/**
* @file lib/initend.c
* @brief Initialization and finalization routines
* @defgroup initend Initialization and finalization functions
*
* Use these functions to initialize some parameters before start
* using libxbps and finalize usage to release resources at the end.
*/
static void
store_vpkg(struct xbps_handle *xhp, const char *path, size_t line, char *vpkg_s)
{
/*
* Append virtual package overrides to our vpkgd dictionary:
*
* <key>vpkgver</key>
* <string>realpkgname</string>
*/
char *vpkg, *rpkg, *tc;
size_t vpkglen;
if (xhp->vpkgd == NULL)
xhp->vpkgd = xbps_dictionary_create();
/* real pkg after ':' */
vpkg = vpkg_s;
rpkg = strchr(vpkg_s, ':');
if (rpkg == NULL || *rpkg == '\0') {
xbps_dbg_printf(xhp, "%s: ignoring invalid "
"virtualpkg option at line %zu\n", path, line);
return;
}
/* vpkg until ':' */
tc = strchr(vpkg_s, ':');
vpkglen = strlen(vpkg_s) - strlen(tc);
vpkg[vpkglen] = '\0';
/* skip ':' */
rpkg++;
xbps_dictionary_set_cstring(xhp->vpkgd, vpkg, rpkg);
xbps_dbg_printf(xhp, "%s: added vpkg %s for %s\n", path, vpkg, rpkg);
}
static void
process_one_alternative(const char *altgrname, const char *val)
{
xbps_dictionary_t d;
xbps_array_t a;
char *altfiles;
bool alloc = false;
if ((d = xbps_dictionary_get(pkg_propsd, "alternatives")) == NULL) {
d = xbps_dictionary_create();
assert(d);
alloc = true;
}
if ((a = xbps_dictionary_get(d, altgrname)) == NULL) {
a = xbps_array_create();
assert(a);
}
altfiles = strchr(val, ':') + 1;
assert(altfiles);
xbps_array_add_cstring(a, altfiles);
xbps_dictionary_set(d, altgrname, a);
xbps_dictionary_set(pkg_propsd, "alternatives", d);
if (alloc) {
xbps_object_release(a);
xbps_object_release(d);
}
}
static xbps_dictionary_t
get_pkg_metadata(struct xbps_handle *xhp, xbps_dictionary_t pkgd)
{
xbps_dictionary_t pkg_metad;
const char *pkgver;
char *pkgname, *plist;
xbps_dictionary_get_cstring_nocopy(pkgd, "pkgver", &pkgver);
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
if ((pkg_metad = xbps_dictionary_get(xhp->pkg_metad, pkgname)) != NULL) {
free(pkgname);
return pkg_metad;
}
plist = xbps_xasprintf("%s/.%s.plist", xhp->metadir, pkgname);
pkg_metad = xbps_dictionary_internalize_from_file(plist);
free(plist);
if (pkg_metad == NULL) {
xbps_dbg_printf(xhp, "[pkgdb] cannot read %s metadata: %s\n",
pkgver, strerror(errno));
free(pkgname);
return NULL;
}
if (xhp->pkg_metad == NULL)
xhp->pkg_metad = xbps_dictionary_create();
xbps_dictionary_set(xhp->pkg_metad, pkgname, pkg_metad);
xbps_object_release(pkg_metad);
free(pkgname);
return pkg_metad;
}
static void
generate_full_revdeps_tree(struct xbps_handle *xhp)
{
xbps_object_t obj;
xbps_object_iterator_t iter;
if (xhp->pkgdb_revdeps)
return;
xhp->pkgdb_revdeps = xbps_dictionary_create();
assert(xhp->pkgdb_revdeps);
iter = xbps_dictionary_iterator(xhp->pkgdb);
assert(iter);
while ((obj = xbps_object_iterator_next(iter))) {
xbps_array_t rundeps;
xbps_dictionary_t pkgd;
const char *pkgver;
pkgd = xbps_dictionary_get_keysym(xhp->pkgdb, obj);
rundeps = xbps_dictionary_get(pkgd, "run_depends");
if (!xbps_array_count(rundeps))
continue;
xbps_dictionary_get_cstring_nocopy(pkgd, "pkgver", &pkgver);
for (unsigned int i = 0; i < xbps_array_count(rundeps); i++) {
xbps_array_t pkg;
const char *pkgdep, *vpkgname;
char *curpkgname;
bool alloc = false;
xbps_array_get_cstring_nocopy(rundeps, i, &pkgdep);
curpkgname = xbps_pkgpattern_name(pkgdep);
if (curpkgname == NULL)
curpkgname = xbps_pkg_name(pkgdep);
assert(curpkgname);
vpkgname = vpkg_user_conf(xhp, curpkgname);
if (vpkgname == NULL)
vpkgname = curpkgname;
pkg = xbps_dictionary_get(xhp->pkgdb_revdeps, vpkgname);
if (pkg == NULL) {
alloc = true;
pkg = xbps_array_create();
}
if (!xbps_match_string_in_array(pkg, pkgver)) {
xbps_array_add_cstring_nocopy(pkg, pkgver);
xbps_dictionary_set(xhp->pkgdb_revdeps, vpkgname, pkg);
}
free(curpkgname);
if (alloc)
xbps_object_release(pkg);
}
}
xbps_object_iterator_release(iter);
}
static int
pkgdb_map_vpkgs(struct xbps_handle *xhp)
{
xbps_object_iterator_t iter;
xbps_object_t obj;
int rv = 0;
if (!xbps_dictionary_count(xhp->pkgdb))
return 0;
if (xhp->vpkgd == NULL) {
xhp->vpkgd = xbps_dictionary_create();
assert(xhp->vpkgd);
}
/*
* This maps all pkgs that have virtualpkgs in pkgdb.
