(h, dig, PGPHASHALGO_SHA1, &dig->hdsa);
break;
case RPMSIGTAG_MD5:
/* Legacy signatures need the compressed payload in the digest too. */
op = (rpmop) pgpStatsAccumulator(dig, 10); /* RPMTS_OP_DIGEST */
(void) rpmswEnter(op, 0);
while ((count = Fread(buf, sizeof(buf[0]), sizeof(buf), fd)) > 0)
dig->nbytes += count;
(void) rpmswExit(op, dig->nbytes);
op->count--; /* XXX one too many */
dig->nbytes += nb; /* XXX include size of header blob. */
if (count < 0) {
rpmlog(RPMLOG_ERR, _("%s: Fread failed: %s\n"),
fn, Fstrerror(fd));
rc = RPMRC_FAIL;
goto exit;
}
/* XXX Steal the digest-in-progress from the file handle. */
fdStealDigest(fd, dig);
break;
}
/** @todo Implement disable/enable/warn/error/anal policy. */
buf[0] = '\0';
rc = rpmVerifySignature(dig, buf);
switch (rc) {
case RPMRC_OK: /* Signature is OK. */
rpmlog(RPMLOG_DEBUG, "%s: %s\n", fn, buf);
break;
case RPMRC_NOTTRUSTED: /* Signature is OK, but key is not trusted. */
case RPMRC_NOKEY: /* Public key is unavailable. */
#ifndef DYING
/* XXX Print NOKEY/NOTTRUSTED warning only once. */
{ int lvl = (pgpStashKeyid(dig) ? RPMLOG_DEBUG : RPMLOG_WARNING);
rpmlog(lvl, "%s: %s\n", fn, buf);
} break;
case RPMRC_NOTFOUND: /* Signature is unknown type. */
rpmlog(RPMLOG_WARNING, "%s: %s\n", fn, buf);
break;
#else
case RPMRC_NOTFOUND: /* Signature is unknown type. */
case RPMRC_NOSIG: /* Signature is unavailable. */
#endif
default:
case RPMRC_FAIL: /* Signature does not verify. */
rpmlog(RPMLOG_ERR, "%s: %s\n", fn, buf);
break;
}
exit:
if (rc != RPMRC_FAIL && h != NULL && hdrp != NULL) {
/* Append (and remap) signature tags to the metadata. */
headerMergeLegacySigs(h, sigh);
/* Bump reference count for return. */
*hdrp = headerLink(h);
}
(void)headerFree(h);
h = NULL;
/* Accumulate time reading package header. */
(void) rpmswAdd(rpmtsOp(ts, RPMTS_OP_READHDR),
fdstat_op(fd, FDSTAT_READ));
(void) rpmswSub(rpmtsOp(ts, RPMTS_OP_READHDR),
opsave);
#ifdef NOTYET
/* Return RPMRC_NOSIG for MANDATORY signature verification. */
{ rpmSigTag sigtag = pgpGetSigtag(dig);
switch (sigtag) {
default:
rc = RPMRC_NOSIG;
/*@fallthrough@*/
case RPMSIGTAG_RSA:
case RPMSIGTAG_DSA:
case RPMSIGTAG_ECDSA:
break;
}
}
#endif
rpmtsCleanDig(ts);
(void)headerFree(sigh);
sigh = NULL;
return rc;
}
/** \ingroup rpmcli
* Create/modify elements in signature header.
* @param rpm path to package
* @param deleting adding or deleting signature?
* @param signfiles sign files if non-zero
* @return 0 on success, -1 on error
*/
static int rpmSign(const char *rpm, int deleting, int signfiles)
{
FD_t fd = NULL;
FD_t ofd = NULL;
rpmlead lead = NULL;
char *trpm = NULL;
Header sigh = NULL;
Header h = NULL;
char *msg = NULL;
int res = -1; /* assume failure */
rpmRC rc;
struct rpmtd_s utd;
off_t headerStart;
off_t sigStart;
struct sigTarget_s sigt1;
struct sigTarget_s sigt2;
unsigned int origSigSize;
int insSig = 0;
fprintf(stdout, "%s:\n", rpm);
if (manageFile(&fd, rpm, O_RDWR))
goto exit;
if ((rc = rpmLeadRead(fd, &lead, NULL, &msg)) != RPMRC_OK) {
rpmlog(RPMLOG_ERR, "%s: %s\n", rpm, msg);
goto exit;
}
sigStart = Ftell(fd);
rc = rpmReadSignature(fd, &sigh, RPMSIGTYPE_HEADERSIG, &msg);
if (rc != RPMRC_OK) {
rpmlog(RPMLOG_ERR, _("%s: rpmReadSignature failed: %s"), rpm,
(msg && *msg ? msg : "\n"));
goto exit;
}
headerStart = Ftell(fd);
if (rpmReadHeader(NULL, fd, &h, &msg) != RPMRC_OK) {
rpmlog(RPMLOG_ERR, _("%s: headerRead failed: %s\n"), rpm, msg);
goto exit;
}
if (!headerIsEntry(h, RPMTAG_HEADERIMMUTABLE)) {
rpmlog(RPMLOG_ERR, _("Cannot sign RPM v3 packages\n"));
goto exit;
}
if (signfiles) {
includeFileSignatures(fd, rpm, &sigh, &h, sigStart, headerStart);
}
unloadImmutableRegion(&sigh, RPMTAG_HEADERSIGNATURES);
origSigSize = headerSizeof(sigh, HEADER_MAGIC_YES);
if (deleting) { /* Nuke all the signature tags. */
deleteSigs(sigh);
} else {
/* Signature target containing header + payload */
sigt1.fd = fd;
sigt1.start = headerStart;
sigt1.fileName = rpm;
sigt1.size = fdSize(fd) - headerStart;
/* Signature target containing only header */
sigt2 = sigt1;
sigt2.size = headerSizeof(h, HEADER_MAGIC_YES);
res = replaceSignature(sigh, &sigt1, &sigt2);
if (res != 0) {
if (res == 1) {
rpmlog(RPMLOG_WARNING,
_("%s already contains identical signature, skipping\n"),
rpm);
/* Identical signature is not an error */
res = 0;
}
goto exit;
}
res = -1;
}
/* Try to make new signature smaller to have size of original signature */
rpmtdReset(&utd);
if (headerGet(sigh, RPMSIGTAG_RESERVEDSPACE, &utd, HEADERGET_MINMEM)) {
int diff;
int count;
char *reservedSpace = NULL;
count = utd.count;
diff = headerSizeof(sigh, HEADER_MAGIC_YES) - origSigSize;
if (diff < count) {
reservedSpace = xcalloc(count - diff, sizeof(char));
headerDel(sigh, RPMSIGTAG_RESERVEDSPACE);
rpmtdReset(&utd);
utd.tag = RPMSIGTAG_RESERVEDSPACE;
utd.count = count - diff;
utd.type = RPM_BIN_TYPE;
utd.data = reservedSpace;
headerPut(sigh, &utd, HEADERPUT_DEFAULT);
free(reservedSpace);
insSig = 1;
}
}
/* Reallocate the signature into one contiguous region. */
sigh = headerReload(sigh, RPMTAG_HEADERSIGNATURES);
if (sigh == NULL) /* XXX can't happen */
goto exit;
if (insSig) {
/* Insert new signature into original rpm */
if (Fseek(fd, sigStart, SEEK_SET) < 0) {
rpmlog(RPMLOG_ERR, _("Could not seek in file %s: %s\n"),
rpm, Fstrerror(fd));
goto exit;
}
if (rpmWriteSignature(fd, sigh)) {
rpmlog(RPMLOG_ERR, _("%s: rpmWriteSignature failed: %s\n"), rpm,
Fstrerror(fd));
goto exit;
}
res = 0;
} else {
/* Replace orignal rpm with new rpm containing new signature */
rasprintf(&trpm, "%s.XXXXXX", rpm);
ofd = rpmMkTemp(trpm);
if (ofd == NULL || Ferror(ofd)) {
rpmlog(RPMLOG_ERR, _("rpmMkTemp failed\n"));
goto exit;
}
/* Write the lead/signature of the output rpm */
rc = rpmLeadWrite(ofd, lead);
if (rc != RPMRC_OK) {
