char *
xbps_repository_pkg_path(struct xbps_handle *xhp, xbps_dictionary_t pkg_repod)
{
const char *pkgver, *arch, *repoloc;
char *lbinpkg = NULL;
assert(xhp);
assert(xbps_object_type(pkg_repod) == XBPS_TYPE_DICTIONARY);
if (!xbps_dictionary_get_cstring_nocopy(pkg_repod,
"pkgver", &pkgver))
return NULL;
if (!xbps_dictionary_get_cstring_nocopy(pkg_repod,
"architecture", &arch))
return NULL;
if (!xbps_dictionary_get_cstring_nocopy(pkg_repod,
"repository", &repoloc))
return NULL;
if (xbps_repository_is_remote(repoloc)) {
/*
* First check if binpkg is available in cachedir.
*/
lbinpkg = xbps_xasprintf("%s/%s.%s.xbps", xhp->cachedir,
pkgver, arch);
if (access(lbinpkg, R_OK) == 0)
return lbinpkg;
free(lbinpkg);
}
/*
* Local and remote repositories use the same path.
*/
return xbps_xasprintf("%s/%s.%s.xbps", repoloc, pkgver, arch);
}
char HIDDEN *
xbps_get_remote_repo_string(const char *uri)
{
struct url *url;
size_t i;
char *p;
if ((url = fetchParseURL(uri)) == NULL)
return NULL;
/*
* Replace '.' ':' and '/' characters with underscores, so that
* provided URL:
*
* http://nocturno.local:8080/repo/x86_64
*
* becomes:
*
* http___nocturno_local_8080_repo_x86_64
*/
if (url->port != 0)
p = xbps_xasprintf("%s://%s:%u%s", url->scheme,
url->host, url->port, url->doc);
else
p = xbps_xasprintf("%s://%s%s", url->scheme,
url->host, url->doc);
fetchFreeURL(url);
for (i = 0; i < strlen(p); i++) {
if (p[i] == '.' || p[i] == '/' || p[i] == ':')
p[i] = '_';
}
return p;
}
static int
remove_symlinks(struct xbps_handle *xhp, xbps_array_t a, const char *grname)
{
unsigned int i, cnt;
cnt = xbps_array_count(a);
for (i = 0; i < cnt; i++) {
xbps_string_t str;
char *l, *lnk;
str = xbps_array_get(a, i);
l = left(xbps_string_cstring_nocopy(str));
assert(l);
if (l[0] != '/') {
const char *tgt;
char *tgt_dup, *tgt_dir;
tgt = right(xbps_string_cstring_nocopy(str));
tgt_dup = strdup(tgt);
assert(tgt_dup);
tgt_dir = dirname(tgt_dup);
lnk = xbps_xasprintf("%s%s/%s", xhp->rootdir, tgt_dir, l);
free(tgt_dup);
} else {
lnk = xbps_xasprintf("%s%s", xhp->rootdir, l);
}
xbps_set_cb_state(xhp, XBPS_STATE_ALTGROUP_LINK_REMOVED, 0, NULL,
"Removing '%s' alternatives group symlink: %s", grname, l);
unlink(lnk);
free(lnk);
free(l);
}
return 0;
}
static char *
set_metadir(struct xbps_handle *xh)
{
if (xh->metadir == NULL) {
if (strcmp(xh->rootdir, "/") == 0)
return xbps_xasprintf("/%s", XBPS_META_PATH);
else
return xbps_xasprintf("%s/%s", xh->rootdir, XBPS_META_PATH);
} else {
return strdup(xh->metadir);
}
}
/**
* @file lib/initend.c
* @brief Initialization and finalization routines
* @defgroup initend Initialization and finalization functions
*
* Use these functions to initialize some parameters before start
* using libxbps and finalize usage to release resources at the end.
*/
static char *
set_cachedir(struct xbps_handle *xh)
{
if (xh->cachedir[0] == '/') {
/* full path */
return strdup(xh->cachedir);
} else {
/* relative to rootdir */
if (strcmp(xh->rootdir, "/") == 0)
return xbps_xasprintf("/%s", xh->cachedir);
else
return xbps_xasprintf("%s/%s", xh->rootdir,
xh->cachedir);
}
}
void HIDDEN
xbps_pkg_find_conflicts(struct xbps_handle *xhp, prop_dictionary_t pkg_repod)
{
prop_array_t pkg_cflicts, trans_cflicts;
prop_dictionary_t pkgd;
const char *cfpkg, *repopkgver, *pkgver;
char *buf;
size_t i;
pkg_cflicts = prop_dictionary_get(pkg_repod, "conflicts");
if (pkg_cflicts == NULL || prop_array_count(pkg_cflicts) == 0)
return;
trans_cflicts = prop_dictionary_get(xhp->transd, "conflicts");
prop_dictionary_get_cstring_nocopy(pkg_repod, "pkgver", &repopkgver);
for (i = 0; i < prop_array_count(pkg_cflicts); i++) {
prop_array_get_cstring_nocopy(pkg_cflicts, i, &cfpkg);
/*
* Check if current pkg conflicts with an installed package.
*/
if ((pkgd = xbps_pkgdb_get_pkgd(xhp, cfpkg, true))) {
prop_dictionary_get_cstring_nocopy(pkgd,
"pkgver", &pkgver);
buf = xbps_xasprintf("%s conflicts with "
"installed pkg %s", repopkgver, pkgver);
assert(buf != NULL);
prop_array_add_cstring(trans_cflicts, buf);
free(buf);
continue;
}
/*
* Check if current pkg conflicts with any pkg in transaction.