*/
iter = xbps_dictionary_iterator(xhp->pkgdb);
assert(iter);
while ((obj = xbps_object_iterator_next(iter))) {
xbps_array_t provides;
xbps_dictionary_t pkgd;
const char *pkgver;
char *pkgname;
pkgd = xbps_dictionary_get_keysym(xhp->pkgdb, obj);
provides = xbps_dictionary_get(pkgd, "provides");
if (provides == NULL)
continue;
xbps_dictionary_get_cstring_nocopy(pkgd, "pkgver", &pkgver);
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
for (unsigned int i = 0; i < xbps_array_count(provides); i++) {
const char *vpkg;
xbps_array_get_cstring_nocopy(provides, i, &vpkg);
if (!xbps_dictionary_set_cstring(xhp->vpkgd, vpkg, pkgname)) {
xbps_dbg_printf(xhp, "%s: set_cstring vpkg "
"%s pkgname %s\n", __func__, vpkg, pkgname);
rv = EINVAL;
} else {
xbps_dbg_printf(xhp, "[pkgdb] added vpkg %s for %s\n",
vpkg, pkgname);
}
}
free(pkgname);
}
xbps_object_iterator_release(iter);
return rv;
}
int
xbps_pkgdb_lock(struct xbps_handle *xhp)
{
mode_t prev_umask;
int rv;
/*
* Use a mandatory file lock to only allow one writer to pkgdb,
* other writers will block.
*/
xhp->pkgdb_plist = xbps_xasprintf("%s/%s", xhp->metadir, XBPS_PKGDB);
if (xbps_pkgdb_init(xhp) == ENOENT) {
/* if metadir does not exist, create it */
if (access(xhp->metadir, R_OK|X_OK) == -1) {
if (errno != ENOENT)
return errno;
if (xbps_mkpath(xhp->metadir, 0755) == -1) {
rv = errno;
xbps_dbg_printf(xhp, "[pkgdb] failed to create metadir "
"%s: %s\n", xhp->metadir, strerror(rv));
return rv;
}
}
/* if pkgdb is unexistent, create it with an empty dictionary */
xhp->pkgdb = xbps_dictionary_create();
if (!xbps_dictionary_externalize_to_file(xhp->pkgdb, xhp->pkgdb_plist)) {
rv = errno;
xbps_dbg_printf(xhp, "[pkgdb] failed to create pkgdb "
"%s: %s\n", xhp->pkgdb_plist, strerror(rv));
return rv;
}
}
prev_umask = umask(022);
if ((pkgdb_fd = open(xhp->pkgdb_plist, O_CREAT|O_RDWR|O_CLOEXEC, 0664)) == -1) {
rv = errno;
xbps_dbg_printf(xhp, "[pkgdb] cannot open pkgdb for locking "
"%s: %s\n", xhp->pkgdb_plist, strerror(rv));
free(xhp->pkgdb_plist);
umask(prev_umask);
return rv;
}
umask(prev_umask);
if (lockf(pkgdb_fd, F_TLOCK, 0) == -1) {
rv = errno;
xbps_dbg_printf(xhp, "[pkgdb] cannot lock pkgdb: %s\n", strerror(rv));
return rv;
}
return 0;
}
int
xbps_set_pkg_state_installed(struct xbps_handle *xhp,
const char *pkgver,
pkg_state_t state)
{
xbps_dictionary_t pkgd;
char *pkgname;
int rv = 0;
assert(pkgver != NULL);
pkgd = xbps_pkgdb_get_pkg(xhp, pkgver);
if (pkgd == NULL) {
pkgd = xbps_dictionary_create();
if (pkgd == NULL)
return ENOMEM;
if (!xbps_dictionary_set_cstring_nocopy(pkgd,
"pkgver", pkgver)) {
xbps_object_release(pkgd);
return EINVAL;
}
if ((rv = set_new_state(pkgd, state)) != 0) {
xbps_object_release(pkgd);
return rv;
}
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
if (!xbps_dictionary_set(xhp->pkgdb, pkgname, pkgd)) {
xbps_object_release(pkgd);
free(pkgname);
return EINVAL;
}
free(pkgname);
xbps_object_release(pkgd);
} else {
if ((rv = set_new_state(pkgd, state)) != 0)
return rv;
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
if (!xbps_dictionary_set(xhp->pkgdb, pkgname, pkgd)) {
free(pkgname);
return EINVAL;
}
free(pkgname);
}
return rv;
}
int
xbps_pkgdb_update(struct xbps_handle *xhp, bool flush, bool update)
{
xbps_dictionary_t pkgdb_storage;
static int cached_rv;
int rv = 0;
if (cached_rv && !flush)
return cached_rv;
if (xhp->pkgdb && update) {
pkgdb_storage = xbps_dictionary_internalize_from_file(xhp->pkgdb_plist);
if (pkgdb_storage == NULL ||
!xbps_dictionary_equals(xhp->pkgdb, pkgdb_storage)) {
/* flush dictionary to storage */
if (!xbps_dictionary_externalize_to_file(xhp->pkgdb, xhp->pkgdb_plist))
return errno;
}
if (pkgdb_storage)
xbps_object_release(pkgdb_storage);
xbps_object_release(xhp->pkgdb);
xhp->pkgdb = NULL;
cached_rv = 0;
}
if (!update)
return rv;
/* update copy in memory */
if ((xhp->pkgdb = xbps_dictionary_internalize_from_file(xhp->pkgdb_plist)) == NULL) {
rv = errno;
if (!rv)
rv = EINVAL;
if (rv == ENOENT)
xhp->pkgdb = xbps_dictionary_create();
else
xbps_error_printf("cannot access to pkgdb: %s\n", strerror(rv));
cached_rv = rv = errno;
}
return rv;
}
int
xbps_pkgdb_update(struct xbps_handle *xhp, bool flush)
{
xbps_dictionary_t pkgdb_storage;
char *plist;
static int cached_rv;
int rv = 0;
if (cached_rv && !flush)
