static rpmRC dbAdd(rpmts ts, rpmte te)
{
Header h = rpmteHeader(te);
rpm_time_t installTime = (rpm_time_t) time(NULL);
rpmfs fs = rpmteGetFileStates(te);
rpm_count_t fc = rpmfsFC(fs);
rpm_fstate_t * fileStates = rpmfsGetStates(fs);
rpm_color_t tscolor = rpmtsColor(ts);
rpm_tid_t tid = rpmtsGetTid(ts);
rpmRC rc;
if (fileStates != NULL && fc > 0) {
headerPutChar(h, RPMTAG_FILESTATES, fileStates, fc);
}
headerPutUint32(h, RPMTAG_INSTALLTID, &tid, 1);
headerPutUint32(h, RPMTAG_INSTALLTIME, &installTime, 1);
headerPutUint32(h, RPMTAG_INSTALLCOLOR, &tscolor, 1);
(void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DBADD), 0);
rc = (rpmdbAdd(rpmtsGetRdb(ts), h) == 0) ? RPMRC_OK : RPMRC_FAIL;
(void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DBADD), 0);
if (rc == RPMRC_OK)
rpmteSetDBInstance(te, headerGetInstance(h));
headerFree(h);
return rc;
}
/*
* Add extra provides to package.
*/
static void addPackageProvides(Header h)
{
const char *name = NULL, *arch = NULL;
char *evr, *isaprov;
rpmsenseFlags pflags = RPMSENSE_EQUAL;
int noarch = 0;
struct rpmtd_s archtd;
/* <name> = <evr> provide */
evr = headerGetEVR(h, &name);
headerPutString(h, RPMTAG_PROVIDENAME, name);
headerPutString(h, RPMTAG_PROVIDEVERSION, evr);
headerPutUint32(h, RPMTAG_PROVIDEFLAGS, &pflags, 1);
/*
* <name>(<isa>) = <evr> provide
* FIXME: noarch needs special casing for now as BuildArch: noarch doesn't
* cause reading in the noarch macros :-/
*/
isaprov = rpmExpand(name, "%{?_isa}", NULL);
headerGet(h, RPMTAG_ARCH, &archtd, HEADERGET_MINMEM);
arch = rpmtdGetString(&archtd);
noarch = (strcmp(arch, "noarch") == 0);
if (!noarch && strcmp(name, isaprov)) {
headerPutString(h, RPMTAG_PROVIDENAME, isaprov);
headerPutString(h, RPMTAG_PROVIDEVERSION, evr);
headerPutUint32(h, RPMTAG_PROVIDEFLAGS, &pflags, 1);
}
free(isaprov);
free(evr);
}
rpmRC packageSources(rpmSpec spec, char **cookie)
{
Package sourcePkg = spec->sourcePackage;
rpmRC rc;
uint32_t one = 1;
/* Add some cruft */
headerPutString(sourcePkg->header, RPMTAG_RPMVERSION, VERSION);
headerPutString(sourcePkg->header, RPMTAG_BUILDHOST, buildHost());
headerPutUint32(sourcePkg->header, RPMTAG_BUILDTIME, getBuildTime(), 1);
headerPutUint32(sourcePkg->header, RPMTAG_SOURCEPACKAGE, &one, 1);
/* XXX this should be %_srpmdir */
{ char *fn = rpmGetPath("%{_srcrpmdir}/", spec->sourceRpmName,NULL);
char *pkgcheck = rpmExpand("%{?_build_pkgcheck_srpm} ", fn, NULL);
spec->sourcePkgId = NULL;
rc = writeRPM(sourcePkg, &spec->sourcePkgId, fn, cookie);
/* Do check SRPM package if enabled */
if (rc == RPMRC_OK && pkgcheck[0] != ' ') {
rc = checkPackages(pkgcheck);
}
free(pkgcheck);
free(fn);
}
return rc;
}
/*
* Add extra provides to package.
*/
static void addPackageProvides(Header h)
{
const char *arch, *name;
char *evr, *isaprov;
rpmsenseFlags pflags = RPMSENSE_EQUAL;
/* <name> = <evr> provide */
name = headerGetString(h, RPMTAG_NAME);
arch = headerGetString(h, RPMTAG_ARCH);
evr = headerGetAsString(h, RPMTAG_EVR);
headerPutString(h, RPMTAG_PROVIDENAME, name);
headerPutString(h, RPMTAG_PROVIDEVERSION, evr);
headerPutUint32(h, RPMTAG_PROVIDEFLAGS, &pflags, 1);
/*
* <name>(<isa>) = <evr> provide
* FIXME: noarch needs special casing for now as BuildArch: noarch doesn't
* cause reading in the noarch macros :-/
*/
isaprov = rpmExpand(name, "%{?_isa}", NULL);
if (!rstreq(arch, "noarch") && !rstreq(name, isaprov)) {
headerPutString(h, RPMTAG_PROVIDENAME, isaprov);
headerPutString(h, RPMTAG_PROVIDEVERSION, evr);
headerPutUint32(h, RPMTAG_PROVIDEFLAGS, &pflags, 1);
}
free(isaprov);
free(evr);
}
/*
* Up to rpm 3.0.4, packages implicitly provided their own name-version-release.
* Retrofit an explicit "Provides: name = epoch:version-release.
*/
static void providePackageNVR(Header h)
{
const char *name = headerGetString(h, RPMTAG_NAME);
char *pEVR = headerGetAsString(h, RPMTAG_EVR);
rpmsenseFlags pFlags = RPMSENSE_EQUAL;
int bingo = 1;
struct rpmtd_s pnames;
rpmds hds, nvrds;
/* Generate provides for this package name-version-release. */
if (!(name && pEVR))
return;
/*
* Rpm prior to 3.0.3 does not have versioned provides.
* If no provides at all are available, we can just add.
*/
if (!headerGet(h, RPMTAG_PROVIDENAME, &pnames, HEADERGET_MINMEM)) {
goto exit;
}
/*
* Otherwise, fill in entries on legacy packages.
*/
if (!headerIsEntry(h, RPMTAG_PROVIDEVERSION)) {
while (rpmtdNext(&pnames) >= 0) {
rpmsenseFlags fdummy = RPMSENSE_ANY;
headerPutString(h, RPMTAG_PROVIDEVERSION, "");
headerPutUint32(h, RPMTAG_PROVIDEFLAGS, &fdummy, 1);
}
goto exit;
}
/* see if we already have this provide */
hds = rpmdsNew(h, RPMTAG_PROVIDENAME, 0);
nvrds = rpmdsSingle(RPMTAG_PROVIDENAME, name, pEVR, pFlags);
if (rpmdsFind(hds, nvrds) >= 0) {
bingo = 0;
}
rpmdsFree(hds);
rpmdsFree(nvrds);
exit:
if (bingo) {
headerPutString(h, RPMTAG_PROVIDENAME, name);
headerPutString(h, RPMTAG_PROVIDEVERSION, pEVR);
headerPutUint32(h, RPMTAG_PROVIDEFLAGS, &pFlags, 1);
}
rpmtdFreeData(&pnames);
free(pEVR);
}
static void initSourceHeader(rpmSpec spec)
{
Package sourcePkg = spec->sourcePackage;
struct Source *srcPtr;
if (headerIsEntry(sourcePkg->header, RPMTAG_NAME))
return;
/* Only specific tags are added to the source package header */
headerCopyTags(spec->packages->header, sourcePkg->header, sourceTags);
/* Add the build restrictions */
for (int i=0; i<PACKAGE_NUM_DEPS; i++) {
rpmdsPutToHeader(sourcePkg->dependencies[i], sourcePkg->header);
}
{
HeaderIterator hi = headerInitIterator(spec->buildRestrictions);
struct rpmtd_s td;
while (headerNext(hi, &td)) {
if (rpmtdCount(&td) > 0) {
(void) headerPut(sourcePkg->header, &td, HEADERPUT_DEFAULT);
}
rpmtdFreeData(&td);
}
headerFreeIterator(hi);
}
if (spec->BANames && spec->BACount > 0) {
headerPutStringArray(sourcePkg->header, RPMTAG_BUILDARCHS,
spec->BANames, spec->BACount);
}
/* Add tags for sources and patches */
for (srcPtr = spec->sources; srcPtr != NULL; srcPtr = srcPtr->next) {