*/
pkgd = xbps_find_pkg_in_dict_by_pattern(xhp, xhp->transd,
"unsorted_deps", cfpkg);
if (pkgd != NULL) {
prop_dictionary_get_cstring_nocopy(pkgd,
"pkgver", &pkgver);
buf = xbps_xasprintf("%s conflicts with "
"%s in transaction", repopkgver, pkgver);
assert(buf != NULL);
prop_array_add_cstring(trans_cflicts, buf);
free(buf);
continue;
}
}
}
int HIDDEN
xbps_pkgdb_init(struct xbps_handle *xhp)
{
int rv;
assert(xhp != NULL);
if (xhp->pkgdb_plist == NULL)
xhp->pkgdb_plist = xbps_xasprintf("%s/%s", xhp->metadir, XBPS_PKGDB);
#if 0
if ((rv = xbps_pkgdb_conversion(xhp)) != 0)
return rv;
#endif
if (xhp->pkgdb != NULL)
return 0;
if ((rv = xbps_pkgdb_update(xhp, false, true)) != 0) {
if (rv != ENOENT)
xbps_dbg_printf(xhp, "[pkgdb] cannot internalize "
"pkgdb array: %s\n", strerror(rv));
return rv;
}
if ((rv = pkgdb_map_vpkgs(xhp)) != 0) {
xbps_dbg_printf(xhp, "[pkgdb] pkgdb_map_vpkgs %s\n", strerror(rv));
return rv;
}
assert(xhp->pkgdb);
xbps_dbg_printf(xhp, "[pkgdb] initialized ok.\n");
return 0;
}
xbps_dictionary_t
xbps_pkgdb_get_pkg_files(struct xbps_handle *xhp, const char *pkg)
{
xbps_dictionary_t pkgd, pkgfilesd;
const char *pkgver;
char *pkgname, *plist;
if (pkg == NULL)
return NULL;
pkgd = xbps_pkgdb_get_pkg(xhp, pkg);
if (pkgd == NULL)
return NULL;
xbps_dictionary_get_cstring_nocopy(pkgd, "pkgver", &pkgver);
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
plist = xbps_xasprintf("%s/.%s-files.plist", xhp->metadir, pkgname);
free(pkgname);
pkgfilesd = xbps_plist_dictionary_from_file(xhp, plist);
free(plist);
if (pkgfilesd == NULL) {
xbps_dbg_printf(xhp, "[pkgdb] cannot read %s metadata: %s\n",
pkgver, strerror(errno));
return NULL;
}
return pkgfilesd;
}
static xbps_dictionary_t
get_pkg_metadata(struct xbps_handle *xhp, xbps_dictionary_t pkgd)
{
xbps_dictionary_t pkg_metad;
const char *pkgver;
char *pkgname, *plist;
xbps_dictionary_get_cstring_nocopy(pkgd, "pkgver", &pkgver);
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
if ((pkg_metad = xbps_dictionary_get(xhp->pkg_metad, pkgname)) != NULL) {
free(pkgname);
return pkg_metad;
}
plist = xbps_xasprintf("%s/.%s.plist", xhp->metadir, pkgname);
pkg_metad = xbps_dictionary_internalize_from_file(plist);
free(plist);
if (pkg_metad == NULL) {
xbps_dbg_printf(xhp, "[pkgdb] cannot read %s metadata: %s\n",
pkgver, strerror(errno));
free(pkgname);
return NULL;
}
if (xhp->pkg_metad == NULL)
xhp->pkg_metad = xbps_dictionary_create();
xbps_dictionary_set(xhp->pkg_metad, pkgname, pkg_metad);
xbps_object_release(pkg_metad);
free(pkgname);
return pkg_metad;
}
static RSA *
load_rsa_key(const char *privkey)
{
RSA *rsa = NULL;
char *defprivkey;
/*
* If privkey not set, default to ~/.ssh/id_rsa.
*/
if (privkey == NULL)
defprivkey = xbps_xasprintf("%s/.ssh/id_rsa", getenv("HOME"));
else
defprivkey = strdup(privkey);
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
if ((rsa = load_rsa_privkey(defprivkey)) == NULL) {
fprintf(stderr, "%s: failed to read the RSA privkey\n", _XBPS_RINDEX);
exit(EXIT_FAILURE);
}
return rsa;
}
/**
* @file lib/repo.c
* @brief Repository functions
* @defgroup repo Repository functions
*/
char *
xbps_repo_path(struct xbps_handle *xhp, const char *url)
{
assert(xhp);
assert(url);
return xbps_xasprintf("%s/%s-repodata",
url, xhp->target_arch ? xhp->target_arch : xhp->native_arch);
}
static void
broken_pkg(xbps_array_t mdeps, const char *dep, const char *pkg, const char *trans)
{
char *str;
str = xbps_xasprintf("%s (%s) breaks installed pkg `%s'", pkg, trans, dep);
xbps_array_add_cstring(mdeps, str);
free(str);
}
int
repodata_flush(struct xbps_handle *xhp, const char *repodir,
xbps_dictionary_t idx, xbps_dictionary_t idxfiles)
{
struct archive *ar;
mode_t myumask;
char *repofile, *tname, *xml;
int repofd;
/* Create a tempfile for our repository archive */
repofile = xbps_repo_path(xhp, repodir);
tname = xbps_xasprintf("%s.XXXXXXXXXX", repofile);
if ((repofd = mkstemp(tname)) == -1)
return errno;
/* Create and write our repository archive */
ar = archive_write_new();
assert(ar);
archive_write_set_compression_gzip(ar);
archive_write_set_format_pax_restricted(ar);
archive_write_set_options(ar, "compression-level=9");
archive_write_open_fd(ar, repofd);
xml = xbps_dictionary_externalize(idx);
assert(xml);
if (xbps_archive_append_buf(ar, xml, strlen(xml),
XBPS_PKGINDEX, 0644, "root", "root") != 0) {
free(xml);
return -1;
}
free(xml);
xml = xbps_dictionary_externalize(idxfiles);
assert(xml);
if (xbps_archive_append_buf(ar, xml, strlen(xml),
XBPS_PKGINDEX_FILES, 0644, "root", "root") != 0) {
free(xml);
return -1;
}
free(xml);
archive_write_finish(ar);
/* Write data to tempfile and rename */
fdatasync(repofd);
myumask = umask(0);
(void)umask(myumask);
assert(fchmod(repofd, 0666 & ~myumask) != -1);
close(repofd);
rename(tname, repofile);
free(repofile);
free(tname);
return 0;
}
int
xbps_pkgdb_lock(struct xbps_handle *xhp)
{
mode_t prev_umask;
int rv;
/*
* Use a mandatory file lock to only allow one writer to pkgdb,
* other writers will block.
*/
xhp->pkgdb_plist = xbps_xasprintf("%s/%s", xhp->metadir, XBPS_PKGDB);
if (xbps_pkgdb_init(xhp) == ENOENT) {
/* if metadir does not exist, create it */
if (access(xhp->metadir, R_OK|X_OK) == -1) {
if (errno != ENOENT)
return errno;
if (xbps_mkpath(xhp->metadir, 0755) == -1) {
rv = errno;
xbps_dbg_printf(xhp, "[pkgdb] failed to create metadir "
"%s: %s\n", xhp->metadir, strerror(rv));
return rv;
}
}
/* if pkgdb is unexistent, create it with an empty dictionary */
xhp->pkgdb = xbps_dictionary_create();
if (!xbps_dictionary_externalize_to_file(xhp->pkgdb, xhp->pkgdb_plist)) {
rv = errno;
xbps_dbg_printf(xhp, "[pkgdb] failed to create pkgdb "
"%s: %s\n", xhp->pkgdb_plist, strerror(rv));
return rv;
}
}
prev_umask = umask(022);
if ((pkgdb_fd = open(xhp->pkgdb_plist, O_CREAT|O_RDWR|O_CLOEXEC, 0664)) == -1) {
rv = errno;
xbps_dbg_printf(xhp, "[pkgdb] cannot open pkgdb for locking "
"%s: %s\n", xhp->pkgdb_plist, strerror(rv));
free(xhp->pkgdb_plist);
umask(prev_umask);
return rv;
}
umask(prev_umask);
if (lockf(pkgdb_fd, F_TLOCK, 0) == -1) {
rv = errno;
xbps_dbg_printf(xhp, "[pkgdb] cannot lock pkgdb: %s\n", strerror(rv));
return rv;
}
return 0;
}
/*
* Verify reverse dependencies for packages in transaction.
* This will catch cases where a package update would break its reverse dependencies:
*
* - foo-1.0 is being updated to 2.0.
* - baz-1.1 depends on foo<2.0.
* - foo is updated to 2.0, hence baz-1.1 is currently broken.
*
* Abort transaction if such case is found.