return cached_rv;
plist = xbps_xasprintf("%s/%s", xhp->metadir, XBPS_PKGDB);
if (xhp->pkgdb && flush) {
pkgdb_storage = xbps_dictionary_internalize_from_file(plist);
if (pkgdb_storage == NULL ||
!xbps_dictionary_equals(xhp->pkgdb, pkgdb_storage)) {
/* flush dictionary to storage */
if (!xbps_dictionary_externalize_to_file(xhp->pkgdb, plist)) {
free(plist);
return errno;
}
}
if (pkgdb_storage)
xbps_object_release(pkgdb_storage);
xbps_object_release(xhp->pkgdb);
xhp->pkgdb = NULL;
cached_rv = 0;
}
/* update copy in memory */
if ((xhp->pkgdb = xbps_dictionary_internalize_from_file(plist)) == NULL) {
if (errno == ENOENT)
xhp->pkgdb = xbps_dictionary_create();
else
xbps_error_printf("cannot access to pkgdb: %s\n", strerror(errno));
cached_rv = rv = errno;
}
free(plist);
return rv;
}
int
xbps_alternatives_register(struct xbps_handle *xhp, xbps_dictionary_t pkgd)
{
xbps_array_t allkeys;
xbps_dictionary_t alternatives, pkg_alternatives;
const char *pkgver;
char *pkgname;
int rv = 0;
assert(xhp);
if (xhp->pkgdb == NULL)
return EINVAL;
pkg_alternatives = xbps_dictionary_get(pkgd, "alternatives");
if (!xbps_dictionary_count(pkg_alternatives))
return 0;
alternatives = xbps_dictionary_get(xhp->pkgdb, "_XBPS_ALTERNATIVES_");
if (alternatives == NULL) {
alternatives = xbps_dictionary_create();
xbps_dictionary_set(xhp->pkgdb, "_XBPS_ALTERNATIVES_", alternatives);
xbps_object_release(alternatives);
}
alternatives = xbps_dictionary_get(xhp->pkgdb, "_XBPS_ALTERNATIVES_");
assert(alternatives);
xbps_dictionary_get_cstring_nocopy(pkgd, "pkgver", &pkgver);
pkgname = xbps_pkg_name(pkgver);
if (pkgname == NULL)
return EINVAL;
allkeys = xbps_dictionary_all_keys(pkg_alternatives);
for (unsigned int i = 0; i < xbps_array_count(allkeys); i++) {
xbps_array_t array;
xbps_object_t keysym;
const char *keyname;
bool alloc = false;
keysym = xbps_array_get(allkeys, i);
keyname = xbps_dictionary_keysym_cstring_nocopy(keysym);
array = xbps_dictionary_get(alternatives, keyname);
if (array == NULL) {
alloc = true;
array = xbps_array_create();
} else {
/* already registered */
if (xbps_match_string_in_array(array, pkgname))
continue;
}
xbps_array_add_cstring(array, pkgname);
xbps_dictionary_set(alternatives, keyname, array);
xbps_set_cb_state(xhp, XBPS_STATE_ALTGROUP_ADDED, 0, NULL,
"%s: registered '%s' alternatives group", pkgver, keyname);
if (alloc) {
/* apply alternatives for this group */
rv = create_symlinks(xhp,
xbps_dictionary_get(pkg_alternatives, keyname),
keyname);
xbps_object_release(array);
if (rv != 0)
break;
}
}
xbps_object_release(allkeys);
free(pkgname);
return rv;
}
int HIDDEN
xbps_transaction_init(struct xbps_handle *xhp)
{
xbps_array_t array;
if (xhp->transd != NULL)
return 0;
if ((xhp->transd = xbps_dictionary_create()) == NULL)
return ENOMEM;
if ((array = xbps_array_create()) == NULL) {
xbps_object_release(xhp->transd);
xhp->transd = NULL;
return ENOMEM;
}
if (!xbps_dictionary_set(xhp->transd, "packages", array)) {
xbps_object_release(xhp->transd);
xhp->transd = NULL;
return EINVAL;
}
xbps_object_release(array);
if ((array = xbps_array_create()) == NULL) {
xbps_object_release(xhp->transd);
xhp->transd = NULL;
return ENOMEM;
}
if (!xbps_dictionary_set(xhp->transd, "missing_deps", array)) {
xbps_object_release(xhp->transd);
xhp->transd = NULL;
return EINVAL;
}
xbps_object_release(array);
if ((array = xbps_array_create()) == NULL) {
xbps_object_release(xhp->transd);
xhp->transd = NULL;
return ENOMEM;
}
if (!xbps_dictionary_set(xhp->transd, "missing_shlibs", array)) {
xbps_object_release(xhp->transd);
xhp->transd = NULL;
return EINVAL;
}
xbps_object_release(array);
if ((array = xbps_array_create()) == NULL) {
xbps_object_release(xhp->transd);
xhp->transd = NULL;
return ENOMEM;
}
if (!xbps_dictionary_set(xhp->transd, "conflicts", array)) {
xbps_object_release(xhp->transd);
xhp->transd = NULL;
return EINVAL;
}
xbps_object_release(array);
return 0;
}
int
index_add(struct xbps_handle *xhp, int args, int argmax, char **argv, bool force)
{
xbps_dictionary_t idx, idxmeta, idxstage, binpkgd, curpkgd;
struct xbps_repo *repo = NULL;
struct stat st;
char *tmprepodir = NULL, *repodir = NULL, *rlockfname = NULL;
int rv = 0, ret = 0, rlockfd = -1;
assert(argv);
/*
* Read the repository data or create index dictionaries otherwise.