rpmlog(RPMLOG_ERR, _("%s: writeLead failed: %s\n"), trpm,
Fstrerror(ofd));
goto exit;
}
if (rpmWriteSignature(ofd, sigh)) {
rpmlog(RPMLOG_ERR, _("%s: rpmWriteSignature failed: %s\n"), trpm,
Fstrerror(ofd));
goto exit;
}
if (Fseek(fd, headerStart, SEEK_SET) < 0) {
rpmlog(RPMLOG_ERR, _("Could not seek in file %s: %s\n"),
rpm, Fstrerror(fd));
goto exit;
}
/* Append the header and archive from the temp file */
if (copyFile(&fd, rpm, &ofd, trpm) == 0) {
struct stat st;
/* Move final target into place, restore file permissions. */
if (stat(rpm, &st) == 0 && unlink(rpm) == 0 &&
rename(trpm, rpm) == 0 && chmod(rpm, st.st_mode) == 0) {
res = 0;
} else {
rpmlog(RPMLOG_ERR, _("replacing %s failed: %s\n"),
rpm, strerror(errno));
}
}
}
exit:
if (fd) (void) closeFile(&fd);
if (ofd) (void) closeFile(&ofd);
rpmFreeSignature(sigh);
headerFree(h);
rpmLeadFree(lead);
free(msg);
/* Clean up intermediate target */
if (trpm) {
(void) unlink(trpm);
free(trpm);
}
return res;
}
int rpmFileIsCompressed(const char * file, rpmCompressedMagic * compressed)
{
FD_t fd;
ssize_t nb;
int rc = -1;
unsigned char magic[13];
*compressed = COMPRESSED_NOT;
fd = Fopen(file, "r.ufdio");
if (fd == NULL || Ferror(fd)) {
/* XXX Fstrerror */
rpmlog(RPMLOG_ERR, _("File %s: %s\n"), file, Fstrerror(fd));
if (fd) (void) Fclose(fd);
return 1;
}
nb = Fread(magic, sizeof(magic[0]), sizeof(magic), fd);
if (nb < 0) {
rpmlog(RPMLOG_ERR, _("File %s: %s\n"), file, Fstrerror(fd));
rc = 1;
} else if (nb < sizeof(magic)) {
rpmlog(RPMLOG_ERR, _("File %s is smaller than %u bytes\n"),
file, (unsigned)sizeof(magic));
rc = 0;
}
(void) Fclose(fd);
if (rc >= 0)
return rc;
rc = 0;
if ((magic[0] == 'B') && (magic[1] == 'Z')) {
*compressed = COMPRESSED_BZIP2;
} else if ((magic[0] == 'P') && (magic[1] == 'K') &&
(((magic[2] == 3) && (magic[3] == 4)) ||
((magic[2] == '0') && (magic[3] == '0')))) { /* pkzip */
*compressed = COMPRESSED_ZIP;
} else if ((magic[0] == 0xfd) && (magic[1] == 0x37) &&
(magic[2] == 0x7a) && (magic[3] == 0x58) &&
(magic[4] == 0x5a) && (magic[5] == 0x00)) {
/* new style xz (lzma) with magic */
*compressed = COMPRESSED_XZ;
} else if ((magic[0] == 'L') && (magic[1] == 'Z') &&
(magic[2] == 'I') && (magic[3] == 'P')) {
*compressed = COMPRESSED_LZIP;
} else if ((magic[0] == 'L') && (magic[1] == 'R') &&
(magic[2] == 'Z') && (magic[3] == 'I')) {
*compressed = COMPRESSED_LRZIP;
} else if (((magic[0] == 0037) && (magic[1] == 0213)) || /* gzip */
((magic[0] == 0037) && (magic[1] == 0236)) || /* old gzip */
((magic[0] == 0037) && (magic[1] == 0036)) || /* pack */
((magic[0] == 0037) && (magic[1] == 0240)) || /* SCO lzh */
((magic[0] == 0037) && (magic[1] == 0235)) /* compress */
) {
*compressed = COMPRESSED_OTHER;
} else if ((magic[0] == '7') && (magic[1] == 'z') &&
(magic[2] == 0xbc) && (magic[3] == 0xaf) &&
(magic[4] == 0x27) && (magic[5] == 0x1c)) {
*compressed = COMPRESSED_7ZIP;
} else if (rpmFileHasSuffix(file, ".lzma")) {
*compressed = COMPRESSED_LZMA;
}
return rc;
}
static int runGPG(sigTarget sigt, const char *sigfile)
{
int pid = 0, status;
FD_t fnamedPipe = NULL;
char *namedPipeName = NULL;
unsigned char buf[BUFSIZ];
ssize_t count;
ssize_t wantCount;
rpm_loff_t size;
int rc = 1; /* assume failure */
namedPipeName = mkTempFifo();
addMacro(NULL, "__plaintext_filename", NULL, namedPipeName, -1);
addMacro(NULL, "__signature_filename", NULL, sigfile, -1);
if (!(pid = fork())) {
char *const *av;
char *cmd = NULL;
const char *gpg_path = rpmExpand("%{?_gpg_path}", NULL);
if (gpg_path && *gpg_path != '\0')
(void) setenv("GNUPGHOME", gpg_path, 1);
unsetenv("MALLOC_CHECK_");
cmd = rpmExpand("%{?__gpg_sign_cmd}", NULL);
rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
if (!rc)
rc = execve(av[0], av+1, environ);
rpmlog(RPMLOG_ERR, _("Could not exec %s: %s\n"), "gpg",
strerror(errno));
_exit(EXIT_FAILURE);
}
delMacro(NULL, "__plaintext_filename");
delMacro(NULL, "__signature_filename");
fnamedPipe = Fopen(namedPipeName, "w");
if (!fnamedPipe) {
rpmlog(RPMLOG_ERR, _("Fopen failed\n"));
goto exit;
}
if (Fseek(sigt->fd, sigt->start, SEEK_SET) < 0) {
rpmlog(RPMLOG_ERR, _("Could not seek in file %s: %s\n"),
sigt->fileName, Fstrerror(sigt->fd));
goto exit;
}
size = sigt->size;
wantCount = size < sizeof(buf) ? size : sizeof(buf);
while ((count = Fread(buf, sizeof(buf[0]), wantCount, sigt->fd)) > 0) {
Fwrite(buf, sizeof(buf[0]), count, fnamedPipe);
if (Ferror(fnamedPipe)) {
rpmlog(RPMLOG_ERR, _("Could not write to pipe\n"));
goto exit;
}
size -= count;
wantCount = size < sizeof(buf) ? size : sizeof(buf);
}
if (count < 0) {
rpmlog(RPMLOG_ERR, _("Could not read from file %s: %s\n"),
sigt->fileName, Fstrerror(sigt->fd));
goto exit;
}
Fclose(fnamedPipe);
fnamedPipe = NULL;
(void) waitpid(pid, &status, 0);
pid = 0;
if (!WIFEXITED(status) || WEXITSTATUS(status)) {
rpmlog(RPMLOG_ERR, _("gpg exec failed (%d)\n"), WEXITSTATUS(status));
} else {
rc = 0;
}
exit:
if (fnamedPipe)
Fclose(fnamedPipe);
if (pid)
waitpid(pid, &status, 0);
if (namedPipeName) {
rpmRmTempFifo(namedPipeName);
free(namedPipeName);
}
return rc;
}
static rpmRC includeFileSignatures(FD_t fd, const char *rpm,
Header *sigp, Header *hdrp,
off_t sigStart, off_t headerStart)
{
FD_t ofd = NULL;
char *trpm = NULL;
char *key;
char *keypass;
char *SHA1 = NULL;
uint8_t *MD5 = NULL;
size_t sha1len;
size_t md5len;
off_t sigTargetSize;
rpmRC rc = RPMRC_OK;
struct rpmtd_s osigtd;
char *o_sha1 = NULL;
uint8_t o_md5[16];
#ifndef WITH_IMAEVM
rpmlog(RPMLOG_ERR, _("missing libimaevm\n"));
return RPMRC_FAIL;
#endif
unloadImmutableRegion(hdrp, RPMTAG_HEADERIMMUTABLE);
key = rpmExpand("%{?_file_signing_key}", NULL);
keypass = rpmExpand("%{_file_signing_key_password}", NULL);
if (rstreq(keypass, "")) {
free(keypass);
keypass = NULL;
}
rc = rpmSignFiles(*hdrp, key, keypass);