*/
static bool
check_virtual_pkgs(xbps_array_t mdeps,
xbps_dictionary_t trans_pkgd,
xbps_dictionary_t rev_pkgd)
{
xbps_array_t provides;
bool matched = false;
provides = xbps_dictionary_get(trans_pkgd, "provides");
for (unsigned int i = 0; i < xbps_array_count(provides); i++) {
xbps_array_t rundeps;
const char *pkgver, *revpkgver, *pkgpattern;
char *pkgname, *vpkgname, *vpkgver, *str;
pkgver = revpkgver = pkgpattern = NULL;
pkgname = vpkgname = vpkgver = str = NULL;
xbps_dictionary_get_cstring_nocopy(trans_pkgd, "pkgver", &pkgver);
xbps_dictionary_get_cstring_nocopy(rev_pkgd, "pkgver", &revpkgver);
xbps_array_get_cstring(provides, i, &vpkgver);
vpkgname = xbps_pkg_name(vpkgver);
assert(vpkgname);
rundeps = xbps_dictionary_get(rev_pkgd, "run_depends");
for (unsigned int x = 0; x < xbps_array_count(rundeps); x++) {
xbps_array_get_cstring_nocopy(rundeps, x, &pkgpattern);
if (((pkgname = xbps_pkgpattern_name(pkgpattern)) == NULL) &&
((pkgname = xbps_pkg_name(pkgpattern)) == NULL))
continue;
if (strcmp(vpkgname, pkgname)) {
free(pkgname);
continue;
}
free(pkgname);
if (!strcmp(vpkgver, pkgpattern) ||
xbps_pkgpattern_match(vpkgver, pkgpattern)) {
continue;
}
str = xbps_xasprintf("%s broken, needs '%s' virtual pkg (got `%s')",
revpkgver, pkgpattern, vpkgver);
xbps_array_add_cstring(mdeps, str);
free(str);
matched = true;
}
free(vpkgname);
free(vpkgver);
}
return matched;
}
bool HIDDEN
xbps_transaction_shlibs(struct xbps_handle *xhp, xbps_array_t pkgs, xbps_array_t mshlibs)
{
xbps_object_t obj;
xbps_object_iterator_t iter;
xbps_dictionary_t shrequires, shprovides;
bool unmatched = false;
shrequires = collect_shlibs(xhp, pkgs, true);
shprovides = collect_shlibs(xhp, pkgs, false);
/* iterate over shlib-requires to find unmatched shlibs */
iter = xbps_dictionary_iterator(shrequires);
assert(iter);
while ((obj = xbps_object_iterator_next(iter))) {
xbps_array_t array;
const char *pkgver, *shlib;
char *buf;
shlib = xbps_dictionary_keysym_cstring_nocopy(obj);
xbps_dbg_printf(xhp, "%s: checking for `%s': ", __func__, shlib);
if (xbps_dictionary_get(shprovides, shlib)) {
xbps_dbg_printf_append(xhp, "found\n");
continue;
}
xbps_dbg_printf_append(xhp, "not found\n");
unmatched = true;
array = xbps_dictionary_get_keysym(shrequires, obj);
for (unsigned int i = 0; i < xbps_array_count(array); i++) {
xbps_array_get_cstring_nocopy(array, i, &pkgver);
buf = xbps_xasprintf("%s: broken, unresolvable "
"shlib `%s'", pkgver, shlib);
xbps_array_add_cstring(mshlibs, buf);
free(buf);
}
xbps_object_release(array);
}
xbps_object_iterator_release(iter);
xbps_object_release(shprovides);
return unmatched;
}
int
xbps_pkgdb_update(struct xbps_handle *xhp, bool flush)
{
xbps_dictionary_t pkgdb_storage;
char *plist;
static int cached_rv;
int rv = 0;
if (cached_rv && !flush)
return cached_rv;
plist = xbps_xasprintf("%s/%s", xhp->metadir, XBPS_PKGDB);
if (xhp->pkgdb && flush) {
pkgdb_storage = xbps_dictionary_internalize_from_file(plist);
if (pkgdb_storage == NULL ||
!xbps_dictionary_equals(xhp->pkgdb, pkgdb_storage)) {
/* flush dictionary to storage */
if (!xbps_dictionary_externalize_to_file(xhp->pkgdb, plist)) {
free(plist);
return errno;
}
}
if (pkgdb_storage)
xbps_object_release(pkgdb_storage);
xbps_object_release(xhp->pkgdb);
xhp->pkgdb = NULL;
cached_rv = 0;
}
/* update copy in memory */
if ((xhp->pkgdb = xbps_dictionary_internalize_from_file(plist)) == NULL) {
if (errno == ENOENT)
xhp->pkgdb = xbps_dictionary_create();
else
xbps_error_printf("cannot access to pkgdb: %s\n", strerror(errno));
cached_rv = rv = errno;
}
free(plist);
return rv;
}
static void
show_package_list(struct transaction *trans, const char *match, int cols)
{
xbps_object_t obj;
while ((obj = xbps_object_iterator_next(trans->iter)) != NULL) {
const char *pkgver, *tract;
char *buf = NULL;
bool dload = false;
xbps_dictionary_get_cstring_nocopy(obj, "pkgver", &pkgver);
xbps_dictionary_get_cstring_nocopy(obj, "transaction", &tract);
xbps_dictionary_get_bool(obj, "download", &dload);
if (match && strcmp(tract, "update") == 0) {
xbps_dictionary_t ipkgd;
const char *ipkgver, *iversion, *version;
char *pkgname;
/* get installed pkgver */
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
ipkgd = xbps_pkgdb_get_pkg(trans->xhp, pkgname);
assert(ipkgd);
xbps_dictionary_get_cstring_nocopy(ipkgd, "pkgver", &ipkgver);
version = xbps_pkg_version(pkgver);
iversion = xbps_pkg_version(ipkgver);
buf = xbps_xasprintf("%s (%s -> %s)", pkgname, iversion, version);
free(pkgname);
}
if ((match && (strcmp(match, tract) == 0)) || (!match && dload)) {
if (buf) {
print_package_line(buf, cols, false);
free(buf);
} else {
print_package_line(pkgver, cols, false);
}
}
}
xbps_object_iterator_reset(trans->iter);
print_package_line(NULL, cols, true);
}
static void
store_preserved_file(struct xbps_handle *xhp, const char *file)
{
glob_t globbuf;
char *p = NULL, *rfile = NULL;
size_t len;
int rv = 0;
if (xhp->preserved_files == NULL) {
xhp->preserved_files = xbps_array_create();
assert(xhp->preserved_files);
}
rfile = xbps_xasprintf("%s%s", xhp->rootdir, file);
rv = glob(rfile, 0, NULL, &globbuf);
if (rv == GLOB_NOMATCH) {
if (xbps_match_string_in_array(xhp->preserved_files, file))
goto out;
xbps_array_add_cstring(xhp->preserved_files, file);
xbps_dbg_printf(xhp, "Added preserved file: %s\n", file);
goto out;
} else if (rv != 0) {
goto out;
}
for (size_t i = 0; i < globbuf.gl_pathc; i++) {
if (xbps_match_string_in_array(xhp->preserved_files, globbuf.gl_pathv[i]))
continue;
len = strlen(globbuf.gl_pathv[i]) - strlen(xhp->rootdir) + 1;
p = malloc(len);
assert(p);
strlcpy(p, globbuf.gl_pathv[i] + strlen(xhp->rootdir), len);
xbps_array_add_cstring(xhp->preserved_files, p);
xbps_dbg_printf(xhp, "Added preserved file: %s (expanded from %s)\n", p, file);
free(p);
}
out:
globfree(&globbuf);
free(rfile);
}
static RSA *
load_rsa_key(const char *privkey)
{
RSA *rsa = NULL;
char *defprivkey;
/*
* If privkey not set, default to ~/.ssh/id_rsa.