*/
if ((tmprepodir = strdup(argv[args])) == NULL)
return ENOMEM;
repodir = dirname(tmprepodir);
if (!xbps_repo_lock(xhp, repodir, &rlockfd, &rlockfname)) {
fprintf(stderr, "xbps-rindex: cannot lock repository "
"%s: %s\n", repodir, strerror(errno));
rv = -1;
goto out;
}
repo = xbps_repo_public_open(xhp, repodir);
if (repo == NULL && errno != ENOENT) {
fprintf(stderr, "xbps-rindex: cannot open/lock repository "
"%s: %s\n", repodir, strerror(errno));
rv = -1;
goto out;
}
if (repo) {
idx = xbps_dictionary_copy_mutable(repo->idx);
idxmeta = xbps_dictionary_copy_mutable(repo->idxmeta);
} else {
idx = xbps_dictionary_create();
idxmeta = NULL;
}
// TODO: load data from stage repository
idxstage = xbps_dictionary_create();
/*
* Process all packages specified in argv.
*/
for (int i = args; i < argmax; i++) {
const char *arch = NULL, *pkg = argv[i];
char *sha256 = NULL, *pkgver = NULL, *pkgname = NULL;
assert(pkg);
/*
* Read metadata props plist dictionary from binary package.
*/
binpkgd = xbps_archive_fetch_plist(pkg, "/props.plist");
if (binpkgd == NULL) {
fprintf(stderr, "index: failed to read %s metadata for "
"`%s', skipping!\n", XBPS_PKGPROPS, pkg);
continue;
}
xbps_dictionary_get_cstring_nocopy(binpkgd, "architecture", &arch);
xbps_dictionary_get_cstring(binpkgd, "pkgver", &pkgver);
if (!xbps_pkg_arch_match(xhp, arch, NULL)) {
fprintf(stderr, "index: ignoring %s, unmatched arch (%s)\n", pkgver, arch);
xbps_object_release(binpkgd);
free(pkgver);
continue;
}
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
/*
* Check if this package exists already in the index, but first
* checking the version. If current package version is greater
* than current registered package, update the index; otherwise
* pass to the next one.
*/
curpkgd = xbps_dictionary_get(idxstage, pkgname);
if(curpkgd == NULL)
curpkgd = xbps_dictionary_get(idx, pkgname);
if (curpkgd == NULL) {
if (errno && errno != ENOENT) {
rv = errno;
free(pkgver);
free(pkgname);
goto out;
}
} else if (!force) {
char *opkgver = NULL, *oarch = NULL;
/* Only check version if !force */
xbps_dictionary_get_cstring(curpkgd, "pkgver", &opkgver);
xbps_dictionary_get_cstring(curpkgd, "architecture", &oarch);
ret = xbps_cmpver(pkgver, opkgver);
/*
* If the considered package reverts the package in the index,
* consider the current package as the newer one.
*/
if (ret < 0 && xbps_pkg_reverts(binpkgd, opkgver)) {
ret = 1;
/*
* If package in the index reverts considered package, consider the
* package in the index as the newer one.
*/
} else if (ret > 0 && xbps_pkg_reverts(curpkgd, pkgver)) {
ret = -1;
}
if (ret <= 0) {
/* Same version or index version greater */
fprintf(stderr, "index: skipping `%s' (%s), already registered.\n", pkgver, arch);
xbps_object_release(binpkgd);
free(opkgver);
free(oarch);
free(pkgver);
free(pkgname);
continue;
}
/*
* Current package version is greater than
* index version.
*/
printf("index: removed obsolete entry `%s' (%s).\n", opkgver, oarch);
xbps_dictionary_remove(idx, pkgname);
free(opkgver);
free(oarch);
}
/*
* Add additional objects for repository ops:
* - filename-size
* - filename-sha256
*/
if ((sha256 = xbps_file_hash(pkg)) == NULL) {
free(pkgver);
free(pkgname);
rv = EINVAL;
goto out;
}
if (!xbps_dictionary_set_cstring(binpkgd, "filename-sha256", sha256)) {
free(sha256);
free(pkgver);
free(pkgname);
rv = EINVAL;
goto out;
}
free(sha256);
if (stat(pkg, &st) == -1) {
free(pkgver);
free(pkgname);
rv = EINVAL;
goto out;
}
if (!xbps_dictionary_set_uint64(binpkgd, "filename-size", (uint64_t)st.st_size)) {
free(pkgver);
free(pkgname);
rv = EINVAL;
goto out;
}
if (set_build_date(binpkgd, st.st_mtime) < 0) {
free(pkgver);
free(pkgname);
rv = EINVAL;
goto out;
}
/* Remove unneeded objects */
xbps_dictionary_remove(binpkgd, "pkgname");
xbps_dictionary_remove(binpkgd, "version");
xbps_dictionary_remove(binpkgd, "packaged-with");
/*
* Add new pkg dictionary into the index.