if (srcPtr->flags & RPMBUILD_ISSOURCE) {
headerPutString(sourcePkg->header, RPMTAG_SOURCE, srcPtr->source);
if (srcPtr->flags & RPMBUILD_ISNO) {
headerPutUint32(sourcePkg->header, RPMTAG_NOSOURCE,
&srcPtr->num, 1);
}
}
if (srcPtr->flags & RPMBUILD_ISPATCH) {
headerPutString(sourcePkg->header, RPMTAG_PATCH, srcPtr->source);
if (srcPtr->flags & RPMBUILD_ISNO) {
headerPutUint32(sourcePkg->header, RPMTAG_NOPATCH,
&srcPtr->num, 1);
}
}
}
}
rpmRC rpmtsImportPubkey(const rpmts ts, const unsigned char * pkt, size_t pktlen)
{
Header h = NULL;
rpmRC rc = RPMRC_FAIL; /* assume failure */
rpmPubkey pubkey = NULL;
rpmVSFlags oflags = rpmtsVSFlags(ts);
rpmKeyring keyring;
rpmtxn txn = rpmtxnBegin(ts, RPMTXN_WRITE);
int krc;
if (txn == NULL)
return rc;
/* XXX keyring wont load if sigcheck disabled, force it temporarily */
rpmtsSetVSFlags(ts, (oflags & ~_RPMVSF_NOSIGNATURES));
keyring = rpmtsGetKeyring(ts, 1);
rpmtsSetVSFlags(ts, oflags);
if ((pubkey = rpmPubkeyNew(pkt, pktlen)) == NULL)
goto exit;
krc = rpmKeyringAddKey(keyring, pubkey);
if (krc < 0)
goto exit;
/* If we dont already have the key, make a persistent record of it */
if (krc == 0) {
rpm_tid_t tid = rpmtsGetTid(ts);
if (makePubkeyHeader(ts, pubkey, &h) != 0)
goto exit;
headerPutUint32(h, RPMTAG_INSTALLTIME, &tid, 1);
headerPutUint32(h, RPMTAG_INSTALLTID, &tid, 1);
/* Add header to database. */
if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_TEST)) {
rc = rpmtsImportHeader(txn, h, 0);
}
}
rc = RPMRC_OK;
exit:
/* Clean up. */
headerFree(h);
rpmPubkeyFree(pubkey);
rpmKeyringFree(keyring);
rpmtxnEnd(txn);
return rc;
}
rpmRC packageSources(rpmSpec spec, char **cookie)
{
struct cpioSourceArchive_s csabuf;
CSA_t csa = &csabuf;
rpmRC rc;
/* Add some cruft */
headerPutString(spec->sourceHeader, RPMTAG_RPMVERSION, VERSION);
headerPutString(spec->sourceHeader, RPMTAG_BUILDHOST, buildHost());
headerPutUint32(spec->sourceHeader, RPMTAG_BUILDTIME, getBuildTime(), 1);
/* XXX this should be %_srpmdir */
{ char *fn = rpmGetPath("%{_srcrpmdir}/", spec->sourceRpmName,NULL);
char *pkgcheck = rpmExpand("%{?_build_pkgcheck_srpm} ", fn, NULL);
memset(csa, 0, sizeof(*csa));
csa->cpioArchiveSize = 0;
csa->cpioFdIn = fdNew();
csa->cpioList = rpmfiLink(spec->sourceCpioList);
spec->sourcePkgId = NULL;
rc = writeRPM(&spec->sourceHeader, &spec->sourcePkgId, fn, csa, cookie);
/* Do check SRPM package if enabled */
if (rc == RPMRC_OK && pkgcheck[0] != ' ') {
rc = checkPackages(pkgcheck);
}
csa->cpioList = rpmfiFree(csa->cpioList);
csa->cpioFdIn = fdFree(csa->cpioFdIn);
pkgcheck = _free(pkgcheck);
fn = _free(fn);
}
return rc;
}
void addChangelogEntry(Header h, time_t time, const char *name, const char *text)
{
rpm_time_t mytime = time; /* XXX convert to header representation */
headerPutUint32(h, RPMTAG_CHANGELOGTIME, &mytime, 1);
headerPutString(h, RPMTAG_CHANGELOGNAME, name);
headerPutString(h, RPMTAG_CHANGELOGTEXT, text);
}
int rpmdsPutToHeader(rpmds ds, Header h)
{
rpmTagVal tagN = rpmdsTagN(ds);
rpmTagVal tagEVR = rpmdsTagEVR(ds);
rpmTagVal tagF = rpmdsTagF(ds);
rpmTagVal tagTi = rpmdsTagTi(ds);
if (!tagN)
return -1;
rpmds pi = rpmdsInit(ds);
while (rpmdsNext(pi) >= 0) {
rpmsenseFlags flags = rpmdsFlags(pi);
uint32_t index = rpmdsTi(pi);
headerPutString(h, tagN, rpmdsN(pi));
headerPutString(h, tagEVR, rpmdsEVR(pi));
headerPutUint32(h, tagF, &flags, 1);
if (tagTi != RPMTAG_NOT_FOUND) {
headerPutUint32(h, tagTi, &index, 1);
}
}
return 0;
}
static rpmRC processScriptFiles(rpmSpec spec, Package pkg)
{
struct TriggerFileEntry *p;
int addflags = 0;
rpmRC rc = RPMRC_FAIL;
Header h = pkg->header;
if (addFileToTag(spec, pkg->preInFile, h, RPMTAG_PREIN, 1) ||
addFileToTag(spec, pkg->preUnFile, h, RPMTAG_PREUN, 1) ||
addFileToTag(spec, pkg->preTransFile, h, RPMTAG_PRETRANS, 1) ||
addFileToTag(spec, pkg->postInFile, h, RPMTAG_POSTIN, 1) ||
addFileToTag(spec, pkg->postUnFile, h, RPMTAG_POSTUN, 1) ||
addFileToTag(spec, pkg->postTransFile, h, RPMTAG_POSTTRANS, 1) ||
addFileToTag(spec, pkg->verifyFile, h, RPMTAG_VERIFYSCRIPT, 1))
{
goto exit;
}
/* if any trigger has flags, we need to add flags entry for all of them */
for (p = pkg->triggerFiles; p != NULL; p = p->next) {
if (p->flags) {
addflags = 1;
break;
}
}
for (p = pkg->triggerFiles; p != NULL; p = p->next) {
headerPutString(h, RPMTAG_TRIGGERSCRIPTPROG, p->prog);
if (addflags) {
headerPutUint32(h, RPMTAG_TRIGGERSCRIPTFLAGS, &p->flags, 1);
}
if (p->script) {
headerPutString(h, RPMTAG_TRIGGERSCRIPTS, p->script);
} else if (p->fileName) {
if (addFileToTag(spec, p->fileName, h, RPMTAG_TRIGGERSCRIPTS, 0)) {
goto exit;
}
} else {
/* This is dumb. When the header supports NULL string */
/* this will go away. */
headerPutString(h, RPMTAG_TRIGGERSCRIPTS, "");
}
}
rc = RPMRC_OK;
exit:
return rc;
}
static int hdrAppendItem(Header h, rpmTagVal tag, rpmTagType type, PyObject *item)
{
int rc = 0;
switch (type) {
case RPM_I18NSTRING_TYPE: /* XXX this needs to be handled separately */
case RPM_STRING_TYPE:
case RPM_STRING_ARRAY_TYPE: {
PyObject *str = NULL;
if (utf8FromPyObject(item, &str))
rc = headerPutString(h, tag, PyBytes_AsString(str));
Py_XDECREF(str);
} break;
case RPM_BIN_TYPE: {
uint8_t *val = (uint8_t *) PyBytes_AsString(item);
rpm_count_t len = PyBytes_Size(item);
rc = headerPutBin(h, tag, val, len);
} break;
case RPM_INT64_TYPE: {
uint64_t val = PyInt_AsUnsignedLongLongMask(item);
rc = headerPutUint64(h, tag, &val, 1);
} break;
case RPM_INT32_TYPE: {
uint32_t val = PyInt_AsUnsignedLongMask(item);
rc = headerPutUint32(h, tag, &val, 1);
} break;
case RPM_INT16_TYPE: {
uint16_t val = PyInt_AsUnsignedLongMask(item);
rc = headerPutUint16(h, tag, &val, 1);
} break;
case RPM_INT8_TYPE:
case RPM_CHAR_TYPE: {
uint8_t val = PyInt_AsUnsignedLongMask(item);
rc = headerPutUint8(h, tag, &val, 1);
} break;
default:
PyErr_SetString(PyExc_TypeError, "unhandled datatype");
}
return rc;
}