if (rc != RPMRC_OK) {
goto exit;
}
*hdrp = headerReload(*hdrp, RPMTAG_HEADERIMMUTABLE);
if (*hdrp == NULL) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("headerReload failed\n"));
goto exit;
}
ofd = rpmMkTempFile(NULL, &trpm);
if (ofd == NULL || Ferror(ofd)) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("rpmMkTemp failed\n"));
goto exit;
}
/* Copy archive to temp file */
if (copyFile(&fd, rpm, &ofd, trpm)) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("copyFile failed\n"));
goto exit;
}
if (Fseek(fd, headerStart, SEEK_SET) < 0) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Could not seek in file %s: %s\n"),
rpm, Fstrerror(fd));
goto exit;
}
/* Start MD5 calculation */
fdInitDigest(fd, PGPHASHALGO_MD5, 0);
/* Write header to rpm and recalculate SHA1 */
fdInitDigest(fd, PGPHASHALGO_SHA1, 0);
rc = headerWrite(fd, *hdrp, HEADER_MAGIC_YES);
if (rc != RPMRC_OK) {
rpmlog(RPMLOG_ERR, _("headerWrite failed\n"));
goto exit;
}
fdFiniDigest(fd, PGPHASHALGO_SHA1, (void **)&SHA1, &sha1len, 1);
/* Copy archive from temp file */
if (Fseek(ofd, 0, SEEK_SET) < 0) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Could not seek in file %s: %s\n"),
rpm, Fstrerror(fd));
goto exit;
}
if (copyFile(&ofd, trpm, &fd, rpm)) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("copyFile failed\n"));
goto exit;
}
unlink(trpm);
sigTargetSize = Ftell(fd) - headerStart;
fdFiniDigest(fd, PGPHASHALGO_MD5, (void **)&MD5, &md5len, 0);
if (headerGet(*sigp, RPMSIGTAG_MD5, &osigtd, HEADERGET_DEFAULT)) {
memcpy(o_md5, osigtd.data, 16);
rpmtdFreeData(&osigtd);
}
if (headerGet(*sigp, RPMSIGTAG_SHA1, &osigtd, HEADERGET_DEFAULT)) {
o_sha1 = xstrdup(osigtd.data);
rpmtdFreeData(&osigtd);
}
if (memcmp(MD5, o_md5, md5len) == 0 && strcmp(SHA1, o_sha1) == 0)
rpmlog(RPMLOG_WARNING,
_("%s already contains identical file signatures\n"),
rpm);
else
replaceSigDigests(fd, rpm, sigp, sigStart, sigTargetSize, SHA1, MD5);
exit:
free(trpm);
free(MD5);
free(SHA1);
free(o_sha1);
free(keypass);
free(key);
if (ofd)
(void) closeFile(&ofd);
return rc;
}
static rpmRC rpmpkgRead(rpmKeyring keyring, rpmVSFlags vsflags,
FD_t fd, const char * fn, Header * hdrp)
{
pgpDigParams sig = NULL;
char buf[8*BUFSIZ];
ssize_t count;
Header sigh = NULL;
rpmTagVal sigtag;
struct rpmtd_s sigtd;
Header h = NULL;
char * msg = NULL;
rpmRC rc = RPMRC_FAIL; /* assume failure */
int leadtype = -1;
headerGetFlags hgeflags = HEADERGET_DEFAULT;
DIGEST_CTX ctx = NULL;
if (hdrp) *hdrp = NULL;
if (fn == NULL)
fn = Fdescr(fd);
rpmtdReset(&sigtd);
if ((rc = rpmLeadRead(fd, NULL, &leadtype, &msg)) != RPMRC_OK) {
/* Avoid message spew on manifests */
if (rc != RPMRC_NOTFOUND)
rpmlog(RPMLOG_ERR, "%s: %s\n", fn, msg);
free(msg);
goto exit;
}
/* Read the signature header. */
rc = rpmReadSignature(fd, &sigh, RPMSIGTYPE_HEADERSIG, &msg);
switch (rc) {
default:
rpmlog(RPMLOG_ERR, _("%s: rpmReadSignature failed: %s"), fn,
(msg && *msg ? msg : "\n"));
msg = _free(msg);
goto exit;
break;
case RPMRC_OK:
if (sigh == NULL) {
rpmlog(RPMLOG_ERR, _("%s: No signature available\n"), fn);
rc = RPMRC_FAIL;
goto exit;
}
break;
}
msg = _free(msg);
#define _chk(_mask, _tag) \
(sigtag == 0 && !(vsflags & (_mask)) && headerIsEntry(sigh, (_tag)))
/*
* Figger the most effective available signature.
* Prefer signatures over digests, then header-only over header+payload.
* DSA will be preferred over RSA if both exist because tested first.
* Note that NEEDPAYLOAD prevents header+payload signatures and digests.
*/
sigtag = 0;
if (_chk(RPMVSF_NODSAHEADER, RPMSIGTAG_DSA)) {
sigtag = RPMSIGTAG_DSA;
} else if (_chk(RPMVSF_NORSAHEADER, RPMSIGTAG_RSA)) {
sigtag = RPMSIGTAG_RSA;
} else if (_chk(RPMVSF_NODSA|RPMVSF_NEEDPAYLOAD, RPMSIGTAG_GPG)) {
sigtag = RPMSIGTAG_GPG;
fdInitDigest(fd, PGPHASHALGO_SHA1, 0);
} else if (_chk(RPMVSF_NORSA|RPMVSF_NEEDPAYLOAD, RPMSIGTAG_PGP)) {
sigtag = RPMSIGTAG_PGP;
fdInitDigest(fd, PGPHASHALGO_MD5, 0);
} else if (_chk(RPMVSF_NOSHA1HEADER, RPMSIGTAG_SHA1)) {
sigtag = RPMSIGTAG_SHA1;
} else if (_chk(RPMVSF_NOMD5|RPMVSF_NEEDPAYLOAD, RPMSIGTAG_MD5)) {
sigtag = RPMSIGTAG_MD5;
fdInitDigest(fd, PGPHASHALGO_MD5, 0);
}
/* Read the metadata, computing digest(s) on the fly. */
h = NULL;
msg = NULL;
rc = rpmpkgReadHeader(keyring, vsflags, fd, &h, &msg);
if (rc != RPMRC_OK || h == NULL) {
rpmlog(RPMLOG_ERR, _("%s: headerRead failed: %s"), fn,
(msg && *msg ? msg : "\n"));
msg = _free(msg);
goto exit;
}
msg = _free(msg);
/* Any digests or signatures to check? */
if (sigtag == 0) {
rc = RPMRC_OK;
goto exit;
}
/* Retrieve the tag parameters from the signature header. */
if (!headerGet(sigh, sigtag, &sigtd, hgeflags)) {
rc = RPMRC_FAIL;
goto exit;
}
switch (sigtag) {
case RPMSIGTAG_RSA:
case RPMSIGTAG_DSA:
if (parsePGPSig(&sigtd, "package", fn, &sig)) {
rc = RPMRC_FAIL;
goto exit;
}
/* fallthrough */
case RPMSIGTAG_SHA1:
{ struct rpmtd_s utd;
unsigned int hashalgo = (sigtag == RPMSIGTAG_SHA1) ?
PGPHASHALGO_SHA1 :
pgpDigParamsAlgo(sig, PGPVAL_HASHALGO);
if (!headerGet(h, RPMTAG_HEADERIMMUTABLE, &utd, hgeflags))
break;
ctx = rpmDigestInit(hashalgo, RPMDIGEST_NONE);
(void) rpmDigestUpdate(ctx, rpm_header_magic, sizeof(rpm_header_magic));
(void) rpmDigestUpdate(ctx, utd.data, utd.count);
rpmtdFreeData(&utd);
} break;
case RPMSIGTAG_GPG:
case RPMSIGTAG_PGP5: /* XXX legacy */
case RPMSIGTAG_PGP:
if (parsePGPSig(&sigtd, "package", fn, &sig)) {
rc = RPMRC_FAIL;
goto exit;
}
/* fallthrough */
case RPMSIGTAG_MD5:
/* Legacy signatures need the compressed payload in the digest too. */
while ((count = Fread(buf, sizeof(buf[0]), sizeof(buf), fd)) > 0) {}
if (count < 0) {
rpmlog(RPMLOG_ERR, _("%s: Fread failed: %s\n"),
fn, Fstrerror(fd));
rc = RPMRC_FAIL;
goto exit;
}
ctx = rpmDigestBundleDupCtx(fdGetBundle(fd),(sigtag == RPMSIGTAG_MD5) ?