*/
if (!xbps_dictionary_set(idxstage, pkgname, binpkgd)) {
free(pkgname);
free(pkgver);
rv = EINVAL;
goto out;
}
printf("index: added `%s' (%s).\n", pkgver, arch);
xbps_object_release(binpkgd);
free(pkgname);
free(pkgver);
}
/*
* Generate repository data files.
*/
if (!repodata_commit(xhp, repodir, idx, idxmeta, idxstage)) {
fprintf(stderr, "%s: failed to write repodata: %s\n",
_XBPS_RINDEX, strerror(errno));
goto out;
}
printf("index: %u packages registered.\n", xbps_dictionary_count(idx));
out:
if (repo)
xbps_repo_close(repo);
xbps_repo_unlock(rlockfd, rlockfname);
if (tmprepodir)
free(tmprepodir);
return rv;
}
static bool
repodata_commit(struct xbps_handle *xhp, const char *repodir,
xbps_dictionary_t idx, xbps_dictionary_t meta, xbps_dictionary_t stage) {
const char *pkgname;
xbps_object_iterator_t iter;
xbps_object_t keysym;
int rv;
if(xbps_dictionary_count(stage) == 0) {
// Nothing to do.
return true;
}
/*
* Find old shlibs-provides
*/
xbps_dictionary_t oldshlibs = xbps_dictionary_create();
xbps_dictionary_t usedshlibs = xbps_dictionary_create();
iter = xbps_dictionary_iterator(stage);
while ((keysym = xbps_object_iterator_next(iter))) {
pkgname = xbps_dictionary_keysym_cstring_nocopy(keysym);
xbps_dictionary_t oldpkg = xbps_dictionary_get(idx, pkgname);
xbps_array_t pkgshlibs = xbps_dictionary_get(oldpkg, "shlib-provides");
for(unsigned int i = 0; i < xbps_array_count(pkgshlibs); i++) {
const char *shlib = NULL;
xbps_array_get_cstring_nocopy(pkgshlibs, i, &shlib);
xbps_dictionary_set_cstring(oldshlibs, shlib, pkgname);
}
}
xbps_object_iterator_release(iter);
/*
* throw away all unused shlibs
*/
iter = xbps_dictionary_iterator(idx);
while ((keysym = xbps_object_iterator_next(iter))) {
pkgname = xbps_dictionary_keysym_cstring_nocopy(keysym);
xbps_dictionary_t pkg = xbps_dictionary_get(stage, pkgname);
if(!pkg)
pkg = xbps_dictionary_get_keysym(idx, keysym);
xbps_array_t pkgshlibs = xbps_dictionary_get(pkg, "shlib-requires");
for(unsigned int i = 0; i < xbps_array_count(pkgshlibs); i++) {
const char *shlib = NULL, *user = NULL;
xbps_array_get_cstring_nocopy(pkgshlibs, i, &shlib);
xbps_dictionary_get_cstring_nocopy(pkg, shlib, &user);
if(!user)
continue;
xbps_array_t users = xbps_dictionary_get(usedshlibs, shlib);
if(!users) {
users = xbps_array_create();
xbps_dictionary_set(usedshlibs, shlib, users);
}
xbps_array_add_cstring(users, user);
}
}
xbps_object_iterator_release(iter);
/*
* purge all packages that are fullfilled by the stage
*/
iter = xbps_dictionary_iterator(stage);
while ((keysym = xbps_object_iterator_next(iter))) {
pkgname = xbps_dictionary_keysym_cstring_nocopy(keysym);
xbps_dictionary_t newpkg = xbps_dictionary_get(idx, pkgname);
xbps_array_t pkgshlibs = xbps_dictionary_get(newpkg, "shlib-provides");
for(unsigned int i = 0; i < xbps_array_count(pkgshlibs); i++) {
const char *shlib;
xbps_array_get_cstring_nocopy(pkgshlibs, i, &shlib);
xbps_dictionary_remove(usedshlibs, shlib);
}
}
xbps_object_iterator_release(iter);
if(xbps_dictionary_count(usedshlibs) != 0) {
puts("Unfullfilled shlibs:");
iter = xbps_dictionary_iterator(usedshlibs);
while ((keysym = xbps_object_iterator_next(iter))) {
const char *shlib = xbps_dictionary_keysym_cstring_nocopy(keysym), *provider = NULL;
xbps_array_t users = xbps_dictionary_get(usedshlibs, shlib);
xbps_dictionary_get_cstring_nocopy(usedshlibs, shlib, &provider);
printf(" %s (provided by: %s; used by: ", shlib, provider);
const char *pre = "";
for(unsigned int i = 0; i < xbps_array_count(users); i++) {
const char *user;
xbps_array_get_cstring_nocopy(users, i, &user);
xbps_dictionary_remove(usedshlibs, shlib);
printf("%s%s",pre, user);
pre = ", ";
}
puts(")");
}
puts("Changes are commit to stage.");
xbps_object_iterator_release(iter);
// TODO FLUSH STAGE
rv = true;
}
else {
iter = xbps_dictionary_iterator(stage);
while ((keysym = xbps_object_iterator_next(iter))) {
pkgname = xbps_dictionary_keysym_cstring_nocopy(keysym);
xbps_dictionary_t newpkg = xbps_dictionary_get_keysym(stage, keysym);
xbps_dictionary_set(idx, pkgname, newpkg);
}
xbps_object_iterator_release(iter);
rv = repodata_flush(xhp, repodir, idx, meta);
}
xbps_object_release(usedshlibs);
xbps_object_release(oldshlibs);
return rv;
}
int
sign_repo(struct xbps_handle *xhp, const char *repodir,
const char *privkey, const char *signedby)
{
struct stat st;
struct xbps_repo *repo;
xbps_dictionary_t pkgd, meta = NULL;
xbps_data_t data = NULL, rpubkey = NULL;
xbps_object_iterator_t iter = NULL;
xbps_object_t obj;
RSA *rsa = NULL;
unsigned char *sig;
unsigned int siglen;
uint16_t rpubkeysize, pubkeysize;
const char *arch, *pkgver, *rsignedby = NULL;
char *binpkg = NULL, *binpkg_sig = NULL, *buf = NULL, *defprivkey = NULL;
int binpkg_fd, binpkg_sig_fd, rv = 0;
bool flush = false;
if (signedby == NULL) {
fprintf(stderr, "--signedby unset! cannot sign repository\n");
return -1;
}
/*
* Check that repository index exists and not empty, otherwise bail out.