rpmRC packageBinaries(rpmSpec spec, const char *cookie, int cheating)
{
struct cpioSourceArchive_s csabuf;
CSA_t csa = &csabuf;
rpmRC rc;
const char *errorString;
Package pkg;
char *pkglist = NULL;
trimChangelog(spec->packages->header);
for (pkg = spec->packages; pkg != NULL; pkg = pkg->next) {
char *fn;
if (pkg->fileList == NULL)
continue;
if ((rc = processScriptFiles(spec, pkg)))
return rc;
if (cookie) {
headerPutString(pkg->header, RPMTAG_COOKIE, cookie);
}
/* Copy changelog from src rpm */
headerCopyTags(spec->packages->header, pkg->header, copyTags);
headerPutString(pkg->header, RPMTAG_RPMVERSION, VERSION);
headerPutString(pkg->header, RPMTAG_BUILDHOST, buildHost());
headerPutUint32(pkg->header, RPMTAG_BUILDTIME, getBuildTime(), 1);
addPackageProvides(pkg->header);
{ char * optflags = rpmExpand("%{optflags}", NULL);
headerPutString(pkg->header, RPMTAG_OPTFLAGS, optflags);
optflags = _free(optflags);
}
if (spec->sourcePkgId != NULL) {
headerPutBin(pkg->header, RPMTAG_SOURCEPKGID, spec->sourcePkgId,16);
}
if (cheating) {
(void) rpmlibNeedsFeature(pkg->header, "ShortCircuited", "4.9.0-1");
}
{ char *binFormat = rpmGetPath("%{_rpmfilename}", NULL);
char *binRpm, *binDir;
binRpm = headerFormat(pkg->header, binFormat, &errorString);
binFormat = _free(binFormat);
if (binRpm == NULL) {
rpmlog(RPMLOG_ERR, _("Could not generate output "
"filename for package %s: %s\n"),
headerGetString(pkg->header, RPMTAG_NAME), errorString);
return RPMRC_FAIL;
}
fn = rpmGetPath("%{_rpmdir}/", binRpm, NULL);
if ((binDir = strchr(binRpm, '/')) != NULL) {
struct stat st;
char *dn;
*binDir = '\0';
dn = rpmGetPath("%{_rpmdir}/", binRpm, NULL);
if (stat(dn, &st) < 0) {
switch(errno) {
case ENOENT:
if (mkdir(dn, 0755) == 0)
break;
default:
rpmlog(RPMLOG_ERR,_("cannot create %s: %s\n"),
dn, strerror(errno));
break;
}
}
dn = _free(dn);
}
binRpm = _free(binRpm);
}
memset(csa, 0, sizeof(*csa));
csa->cpioArchiveSize = 0;
csa->cpioFdIn = fdNew();
csa->cpioList = rpmfiLink(pkg->cpioList);
rc = writeRPM(&pkg->header, NULL, fn, csa, NULL);
csa->cpioList = rpmfiFree(csa->cpioList);
csa->cpioFdIn = fdFree(csa->cpioFdIn);
if (rc == RPMRC_OK) {
/* Do check each written package if enabled */
char *pkgcheck = rpmExpand("%{?_build_pkgcheck} ", fn, NULL);
if (pkgcheck[0] != ' ') {
rc = checkPackages(pkgcheck);
}
pkgcheck = _free(pkgcheck);
rstrcat(&pkglist, fn);
rstrcat(&pkglist, " ");
}
fn = _free(fn);
if (rc != RPMRC_OK) {
pkglist = _free(pkglist);
return rc;
}
}
/* Now check the package set if enabled */
if (pkglist != NULL) {
char *pkgcheck_set = rpmExpand("%{?_build_pkgcheck_set} ", pkglist, NULL);
if (pkgcheck_set[0] != ' ') { /* run only if _build_pkgcheck_set is defined */
checkPackages(pkgcheck_set);
}
pkgcheck_set = _free(pkgcheck_set);
pkglist = _free(pkglist);
}
return RPMRC_OK;
}
static rpmRC processScriptFiles(rpmSpec spec, Package pkg)
{
struct TriggerFileEntry *p;
int addflags = 0;
if (pkg->preInFile) {
if (addFileToTag(spec, pkg->preInFile, pkg->header, RPMTAG_PREIN)) {
rpmlog(RPMLOG_ERR,
_("Could not open PreIn file: %s\n"), pkg->preInFile);
return RPMRC_FAIL;
}
}
if (pkg->preUnFile) {
if (addFileToTag(spec, pkg->preUnFile, pkg->header, RPMTAG_PREUN)) {
rpmlog(RPMLOG_ERR,
_("Could not open PreUn file: %s\n"), pkg->preUnFile);
return RPMRC_FAIL;
}
}
if (pkg->preTransFile) {
if (addFileToTag(spec, pkg->preTransFile, pkg->header, RPMTAG_PRETRANS)) {
rpmlog(RPMLOG_ERR,
_("Could not open PreTrans file: %s\n"), pkg->preTransFile);
return RPMRC_FAIL;
}
}
if (pkg->postInFile) {
if (addFileToTag(spec, pkg->postInFile, pkg->header, RPMTAG_POSTIN)) {
rpmlog(RPMLOG_ERR,
_("Could not open PostIn file: %s\n"), pkg->postInFile);
return RPMRC_FAIL;
}
}
if (pkg->postUnFile) {
if (addFileToTag(spec, pkg->postUnFile, pkg->header, RPMTAG_POSTUN)) {
rpmlog(RPMLOG_ERR,
_("Could not open PostUn file: %s\n"), pkg->postUnFile);
return RPMRC_FAIL;
}
}
if (pkg->postTransFile) {
if (addFileToTag(spec, pkg->postTransFile, pkg->header, RPMTAG_POSTTRANS)) {
rpmlog(RPMLOG_ERR,
_("Could not open PostTrans file: %s\n"), pkg->postTransFile);
return RPMRC_FAIL;
}
}
if (pkg->verifyFile) {
if (addFileToTag(spec, pkg->verifyFile, pkg->header,
RPMTAG_VERIFYSCRIPT)) {
rpmlog(RPMLOG_ERR,
_("Could not open VerifyScript file: %s\n"), pkg->verifyFile);
return RPMRC_FAIL;
}
}
/* if any trigger has flags, we need to add flags entry for all of them */
for (p = pkg->triggerFiles; p != NULL; p = p->next) {
if (p->flags) {
addflags = 1;
break;
}
}
for (p = pkg->triggerFiles; p != NULL; p = p->next) {
headerPutString(pkg->header, RPMTAG_TRIGGERSCRIPTPROG, p->prog);
if (addflags) {
headerPutUint32(pkg->header, RPMTAG_TRIGGERSCRIPTFLAGS,
&p->flags, 1);
}
if (p->script) {
headerPutString(pkg->header, RPMTAG_TRIGGERSCRIPTS, p->script);
} else if (p->fileName) {
if (addFileToArrayTag(spec, p->fileName, pkg->header,
RPMTAG_TRIGGERSCRIPTS)) {
rpmlog(RPMLOG_ERR,
_("Could not open Trigger script file: %s\n"),
p->fileName);
return RPMRC_FAIL;
}
} else {
/* This is dumb. When the header supports NULL string */
/* this will go away. */
headerPutString(pkg->header, RPMTAG_TRIGGERSCRIPTS, "");
}
}
return RPMRC_OK;
}
/* Build pubkey header. */
static int makePubkeyHeader(rpmts ts, rpmPubkey key, Header * hdrp)
{
Header h = headerNew();
const char * afmt = "%{pubkeys:armor}";
const char * group = "Public Keys";
const char * license = "pubkey";
const char * buildhost = "localhost";
const char * userid;
rpmsenseFlags pflags = (RPMSENSE_KEYRING|RPMSENSE_EQUAL);
uint32_t zero = 0;
uint32_t keytime = 0;
pgpDig dig = NULL;
pgpDigParams pubp = NULL;
char * d = NULL;
char * enc = NULL;
char * n = NULL;
char * u = NULL;
char * v = NULL;
char * r = NULL;
char * evr = NULL;
int rc = -1;
if ((enc = rpmPubkeyBase64(key)) == NULL)
goto exit;
if ((dig = rpmPubkeyDig(key)) == NULL)
goto exit;
if ((pubp = pgpDigGetParams(dig, PGPTAG_PUBLIC_KEY)) == NULL)
goto exit;
/* Build header elements. */