*/
if (privkey == NULL)
defprivkey = xbps_xasprintf("%s/.ssh/id_rsa", getenv("HOME"));
else
defprivkey = strdup(privkey);
if ((rsa = load_rsa_privkey(defprivkey)) == NULL) {
fprintf(stderr, "%s: failed to read the RSA privkey\n", _XBPS_RINDEX);
exit(EXIT_FAILURE);
}
free(defprivkey);
defprivkey = NULL;
return rsa;
}
bool
xbps_repo_lock(struct xbps_handle *xhp, const char *repodir,
int *lockfd, char **lockfname)
{
char *repofile, *lockfile;
int fd, rv;
assert(repodir);
assert(lockfd);
assert(lockfname);
repofile = xbps_repo_path(xhp, repodir);
assert(repofile);
lockfile = xbps_xasprintf("%s.lock", repofile);
free(repofile);
for (;;) {
fd = open(lockfile, O_WRONLY|O_CREAT|O_EXCL|O_CLOEXEC, 0660);
rv = errno;
if (fd != -1)
break;
if (rv != EEXIST) {
xbps_dbg_printf(xhp, "[repo] `%s' failed to "
"create lock file %s\n", lockfile, strerror(rv));
free(lockfile);
return false;
} else {
xbps_dbg_printf(xhp, "[repo] `%s' lock file exists,"
"waiting for 1s...\n", lockfile);
sleep(1);
}
}
*lockfname = lockfile;
*lockfd = fd;
return true;
}
bool
xbps_verify_file_signature(struct xbps_repo *repo, const char *fname)
{
xbps_dictionary_t repokeyd = NULL;
xbps_data_t pubkey;
char *hexfp = NULL;
unsigned char *digest = NULL, *sig_buf = NULL;
size_t sigbuflen, sigfilelen;
char *rkeyfile = NULL, *sig = NULL;
bool val = false;
if (!xbps_dictionary_count(repo->idxmeta)) {
xbps_dbg_printf(repo->xhp, "%s: unsigned repository\n", repo->uri);
return false;
}
hexfp = xbps_pubkey2fp(repo->xhp,
xbps_dictionary_get(repo->idxmeta, "public-key"));
if (hexfp == NULL) {
xbps_dbg_printf(repo->xhp, "%s: incomplete signed repo, missing hexfp obj\n", repo->uri);
return false;
}
/*
* Prepare repository RSA public key to verify fname signature.
*/
rkeyfile = xbps_xasprintf("%s/keys/%s.plist", repo->xhp->metadir, hexfp);
repokeyd = xbps_plist_dictionary_from_file(repo->xhp, rkeyfile);
if (xbps_object_type(repokeyd) != XBPS_TYPE_DICTIONARY) {
xbps_dbg_printf(repo->xhp, "cannot read rkey data at %s: %s\n",
rkeyfile, strerror(errno));
goto out;
}
pubkey = xbps_dictionary_get(repokeyd, "public-key");
if (xbps_object_type(pubkey) != XBPS_TYPE_DATA)
goto out;
/*
* Prepare fname and signature data buffers.
*/
if (!(digest = xbps_file_hash_raw(fname))) {
xbps_dbg_printf(repo->xhp, "can't open file %s: %s\n", fname, strerror(errno));
goto out;
}
sig = xbps_xasprintf("%s.sig", fname);
if (!xbps_mmap_file(sig, (void *)&sig_buf, &sigbuflen, &sigfilelen)) {
xbps_dbg_printf(repo->xhp, "can't open signature file %s: %s\n", sig, strerror(errno));
goto out;
}
/*
* Verify fname RSA signature.
*/
if (rsa_verify_hash(repo, pubkey, sig_buf, sigfilelen, digest))
val = true;
out:
if (hexfp)
free(hexfp);
if (rkeyfile)
free(rkeyfile);
if (digest)
free(digest);
if (sig_buf)
(void)munmap(sig_buf, sigbuflen);
if (sig)
free(sig);
if (repokeyd)
xbps_object_release(repokeyd);
return val;
}
int HIDDEN
xbps_remove_pkg_files(struct xbps_handle *xhp,
xbps_dictionary_t dict,
const char *key,
const char *pkgver)
{
struct stat st;
xbps_array_t array;
xbps_object_iterator_t iter;
xbps_object_t obj;
const char *file, *sha256, *curobj = NULL;
char *path = NULL, *pkgname = NULL;
char buf[PATH_MAX];
int rv = 0;
assert(xbps_object_type(dict) == XBPS_TYPE_DICTIONARY);
assert(key != NULL);
array = xbps_dictionary_get(dict, key);
if (xbps_array_count(array) == 0)
return 0;
iter = xbps_array_iter_from_dict(dict, key);
if (iter == NULL)
return ENOMEM;
if (strcmp(key, "files") == 0)
curobj = "file";
else if (strcmp(key, "conf_files") == 0)
curobj = "configuration file";
else if (strcmp(key, "links") == 0)
curobj = "link";
else if (strcmp(key, "dirs") == 0)
curobj = "directory";
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
while ((obj = xbps_object_iterator_next(iter))) {
xbps_dictionary_get_cstring_nocopy(obj, "file", &file);
path = xbps_xasprintf("%s/%s", xhp->rootdir, file);
if ((strcmp(key, "files") == 0) ||
(strcmp(key, "conf_files") == 0)) {
/*
* Check SHA256 hash in regular files and
* configuration files.
*/
xbps_dictionary_get_cstring_nocopy(obj,
"sha256", &sha256);
rv = xbps_file_hash_check(path, sha256);
if (rv == ENOENT) {
/* missing file, ignore it */
xbps_set_cb_state(xhp,
XBPS_STATE_REMOVE_FILE_HASH_FAIL,
rv, pkgver,
"%s: failed to check hash for %s `%s': %s",
pkgver, curobj, file, strerror(rv));
free(path);
rv = 0;
continue;
} else if (rv == ERANGE) {
rv = 0;
if ((xhp->flags &
XBPS_FLAG_FORCE_REMOVE_FILES) == 0) {
xbps_set_cb_state(xhp,
XBPS_STATE_REMOVE_FILE_HASH_FAIL,
0, pkgver,
"%s: %s `%s' SHA256 mismatch, "
"preserving file", pkgver,
curobj, file);
free(path);
continue;
} else {
xbps_set_cb_state(xhp,
XBPS_STATE_REMOVE_FILE_HASH_FAIL,
0, pkgver,
"%s: %s `%s' SHA256 mismatch, "
"forcing removal", pkgver,
curobj, file);
}
} else if (rv != 0 && rv != ERANGE) {
xbps_set_cb_state(xhp,
XBPS_STATE_REMOVE_FILE_HASH_FAIL,
rv, pkgver,
"%s: [remove] failed to check hash for "
"%s `%s': %s", pkgver, curobj, file,
strerror(rv));
free(path);
break;
}
} else if (strcmp(key, "links") == 0) {
/*
* All regular files from package were removed at this
* point, so we will only remove dangling symlinks.
*/
if (realpath(path, buf) == NULL) {
if (errno != ENOENT && errno != ELOOP) {
free(path);
rv = errno;
break;
}
}
if (stat(buf, &st) == 0) {
free(path);
continue;
}
}
/*
* Remove the object if possible.