*/
repo = xbps_repo_open(xhp, repodir, true);
if (repo == NULL) {
rv = errno;
fprintf(stderr, "%s: cannot read repository data: %s\n",
_XBPS_RINDEX, strerror(errno));
goto out;
}
if (xbps_dictionary_count(repo->idx) == 0) {
fprintf(stderr, "%s: invalid repository, existing!\n", _XBPS_RINDEX);
rv = EINVAL;
goto out;
}
/*
* If privkey not set, default to ~/.ssh/id_rsa.
*/
if (privkey == NULL)
defprivkey = xbps_xasprintf("%s/.ssh/id_rsa", getenv("HOME"));
else
defprivkey = strdup(privkey);
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
if ((rsa = load_rsa_privkey(defprivkey)) == NULL) {
fprintf(stderr, "%s: failed to read the RSA privkey\n", _XBPS_RINDEX);
rv = EINVAL;
goto out;
}
/*
* Iterate over the idx dictionary and then sign all binary
* packages in this repository.
*/
iter = xbps_dictionary_iterator(repo->idx);
assert(iter);
while ((obj = xbps_object_iterator_next(iter))) {
pkgd = xbps_dictionary_get_keysym(repo->idx, obj);
xbps_dictionary_get_cstring_nocopy(pkgd, "architecture", &arch);
xbps_dictionary_get_cstring_nocopy(pkgd, "pkgver", &pkgver);
binpkg = xbps_xasprintf("%s/%s.%s.xbps", repodir, pkgver, arch);
binpkg_sig = xbps_xasprintf("%s.sig", binpkg);
/*
* Skip pkg if file signature exists
*/
if ((binpkg_sig_fd = access(binpkg_sig, R_OK)) == 0) {
if (xhp->flags & XBPS_FLAG_VERBOSE)
fprintf(stderr, "skipping %s, file signature found.\n", pkgver);
free(binpkg);
free(binpkg_sig);
close(binpkg_sig_fd);
continue;
}
/*
* Generate pkg file signature.
*/
if ((binpkg_fd = open(binpkg, O_RDONLY)) == -1) {
fprintf(stderr, "cannot read %s: %s\n", binpkg, strerror(errno));
free(binpkg);
free(binpkg_sig);
continue;
}
fstat(binpkg_fd, &st);
buf = malloc(st.st_size);
assert(buf);
if (read(binpkg_fd, buf, st.st_size) != st.st_size) {
fprintf(stderr, "failed to read %s: %s\n", binpkg, strerror(errno));
close(binpkg_fd);
free(buf);
free(binpkg);
free(binpkg_sig);
continue;
}
close(binpkg_fd);
if (!rsa_sign_buf(rsa, buf, st.st_size, &sig, &siglen)) {
fprintf(stderr, "failed to sign %s: %s\n", binpkg, strerror(errno));
free(buf);
free(binpkg);
free(binpkg_sig);
continue;
}
free(buf);
free(binpkg);
/*
* Write pkg file signature.
*/
binpkg_sig_fd = creat(binpkg_sig, 0644);
if (binpkg_sig_fd == -1) {
fprintf(stderr, "failed to create %s: %s\n", binpkg_sig, strerror(errno));
free(sig);
free(binpkg_sig);
continue;
}
if (write(binpkg_sig_fd, sig, siglen) != (ssize_t)siglen) {
fprintf(stderr, "failed to write %s: %s\n", binpkg_sig, strerror(errno));
free(sig);
free(binpkg_sig);
close(binpkg_sig_fd);
continue;
}
free(sig);
free(binpkg_sig);
close(binpkg_sig_fd);
printf("signed successfully %s\n", pkgver);
}
xbps_object_iterator_release(iter);
/*
* Check if repository index-meta contains changes compared to its
* current state.