v = pgpHexStr(pubp->signid, sizeof(pubp->signid));
r = pgpHexStr(pubp->time, sizeof(pubp->time));
userid = pubp->userid ? pubp->userid : "none";
keytime = pgpGrab(pubp->time, sizeof(pubp->time));
rasprintf(&n, "gpg(%s)", v+8);
rasprintf(&u, "gpg(%s)", userid);
rasprintf(&evr, "%d:%s-%s", pubp->version, v, r);
headerPutString(h, RPMTAG_PUBKEYS, enc);
if ((d = headerFormat(h, afmt, NULL)) == NULL)
goto exit;
headerPutString(h, RPMTAG_NAME, "gpg-pubkey");
headerPutString(h, RPMTAG_VERSION, v+8);
headerPutString(h, RPMTAG_RELEASE, r);
headerPutString(h, RPMTAG_DESCRIPTION, d);
headerPutString(h, RPMTAG_GROUP, group);
headerPutString(h, RPMTAG_LICENSE, license);
headerPutString(h, RPMTAG_SUMMARY, u);
headerPutString(h, RPMTAG_PACKAGER, userid);
headerPutUint32(h, RPMTAG_SIZE, &zero, 1);
headerPutString(h, RPMTAG_PROVIDENAME, u);
headerPutString(h, RPMTAG_PROVIDEVERSION, evr);
headerPutUint32(h, RPMTAG_PROVIDEFLAGS, &pflags, 1);
headerPutString(h, RPMTAG_PROVIDENAME, n);
headerPutString(h, RPMTAG_PROVIDEVERSION, evr);
headerPutUint32(h, RPMTAG_PROVIDEFLAGS, &pflags, 1);
headerPutString(h, RPMTAG_RPMVERSION, RPMVERSION);
headerPutString(h, RPMTAG_BUILDHOST, buildhost);
headerPutUint32(h, RPMTAG_BUILDTIME, &keytime, 1);
headerPutString(h, RPMTAG_SOURCERPM, "(none)");
/* Reload the lot to immutable region and stomp sha1 digest on it */
h = headerReload(h, RPMTAG_HEADERIMMUTABLE);
if (h != NULL) {
char *sha1 = NULL;
unsigned int blen = 0;
const void *blob = headerExport(h, &blen);
/* XXX FIXME: bah, this code is repeated in way too many places */
DIGEST_CTX ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
rpmDigestUpdate(ctx, rpm_header_magic, sizeof(rpm_header_magic));
rpmDigestUpdate(ctx, blob, blen);
rpmDigestFinal(ctx, (void **)&sha1, NULL, 1);
if (sha1) {
headerPutString(h, RPMTAG_SHA1HEADER, sha1);
*hdrp = headerLink(h);
rc = 0;
}
free(sha1);
}
exit:
headerFree(h);
pgpFreeDig(dig);
free(n);
free(u);
free(v);
free(r);
free(evr);
free(enc);
free(d);
return rc;
}
int parseScript(rpmSpec spec, int parsePart)
{
/* There are a few options to scripts: */
/* <pkg> */
/* -n <pkg> */
/* -p <sh> */
/* -p "<sh> <args>..." */
/* -f <file> */
const char *p;
const char **progArgv = NULL;
int progArgc;
const char *partname = NULL;
rpmTagVal reqtag = 0;
rpmTagVal tag = 0;
rpmsenseFlags tagflags = 0;
rpmTagVal progtag = 0;
rpmTagVal flagtag = 0;
rpmscriptFlags scriptFlags = 0;
int flag = PART_SUBNAME;
Package pkg;
StringBuf sb = NULL;
int nextPart;
int index;
char * reqargs = NULL;
int res = PART_ERROR; /* assume failure */
int rc, argc;
int arg;
const char **argv = NULL;
poptContext optCon = NULL;
const char *name = NULL;
const char *prog = "/bin/sh";
const char *file = NULL;
struct poptOption optionsTable[] = {
{ NULL, 'p', POPT_ARG_STRING, &prog, 'p', NULL, NULL},
{ NULL, 'n', POPT_ARG_STRING, &name, 'n', NULL, NULL},
{ NULL, 'f', POPT_ARG_STRING, &file, 'f', NULL, NULL},
{ NULL, 'e', POPT_BIT_SET, &scriptFlags, RPMSCRIPT_FLAG_EXPAND,
NULL, NULL},
{ NULL, 'q', POPT_BIT_SET, &scriptFlags, RPMSCRIPT_FLAG_QFORMAT,
NULL, NULL},
{ 0, 0, 0, 0, 0, NULL, NULL}
};
switch (parsePart) {
case PART_PRE:
tag = RPMTAG_PREIN;
tagflags = RPMSENSE_SCRIPT_PRE;
progtag = RPMTAG_PREINPROG;
flagtag = RPMTAG_PREINFLAGS;
partname = "%pre";
break;
case PART_POST:
tag = RPMTAG_POSTIN;
tagflags = RPMSENSE_SCRIPT_POST;
progtag = RPMTAG_POSTINPROG;
flagtag = RPMTAG_POSTINFLAGS;
partname = "%post";
break;
case PART_PREUN:
tag = RPMTAG_PREUN;
tagflags = RPMSENSE_SCRIPT_PREUN;
progtag = RPMTAG_PREUNPROG;
flagtag = RPMTAG_PREUNFLAGS;
partname = "%preun";
break;
case PART_POSTUN:
tag = RPMTAG_POSTUN;
tagflags = RPMSENSE_SCRIPT_POSTUN;
progtag = RPMTAG_POSTUNPROG;
flagtag = RPMTAG_POSTUNFLAGS;
partname = "%postun";
break;
case PART_PRETRANS:
tag = RPMTAG_PRETRANS;
tagflags = RPMSENSE_PRETRANS;
progtag = RPMTAG_PRETRANSPROG;
flagtag = RPMTAG_PRETRANSFLAGS;
partname = "%pretrans";
break;
case PART_POSTTRANS:
tag = RPMTAG_POSTTRANS;
tagflags = RPMSENSE_POSTTRANS;
progtag = RPMTAG_POSTTRANSPROG;
flagtag = RPMTAG_POSTTRANSFLAGS;
partname = "%posttrans";
break;
case PART_VERIFYSCRIPT:
tag = RPMTAG_VERIFYSCRIPT;
tagflags = RPMSENSE_SCRIPT_VERIFY;
progtag = RPMTAG_VERIFYSCRIPTPROG;
flagtag = RPMTAG_VERIFYSCRIPTFLAGS;
partname = "%verifyscript";
break;
case PART_TRIGGERPREIN:
tag = RPMTAG_TRIGGERSCRIPTS;
tagflags = 0;
reqtag = RPMTAG_TRIGGERPREIN;
progtag = RPMTAG_TRIGGERSCRIPTPROG;
flagtag = RPMTAG_TRIGGERSCRIPTFLAGS;
partname = "%triggerprein";
break;
case PART_TRIGGERIN:
tag = RPMTAG_TRIGGERSCRIPTS;
tagflags = 0;
reqtag = RPMTAG_TRIGGERIN;
progtag = RPMTAG_TRIGGERSCRIPTPROG;
flagtag = RPMTAG_TRIGGERSCRIPTFLAGS;
partname = "%triggerin";
break;
case PART_TRIGGERUN:
tag = RPMTAG_TRIGGERSCRIPTS;
tagflags = 0;
reqtag = RPMTAG_TRIGGERUN;
progtag = RPMTAG_TRIGGERSCRIPTPROG;
flagtag = RPMTAG_TRIGGERSCRIPTFLAGS;
partname = "%triggerun";
break;
case PART_TRIGGERPOSTUN:
tag = RPMTAG_TRIGGERSCRIPTS;
tagflags = 0;
reqtag = RPMTAG_TRIGGERPOSTUN;
progtag = RPMTAG_TRIGGERSCRIPTPROG;
flagtag = RPMTAG_TRIGGERSCRIPTFLAGS;
partname = "%triggerpostun";
break;
case PART_FILETRIGGERIN:
tag = RPMTAG_FILETRIGGERSCRIPTS;
tagflags = 0;
reqtag = RPMTAG_FILETRIGGERIN;
progtag = RPMTAG_FILETRIGGERSCRIPTPROG;
flagtag = RPMTAG_FILETRIGGERSCRIPTFLAGS;
partname = "%filetriggerin";
break;
case PART_FILETRIGGERUN:
tag = RPMTAG_FILETRIGGERSCRIPTS;
tagflags = 0;
reqtag = RPMTAG_FILETRIGGERUN;
progtag = RPMTAG_FILETRIGGERSCRIPTPROG;
flagtag = RPMTAG_FILETRIGGERSCRIPTFLAGS;
partname = "%filetriggerun";
break;
case PART_FILETRIGGERPOSTUN:
tag = RPMTAG_FILETRIGGERSCRIPTS;
tagflags = 0;
reqtag = RPMTAG_FILETRIGGERPOSTUN;
progtag = RPMTAG_FILETRIGGERSCRIPTPROG;
flagtag = RPMTAG_FILETRIGGERSCRIPTFLAGS;
partname = "%filetriggerpostun";
break;
case PART_TRANSFILETRIGGERIN:
tag = RPMTAG_TRANSFILETRIGGERSCRIPTS;
tagflags = 0;
reqtag = RPMTAG_TRANSFILETRIGGERIN;
progtag = RPMTAG_TRANSFILETRIGGERSCRIPTPROG;