*/
if (remove(path) == -1) {
xbps_set_cb_state(xhp, XBPS_STATE_REMOVE_FILE_FAIL,
errno, pkgver,
"%s: failed to remove %s `%s': %s", pkgver,
curobj, file, strerror(errno));
errno = 0;
} else {
/* success */
xbps_set_cb_state(xhp, XBPS_STATE_REMOVE_FILE,
0, pkgver, "Removed %s `%s'", curobj, file);
}
free(path);
}
xbps_object_iterator_release(iter);
free(pkgname);
return rv;
}
int HIDDEN
xbps_remove_pkg(struct xbps_handle *xhp,
const char *pkgver,
bool update,
bool soft_replace)
{
xbps_dictionary_t pkgd = NULL;
char *pkgname, *buf = NULL;
int rv = 0;
pkg_state_t state = 0;
assert(xhp);
assert(pkgver);
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
if ((rv = xbps_pkg_state_installed(xhp, pkgname, &state)) != 0)
goto out;
xbps_dbg_printf(xhp, "attempting to remove %s state %d\n",
pkgver, state);
if (!update)
xbps_set_cb_state(xhp, XBPS_STATE_REMOVE, 0, pkgver, NULL);
if (chdir(xhp->rootdir) == -1) {
rv = errno;
xbps_set_cb_state(xhp, XBPS_STATE_REMOVE_FAIL,
rv, pkgver,
"%s: [remove] failed to chdir to rootdir `%s': %s",
pkgver, xhp->rootdir, strerror(rv));
goto out;
}
/* internalize pkg dictionary from metadir */
buf = xbps_xasprintf("%s/.%s.plist", xhp->metadir, pkgname);
pkgd = xbps_dictionary_internalize_from_file(buf);
free(buf);
if (pkgd == NULL)
xbps_dbg_printf(xhp, "WARNING: metaplist for %s "
"doesn't exist!\n", pkgver);
/* If package was "half-removed", remove it fully. */
if (state == XBPS_PKG_STATE_HALF_REMOVED)
goto purge;
/*
* Run the pre remove action.
*/
if (pkgd) {
rv = xbps_pkg_exec_script(xhp, pkgd, "remove-script",
"pre", update);
if (rv != 0) {
xbps_set_cb_state(xhp, XBPS_STATE_REMOVE_FAIL,
errno, pkgver,
"%s: [remove] REMOVE script failed to "
"execute pre ACTION: %s",
pkgver, strerror(rv));
goto out;
}
}
/*
* If updating a package, we just need to execute the current
* pre-remove action target and we are done. Its files will be
* overwritten later in unpack phase.
*/
if (update) {
if (pkgd)
xbps_object_release(pkgd);
free(pkgname);
return 0;
} else if (soft_replace) {
/*
* Soft replace a package. Do not remove its files, but
* execute PURGE action, remove metadata files and unregister
* from pkgdb.
*/
goto softreplace;
}
if (pkgd) {
/* Remove regular files */
if ((rv = xbps_remove_pkg_files(xhp, pkgd, "files", pkgver)) != 0)
goto out;
/* Remove configuration files */
if ((rv = xbps_remove_pkg_files(xhp, pkgd, "conf_files", pkgver)) != 0)
goto out;
/* Remove links */
if ((rv = xbps_remove_pkg_files(xhp, pkgd, "links", pkgver)) != 0)
goto out;
/* Remove dirs */
if ((rv = xbps_remove_pkg_files(xhp, pkgd, "dirs", pkgver)) != 0)
goto out;
/*
* Execute the post REMOVE action if file exists and we aren't
* updating the package.
*/
rv = xbps_pkg_exec_script(xhp, pkgd, "remove-script", "post", false);
if (rv != 0) {
xbps_set_cb_state(xhp, XBPS_STATE_REMOVE_FAIL,
rv, pkgver,
"%s: [remove] REMOVE script failed to execute "
"post ACTION: %s", pkgver, strerror(rv));
goto out;
}
}
softreplace:
/*
* Set package state to "half-removed".
*/
rv = xbps_set_pkg_state_installed(xhp, pkgver,
XBPS_PKG_STATE_HALF_REMOVED);
if (rv != 0) {
xbps_set_cb_state(xhp, XBPS_STATE_REMOVE_FAIL,
rv, pkgver,
"%s: [remove] failed to set state to half-removed: %s",
pkgver, strerror(rv));
goto out;
}
purge:
/*
* Execute the purge REMOVE action if file exists.
*/
if (pkgd) {
rv = xbps_pkg_exec_script(xhp, pkgd, "remove-script", "purge", false);
if (rv != 0) {
xbps_set_cb_state(xhp, XBPS_STATE_REMOVE_FAIL,
rv, pkgver,
"%s: REMOVE script failed to execute "
"purge ACTION: %s", pkgver, strerror(rv));
goto out;
}
xbps_object_release(pkgd);
}
/*
* Remove package metadata plist.
*/
buf = xbps_xasprintf("%s/.%s.plist", xhp->metadir, pkgname);
if (remove(buf) == -1) {
if (errno != ENOENT) {
xbps_set_cb_state(xhp, XBPS_STATE_REMOVE_FAIL,
rv, pkgver,
"%s: failed to remove metadata file: %s",
pkgver, strerror(errno));
}
}
free(buf);
/*
* Unregister package from pkgdb.
*/
xbps_dictionary_remove(xhp->pkgdb, pkgname);
if ((rv = xbps_pkgdb_update(xhp, true)) != 0)
goto out;
xbps_dbg_printf(xhp, "[remove] unregister %s returned %d\n", pkgver, rv);
xbps_set_cb_state(xhp, XBPS_STATE_REMOVE_DONE, 0, pkgver, NULL);
out:
if (pkgname != NULL)
free(pkgname);
return rv;
}
int
sign_repo(struct xbps_handle *xhp, const char *repodir,
const char *privkey, const char *signedby)
{
struct stat st;
struct xbps_repo *repo;
xbps_dictionary_t pkgd, meta = NULL;
xbps_data_t data = NULL, rpubkey = NULL;
xbps_object_iterator_t iter = NULL;
xbps_object_t obj;
RSA *rsa = NULL;
unsigned char *sig;
unsigned int siglen;
uint16_t rpubkeysize, pubkeysize;
const char *arch, *pkgver, *rsignedby = NULL;
char *binpkg = NULL, *binpkg_sig = NULL, *buf = NULL, *defprivkey = NULL;
int binpkg_fd, binpkg_sig_fd, rv = 0;
bool flush = false;
if (signedby == NULL) {
fprintf(stderr, "--signedby unset! cannot sign repository\n");
return -1;
}
/*
* Check that repository index exists and not empty, otherwise bail out.
*/
repo = xbps_repo_open(xhp, repodir, true);
if (repo == NULL) {
rv = errno;
fprintf(stderr, "%s: cannot read repository data: %s\n",
_XBPS_RINDEX, strerror(errno));
goto out;
}
if (xbps_dictionary_count(repo->idx) == 0) {
fprintf(stderr, "%s: invalid repository, existing!\n", _XBPS_RINDEX);
rv = EINVAL;
goto out;
}
/*
* If privkey not set, default to ~/.ssh/id_rsa.