*/
if ((buf = pubkey_from_privkey(rsa)) == NULL) {
rv = EINVAL;
goto out;
}
meta = xbps_dictionary_create();
data = xbps_data_create_data(buf, strlen(buf));
rpubkey = xbps_dictionary_get(repo->idxmeta, "public-key");
if (!xbps_data_equals(rpubkey, data))
flush = true;
free(buf);
pubkeysize = RSA_size(rsa) * 8;
xbps_dictionary_get_uint16(repo->idxmeta, "public-key-size", &rpubkeysize);
if (rpubkeysize != pubkeysize)
flush = true;
xbps_dictionary_get_cstring_nocopy(repo->idxmeta, "signature-by", &rsignedby);
if (rsignedby == NULL || strcmp(rsignedby, signedby))
flush = true;
if (!flush)
goto out;
xbps_dictionary_set(meta, "public-key", data);
xbps_dictionary_set_uint16(meta, "public-key-size", pubkeysize);
xbps_dictionary_set_cstring_nocopy(meta, "signature-by", signedby);
xbps_dictionary_set_cstring_nocopy(meta, "signature-type", "rsa");
xbps_object_release(data);
data = NULL;
if (!repodata_flush(xhp, repodir, repo->idx, meta)) {
fprintf(stderr, "failed to write repodata: %s\n", strerror(errno));
goto out;
}
printf("Signed repository (%u package%s)\n",
xbps_dictionary_count(repo->idx),
xbps_dictionary_count(repo->idx) == 1 ? "" : "s");
out:
if (defprivkey) {
free(defprivkey);
}
if (rsa) {
RSA_free(rsa);
rsa = NULL;
}
if (repo) {
xbps_repo_close(repo);
}
return rv ? -1 : 0;
}
int
sign_repo(struct xbps_handle *xhp, const char *repodir,
const char *privkey, const char *signedby)
{
struct xbps_repo *repo = NULL;
xbps_dictionary_t meta = NULL;
xbps_data_t data = NULL, rpubkey = NULL;
RSA *rsa = NULL;
uint16_t rpubkeysize, pubkeysize;
const char *rsignedby = NULL;
char *buf = NULL, *rlockfname = NULL;
int rlockfd = -1, rv = 0;
bool flush_failed = false, flush = false;
if (signedby == NULL) {
fprintf(stderr, "--signedby unset! cannot initialize signed repository\n");
return -1;
}
/*
* Check that repository index exists and not empty, otherwise bail out.
*/
repo = xbps_repo_open(xhp, repodir);
if (repo == NULL) {
rv = errno;
fprintf(stderr, "%s: cannot read repository data: %s\n",
_XBPS_RINDEX, strerror(errno));
goto out;
}
if (xbps_dictionary_count(repo->idx) == 0) {
fprintf(stderr, "%s: invalid repository, existing!\n", _XBPS_RINDEX);
rv = EINVAL;
goto out;
}
rsa = load_rsa_key(privkey);
/*
* Check if repository index-meta contains changes compared to its
* current state.
*/
if ((buf = pubkey_from_privkey(rsa)) == NULL) {
rv = EINVAL;
goto out;
}
meta = xbps_dictionary_create();
data = xbps_data_create_data(buf, strlen(buf));
rpubkey = xbps_dictionary_get(repo->idxmeta, "public-key");
if (!xbps_data_equals(rpubkey, data))
flush = true;
free(buf);
pubkeysize = RSA_size(rsa) * 8;
xbps_dictionary_get_uint16(repo->idxmeta, "public-key-size", &rpubkeysize);
if (rpubkeysize != pubkeysize)
flush = true;
xbps_dictionary_get_cstring_nocopy(repo->idxmeta, "signature-by", &rsignedby);
if (rsignedby == NULL || strcmp(rsignedby, signedby))
flush = true;
if (!flush)
goto out;
xbps_dictionary_set(meta, "public-key", data);
xbps_dictionary_set_uint16(meta, "public-key-size", pubkeysize);
xbps_dictionary_set_cstring_nocopy(meta, "signature-by", signedby);
xbps_dictionary_set_cstring_nocopy(meta, "signature-type", "rsa");
xbps_object_release(data);
data = NULL;
/* lock repository to write repodata file */
if (!xbps_repo_lock(xhp, repodir, &rlockfd, &rlockfname)) {
rv = errno;
fprintf(stderr, "%s: cannot lock repository: %s\n",
_XBPS_RINDEX, strerror(errno));
goto out;
}
flush_failed = repodata_flush(xhp, repodir, repo->idx, meta);
xbps_repo_unlock(rlockfd, rlockfname);
if (!flush_failed) {
fprintf(stderr, "failed to write repodata: %s\n", strerror(errno));
goto out;
}
printf("Initialized signed repository (%u package%s)\n",
xbps_dictionary_count(repo->idx),
xbps_dictionary_count(repo->idx) == 1 ? "" : "s");
out:
if (rsa) {
RSA_free(rsa);
rsa = NULL;
}
if (repo)
xbps_repo_close(repo);
return rv ? -1 : 0;
}
int
xbps_repo_key_import(struct xbps_repo *repo)
{
xbps_dictionary_t repokeyd = NULL;
xbps_data_t pubkey = NULL;
uint16_t pubkey_size = 0;
const char *signedby = NULL;
char *hexfp = NULL;
char *p, *dbkeyd, *rkeyfile = NULL;
int import, rv = 0;
assert(repo);
/*
* If repository does not have required metadata plist, ignore it.