flagtag = RPMTAG_TRANSFILETRIGGERSCRIPTFLAGS;
partname = "%transfiletriggerin";
break;
case PART_TRANSFILETRIGGERUN:
tag = RPMTAG_TRANSFILETRIGGERSCRIPTS;
tagflags = 0;
reqtag = RPMTAG_TRANSFILETRIGGERUN;
progtag = RPMTAG_TRANSFILETRIGGERSCRIPTPROG;
flagtag = RPMTAG_TRANSFILETRIGGERSCRIPTFLAGS;
partname = "%transfiletriggerun";
break;
case PART_TRANSFILETRIGGERPOSTUN:
tag = RPMTAG_TRANSFILETRIGGERSCRIPTS;
tagflags = 0;
reqtag = RPMTAG_TRANSFILETRIGGERPOSTUN;
progtag = RPMTAG_TRANSFILETRIGGERSCRIPTPROG;
flagtag = RPMTAG_TRANSFILETRIGGERSCRIPTFLAGS;
partname = "%transfiletriggerpostun";
break;
}
if (tag == RPMTAG_TRIGGERSCRIPTS || tag == RPMTAG_FILETRIGGERSCRIPTS ||
tag == RPMTAG_TRANSFILETRIGGERSCRIPTS) {
/* break line into two */
char *s = strstr(spec->line, "--");
if (!s) {
rpmlog(RPMLOG_ERR, _("line %d: triggers must have --: %s\n"),
spec->lineNum, spec->line);
return PART_ERROR;
}
*s = '\0';
reqargs = xstrdup(s + 2);
}
if ((rc = poptParseArgvString(spec->line, &argc, &argv))) {
rpmlog(RPMLOG_ERR, _("line %d: Error parsing %s: %s\n"),
spec->lineNum, partname, poptStrerror(rc));
goto exit;
}
optCon = poptGetContext(NULL, argc, argv, optionsTable, 0);
while ((arg = poptGetNextOpt(optCon)) > 0) {
switch (arg) {
case 'p':
if (prog[0] == '<') {
if (prog[strlen(prog)-1] != '>') {
rpmlog(RPMLOG_ERR,
_("line %d: internal script must end "
"with \'>\': %s\n"), spec->lineNum, prog);
goto exit;
}
} else if (prog[0] != '/') {
rpmlog(RPMLOG_ERR,
_("line %d: script program must begin "
"with \'/\': %s\n"), spec->lineNum, prog);
goto exit;
}
break;
case 'n':
flag = PART_NAME;
break;
}
}
if (arg < -1) {
rpmlog(RPMLOG_ERR, _("line %d: Bad option %s: %s\n"),
spec->lineNum,
poptBadOption(optCon, POPT_BADOPTION_NOALIAS),
spec->line);
goto exit;
}
if (poptPeekArg(optCon)) {
if (name == NULL)
name = poptGetArg(optCon);
if (poptPeekArg(optCon)) {
rpmlog(RPMLOG_ERR, _("line %d: Too many names: %s\n"),
spec->lineNum,
spec->line);
goto exit;
}
}
if (lookupPackage(spec, name, flag, &pkg)) {
rpmlog(RPMLOG_ERR, _("line %d: Package does not exist: %s\n"),
spec->lineNum, spec->line);
goto exit;
}
if (tag != RPMTAG_TRIGGERSCRIPTS) {
if (headerIsEntry(pkg->header, progtag)) {
rpmlog(RPMLOG_ERR, _("line %d: Second %s\n"),
spec->lineNum, partname);
goto exit;
}
}
if ((rc = poptParseArgvString(prog, &progArgc, &progArgv))) {
rpmlog(RPMLOG_ERR, _("line %d: Error parsing %s: %s\n"),
spec->lineNum, partname, poptStrerror(rc));
goto exit;
}
sb = newStringBuf();
if ((rc = readLine(spec, STRIP_NOTHING)) > 0) {
nextPart = PART_NONE;
} else if (rc < 0) {
goto exit;
} else {
while (! (nextPart = isPart(spec->line))) {
appendStringBuf(sb, spec->line);
if ((rc = readLine(spec, STRIP_NOTHING)) > 0) {
nextPart = PART_NONE;
break;
} else if (rc < 0) {
goto exit;
}
}
}
stripTrailingBlanksStringBuf(sb);
p = getStringBuf(sb);
#ifdef WITH_LUA
if (rstreq(progArgv[0], "<lua>")) {
rpmlua lua = NULL; /* Global state. */
if (rpmluaCheckScript(lua, p, partname) != RPMRC_OK) {
goto exit;
}
(void) rpmlibNeedsFeature(pkg, "BuiltinLuaScripts", "4.2.2-1");
} else
#endif
if (progArgv[0][0] == '<') {
rpmlog(RPMLOG_ERR,
_("line %d: unsupported internal script: %s\n"),
spec->lineNum, progArgv[0]);
goto exit;
} else {
(void) addReqProv(pkg, RPMTAG_REQUIRENAME,
progArgv[0], NULL, (tagflags | RPMSENSE_INTERP), 0);
}
if (scriptFlags) {
rpmlibNeedsFeature(pkg, "ScriptletExpansion", "4.9.0-1");
}
/* Trigger script insertion is always delayed in order to */
/* get the index right. */
if (tag == RPMTAG_TRIGGERSCRIPTS || tag == RPMTAG_FILETRIGGERSCRIPTS ||
tag == RPMTAG_TRANSFILETRIGGERSCRIPTS) {
if (progArgc > 1) {
rpmlog(RPMLOG_ERR,
_("line %d: interpreter arguments not allowed in triggers: %s\n"),
spec->lineNum, prog);
goto exit;
}
/* Add file/index/prog triple to the trigger file list */
index = addTriggerIndex(pkg, file, p, progArgv[0], scriptFlags, tag);
/* Generate the trigger tags */
if (parseRCPOT(spec, pkg, reqargs, reqtag, index, tagflags))
goto exit;
} else {
struct rpmtd_s td;
/*
* XXX Ancient rpm uses STRING, not STRING_ARRAY type here. Construct
* the td manually and preserve legacy compat for now...
*/
rpmtdReset(&td);
td.tag = progtag;
td.count = progArgc;
if (progArgc == 1) {
td.data = (void *) *progArgv;
td.type = RPM_STRING_TYPE;
} else {
(void) rpmlibNeedsFeature(pkg,
"ScriptletInterpreterArgs", "4.0.3-1");
td.data = progArgv;
td.type = RPM_STRING_ARRAY_TYPE;
}
headerPut(pkg->header, &td, HEADERPUT_DEFAULT);
if (*p != '\0') {
headerPutString(pkg->header, tag, p);
}
if (scriptFlags) {
headerPutUint32(pkg->header, flagtag, &scriptFlags, 1);
}
if (file) {
switch (parsePart) {
case PART_PRE:
pkg->preInFile = xstrdup(file);
break;
case PART_POST:
pkg->postInFile = xstrdup(file);
break;
case PART_PREUN:
pkg->preUnFile = xstrdup(file);
break;
case PART_POSTUN:
pkg->postUnFile = xstrdup(file);
break;
case PART_PRETRANS:
pkg->preTransFile = xstrdup(file);
break;
case PART_POSTTRANS:
pkg->postTransFile = xstrdup(file);
break;
case PART_VERIFYSCRIPT:
pkg->verifyFile = xstrdup(file);
break;
}
}
}
res = nextPart;
exit:
free(reqargs);
freeStringBuf(sb);
free(progArgv);
free(argv);
poptFreeContext(optCon);
return res;
}
/*
* This is more than just a little insane:
* In order to write the signature, we need to know the size and
* the size and digests of the header and payload, which are located
* after the signature on disk. We also need a digest of the compressed
* payload for the main header, and of course the payload is after the
* header on disk. So we need to create placeholders for both the
* signature and main header that exactly match the final sizes, calculate
* the payload digest, then generate and write the real main header to
* be able to FINALLY calculate the digests we need for the signature
* header. In other words, we need to write things in the exact opposite
* order to how the RPM format is laid on disk.