*/
if (privkey == NULL)
defprivkey = xbps_xasprintf("%s/.ssh/id_rsa", getenv("HOME"));
else
defprivkey = strdup(privkey);
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
if ((rsa = load_rsa_privkey(defprivkey)) == NULL) {
fprintf(stderr, "%s: failed to read the RSA privkey\n", _XBPS_RINDEX);
rv = EINVAL;
goto out;
}
/*
* Iterate over the idx dictionary and then sign all binary
* packages in this repository.
*/
iter = xbps_dictionary_iterator(repo->idx);
assert(iter);
while ((obj = xbps_object_iterator_next(iter))) {
pkgd = xbps_dictionary_get_keysym(repo->idx, obj);
xbps_dictionary_get_cstring_nocopy(pkgd, "architecture", &arch);
xbps_dictionary_get_cstring_nocopy(pkgd, "pkgver", &pkgver);
binpkg = xbps_xasprintf("%s/%s.%s.xbps", repodir, pkgver, arch);
binpkg_sig = xbps_xasprintf("%s.sig", binpkg);
/*
* Skip pkg if file signature exists
*/
if ((binpkg_sig_fd = access(binpkg_sig, R_OK)) == 0) {
if (xhp->flags & XBPS_FLAG_VERBOSE)
fprintf(stderr, "skipping %s, file signature found.\n", pkgver);
free(binpkg);
free(binpkg_sig);
close(binpkg_sig_fd);
continue;
}
/*
* Generate pkg file signature.
*/
if ((binpkg_fd = open(binpkg, O_RDONLY)) == -1) {
fprintf(stderr, "cannot read %s: %s\n", binpkg, strerror(errno));
free(binpkg);
free(binpkg_sig);
continue;
}
fstat(binpkg_fd, &st);
buf = malloc(st.st_size);
assert(buf);
if (read(binpkg_fd, buf, st.st_size) != st.st_size) {
fprintf(stderr, "failed to read %s: %s\n", binpkg, strerror(errno));
close(binpkg_fd);
free(buf);
free(binpkg);
free(binpkg_sig);
continue;
}
close(binpkg_fd);
if (!rsa_sign_buf(rsa, buf, st.st_size, &sig, &siglen)) {
fprintf(stderr, "failed to sign %s: %s\n", binpkg, strerror(errno));
free(buf);
free(binpkg);
free(binpkg_sig);
continue;
}
free(buf);
free(binpkg);
/*
* Write pkg file signature.
*/
binpkg_sig_fd = creat(binpkg_sig, 0644);
if (binpkg_sig_fd == -1) {
fprintf(stderr, "failed to create %s: %s\n", binpkg_sig, strerror(errno));
free(sig);
free(binpkg_sig);
continue;
}
if (write(binpkg_sig_fd, sig, siglen) != (ssize_t)siglen) {
fprintf(stderr, "failed to write %s: %s\n", binpkg_sig, strerror(errno));
free(sig);
free(binpkg_sig);
close(binpkg_sig_fd);
continue;
}
free(sig);
free(binpkg_sig);
close(binpkg_sig_fd);
printf("signed successfully %s\n", pkgver);
}
xbps_object_iterator_release(iter);
/*
* Check if repository index-meta contains changes compared to its
* current state.
*/
if ((buf = pubkey_from_privkey(rsa)) == NULL) {
rv = EINVAL;
goto out;
}
meta = xbps_dictionary_create();
data = xbps_data_create_data(buf, strlen(buf));
rpubkey = xbps_dictionary_get(repo->idxmeta, "public-key");
if (!xbps_data_equals(rpubkey, data))
flush = true;
free(buf);
pubkeysize = RSA_size(rsa) * 8;
xbps_dictionary_get_uint16(repo->idxmeta, "public-key-size", &rpubkeysize);
if (rpubkeysize != pubkeysize)
flush = true;
xbps_dictionary_get_cstring_nocopy(repo->idxmeta, "signature-by", &rsignedby);
if (rsignedby == NULL || strcmp(rsignedby, signedby))
flush = true;
if (!flush)
goto out;
xbps_dictionary_set(meta, "public-key", data);
xbps_dictionary_set_uint16(meta, "public-key-size", pubkeysize);
xbps_dictionary_set_cstring_nocopy(meta, "signature-by", signedby);
xbps_dictionary_set_cstring_nocopy(meta, "signature-type", "rsa");
xbps_object_release(data);
data = NULL;
if (!repodata_flush(xhp, repodir, repo->idx, meta)) {
fprintf(stderr, "failed to write repodata: %s\n", strerror(errno));
goto out;
}
printf("Signed repository (%u package%s)\n",
xbps_dictionary_count(repo->idx),
xbps_dictionary_count(repo->idx) == 1 ? "" : "s");
out:
if (defprivkey) {
free(defprivkey);
}
if (rsa) {
RSA_free(rsa);
rsa = NULL;
}
if (repo) {
xbps_repo_close(repo);
}
return rv ? -1 : 0;
}
/*
* Returns 1 if entry should be installed, 0 if don't or -1 on error.
*/
int HIDDEN
xbps_entry_install_conf_file(struct xbps_handle *xhp,
xbps_dictionary_t filesd,
struct archive_entry *entry,
const char *entry_pname,
const char *pkgver,
const char *pkgname)
{
xbps_dictionary_t forigd;
xbps_object_t obj, obj2;
xbps_object_iterator_t iter, iter2;
const char *cffile, *sha256_new = NULL;
char *buf, *sha256_cur = NULL, *sha256_orig = NULL;
int rv = 0;
assert(xbps_object_type(filesd) == XBPS_TYPE_DICTIONARY);
assert(entry != NULL);
assert(entry_pname != NULL);
assert(pkgver != NULL);
iter = xbps_array_iter_from_dict(filesd, "conf_files");
if (iter == NULL)
return -1;
/*
* Get original hash for the file from current
* installed package.
*/
xbps_dbg_printf(xhp, "%s: processing conf_file %s\n",
pkgver, entry_pname);
forigd = xbps_pkgdb_get_pkg_metadata(xhp, pkgname);
if (forigd == NULL) {
xbps_dbg_printf(xhp, "%s: conf_file %s not currently "
"installed\n", pkgver, entry_pname);
rv = 1;
goto out;
}
iter2 = xbps_array_iter_from_dict(forigd, "conf_files");
if (iter2 != NULL) {
while ((obj2 = xbps_object_iterator_next(iter2))) {
xbps_dictionary_get_cstring_nocopy(obj2,
"file", &cffile);
buf = xbps_xasprintf(".%s", cffile);
if (strcmp(entry_pname, buf) == 0) {
xbps_dictionary_get_cstring(obj2, "sha256",
&sha256_orig);
free(buf);
break;
}
free(buf);
buf = NULL;
}
xbps_object_iterator_release(iter2);
}
/*
* First case: original hash not found, install new file.
*/
if (sha256_orig == NULL) {
xbps_dbg_printf(xhp, "%s: conf_file %s not installed\n",
pkgver, entry_pname);
rv = 1;
goto out;
}
/*
* Compare original, installed and new hash for current file.
*/
while ((obj = xbps_object_iterator_next(iter))) {
xbps_dictionary_get_cstring_nocopy(obj, "file", &cffile);
buf = xbps_xasprintf(".%s", cffile);
if (strcmp(entry_pname, buf)) {
free(buf);
buf = NULL;
continue;
}
sha256_cur = xbps_file_hash(buf);
free(buf);
xbps_dictionary_get_cstring_nocopy(obj, "sha256", &sha256_new);
if (sha256_cur == NULL) {
if (errno == ENOENT) {
/*
* File not installed, install new one.