*/
if (!xbps_dictionary_count(repo->idxmeta)) {
xbps_dbg_printf(repo->xhp,
"[repo] `%s' unsigned repository!\n", repo->uri);
return 0;
}
/*
* Check for required objects in index-meta:
* - signature-by (string)
* - public-key (data)
* - public-key-size (number)
*/
xbps_dictionary_get_cstring_nocopy(repo->idxmeta, "signature-by", &signedby);
xbps_dictionary_get_uint16(repo->idxmeta, "public-key-size", &pubkey_size);
pubkey = xbps_dictionary_get(repo->idxmeta, "public-key");
if (signedby == NULL || pubkey_size == 0 ||
xbps_object_type(pubkey) != XBPS_TYPE_DATA) {
xbps_dbg_printf(repo->xhp,
"[repo] `%s': incomplete signed repository "
"(missing objs)\n", repo->uri);
rv = EINVAL;
goto out;
}
hexfp = xbps_pubkey2fp(repo->xhp, pubkey);
/*
* Check if the public key is alredy stored.
*/
rkeyfile = xbps_xasprintf("%s/keys/%s.plist", repo->xhp->metadir, hexfp);
repokeyd = xbps_plist_dictionary_from_file(repo->xhp, rkeyfile);
if (xbps_object_type(repokeyd) == XBPS_TYPE_DICTIONARY) {
xbps_dbg_printf(repo->xhp,
"[repo] `%s' public key already stored.\n", repo->uri);
goto out;
}
/*
* Notify the client and take appropiate action to import
* the repository public key. Pass back the public key openssh fingerprint
* to the client.
*/
import = xbps_set_cb_state(repo->xhp, XBPS_STATE_REPO_KEY_IMPORT, 0,
hexfp, "`%s' repository has been RSA signed by \"%s\"",
repo->uri, signedby);
if (import <= 0) {
rv = EAGAIN;
goto out;
}
p = strdup(rkeyfile);
dbkeyd = dirname(p);
assert(dbkeyd);
if (access(dbkeyd, R_OK|W_OK) == -1) {
rv = errno;
if (rv == ENOENT)
rv = xbps_mkpath(dbkeyd, 0755);
if (rv != 0) {
rv = errno;
xbps_dbg_printf(repo->xhp,
"[repo] `%s' cannot create %s: %s\n",
repo->uri, dbkeyd, strerror(errno));
free(p);
goto out;
}
}
free(p);
repokeyd = xbps_dictionary_create();
xbps_dictionary_set(repokeyd, "public-key", pubkey);
xbps_dictionary_set_uint16(repokeyd, "public-key-size", pubkey_size);
xbps_dictionary_set_cstring_nocopy(repokeyd, "signature-by", signedby);
if (!xbps_dictionary_externalize_to_file(repokeyd, rkeyfile)) {
rv = errno;
xbps_dbg_printf(repo->xhp,
"[repo] `%s' failed to externalize %s: %s\n",
repo->uri, rkeyfile, strerror(rv));
}
out:
if (hexfp)
free(hexfp);
if (repokeyd)
xbps_object_release(repokeyd);
if (rkeyfile)
free(rkeyfile);
return rv;
}
static xbps_dictionary_t
collect_shlibs(struct xbps_handle *xhp, xbps_array_t pkgs, bool req)
{
xbps_object_t obj;
xbps_object_iterator_t iter;
xbps_dictionary_t d, pd;
const char *pkgver;
d = xbps_dictionary_create();
assert(d);
/* copy pkgdb to out temporary dictionary */
pd = xbps_dictionary_copy(xhp->pkgdb);
assert(pd);
/*
* copy pkgs from transaction to our dictionary, overriding them
* if they were there from pkgdb.
*/
iter = xbps_array_iterator(pkgs);
assert(iter);
while ((obj = xbps_object_iterator_next(iter))) {
char *pkgname;
if (!xbps_dictionary_get_cstring_nocopy(obj, "pkgver", &pkgver))
continue;
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
xbps_dictionary_set(pd, pkgname, obj);
free(pkgname);
}
xbps_object_iterator_release(iter);
/*
* iterate over our dictionary to collect shlib-{requires,provides}.
*/
iter = xbps_dictionary_iterator(pd);
assert(iter);
while ((obj = xbps_object_iterator_next(iter))) {
xbps_array_t shobjs;
xbps_dictionary_t pkgd;
const char *trans;
pkgd = xbps_dictionary_get_keysym(pd, obj);
if (xbps_dictionary_get_cstring_nocopy(pkgd, "transaction", &trans)) {
if (!strcmp(trans, "remove"))
continue;
}
/*
* If pkg does not have the required obj, pass to next one.
*/
xbps_dictionary_get_cstring_nocopy(pkgd, "pkgver", &pkgver);
shobjs = xbps_dictionary_get(pkgd,
req ? "shlib-requires" : "shlib-provides");
if (shobjs == NULL)
continue;
for (unsigned int i = 0; i < xbps_array_count(shobjs); i++) {
const char *shlib;
xbps_array_get_cstring_nocopy(shobjs, i, &shlib);
xbps_dbg_printf(xhp, "%s: registering %s for %s\n",
pkgver, shlib, req ? "shlib-requires" : "shlib-provides");
if (req)
shlib_register(d, shlib, pkgver);
else
xbps_dictionary_set_cstring_nocopy(d, shlib, pkgver);
}
}
xbps_object_iterator_release(iter);
return d;
}