*/
static rpmRC writeRPM(Package pkg, unsigned char ** pkgidp,
const char *fileName, char **cookie)
{
FD_t fd = NULL;
char * rpmio_flags = NULL;
char * SHA1 = NULL;
char * SHA256 = NULL;
uint8_t * MD5 = NULL;
char * pld = NULL;
uint32_t pld_algo = PGPHASHALGO_SHA256; /* TODO: macro configuration */
rpmRC rc = RPMRC_FAIL; /* assume failure */
rpm_loff_t archiveSize = 0;
off_t sigStart, hdrStart, payloadStart, payloadEnd;
if (pkgidp)
*pkgidp = NULL;
rpmio_flags = getIOFlags(pkg);
if (!rpmio_flags)
goto exit;
finalizeDeps(pkg);
/* Create and add the cookie */
if (cookie) {
rasprintf(cookie, "%s %d", buildHost(), (int) (*getBuildTime()));
headerPutString(pkg->header, RPMTAG_COOKIE, *cookie);
}
/* Create a dummy payload digest to get the header size right */
pld = nullDigest(pld_algo, 1);
headerPutUint32(pkg->header, RPMTAG_PAYLOADDIGESTALGO, &pld_algo, 1);
headerPutString(pkg->header, RPMTAG_PAYLOADDIGEST, pld);
pld = _free(pld);
/* Check for UTF-8 encoding of string tags, add encoding tag if all good */
if (checkForEncoding(pkg->header, 1))
goto exit;
/* Open the output file */
fd = Fopen(fileName, "w+.ufdio");
if (fd == NULL || Ferror(fd)) {
rpmlog(RPMLOG_ERR, _("Could not open %s: %s\n"),
fileName, Fstrerror(fd));
goto exit;
}
/* Write the lead section into the package. */
if (rpmLeadWrite(fd, pkg->header)) {
rpmlog(RPMLOG_ERR, _("Unable to write package: %s\n"), Fstrerror(fd));
goto exit;
}
/* Save the position of signature section */
sigStart = Ftell(fd);
/* Generate and write a placeholder signature header */
SHA1 = nullDigest(PGPHASHALGO_SHA1, 1);
SHA256 = nullDigest(PGPHASHALGO_SHA256, 1);
MD5 = nullDigest(PGPHASHALGO_MD5, 0);
if (rpmGenerateSignature(SHA256, SHA1, MD5, 0, 0, fd))
goto exit;
SHA1 = _free(SHA1);
SHA256 = _free(SHA256);
MD5 = _free(MD5);
/* Write a placeholder header. */
hdrStart = Ftell(fd);
if (writeHdr(fd, pkg->header))
goto exit;
/* Write payload section (cpio archive) */
payloadStart = Ftell(fd);
if (cpio_doio(fd, pkg, rpmio_flags, &archiveSize))
goto exit;
payloadEnd = Ftell(fd);
/* Re-read payload to calculate compressed digest */
fdInitDigestID(fd, pld_algo, RPMTAG_PAYLOADDIGEST, 0);
if (fdConsume(fd, payloadStart, payloadEnd - payloadStart))
goto exit;
fdFiniDigest(fd, RPMTAG_PAYLOADDIGEST, (void **)&pld, NULL, 1);
/* Insert the payload digest in main header */
headerDel(pkg->header, RPMTAG_PAYLOADDIGEST);
headerPutString(pkg->header, RPMTAG_PAYLOADDIGEST, pld);
pld = _free(pld);
/* Write the final header */
if (fdJump(fd, hdrStart))
goto exit;
if (writeHdr(fd, pkg->header))
goto exit;
/* Calculate digests: SHA on header, legacy MD5 on header + payload */
fdInitDigestID(fd, PGPHASHALGO_MD5, RPMTAG_SIGMD5, 0);
fdInitDigestID(fd, PGPHASHALGO_SHA1, RPMTAG_SHA1HEADER, 0);
fdInitDigestID(fd, PGPHASHALGO_SHA256, RPMTAG_SHA256HEADER, 0);
if (fdConsume(fd, hdrStart, payloadStart - hdrStart))
goto exit;
fdFiniDigest(fd, RPMTAG_SHA1HEADER, (void **)&SHA1, NULL, 1);
fdFiniDigest(fd, RPMTAG_SHA256HEADER, (void **)&SHA256, NULL, 1);
if (fdConsume(fd, 0, payloadEnd - payloadStart))
goto exit;
fdFiniDigest(fd, RPMTAG_SIGMD5, (void **)&MD5, NULL, 0);
if (fdJump(fd, sigStart))
goto exit;
/* Generate the signature. Now with right values */
if (rpmGenerateSignature(SHA256, SHA1, MD5, payloadEnd - hdrStart, archiveSize, fd))
goto exit;
rc = RPMRC_OK;
exit:
free(rpmio_flags);
free(SHA1);
free(SHA256);
/* XXX Fish the pkgid out of the signature header. */
if (pkgidp != NULL) {
if (MD5 != NULL) {
*pkgidp = MD5;
}
} else {
free(MD5);
}
Fclose(fd);
if (rc == RPMRC_OK)
rpmlog(RPMLOG_NOTICE, _("Wrote: %s\n"), fileName);
else
(void) unlink(fileName);
return rc;
}
static rpmRC rpmpkgRead(rpmKeyring keyring, rpmVSFlags vsflags,
FD_t fd, const char * fn, Header * hdrp)
{
pgpDig dig = NULL;
char buf[8*BUFSIZ];
ssize_t count;
rpmlead l = NULL;
Header sigh = NULL;
rpmSigTag sigtag;
struct rpmtd_s sigtd;
Header h = NULL;
char * msg;
rpmRC rc = RPMRC_FAIL; /* assume failure */
int leadtype = -1;
headerGetFlags hgeflags = HEADERGET_DEFAULT;
DIGEST_CTX ctx = NULL;
if (hdrp) *hdrp = NULL;
rpmtdReset(&sigtd);
l = rpmLeadNew();
if ((rc = rpmLeadRead(fd, l)) == RPMRC_OK) {
const char * err = NULL;
if ((rc = rpmLeadCheck(l, &err)) == RPMRC_FAIL) {
rpmlog(RPMLOG_ERR, "%s: %s\n", fn, err);
}
leadtype = rpmLeadType(l);
}
l = rpmLeadFree(l);
if (rc != RPMRC_OK)
goto exit;
/* Read the signature header. */
msg = NULL;
rc = rpmReadSignature(fd, &sigh, RPMSIGTYPE_HEADERSIG, &msg);
switch (rc) {
default:
rpmlog(RPMLOG_ERR, _("%s: rpmReadSignature failed: %s"), fn,
(msg && *msg ? msg : "\n"));
msg = _free(msg);
goto exit;
break;
case RPMRC_OK:
if (sigh == NULL) {
rpmlog(RPMLOG_ERR, _("%s: No signature available\n"), fn);
rc = RPMRC_FAIL;
goto exit;
}
break;
}
msg = _free(msg);
#define _chk(_mask, _tag) \
(sigtag == 0 && !(vsflags & (_mask)) && headerIsEntry(sigh, (_tag)))
/*
* Figger the most effective available signature.
* Prefer signatures over digests, then header-only over header+payload.
* DSA will be preferred over RSA if both exist because tested first.
* Note that NEEDPAYLOAD prevents header+payload signatures and digests.
*/
sigtag = 0;
if (_chk(RPMVSF_NODSAHEADER, RPMSIGTAG_DSA)) {
sigtag = RPMSIGTAG_DSA;
} else if (_chk(RPMVSF_NORSAHEADER, RPMSIGTAG_RSA)) {
sigtag = RPMSIGTAG_RSA;
} else if (_chk(RPMVSF_NODSA|RPMVSF_NEEDPAYLOAD, RPMSIGTAG_GPG)) {
sigtag = RPMSIGTAG_GPG;
fdInitDigest(fd, PGPHASHALGO_SHA1, 0);
} else if (_chk(RPMVSF_NORSA|RPMVSF_NEEDPAYLOAD, RPMSIGTAG_PGP)) {
sigtag = RPMSIGTAG_PGP;
fdInitDigest(fd, PGPHASHALGO_MD5, 0);
} else if (_chk(RPMVSF_NOSHA1HEADER, RPMSIGTAG_SHA1)) {
sigtag = RPMSIGTAG_SHA1;
} else if (_chk(RPMVSF_NOMD5|RPMVSF_NEEDPAYLOAD, RPMSIGTAG_MD5)) {
sigtag = RPMSIGTAG_MD5;
fdInitDigest(fd, PGPHASHALGO_MD5, 0);
}
/* Read the metadata, computing digest(s) on the fly. */
h = NULL;
msg = NULL;
rc = rpmpkgReadHeader(keyring, vsflags, fd, &h, &msg);
if (rc != RPMRC_OK || h == NULL) {
rpmlog(RPMLOG_ERR, _("%s: headerRead failed: %s"), fn,
(msg && *msg ? msg : "\n"));
msg = _free(msg);
goto exit;
}
msg = _free(msg);
/* Any digests or signatures to check? */
if (sigtag == 0) {
rc = RPMRC_OK;
goto exit;
}
dig = pgpNewDig();
if (dig == NULL) {
rc = RPMRC_FAIL;
goto exit;
}
/* Retrieve the tag parameters from the signature header. */
if (!headerGet(sigh, sigtag, &sigtd, hgeflags)) {
rc = RPMRC_FAIL;
goto exit;
}
switch (sigtag) {
case RPMSIGTAG_RSA:
case RPMSIGTAG_DSA:
if ((rc = parsePGP(&sigtd, "package", dig)) != RPMRC_OK) {
goto exit;
}
/* fallthrough */
case RPMSIGTAG_SHA1:
{ struct rpmtd_s utd;
pgpHashAlgo hashalgo = (sigtag == RPMSIGTAG_SHA1) ?
PGPHASHALGO_SHA1 : dig->signature.hash_algo;
if (!headerGet(h, RPMTAG_HEADERIMMUTABLE, &utd, hgeflags))
break;
ctx = rpmDigestInit(hashalgo, RPMDIGEST_NONE);
(void) rpmDigestUpdate(ctx, rpm_header_magic, sizeof(rpm_header_magic));
(void) rpmDigestUpdate(ctx, utd.data, utd.count);
rpmtdFreeData(&utd);
} break;
case RPMSIGTAG_GPG:
case RPMSIGTAG_PGP5: /* XXX legacy */
case RPMSIGTAG_PGP:
if ((rc = parsePGP(&sigtd, "package", dig)) != RPMRC_OK) {
goto exit;
}
/* fallthrough */
case RPMSIGTAG_MD5:
/* Legacy signatures need the compressed payload in the digest too. */
while ((count = Fread(buf, sizeof(buf[0]), sizeof(buf), fd)) > 0) {}
if (count < 0) {
rpmlog(RPMLOG_ERR, _("%s: Fread failed: %s\n"),
fn, Fstrerror(fd));
rc = RPMRC_FAIL;
goto exit;
}
ctx = rpmDigestBundleDupCtx(fdGetBundle(fd), (sigtag == RPMSIGTAG_MD5) ?