PGPHASHALGO_MD5 :
pgpDigParamsAlgo(sig, PGPVAL_HASHALGO));
break;
default:
break;
}
/** @todo Implement disable/enable/warn/error/anal policy. */
rc = rpmVerifySignature(keyring, &sigtd, sig, ctx, &msg);
switch (rc) {
case RPMRC_OK: /* Signature is OK. */
rpmlog(RPMLOG_DEBUG, "%s: %s", fn, msg);
break;
case RPMRC_NOTTRUSTED: /* Signature is OK, but key is not trusted. */
case RPMRC_NOKEY: /* Public key is unavailable. */
/* XXX Print NOKEY/NOTTRUSTED warning only once. */
{ int lvl = (stashKeyid(sig) ? RPMLOG_DEBUG : RPMLOG_WARNING);
rpmlog(lvl, "%s: %s", fn, msg);
} break;
case RPMRC_NOTFOUND: /* Signature is unknown type. */
rpmlog(RPMLOG_WARNING, "%s: %s", fn, msg);
break;
default:
case RPMRC_FAIL: /* Signature does not verify. */
rpmlog(RPMLOG_ERR, "%s: %s", fn, msg);
break;
}
free(msg);
exit:
if (rc != RPMRC_FAIL && h != NULL && hdrp != NULL) {
/* Retrofit RPMTAG_SOURCEPACKAGE to srpms for compatibility */
if (leadtype == RPMLEAD_SOURCE && headerIsSource(h)) {
if (!headerIsEntry(h, RPMTAG_SOURCEPACKAGE)) {
uint32_t one = 1;
headerPutUint32(h, RPMTAG_SOURCEPACKAGE, &one, 1);
}
}
/*
* Try to make sure binary rpms have RPMTAG_SOURCERPM set as that's
* what we use for differentiating binary vs source elsewhere.
*/
if (!headerIsEntry(h, RPMTAG_SOURCEPACKAGE) && headerIsSource(h)) {
headerPutString(h, RPMTAG_SOURCERPM, "(none)");
}
/*
* Convert legacy headers on the fly. Not having immutable region
* equals a truly ancient package, do full retrofit. OTOH newer
* packages might have been built with --nodirtokens, test and handle
* the non-compressed filelist case separately.
*/
if (!headerIsEntry(h, RPMTAG_HEADERIMMUTABLE))
headerConvert(h, HEADERCONV_RETROFIT_V3);
else if (headerIsEntry(h, RPMTAG_OLDFILENAMES))
headerConvert(h, HEADERCONV_COMPRESSFILELIST);
/* Append (and remap) signature tags to the metadata. */
headerMergeLegacySigs(h, sigh);
/* Bump reference count for return. */
*hdrp = headerLink(h);
}
rpmtdFreeData(&sigtd);
rpmDigestFinal(ctx, NULL, NULL, 0);
h = headerFree(h);
pgpDigParamsFree(sig);
sigh = rpmFreeSignature(sigh);
return rc;
}
void * rpmShowProgress(const void * arg,
const rpmCallbackType what,
const rpm_loff_t amount,
const rpm_loff_t total,
fnpyKey key,
void * data)
{
Header h = (Header) arg;
int flags = (int) ((long)data);
void * rc = NULL;
const char * filename = (const char *)key;
static FD_t fd = NULL;
switch (what) {
case RPMCALLBACK_INST_OPEN_FILE:
if (filename == NULL || filename[0] == '\0')
return NULL;
fd = Fopen(filename, "r.ufdio");
/* FIX: still necessary? */
if (fd == NULL || Ferror(fd)) {
rpmlog(RPMLOG_ERR, _("open of %s failed: %s\n"), filename,
Fstrerror(fd));
if (fd != NULL) {
Fclose(fd);
fd = NULL;
}
} else
fd = fdLink(fd);
return (void *)fd;
break;
case RPMCALLBACK_INST_CLOSE_FILE:
/* FIX: still necessary? */
fd = fdFree(fd);
if (fd != NULL) {
Fclose(fd);
fd = NULL;
}
break;
case RPMCALLBACK_INST_START:
case RPMCALLBACK_UNINST_START:
if (rpmcliProgressState != what) {
rpmcliProgressState = what;
if (flags & INSTALL_HASH) {
if (what == RPMCALLBACK_INST_START) {
fprintf(stdout, _("Updating / installing...\n"));
} else {
fprintf(stdout, _("Cleaning up / removing...\n"));
}
fflush(stdout);
}
}
rpmcliHashesCurrent = 0;
if (h == NULL || !(flags & INSTALL_LABEL))
break;
if (flags & INSTALL_HASH) {
char *s = headerGetAsString(h, RPMTAG_NEVR);
if (isatty (STDOUT_FILENO))
fprintf(stdout, "%4d:%-33.33s", rpmcliProgressCurrent + 1, s);
else
fprintf(stdout, "%-38.38s", s);
(void) fflush(stdout);
free(s);
} else {
char *s = headerGetAsString(h, RPMTAG_NEVRA);
fprintf(stdout, "%s\n", s);
(void) fflush(stdout);
free(s);
}
break;
case RPMCALLBACK_INST_STOP:
break;
case RPMCALLBACK_TRANS_PROGRESS:
case RPMCALLBACK_INST_PROGRESS:
case RPMCALLBACK_UNINST_PROGRESS:
if (flags & INSTALL_PERCENT)
fprintf(stdout, "%%%% %f\n", (double) (total
? ((((float) amount) / total) * 100)
: 100.0));
else if (flags & INSTALL_HASH)
printHash(amount, total);
(void) fflush(stdout);
break;
case RPMCALLBACK_TRANS_START:
rpmcliHashesCurrent = 0;
rpmcliProgressTotal = 1;
rpmcliProgressCurrent = 0;
rpmcliPackagesTotal = total;
rpmcliProgressState = what;
if (!(flags & INSTALL_LABEL))
break;
if (flags & INSTALL_HASH)
fprintf(stdout, "%-38s", _("Preparing..."));
else
fprintf(stdout, "%s\n", _("Preparing packages..."));
(void) fflush(stdout);
break;
case RPMCALLBACK_TRANS_STOP:
if (flags & INSTALL_HASH)
printHash(1, 1); /* Fixes "preparing..." progress bar */
rpmcliProgressTotal = rpmcliPackagesTotal;
rpmcliProgressCurrent = 0;
break;
case RPMCALLBACK_UNINST_STOP:
break;
case RPMCALLBACK_UNPACK_ERROR:
break;
case RPMCALLBACK_CPIO_ERROR:
break;
case RPMCALLBACK_SCRIPT_ERROR:
break;
case RPMCALLBACK_SCRIPT_START:
break;
case RPMCALLBACK_SCRIPT_STOP:
break;
case RPMCALLBACK_UNKNOWN:
default:
break;
}
return rc;
}
int
main(int argc, char* argv[])
{
DB *dbp2;
DBT key, data;
FBFR *buf, *replyBuf;
HDbRec rec;
TPINIT *initBuf;
DB_ENV *dbenv2, *dbenv1;
long len, replyLen, seqNo;
int ch, cnt, cnt_abort, cnt_commit, cnt_server1, i, ret;
char *target;
char *home = HOME;
u_int32_t flags = DB_INIT_MPOOL | DB_INIT_LOG | DB_INIT_TXN |
DB_INIT_LOCK | DB_CREATE | DB_RECOVER | DB_REGISTER;
u_int32_t dbflags = DB_CREATE;
progname = argv[0];
dbenv2 = dbenv1 = NULL;
dbp2 = NULL;
buf = replyBuf = NULL;
initBuf = NULL;
cnt = 1000;
cnt_abort = cnt_commit = cnt_server1 = 0;
while ((ch = getopt(argc, argv, "n:v")) != EOF)
switch (ch) {
case 'n':
cnt = atoi(optarg);
break;
case 'v':
verbose = 1;
break;
case '?':
default:
return (usage());
}
argc -= optind;
argv += optind;
if (verbose)
printf("%s: called\n", progname);
/* Seed random number generator. */
srand((u_int)(time(NULL) | getpid()));
if (tpinit((TPINIT *)NULL) == -1)
goto tuxedo_err;
if (verbose)
printf("%s: tpinit() OK\n", progname);
/* Allocate init buffer */
if ((initBuf = (TPINIT *)tpalloc("TPINIT", NULL, TPINITNEED(0))) == 0)
goto tuxedo_err;
if (verbose)
printf("%s: tpalloc(\"TPINIT\") OK\n", progname);
/* Create the DB environment. */
if ((ret = db_env_create(&dbenv2, 0)) != 0 ||
(ret = dbenv2->open(dbenv2, home, flags, 0)) != 0) {
fprintf(stderr,
"%s: %s: %s\n", progname, home, db_strerror(ret));
goto err;
}
dbenv2->set_errfile(dbenv2, stderr);
if (verbose)
printf("%s: opened %s OK\n", progname, home);
/*
* Open table #2 -- Data is inserted into table 1 using XA
* transactions, and inserted into table 2 using regular transactions.