*/
xbps_dbg_printf(xhp, "%s: conf_file %s not "
"installed\n", pkgver, entry_pname);
rv = 1;
break;
} else {
rv = -1;
break;
}
}
/*
* Orig = X, Curr = X, New = X
*
* Keep file as is (no changes).
*/
if ((strcmp(sha256_orig, sha256_cur) == 0) &&
(strcmp(sha256_orig, sha256_new) == 0) &&
(strcmp(sha256_cur, sha256_new) == 0)) {
xbps_dbg_printf(xhp, "%s: conf_file %s orig = X, "
"cur = X, new = X\n", pkgver, entry_pname);
rv = 0;
break;
/*
* Orig = X, Curr = X, New = Y
*
* Install new file (installed file hasn't been modified).
*/
} else if ((strcmp(sha256_orig, sha256_cur) == 0) &&
(strcmp(sha256_orig, sha256_new)) &&
(strcmp(sha256_cur, sha256_new))) {
xbps_set_cb_state(xhp, XBPS_STATE_CONFIG_FILE,
0, pkgver,
"Updating configuration file `%s' provided "
"by `%s'.", cffile, pkgver);
rv = 1;
break;
/*
* Orig = X, Curr = Y, New = X
*
* Keep installed file as is because it has been modified,
* but new package doesn't contain new changes compared
* to the original version.
*/
} else if ((strcmp(sha256_orig, sha256_new) == 0) &&
(strcmp(sha256_cur, sha256_new)) &&
(strcmp(sha256_orig, sha256_cur))) {
xbps_set_cb_state(xhp, XBPS_STATE_CONFIG_FILE,
0, pkgver,
"Keeping modified configuration file `%s'.",
cffile);
rv = 0;
break;
/*
* Orig = X, Curr = Y, New = Y
*
* Keep file as is because changes made are compatible
* with new version.
*/
} else if ((strcmp(sha256_cur, sha256_new) == 0) &&
(strcmp(sha256_orig, sha256_new)) &&
(strcmp(sha256_orig, sha256_cur))) {
xbps_dbg_printf(xhp, "%s: conf_file %s orig = X, "
"cur = Y, new = Y\n", pkgver, entry_pname);
rv = 0;
break;
/*
* Orig = X, Curr = Y, New = Z
*
* Install new file as <file>.new-<version>
*/
} else if ((strcmp(sha256_orig, sha256_cur)) &&
(strcmp(sha256_cur, sha256_new)) &&
(strcmp(sha256_orig, sha256_new))) {
const char *version;
version = xbps_pkg_version(pkgver);
assert(version);
buf = xbps_xasprintf(".%s.new-%s",
cffile, version);
xbps_set_cb_state(xhp, XBPS_STATE_CONFIG_FILE,
0, pkgver,
"Installing new configuration file to "
"`%s.new-%s'.", cffile, version);
archive_entry_set_pathname(entry, buf);
free(buf);
rv = 1;
break;
}
}
out:
if (sha256_orig)
free(sha256_orig);
if (sha256_cur)
free(sha256_cur);
xbps_object_iterator_release(iter);
xbps_dbg_printf(xhp, "%s: conf_file %s returned %d\n",
pkgver, entry_pname, rv);
return rv;
}
/*
* Verify reverse dependencies for packages in transaction.
* This will catch cases where a package update would break its reverse dependencies:
*
* - foo-1.0 is being updated to 2.0.
* - baz-1.1 depends on foo<2.0.
* - foo is updated to 2.0, hence baz-1.1 is currently broken.
*
* Abort transaction if such case is found.
*/
static bool
check_virtual_pkgs(struct xbps_handle *xhp,
xbps_dictionary_t trans_pkgd,
xbps_dictionary_t rev_pkgd)
{
xbps_array_t unsorted, provides, rundeps, mdeps;
const char *pkgver, *revpkgver, *pkgpattern;
char *pkgname, *pkgdepname, *vpkgname, *vpkgver, *str;
unsigned int i, x;
bool matched = false;
unsorted = xbps_dictionary_get(xhp->transd, "unsorted_deps");
provides = xbps_dictionary_get(trans_pkgd, "provides");
for (i = 0; i < xbps_array_count(provides); i++) {
char *tmp = NULL;
xbps_array_get_cstring(provides, i, &vpkgver);
if (strchr(vpkgver, '_') == NULL) {
tmp = xbps_xasprintf("%s_1", vpkgver);
vpkgver = strdup(tmp);
}
vpkgname = xbps_pkg_name(vpkgver);
assert(vpkgname);
rundeps = xbps_dictionary_get(rev_pkgd, "run_depends");
for (x = 0; x < xbps_array_count(rundeps); x++) {
xbps_array_get_cstring_nocopy(rundeps, x, &pkgpattern);
if (((pkgname = xbps_pkgpattern_name(pkgpattern)) == NULL) &&
((pkgname = xbps_pkg_name(pkgpattern)) == NULL))
continue;
if (strcmp(vpkgname, pkgname)) {
free(pkgname);
continue;
}
free(pkgname);
if (xbps_pkgpattern_match(vpkgver, pkgpattern))
continue;
/*
* Installed package conflicts with package
* in transaction being updated, check
* if a new version of this conflicting package
* is in the transaction.
*/
xbps_dictionary_get_cstring_nocopy(trans_pkgd, "pkgver", &pkgver);
pkgdepname = xbps_pkg_name(pkgver);
assert(pkgdepname);
if (xbps_find_pkg_in_array(unsorted, pkgdepname)) {
free(pkgdepname);
continue;
}
free(pkgdepname);
mdeps = xbps_dictionary_get(xhp->transd, "missing_deps");
xbps_dictionary_get_cstring_nocopy(trans_pkgd, "pkgver", &pkgver);
xbps_dictionary_get_cstring_nocopy(rev_pkgd, "pkgver", &revpkgver);
str = xbps_xasprintf("CONFLICT: `%s' update "
"breaks `%s', needs `%s' virtual pkg (got `%s`)",
pkgver, revpkgver, pkgpattern, vpkgver);
xbps_array_add_cstring(mdeps, str);
free(str);
matched = true;
}
free(vpkgname);
free(vpkgver);
}
return matched;
}
void HIDDEN
xbps_transaction_revdeps(struct xbps_handle *xhp)
{
xbps_array_t mdeps, unsorted, pkgrdeps, rundeps;
xbps_dictionary_t revpkgd;
xbps_object_t obj;
const char *pkgver, *curdep, *revpkgver, *curpkgver, *tract;
char *pkgname, *curdepname, *curpkgname, *str;
unsigned int i, j, x;
unsorted = xbps_dictionary_get(xhp->transd, "unsorted_deps");
for (i = 0; i < xbps_array_count(unsorted); i++) {
obj = xbps_array_get(unsorted, i);
/*
* Only check packages in transaction being updated.
*/
xbps_dictionary_get_cstring_nocopy(obj, "transaction", &tract);
if (strcmp(tract, "update"))
continue;
/*
* if pkg in transaction is not installed,
* pass to next one.