PGPHASHALGO_MD5 : dig->signature.hash_algo);
break;
default:
break;
}
/** @todo Implement disable/enable/warn/error/anal policy. */
rc = rpmVerifySignature(keyring, &sigtd, dig, ctx, &msg);
switch (rc) {
case RPMRC_OK: /* Signature is OK. */
rpmlog(RPMLOG_DEBUG, "%s: %s", fn, msg);
break;
case RPMRC_NOTTRUSTED: /* Signature is OK, but key is not trusted. */
case RPMRC_NOKEY: /* Public key is unavailable. */
/* XXX Print NOKEY/NOTTRUSTED warning only once. */
{ int lvl = (stashKeyid(dig) ? RPMLOG_DEBUG : RPMLOG_WARNING);
rpmlog(lvl, "%s: %s", fn, msg);
} break;
case RPMRC_NOTFOUND: /* Signature is unknown type. */
rpmlog(RPMLOG_WARNING, "%s: %s", fn, msg);
break;
default:
case RPMRC_FAIL: /* Signature does not verify. */
rpmlog(RPMLOG_ERR, "%s: %s", fn, msg);
break;
}
free(msg);
exit:
if (rc != RPMRC_FAIL && h != NULL && hdrp != NULL) {
/* Retrofit RPMTAG_SOURCEPACKAGE to srpms for compatibility */
if (leadtype == RPMLEAD_SOURCE && headerIsSource(h)) {
if (!headerIsEntry(h, RPMTAG_SOURCEPACKAGE)) {
uint32_t one = 1;
headerPutUint32(h, RPMTAG_SOURCEPACKAGE, &one, 1);
}
}
/*
* Try to make sure binary rpms have RPMTAG_SOURCERPM set as that's
* what we use for differentiating binary vs source elsewhere.
*/
if (!headerIsEntry(h, RPMTAG_SOURCEPACKAGE) && headerIsSource(h)) {
headerPutString(h, RPMTAG_SOURCERPM, "(none)");
}
/*
* Convert legacy headers on the fly. Not having "new" style compressed
* filenames is close enough estimate for legacy indication...
*/
if (!headerIsEntry(h, RPMTAG_DIRNAMES)) {
headerConvert(h, HEADERCONV_RETROFIT_V3);
}
/* Append (and remap) signature tags to the metadata. */
headerMergeLegacySigs(h, sigh);
/* Bump reference count for return. */
*hdrp = headerLink(h);
}
rpmtdFreeData(&sigtd);
rpmDigestFinal(ctx, NULL, NULL, 0);
h = headerFree(h);
pgpFreeDig(dig);
sigh = rpmFreeSignature(sigh);
return rc;
}
static rpmRC processScriptFiles(rpmSpec spec, Package pkg)
{
struct TriggerFileEntry *p;
int addflags = 0;
rpmRC rc = RPMRC_FAIL;
Header h = pkg->header;
struct TriggerFileEntry *tfa[] = {pkg->triggerFiles,
pkg->fileTriggerFiles,
pkg->transFileTriggerFiles};
rpmTagVal progTags[] = {RPMTAG_TRIGGERSCRIPTPROG,
RPMTAG_FILETRIGGERSCRIPTPROG,
RPMTAG_TRANSFILETRIGGERSCRIPTPROG};
rpmTagVal flagTags[] = {RPMTAG_TRIGGERSCRIPTFLAGS,
RPMTAG_FILETRIGGERSCRIPTFLAGS,
RPMTAG_TRANSFILETRIGGERSCRIPTFLAGS};
rpmTagVal scriptTags[] = {RPMTAG_TRIGGERSCRIPTS,
RPMTAG_FILETRIGGERSCRIPTS,
RPMTAG_TRANSFILETRIGGERSCRIPTS};
rpmTagVal priorityTags[] = {0,
RPMTAG_FILETRIGGERPRIORITIES,
RPMTAG_TRANSFILETRIGGERPRIORITIES};
int i;
if (addFileToTag(spec, pkg->preInFile, h, RPMTAG_PREIN, 1) ||
addFileToTag(spec, pkg->preUnFile, h, RPMTAG_PREUN, 1) ||
addFileToTag(spec, pkg->preTransFile, h, RPMTAG_PRETRANS, 1) ||
addFileToTag(spec, pkg->postInFile, h, RPMTAG_POSTIN, 1) ||
addFileToTag(spec, pkg->postUnFile, h, RPMTAG_POSTUN, 1) ||
addFileToTag(spec, pkg->postTransFile, h, RPMTAG_POSTTRANS, 1) ||
addFileToTag(spec, pkg->verifyFile, h, RPMTAG_VERIFYSCRIPT, 1))
{
goto exit;
}
for (i = 0; i < sizeof(tfa)/sizeof(tfa[0]); i++) {
addflags = 0;
/* if any trigger has flags, we need to add flags entry for all of them */
for (p = tfa[i]; p != NULL; p = p->next) {
if (p->flags) {
addflags = 1;
break;
}
}
for (p = tfa[i]; p != NULL; p = p->next) {
headerPutString(h, progTags[i], p->prog);
if (priorityTags[i]) {
headerPutUint32(h, priorityTags[i], &p->priority, 1);
}
if (addflags) {
headerPutUint32(h, flagTags[i], &p->flags, 1);
}
if (p->script) {
headerPutString(h, scriptTags[i], p->script);
} else if (p->fileName) {
if (addFileToTag(spec, p->fileName, h, scriptTags[i], 0)) {
goto exit;
}
} else {
/* This is dumb. When the header supports NULL string */
/* this will go away. */
headerPutString(h, scriptTags[i], "");
}
}
}
rc = RPMRC_OK;
exit:
return rc;
}
static void compressFilelist(Header h)
{
struct rpmtd_s fileNames;
char ** dirNames;
const char ** baseNames;
uint32_t * dirIndexes;
rpm_count_t count;
int i;
int dirIndex = -1;
/*
* This assumes the file list is already sorted, and begins with a
* single '/'. That assumption isn't critical, but it makes things go
* a bit faster.
*/
if (headerIsEntry(h, RPMTAG_DIRNAMES)) {
headerDel(h, RPMTAG_OLDFILENAMES);
return; /* Already converted. */
}
if (!headerGet(h, RPMTAG_OLDFILENAMES, &fileNames, HEADERGET_MINMEM))
return;
count = rpmtdCount(&fileNames);
if (count < 1)
return;
dirNames = xmalloc(sizeof(*dirNames) * count); /* worst case */
baseNames = xmalloc(sizeof(*dirNames) * count);
dirIndexes = xmalloc(sizeof(*dirIndexes) * count);
/* HACK. Source RPM, so just do things differently */
{ const char *fn = rpmtdGetString(&fileNames);
if (fn && *fn != '/') {
dirIndex = 0;
dirNames[dirIndex] = xstrdup("");
while ((i = rpmtdNext(&fileNames)) >= 0) {
dirIndexes[i] = dirIndex;
baseNames[i] = rpmtdGetString(&fileNames);
}
goto exit;
}
}
/*
* XXX EVIL HACK, FIXME:
* This modifies (and then restores) a const string from rpmtd
* through basename retrieved from strrchr() which silently
* casts away const on return.
*/
while ((i = rpmtdNext(&fileNames)) >= 0) {
char ** needle;
char savechar;
char * baseName;
size_t len;
char *filename = (char *) rpmtdGetString(&fileNames); /* HACK HACK */
if (filename == NULL) /* XXX can't happen */
continue;
baseName = strrchr(filename, '/') + 1;
len = baseName - filename;
needle = dirNames;
savechar = *baseName;
*baseName = '\0';
if (dirIndex < 0 ||
(needle = bsearch(&filename, dirNames, dirIndex + 1, sizeof(dirNames[0]), dncmp)) == NULL) {
char *s = xmalloc(len + 1);
rstrlcpy(s, filename, len + 1);
dirIndexes[i] = ++dirIndex;
dirNames[dirIndex] = s;
} else
dirIndexes[i] = needle - dirNames;
*baseName = savechar;
baseNames[i] = baseName;
}
exit:
if (count > 0) {
headerPutUint32(h, RPMTAG_DIRINDEXES, dirIndexes, count);
headerPutStringArray(h, RPMTAG_BASENAMES, baseNames, count);
headerPutStringArray(h, RPMTAG_DIRNAMES,
(const char **) dirNames, dirIndex + 1);
}
rpmtdFreeData(&fileNames);
for (i = 0; i <= dirIndex; i++) {
free(dirNames[i]);
}
free(dirNames);
free(baseNames);
free(dirIndexes);
headerDel(h, RPMTAG_OLDFILENAMES);
}
static rpmRC rpmpsmStage(rpmpsm psm, pkgStage stage)
{
const rpmts ts = psm->ts;
rpmfi fi = psm->fi;
rpmRC rc = RPMRC_OK;
switch (stage) {
case PSM_UNKNOWN:
break;
case PSM_INIT:
rpmlog(RPMLOG_DEBUG, "%s: %s has %d files\n",
psm->goalName, rpmteNEVR(psm->te), rpmfiFC(fi));
/*
* When we run scripts, we pass an argument which is the number of
* versions of this package that will be installed when we are
* finished.