*/
if ((ret = db_create(&dbp2, dbenv2, 0)) != 0 ||
(ret = dbp2->open(dbp2,
NULL, TABLE2, NULL, DB_BTREE, dbflags, 0660)) != 0) {
fprintf(stderr,
"%s: %s %s\n", progname, TABLE2, db_strerror(ret));
goto err;
}
if (verbose)
printf("%s: opened %s OK\n", progname, TABLE2);
/* Allocate send buffer. */
len = Fneeded(1, 3 * sizeof(long));
if ((buf = (FBFR*)tpalloc("FML32", NULL, len)) == 0)
goto tuxedo_err;
if (verbose)
printf("%s: tpalloc(\"FML32\"), send buffer OK\n", progname);
/* Allocate reply buffer. */
replyLen = 1024;
if ((replyBuf = (FBFR*)tpalloc("FML32", NULL, replyLen)) == NULL)
goto tuxedo_err;
if (verbose)
printf("%s: tpalloc(\"FML32\"), reply buffer OK\n", progname);
memset(&key, 0, sizeof(key));
memset(&data, 0, sizeof(data));
for (rec.SeqNo = 1, i = 0; i < cnt; ++i, ++rec.SeqNo) {
GetTime(&rec.Ts);
if (Fchg(buf, SEQ_NO, 0, (char *)&rec.SeqNo, 0) == -1)
goto tuxedo_fml_err;
if (verbose)
printf("%s: Fchg(), sequence number OK\n", progname);
if (Fchg(buf, TS_SEC, 0, (char *)&rec.Ts.Sec, 0) == -1)
goto tuxedo_fml_err;
if (verbose)
printf("%s: Fchg(), seconds OK\n", progname);
if (Fchg(buf, TS_USEC, 0, (char *)&rec.Ts.Usec, 0) == -1)
goto tuxedo_fml_err;
if (verbose)
printf("%s: Fchg(), microseconds OK\n", progname);
if (tpbegin(60L, 0L) == -1)
goto tuxedo_err;
if (verbose)
printf("%s: tpbegin() OK\n", progname);
/* Randomly send half of our requests to each server. */
if (rand() % 2 > 0) {
++cnt_server1;
target = "TestTxn1";
} else
target = "TestTxn2";
if (tpcall(target, (char *)buf,
0L, (char **)&replyBuf, &replyLen, TPSIGRSTRT) == -1)
goto tuxedo_err;
/* Commit for a return value of 0, otherwise abort. */
if (tpurcode == 0) {
++cnt_commit;
if (verbose)
printf("%s: txn success\n", progname);
if (tpcommit(0L) == -1)
goto abort;
if (verbose)
printf("%s: tpcommit() OK\n", progname);
/*
* Store a copy of the key/data pair into table #2
* on success, we'll compare table #1 and table #2
* after the run finishes.
*/
seqNo = rec.SeqNo;
key.data = &seqNo;
key.size = sizeof(seqNo);
data.data = &seqNo;
data.size = sizeof(seqNo);
if ((ret =
dbp2->put(dbp2, NULL, &key, &data, 0)) != 0) {
fprintf(stderr, "%s: DB->put: %s %s\n",
progname, TABLE2, db_strerror(ret));
goto err;
}
} else {
abort: ++cnt_abort;
if (verbose)
printf("%s: txn failure\n", progname);
if (tpabort(0L) == -1)
goto tuxedo_err;
if (verbose)
printf("%s: tpabort() OK\n", progname);
}
}
printf("%s: %d requests: %d committed, %d aborted\n",
progname, cnt, cnt_commit, cnt_abort);
printf("%s: %d sent to server #1, %d sent to server #2\n",
progname, cnt_server1, cnt - cnt_server1);
/* Check that database 1 and database 2 are identical. */
if (dbp2 != NULL)
(void)dbp2->close(dbp2, 0);
dbp2 = NULL;
if ((ret = db_env_create(&dbenv1, 0)) != 0 ||
(ret = dbenv1->open(dbenv1, "../data", flags, 0)) != 0)
goto err;
ret = check_data(dbenv1, TABLE1, dbenv2, TABLE2, progname);
if (0) {
tuxedo_err: fprintf(stderr, "%s: TUXEDO ERROR: %s (code %d)\n",
progname, tpstrerror(tperrno), tperrno);
goto err;
}
if (0) {
tuxedo_fml_err: fprintf(stderr, "%s: FML ERROR: %s (code %d)\n",
progname, Fstrerror(Ferror), Ferror);
}
if (0) {
err: ret = EXIT_FAILURE;
}
if (replyBuf != NULL)
tpfree((char *)replyBuf);
if (buf != NULL)
tpfree((char *)buf);
if (initBuf != NULL)
tpfree((char *)initBuf);
if (dbp2 != NULL)
(void)dbp2->close(dbp2, 0);
if (dbenv1 != NULL)
(void)dbenv1->close(dbenv1, 0);
if (dbenv2 != NULL)
(void)dbenv2->close(dbenv2, 0);
tpterm();
if (verbose)
printf("%s: tpterm() OK\n", progname);
return (ret);
}
/*
* explode source RPM into the current directory
* use filters to skip packages and files we do not need
*/
int explodeRPM(const char *source,
filterfunc filter,
dependencyfunc provides,
dependencyfunc deps,
void* userptr)
{
char buffer[BUFFERSIZE+1]; /* make space for trailing \0 */
FD_t fdi;
Header h;
char * rpmio_flags = NULL;
rpmRC rc;
FD_t gzdi;
struct archive *cpio;
struct archive_entry *cpio_entry;
struct cpio_mydata cpio_mydata;
rpmts ts;
rpmVSFlags vsflags;
const char *compr;
int packageflags = 0;
if (strcmp(source, "-") == 0)
fdi = fdDup(STDIN_FILENO);
else
fdi = Fopen(source, "r.ufdio");
if (Ferror(fdi)) {
const char *srcname = (strcmp(source, "-") == 0) ? "<stdin>" : source;
logMessage(ERROR, "%s: %s\n", srcname, Fstrerror(fdi));
return EXIT_FAILURE;
}
rpmReadConfigFiles(NULL, NULL);
/* Initialize RPM transaction */
ts = rpmtsCreate();
vsflags = 0;
/* Do not check digests, signatures or headers */
vsflags |= _RPMVSF_NODIGESTS;
vsflags |= _RPMVSF_NOSIGNATURES;
vsflags |= RPMVSF_NOHDRCHK;
(void) rpmtsSetVSFlags(ts, vsflags);
rc = rpmReadPackageFile(ts, fdi, "rpm2dir", &h);
ts = rpmtsFree(ts);
switch (rc) {
case RPMRC_OK:
case RPMRC_NOKEY:
case RPMRC_NOTTRUSTED:
break;
case RPMRC_NOTFOUND:
logMessage(ERROR, "%s is not an RPM package", source);
return EXIT_FAILURE;
break;
case RPMRC_FAIL:
default:
logMessage(ERROR, "error reading header from %s package\n", source);
return EXIT_FAILURE;
break;
}
/* Retrieve all dependencies and run them through deps function */
while (deps) {
struct rpmtd_s tddep;
struct rpmtd_s tdver;
struct rpmtd_s tdsense;
const char *depname;
const char *depversion;
uint32_t depsense;
if (!headerGet(h, RPMTAG_REQUIRES, &tddep, HEADERGET_MINMEM))
break;
if (!headerGet(h, RPMTAG_REQUIREVERSION, &tdver, HEADERGET_MINMEM)) {
rpmtdFreeData(&tddep);
break;
}
if (!headerGet(h, RPMTAG_REQUIREFLAGS, &tdsense, HEADERGET_MINMEM)) {
rpmtdFreeData(&tddep);
rpmtdFreeData(&tdver);
break;
}
/* iterator */
while ((depname = rpmtdNextString(&tddep))) {
depversion = rpmtdNextString(&tdver);
depsense = *(rpmtdNextUint32(&tdsense));
if (deps(depname, depversion, depsense, userptr)) {
rpmtdFreeData(&tddep);
rpmtdFreeData(&tdver);
rpmtdFreeData(&tdsense);
Fclose(fdi);
return EXIT_BADDEPS;
}
}
rpmtdFreeData(&tddep);
rpmtdFreeData(&tdver);
rpmtdFreeData(&tdsense);
break;
}
/* Retrieve all provides and run them through provides function */
while (provides) {
struct rpmtd_s tddep;
struct rpmtd_s tdver;
struct rpmtd_s tdsense;
const char *depname;
const char *depversion;
uint32_t depsense;
if (!headerGet(h, RPMTAG_PROVIDES, &tddep, HEADERGET_MINMEM))
break;