*/
xbps_dictionary_get_cstring_nocopy(obj, "pkgver", &pkgver);
pkgname = xbps_pkg_name(pkgver);
assert(pkgname);
if (xbps_pkg_is_installed(xhp, pkgname) == 0) {
free(pkgname);
continue;
}
/*
* If pkg is installed but does not have revdeps,
* pass to next one.
*/
pkgrdeps = xbps_pkgdb_get_pkg_revdeps(xhp, pkgname);
if (!xbps_array_count(pkgrdeps)) {
free(pkgname);
continue;
}
free(pkgname);
/*
* Time to validate revdeps for current pkg.
*/
for (x = 0; x < xbps_array_count(pkgrdeps); x++) {
bool found = false;
xbps_array_get_cstring_nocopy(pkgrdeps, x, &curpkgver);
revpkgd = xbps_pkgdb_get_pkg(xhp, curpkgver);
/*
* First try to match any supported virtual package.
*/
if (check_virtual_pkgs(xhp, obj, revpkgd))
continue;
/*
* Try to match real dependencies.
*/
rundeps = xbps_dictionary_get(revpkgd, "run_depends");
/*
* Find out what dependency is it.
*/
curpkgname = xbps_pkg_name(pkgver);
assert(curpkgname);
for (j = 0; j < xbps_array_count(rundeps); j++) {
xbps_array_get_cstring_nocopy(rundeps, j, &curdep);
if (((curdepname = xbps_pkg_name(curdep)) == NULL) &&
((curdepname = xbps_pkgpattern_name(curdep)) == NULL))
abort();
if (strcmp(curdepname, curpkgname) == 0) {
free(curdepname);
found = true;
break;
}
free(curdepname);
}
if (!found)
continue;
if (xbps_match_pkgdep_in_array(rundeps, pkgver))
continue;
/*
* Installed package conflicts with package
* in transaction being updated, check
* if a new version of this conflicting package
* is in the transaction.
*/
pkgname = xbps_pkg_name(curpkgver);
if (xbps_find_pkg_in_array(unsorted, pkgname)) {
free(pkgname);
continue;
}
free(pkgname);
mdeps = xbps_dictionary_get(xhp->transd, "missing_deps");
xbps_dictionary_get_cstring_nocopy(revpkgd,
"pkgver", &revpkgver);
str = xbps_xasprintf("CONFLICT: `%s' "
"update breaks `%s', needs `%s'",
pkgver, revpkgver, curdep);
xbps_array_add_cstring(mdeps, str);
free(str);
}
}
}
/*
* Returns -1 on error, 0 if transfer was not necessary (local/remote
* size and/or mtime match) and 1 if downloaded successfully.
*/
int HIDDEN
xbps_repo_sync(struct xbps_handle *xhp, const char *uri)
{
const char *arch, *fetchstr = NULL;
char *repodata, *lrepodir, *uri_fixedp;
int rv = 0;
assert(uri != NULL);
/* ignore non remote repositories */
if (!xbps_repository_is_remote(uri))
return 0;
uri_fixedp = xbps_get_remote_repo_string(uri);
if (uri_fixedp == NULL)
return -1;
if (xhp->target_arch)
arch = xhp->target_arch;
else
arch = xhp->native_arch;
/*
* Full path to repository directory to store the plist
* index file.
*/
lrepodir = xbps_xasprintf("%s/%s", xhp->metadir, uri_fixedp);
free(uri_fixedp);
/*
* Create repodir in metadir.
*/
if ((rv = xbps_mkpath(lrepodir, 0755)) == -1) {
if (errno != EEXIST) {
xbps_set_cb_state(xhp, XBPS_STATE_REPOSYNC_FAIL,
errno, NULL, "[reposync] failed "
"to create repodir `%s': %s", lrepodir,
strerror(errno));
free(lrepodir);
return rv;
}
}
if (chdir(lrepodir) == -1) {
xbps_set_cb_state(xhp, XBPS_STATE_REPOSYNC_FAIL, errno, NULL,
"[reposync] failed to change dir to repodir `%s': %s",
lrepodir, strerror(errno));
free(lrepodir);
return -1;
}
free(lrepodir);
/*
* Remote repository plist index full URL.
*/
repodata = xbps_xasprintf("%s/%s-repodata", uri, arch);
/* reposync start cb */
xbps_set_cb_state(xhp, XBPS_STATE_REPOSYNC, 0, repodata, NULL);
/*
* Download plist index file from repository.
*/
if ((rv = xbps_fetch_file(xhp, repodata, NULL)) == -1) {
/* reposync error cb */
fetchstr = xbps_fetch_error_string();
xbps_set_cb_state(xhp, XBPS_STATE_REPOSYNC_FAIL,
fetchLastErrCode != 0 ? fetchLastErrCode : errno, NULL,
"[reposync] failed to fetch file `%s': %s",
repodata, fetchstr ? fetchstr : strerror(errno));
} else if (rv == 1)
rv = 0;
free(repodata);
return rv;
}
static int
sign_pkg(struct xbps_handle *xhp, const char *binpkg, const char *privkey, bool force)
{
RSA *rsa = NULL;
struct stat st;
unsigned char *sig = NULL;
unsigned int siglen = 0;
char *buf = NULL, *sigfile = NULL;
int rv = 0, sigfile_fd = -1, binpkg_fd = -1;
sigfile = xbps_xasprintf("%s.sig", binpkg);
/*
* Skip pkg if file signature exists
*/
if (!force && ((sigfile_fd = access(sigfile, R_OK)) == 0)) {
if (xhp->flags & XBPS_FLAG_VERBOSE)
fprintf(stderr, "skipping %s, file signature found.\n", binpkg);
sigfile_fd = -1;
goto out;
}
/*
* Generate pkg file signature.
*/
if ((binpkg_fd = open(binpkg, O_RDONLY)) == -1) {
fprintf(stderr, "cannot read %s: %s\n", binpkg, strerror(errno));
rv = EINVAL;
goto out;
}
fstat(binpkg_fd, &st);
buf = malloc(st.st_size);
assert(buf);
if (read(binpkg_fd, buf, st.st_size) != st.st_size) {
fprintf(stderr, "failed to read %s: %s\n", binpkg, strerror(errno));
rv = EINVAL;
goto out;
}
close(binpkg_fd);
rsa = load_rsa_key(privkey);
if (!rsa_sign_buf(rsa, buf, st.st_size, &sig, &siglen)) {
fprintf(stderr, "failed to sign %s: %s\n", binpkg, strerror(errno));
rv = EINVAL;
goto out;
}
free(buf);
buf = NULL;
/*
* Write pkg file signature.
*/
if (force)
sigfile_fd = open(sigfile, O_WRONLY|O_TRUNC, 0644);
else
sigfile_fd = creat(sigfile, 0644);
if (sigfile_fd == -1) {
fprintf(stderr, "failed to create %s: %s\n", sigfile, strerror(errno));
rv = EINVAL;
goto out;
}
if (write(sigfile_fd, sig, siglen) != (ssize_t)siglen) {
fprintf(stderr, "failed to write %s: %s\n", sigfile, strerror(errno));
rv = EINVAL;
goto out;
}
printf("signed successfully %s\n", binpkg);
out:
if (rsa) {
RSA_free(rsa);
rsa = NULL;
}
if (buf)
free(buf);
if (sigfile)
free(sigfile);
if (sigfile_fd != -1)
close(sigfile_fd);
if (binpkg_fd != -1)
close(binpkg_fd);
return rv;
}