if (!headerGet(h, RPMTAG_PROVIDEVERSION, &tdver, HEADERGET_MINMEM)) {
rpmtdFreeData(&tddep);
break;
}
if (!headerGet(h, RPMTAG_PROVIDEFLAGS, &tdsense, HEADERGET_MINMEM)) {
rpmtdFreeData(&tddep);
rpmtdFreeData(&tdver);
break;
}
/* iterator */
while ((depname = rpmtdNextString(&tddep))) {
depversion = rpmtdNextString(&tdver);
depsense = *(rpmtdNextUint32(&tdsense));
packageflags |= provides(depname, depversion, depsense, userptr);
}
rpmtdFreeData(&tddep);
rpmtdFreeData(&tdver);
rpmtdFreeData(&tdsense);
if (packageflags == 0) {
Fclose(fdi);
return EXIT_BADDEPS;
}
break;
}
/* Retrieve type of payload compression. */
compr = headerGetString(h, RPMTAG_PAYLOADCOMPRESSOR);
if (compr && strcmp(compr, "gzip")) {
checked_asprintf(&rpmio_flags, "r.%sdio", compr);
}
else {
checked_asprintf(&rpmio_flags, "r.gzdio");
}
/* Open uncompressed cpio stream */
gzdi = Fdopen(fdi, rpmio_flags);
free(rpmio_flags);
if (gzdi == NULL) {
logMessage(ERROR, "cannot re-open payload: %s", Fstrerror(gzdi));
return EXIT_FAILURE;
}
/* initialize cpio decompressor */
cpio = archive_read_new();
if (cpio==NULL) {
Fclose(gzdi);
return -1;
}
cpio_mydata.gzdi = gzdi;
cpio_mydata.buffer = buffer;
archive_read_support_compression_all(cpio);
archive_read_support_format_all(cpio);
rc = archive_read_open(cpio, &cpio_mydata, NULL, rpm_myread, rpm_myclose);
/* check the status of archive_open */
if (rc != ARCHIVE_OK) {
Fclose(gzdi);
return -1;
}
/* read all files in cpio archive */
while ((rc = archive_read_next_header(cpio, &cpio_entry)) == ARCHIVE_OK) {
const struct stat *fstat;
int64_t fsize;
const char* filename;
int needskip = 1; /* do we need to read the data to get to the next header? */
int offset = 0;
int towrite = 0;
filename = archive_entry_pathname(cpio_entry);
fstat = archive_entry_stat(cpio_entry);
fsize = archive_entry_size(cpio_entry);
/* Strip leading slashes */
while (filename[offset] == '/')
offset+=1;
/* Strip leading ./ */
while (filename[offset] == '.' && filename[offset+1] == '/')
offset+=2;
/* Other file type - we do not care except special cases */
if (!S_ISREG(fstat->st_mode))
towrite = 1;
else
towrite = 2;
if (filter && (!filter(filename+offset, fstat, packageflags, userptr))) {
/* filter this file */
towrite = 0;
}
/* Create directories */
char* dirname = strdup(filename+offset);
/* If the dup fails, let's hope the dirs already exist */
if (dirname) {
char* dirptr = dirname;
while (dirptr && *dirptr) {
dirptr = strchr(dirptr, '/');
if (dirptr) {
*dirptr = 0;
mkdir(dirname, 0700);
*dirptr = '/';
dirptr++;
}
}
free(dirname);
}
/* Regular file */
if (towrite>=2) {
FILE *fdout = fopen(filename+offset, "w");
if (fdout==NULL) {
rc = 33;
break;
}
rc = archive_read_data_into_fd(cpio, fileno(fdout));
if (rc!=ARCHIVE_OK) {
/* XXX We didn't get the file.. well.. */
needskip = 0;
} else {
needskip = 0;
}
fclose(fdout);
/* set access rights */
if (chmod(filename+offset, fstat->st_mode)) {
logMessage(ERROR, "Failed to set the rights for %s to %04o", filename+offset, fstat->st_mode);
}
}
/* symlink, we assume that the path contained in symlink
* is shorter than BUFFERSIZE */
while (towrite && S_ISLNK(fstat->st_mode)) {
char symlinkbuffer[BUFFERSIZE-1];
needskip = 0;
if ((rc = archive_read_data(cpio, symlinkbuffer, fsize))!=ARCHIVE_OK) {
/* XXX We didn't get the file.. well.. */
break;
}
if (symlink(buffer, filename+offset)) {
logMessage(ERROR, "Failed to create symlink %s -> %s", filename+offset, buffer);
}
break;
}
if(needskip)
archive_read_data_skip(cpio);
}
rc = archive_read_finish(cpio); /* Also closes the RPM stream using callback */
return rc != ARCHIVE_OK;
}
/**
* hif_keyring_check_untrusted_file:
*/
gboolean
hif_keyring_check_untrusted_file (rpmKeyring keyring,
const gchar *filename,
GError **error)
{
FD_t fd = NULL;
gboolean ret = FALSE;
Header hdr = NULL;
pgpDig dig = NULL;
rpmRC rc;
rpmtd td = NULL;
rpmts ts = NULL;
/* open the file for reading */
fd = Fopen (filename, "r.fdio");
if (fd == NULL) {
g_set_error (error,
HIF_ERROR,
HIF_ERROR_FILE_INVALID,
"failed to open %s",
filename);
goto out;
}
if (Ferror (fd)) {
g_set_error (error,
HIF_ERROR,
HIF_ERROR_FILE_INVALID,
"failed to open %s: %s",
filename,
Fstrerror(fd));
goto out;
}
/* we don't want to abort on missing keys */
ts = rpmtsCreate ();
rpmtsSetVSFlags (ts, _RPMVSF_NOSIGNATURES);
/* read in the file */
rc = rpmReadPackageFile (ts, fd, filename, &hdr);
if (rc != RPMRC_OK) {
/* we only return SHA1 and MD5 failures, as we're not
* checking signatures at this stage */
g_set_error (error,
HIF_ERROR,
HIF_ERROR_FILE_INVALID,
"%s could not be verified",
filename);
goto out;
}
/* convert and upscale */
headerConvert (hdr, HEADERCONV_RETROFIT_V3);
/* get RSA key */
td = rpmtdNew ();
rc = headerGet (hdr,
RPMTAG_RSAHEADER,
td,
HEADERGET_MINMEM);
if (rc != 1) {
/* try to read DSA key as a fallback */
rc = headerGet (hdr,
RPMTAG_DSAHEADER,
td,
HEADERGET_MINMEM);
}
/* the package has no signing key */
if (rc != 1) {
_cleanup_free_ char *package_filename = g_path_get_basename (filename);
ret = FALSE;
g_set_error (error,
HIF_ERROR,
HIF_ERROR_GPG_SIGNATURE_INVALID,
"package not signed: %s", package_filename);
goto out;
}
/* make it into a digest */
dig = pgpNewDig ();
rc = pgpPrtPkts (td->data, td->count, dig, 0);
if (rc != 0) {
g_set_error (error,
HIF_ERROR,
HIF_ERROR_FILE_INVALID,
"failed to parse digest header for %s",
filename);
goto out;
}
/* does the key exist in the keyring */
rc = rpmKeyringLookup (keyring, dig);
if (rc != RPMRC_OK) {
g_set_error_literal (error,
HIF_ERROR,
HIF_ERROR_GPG_SIGNATURE_INVALID,
"failed to lookup digest in keyring");
goto out;
}
/* the package is signed by a key we trust */
g_debug ("%s has been verified as trusted", filename);
ret = TRUE;
out:
if (dig != NULL)
pgpFreeDig (dig);
if (td != NULL) {
rpmtdFreeData (td);
rpmtdFree (td);
}
if (ts != NULL)
rpmtsFree (ts);
if (hdr != NULL)
headerFree (hdr);
if (fd != NULL)
Fclose (fd);
return ret;
}
int main(int argc, char *argv[])
{
FD_t fdi, fdo;
Header h;
char * rpmio_flags;
rpmRC rc;
FD_t gzdi;
setprogname(argv[0]); /* Retrofit glibc __progname */
if (argc == 1)
fdi = fdDup(STDIN_FILENO);
else
fdi = Fopen(argv[1], "r.ufdio");
if (Ferror(fdi)) {
fprintf(stderr, "%s: %s: %s\n", argv[0],
(argc == 1 ? "<stdin>" : argv[1]), Fstrerror(fdi));
exit(EXIT_FAILURE);
}
fdo = fdDup(STDOUT_FILENO);
rpmReadConfigFiles(NULL, NULL);
{ rpmts ts = rpmtsCreate();
rpmVSFlags vsflags = 0;
/* XXX retain the ageless behavior of rpm2cpio */
vsflags |= _RPMVSF_NODIGESTS;
vsflags |= _RPMVSF_NOSIGNATURES;
vsflags |= RPMVSF_NOHDRCHK;
(void) rpmtsSetVSFlags(ts, vsflags);
/* LCL: segfault */
rc = rpmReadPackageFile(ts, fdi, "rpm2cpio", &h);
ts = rpmtsFree(ts);
}
switch (rc) {
case RPMRC_OK:
case RPMRC_NOKEY:
case RPMRC_NOTTRUSTED:
break;
case RPMRC_NOTFOUND:
fprintf(stderr, _("argument is not an RPM package\n"));
exit(EXIT_FAILURE);
break;
case RPMRC_FAIL:
default:
fprintf(stderr, _("error reading header from package\n"));
exit(EXIT_FAILURE);
break;
}
/* Retrieve type of payload compression. */
{ const char * payload_compressor = NULL;
struct rpmtd_s pc;
headerGet(h, RPMTAG_PAYLOADCOMPRESSOR, &pc, HEADERGET_DEFAULT);
payload_compressor = rpmtdGetString(&pc);
if (!payload_compressor)
payload_compressor = "gzip";
if (!strcmp(payload_compressor, "gzip"))
rpmio_flags = "r.gzdio";
if (!strcmp(payload_compressor, "bzip2"))
rpmio_flags = "r.bzdio";
if (!strcmp(payload_compressor, "lzma"))
rpmio_flags = "r.lzdio";
rpmtdFreeData(&pc);
}
gzdi = Fdopen(fdi, rpmio_flags); /* XXX gzdi == fdi */
if (gzdi == NULL) {
fprintf(stderr, _("cannot re-open payload: %s\n"), Fstrerror(gzdi));
exit(EXIT_FAILURE);
}
rc = ufdCopy(gzdi, fdo);
rc = (rc <= 0) ? EXIT_FAILURE : EXIT_SUCCESS;
Fclose(fdo);
Fclose(gzdi); /* XXX gzdi == fdi */
return rc;
}
static int doIcon(Spec spec, Header h)
/*@globals rpmGlobalMacroContext, h_errno, fileSystem, internalState @*/
/*@modifies h, rpmGlobalMacroContext, fileSystem, internalState @*/
{
static size_t iconsize = 0;
HE_t he = memset(alloca(sizeof(*he)), 0, sizeof(*he));
const char *fn, *Lurlfn = NULL;
struct Source *sp;
size_t nb;
rpmuint8_t * icon;
FD_t fd = NULL;
int rc = RPMRC_FAIL; /* assume error */
int urltype;
int xx;
if (iconsize == 0) {
iconsize = rpmExpandNumeric("%{?_build_iconsize}");
if (iconsize < 2048)
iconsize = 2048;
}
icon = alloca(iconsize+1);
for (sp = spec->sources; sp != NULL; sp = sp->next) {
if (sp->flags & RPMFILE_ICON)
break;
}
if (sp == NULL) {
rpmlog(RPMLOG_ERR, _("No icon file in sources\n"));
goto exit;
}
#if defined(RPM_VENDOR_OPENPKG) /* splitted-source-directory */
/* support splitted source directories, i.e., source files which
are alternatively placed into the .spec directory and picked
up from there, too. */
Lurlfn = rpmGenPath(NULL, "%{_specdir}/", sp->source);
if (access(Lurlfn, F_OK) == -1) {
Lurlfn = _free(Lurlfn);
Lurlfn = rpmGenPath(NULL, "%{_icondir}/", sp->source);
}
#else
Lurlfn = rpmGenPath(NULL, "%{_icondir}/", sp->source);
#endif
fn = NULL;
urltype = urlPath(Lurlfn, &fn);
switch (urltype) {
case URL_IS_HTTPS:
case URL_IS_HTTP:
case URL_IS_FTP:
case URL_IS_PATH:
case URL_IS_UNKNOWN:
break;
case URL_IS_DASH:
case URL_IS_HKP:
case URL_IS_MONGO: /* XXX FIXME */
rpmlog(RPMLOG_ERR, _("Invalid icon URL: %s\n"), Lurlfn);
goto exit;
/*@notreached@*/ break;
}
fd = Fopen(fn, "r%{?_rpmgio}");
if (fd == NULL || Ferror(fd)) {
rpmlog(RPMLOG_ERR, _("Unable to open icon %s: %s\n"),
fn, Fstrerror(fd));
rc = RPMRC_FAIL;
goto exit;
}
*icon = '\0';
nb = Fread(icon, sizeof(icon[0]), iconsize, fd);
if (Ferror(fd) || nb == 0) {
rpmlog(RPMLOG_ERR, _("Unable to read icon %s: %s\n"),
fn, Fstrerror(fd));
goto exit;
}
if (nb >= iconsize) {
rpmlog(RPMLOG_ERR, _("Icon %s is too big (max. %d bytes)\n"),
fn, (int)iconsize);
goto exit;
}
if (icon[0] == 'G' && icon[1] == 'I' && icon[2] == 'F')
he->tag = RPMTAG_GIF;
else
if (icon[0] == '/' && icon[1] == '*' && icon[2] == ' '
&& icon[3] == 'X' && icon[4] == 'P' && icon[5] == 'M')
he->tag = RPMTAG_XPM;
else
he->tag = tagValue("Icon");
he->t = RPM_BIN_TYPE;
he->p.ui8p = icon;
he->c = (rpmTagCount)nb;
xx = headerPut(h, he, 0);
rc = 0;
exit:
if (fd) {
(void) Fclose(fd);
fd = NULL;
}
Lurlfn = _free(Lurlfn);
return rc;
}
rpmRC writeRPM(Header *hdrp, unsigned char ** pkgidp, const char *fileName,
CSA_t csa, char *passPhrase, char **cookie)
{
FD_t fd = NULL;
FD_t ifd = NULL;
ssize_t count;
rpmSigTag sigtag;
char * sigtarget = NULL;;
char * rpmio_flags = NULL;
char * SHA1 = NULL;
char *s;
char *buf = NULL;
Header h;
Header sig = NULL;
int xx;
rpmRC rc = RPMRC_OK;
struct rpmtd_s td;
rpmSigTag sizetag;
rpmTag payloadtag;
/* Transfer header reference form *hdrp to h. */
h = headerLink(*hdrp);
*hdrp = headerFree(*hdrp);
if (pkgidp)
*pkgidp = NULL;
/* Save payload information */
if (headerIsSource(h))
rpmio_flags = rpmExpand("%{?_source_payload}", NULL);
else
rpmio_flags = rpmExpand("%{?_binary_payload}", NULL);
if (!(rpmio_flags && *rpmio_flags)) {
rpmio_flags = _free(rpmio_flags);
rpmio_flags = xstrdup("w9.gzdio");
}
s = strchr(rpmio_flags, '.');
if (s) {
const char *compr = NULL;
headerPutString(h, RPMTAG_PAYLOADFORMAT, "cpio");
if (strcmp(s+1, "gzdio") == 0) {
compr = "gzip";
} else if (strcmp(s+1, "bzdio") == 0) {
compr = "bzip2";
/* Add prereq on rpm version that understands bzip2 payloads */
(void) rpmlibNeedsFeature(h, "PayloadIsBzip2", "3.0.5-1");
} else if (strcmp(s+1, "lzdio") == 0) {
compr = "lzma";
(void) rpmlibNeedsFeature(h, "PayloadIsLzma", "4.4.90-1");
} else {
rpmlog(RPMLOG_ERR, _("Unknown payload compression: %s\n"),
rpmio_flags);
rc = RPMRC_FAIL;
goto exit;
}
headerPutString(h, RPMTAG_PAYLOADCOMPRESSOR, compr);
buf = xstrdup(rpmio_flags);
buf[s - rpmio_flags] = '\0';
headerPutString(h, RPMTAG_PAYLOADFLAGS, buf+1);
free(buf);
}
/* Create and add the cookie */
if (cookie) {
rasprintf(cookie, "%s %d", buildHost(), (int) (*getBuildTime()));
headerPutString(h, RPMTAG_COOKIE, *cookie);
}
/* Reallocate the header into one contiguous region. */
h = headerReload(h, RPMTAG_HEADERIMMUTABLE);
if (h == NULL) { /* XXX can't happen */
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Unable to create immutable header region.\n"));
goto exit;
}
/* Re-reference reallocated header. */
*hdrp = headerLink(h);
/*
* Write the header+archive into a temp file so that the size of
* archive (after compression) can be added to the header.
*/
fd = rpmMkTempFile(NULL, &sigtarget);
if (fd == NULL || Ferror(fd)) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Unable to open temp file.\n"));
goto exit;
}
fdInitDigest(fd, PGPHASHALGO_SHA1, 0);
if (headerWrite(fd, h, HEADER_MAGIC_YES)) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Unable to write temp header\n"));
} else { /* Write the archive and get the size */
(void) Fflush(fd);
fdFiniDigest(fd, PGPHASHALGO_SHA1, (void **)&SHA1, NULL, 1);
if (csa->cpioList != NULL) {
rc = cpio_doio(fd, h, csa, rpmio_flags);
} else if (Fileno(csa->cpioFdIn) >= 0) {
rc = cpio_copy(fd, csa);
} else {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Bad CSA data\n"));
}
}
rpmio_flags = _free(rpmio_flags);
if (rc != RPMRC_OK)
goto exit;
(void) Fclose(fd);
fd = NULL;
(void) unlink(fileName);
/* Generate the signature */
(void) fflush(stdout);
sig = rpmNewSignature();
/*
* There should be rpmlib() dependency on this, but that doesn't
* really do much good as these are signature tags that get read
* way before dependency checking has a chance to figure out anything.
* On the positive side, not inserting the 32bit tag at all means
* older rpm will just bail out with error message on attempt to read
* such a package.
*/
if (csa->cpioArchiveSize < UINT32_MAX) {
sizetag = RPMSIGTAG_SIZE;
payloadtag = RPMSIGTAG_PAYLOADSIZE;
} else {
sizetag = RPMSIGTAG_LONGSIZE;
payloadtag = RPMSIGTAG_LONGARCHIVESIZE;
}
(void) rpmAddSignature(sig, sigtarget, sizetag, passPhrase);
(void) rpmAddSignature(sig, sigtarget, RPMSIGTAG_MD5, passPhrase);
if ((sigtag = rpmLookupSignatureType(RPMLOOKUPSIG_QUERY)) > 0) {
rpmlog(RPMLOG_NOTICE, _("Generating signature: %d\n"), sigtag);
(void) rpmAddSignature(sig, sigtarget, sigtag, passPhrase);
}
if (SHA1) {
/* XXX can't use rpmtdFromFoo() on RPMSIGTAG_* items */
rpmtdReset(&td);
td.tag = RPMSIGTAG_SHA1;
td.type = RPM_STRING_TYPE;
td.data = SHA1;
td.count = 1;
headerPut(sig, &td, HEADERPUT_DEFAULT);
SHA1 = _free(SHA1);
}
{
/* XXX can't use headerPutType() on legacy RPMSIGTAG_* items */
rpmtdReset(&td);
td.tag = payloadtag;
td.count = 1;
if (payloadtag == RPMSIGTAG_PAYLOADSIZE) {
rpm_off_t asize = csa->cpioArchiveSize;
td.type = RPM_INT32_TYPE;
td.data = &asize;
headerPut(sig, &td, HEADERPUT_DEFAULT);
} else {
rpm_loff_t asize = csa->cpioArchiveSize;
td.type = RPM_INT64_TYPE;
td.data = &asize;
headerPut(sig, &td, HEADERPUT_DEFAULT);
}
}
/* Reallocate the signature into one contiguous region. */
sig = headerReload(sig, RPMTAG_HEADERSIGNATURES);
if (sig == NULL) { /* XXX can't happen */
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Unable to reload signature header.\n"));
goto exit;
}
/* Open the output file */
fd = Fopen(fileName, "w.ufdio");
if (fd == NULL || Ferror(fd)) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Could not open %s: %s\n"),
fileName, Fstrerror(fd));
goto exit;
}
/* Write the lead section into the package. */
{
rpmlead lead = rpmLeadFromHeader(h);
rc = rpmLeadWrite(fd, lead);
lead = rpmLeadFree(lead);
if (rc != RPMRC_OK) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Unable to write package: %s\n"),
Fstrerror(fd));
goto exit;
}
}
/* Write the signature section into the package. */
if (rpmWriteSignature(fd, sig)) {
rc = RPMRC_FAIL;
goto exit;
}
/* Append the header and archive */
ifd = Fopen(sigtarget, "r.ufdio");
if (ifd == NULL || Ferror(ifd)) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Unable to open sigtarget %s: %s\n"),
sigtarget, Fstrerror(ifd));
goto exit;
}
/* Add signatures to header, and write header into the package. */
/* XXX header+payload digests/signatures might be checked again here. */
{ Header nh = headerRead(ifd, HEADER_MAGIC_YES);
if (nh == NULL) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Unable to read header from %s: %s\n"),
sigtarget, Fstrerror(ifd));
goto exit;
}
#ifdef NOTYET
(void) headerMergeLegacySigs(nh, sig);
#endif
xx = headerWrite(fd, nh, HEADER_MAGIC_YES);
nh = headerFree(nh);
if (xx) {
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Unable to write header to %s: %s\n"),
fileName, Fstrerror(fd));
goto exit;
}
}
/* Write the payload into the package. */
buf = xmalloc(BUFSIZ);
while ((count = Fread(buf, 1, BUFSIZ, ifd)) > 0) {
if (count == -1) {
free(buf);
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Unable to read payload from %s: %s\n"),
sigtarget, Fstrerror(ifd));
goto exit;
}
if (Fwrite(buf, sizeof(buf[0]), count, fd) != count) {
free(buf);
rc = RPMRC_FAIL;
rpmlog(RPMLOG_ERR, _("Unable to write payload to %s: %s\n"),
fileName, Fstrerror(fd));
goto exit;
}
}
free(buf);
rc = RPMRC_OK;
exit:
SHA1 = _free(SHA1);
h = headerFree(h);
/* XXX Fish the pkgid out of the signature header. */
if (sig != NULL && pkgidp != NULL) {
struct rpmtd_s md5tag;
headerGet(sig, RPMSIGTAG_MD5, &md5tag, HEADERGET_DEFAULT);
if (rpmtdType(&md5tag) == RPM_BIN_TYPE &&
md5tag.count == 16 && md5tag.data != NULL) {
*pkgidp = md5tag.data;
}
}
sig = rpmFreeSignature(sig);
if (ifd) {
(void) Fclose(ifd);
ifd = NULL;
}
if (fd) {
(void) Fclose(fd);
fd = NULL;
}
if (sigtarget) {
(void) unlink(sigtarget);
sigtarget = _free(sigtarget);
}
if (rc == RPMRC_OK)
rpmlog(RPMLOG_NOTICE, _("Wrote: %s\n"), fileName);
else
(void) unlink(fileName);
return rc;
}
rpmRC readRPM(const char *fileName, rpmSpec *specp,
Header *sigs, CSA_t csa)
{
FD_t fdi;
rpmSpec spec;
rpmRC rc;
fdi = (fileName != NULL)
? Fopen(fileName, "r.ufdio")
: fdDup(STDIN_FILENO);
if (fdi == NULL || Ferror(fdi)) {
rpmlog(RPMLOG_ERR, _("readRPM: open %s: %s\n"),
(fileName ? fileName : "<stdin>"),
Fstrerror(fdi));
if (fdi) (void) Fclose(fdi);
return RPMRC_FAIL;
}
/* XXX FIXME: EPIPE on <stdin> */
if (Fseek(fdi, 0, SEEK_SET) == -1) {
rpmlog(RPMLOG_ERR, _("%s: Fseek failed: %s\n"),
(fileName ? fileName : "<stdin>"), Fstrerror(fdi));
return RPMRC_FAIL;
}
/* Reallocate build data structures */
spec = newSpec();
spec->packages = newPackage(spec);
/* XXX the header just allocated will be allocated again */
spec->packages->header = headerFree(spec->packages->header);
/* Read the rpm lead, signatures, and header */
{ rpmts ts = rpmtsCreate();
/* XXX W2DO? pass fileName? */
/* LCL: segfault */
rc = rpmReadPackageFile(ts, fdi, "readRPM",
&spec->packages->header);
ts = rpmtsFree(ts);
if (sigs) *sigs = NULL; /* XXX HACK */
}
switch (rc) {
case RPMRC_OK:
case RPMRC_NOKEY:
case RPMRC_NOTTRUSTED:
break;
case RPMRC_NOTFOUND:
rpmlog(RPMLOG_ERR, _("readRPM: %s is not an RPM package\n"),
(fileName ? fileName : "<stdin>"));
return RPMRC_FAIL;
case RPMRC_FAIL:
default:
rpmlog(RPMLOG_ERR, _("readRPM: reading header from %s\n"),
(fileName ? fileName : "<stdin>"));
return RPMRC_FAIL;
break;
}
if (specp)
*specp = spec;
else
spec = freeSpec(spec);
if (csa != NULL)
csa->cpioFdIn = fdi;
else
(void) Fclose(fdi);
return RPMRC_OK;
}