*/
psm->npkgs_installed = rpmdbCountPackages(rpmtsGetRdb(ts), rpmteN(psm->te));
if (psm->npkgs_installed < 0) {
rc = RPMRC_FAIL;
break;
}
if (psm->goal == PKG_INSTALL) {
Header h = rpmteHeader(psm->te);
psm->scriptArg = psm->npkgs_installed + 1;
psm->amount = 0;
psm->total = headerGetNumber(h, RPMTAG_LONGARCHIVESIZE);
/* fake up something for packages with no files */
if (psm->total == 0)
psm->total = 100;
/* HACK: reinstall abuses te instance to remove old header */
if (rpmtsFilterFlags(ts) & RPMPROB_FILTER_REPLACEPKG)
markReplacedInstance(ts, psm->te);
if (rpmfiFC(fi) > 0) {
struct rpmtd_s filenames;
rpmTag ftag = RPMTAG_FILENAMES;
if (headerIsEntry(h, RPMTAG_ORIGBASENAMES)) {
ftag = RPMTAG_ORIGFILENAMES;
}
headerGet(h, ftag, &filenames, HEADERGET_EXT);
fi->apath = filenames.data; /* Ick.. */
}
headerFree(h);
}
if (psm->goal == PKG_ERASE) {
psm->scriptArg = psm->npkgs_installed - 1;
psm->amount = 0;
psm->total = rpmfiFC(fi) ? rpmfiFC(fi) : 100;
}
break;
case PSM_PRE:
if (psm->goal == PKG_INSTALL) {
psm->scriptTag = RPMTAG_PREIN;
psm->sense = RPMSENSE_TRIGGERPREIN;
psm->countCorrection = 0; /* XXX is this correct?!? */
if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOTRIGGERPREIN)) {
/* Run triggers in other package(s) this package sets off. */
rc = rpmpsmNext(psm, PSM_TRIGGERS);
if (rc) break;
/* Run triggers in this package other package(s) set off. */
rc = rpmpsmNext(psm, PSM_IMMED_TRIGGERS);
if (rc) break;
}
if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOPRE)) {
rc = rpmpsmNext(psm, PSM_SCRIPT);
if (rc) break;
}
}
if (psm->goal == PKG_ERASE) {
psm->scriptTag = RPMTAG_PREUN;
psm->sense = RPMSENSE_TRIGGERUN;
psm->countCorrection = -1;
if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOTRIGGERUN)) {
/* Run triggers in this package other package(s) set off. */
rc = rpmpsmNext(psm, PSM_IMMED_TRIGGERS);
if (rc) break;
/* Run triggers in other package(s) this package sets off. */
rc = rpmpsmNext(psm, PSM_TRIGGERS);
if (rc) break;
}
if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOPREUN))
rc = rpmpsmNext(psm, PSM_SCRIPT);
}
break;
case PSM_PROCESS:
if (psm->goal == PKG_INSTALL) {
int fsmrc = 0;
rpmpsmNotify(psm, RPMCALLBACK_INST_START, 0);
/* make sure first progress call gets made */
rpmpsmNotify(psm, RPMCALLBACK_INST_PROGRESS, 0);
if (rpmfiFC(fi) > 0 && !(rpmtsFlags(ts) & RPMTRANS_FLAG_JUSTDB)) {
FD_t payload = rpmtePayload(psm->te);
if (payload == NULL) {
rc = RPMRC_FAIL;
break;
}
fsmrc = rpmPackageFilesInstall(psm->ts, psm->te, psm->fi,
payload, psm, &psm->failedFile);
rpmswAdd(rpmtsOp(psm->ts, RPMTS_OP_UNCOMPRESS),
fdOp(payload, FDSTAT_READ));
rpmswAdd(rpmtsOp(psm->ts, RPMTS_OP_DIGEST),
fdOp(payload, FDSTAT_DIGEST));
Fclose(payload);
}
/* XXX make sure progress reaches 100% */
rpmpsmNotify(psm, 0, psm->total);
rpmpsmNotify(psm, RPMCALLBACK_INST_STOP, psm->total);
if (fsmrc) {
char *emsg = rpmcpioStrerror(fsmrc);
rpmlog(RPMLOG_ERR,
_("unpacking of archive failed%s%s: %s\n"),
(psm->failedFile != NULL ? _(" on file ") : ""),
(psm->failedFile != NULL ? psm->failedFile : ""),
emsg);
free(emsg);
rc = RPMRC_FAIL;
/* XXX notify callback on error. */
rpmtsNotify(ts, psm->te, RPMCALLBACK_UNPACK_ERROR, 0, 0);
break;
}
}
if (psm->goal == PKG_ERASE) {
if (rpmtsFlags(ts) & RPMTRANS_FLAG_JUSTDB) break;
rpmpsmNotify(psm, RPMCALLBACK_UNINST_START, 0);
/* make sure first progress call gets made */
rpmpsmNotify(psm, RPMCALLBACK_UNINST_PROGRESS, 0);
/* XXX should't we log errors from here? */
if (rpmfiFC(fi) > 0 && !(rpmtsFlags(ts) & RPMTRANS_FLAG_JUSTDB)) {
rc = rpmPackageFilesRemove(psm->ts, psm->te, psm->fi,
psm, &psm->failedFile);
}
/* XXX make sure progress reaches 100% */
rpmpsmNotify(psm, 0, psm->total);
rpmpsmNotify(psm, RPMCALLBACK_UNINST_STOP, psm->total);
}
break;
case PSM_POST:
if (psm->goal == PKG_INSTALL) {
rpm_time_t installTime = (rpm_time_t) time(NULL);
rpmfs fs = rpmteGetFileStates(psm->te);
rpm_count_t fc = rpmfsFC(fs);
rpm_fstate_t * fileStates = rpmfsGetStates(fs);
Header h = rpmteHeader(psm->te);
rpm_color_t tscolor = rpmtsColor(ts);
if (fileStates != NULL && fc > 0) {
headerPutChar(h, RPMTAG_FILESTATES, fileStates, fc);
}
headerPutUint32(h, RPMTAG_INSTALLTIME, &installTime, 1);
headerPutUint32(h, RPMTAG_INSTALLCOLOR, &tscolor, 1);
headerFree(h);
/*
* If this package has already been installed, remove it from
* the database before adding the new one.
*/
if (rpmteDBInstance(psm->te)) {
rc = rpmpsmNext(psm, PSM_RPMDB_REMOVE);
if (rc) break;
}
rc = rpmpsmNext(psm, PSM_RPMDB_ADD);
if (rc) break;
psm->scriptTag = RPMTAG_POSTIN;
psm->sense = RPMSENSE_TRIGGERIN;
psm->countCorrection = 0;
if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOPOST)) {
rc = rpmpsmNext(psm, PSM_SCRIPT);
if (rc) break;
}
if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOTRIGGERIN)) {
/* Run triggers in other package(s) this package sets off. */
rc = rpmpsmNext(psm, PSM_TRIGGERS);
if (rc) break;
/* Run triggers in this package other package(s) set off. */
rc = rpmpsmNext(psm, PSM_IMMED_TRIGGERS);
if (rc) break;
}
rc = markReplacedFiles(psm);
}
if (psm->goal == PKG_ERASE) {
psm->scriptTag = RPMTAG_POSTUN;
psm->sense = RPMSENSE_TRIGGERPOSTUN;
psm->countCorrection = -1;
if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOPOSTUN)) {
rc = rpmpsmNext(psm, PSM_SCRIPT);
if (rc) break;
}
if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOTRIGGERPOSTUN)) {
/* Run triggers in other package(s) this package sets off. */
rc = rpmpsmNext(psm, PSM_TRIGGERS);
if (rc) break;
}
rc = rpmpsmNext(psm, PSM_RPMDB_REMOVE);
}
break;
case PSM_UNDO:
break;
case PSM_FINI:
if (rc) {
char *emsg = rpmcpioStrerror(rc);
if (psm->failedFile)
rpmlog(RPMLOG_ERR,
_("%s failed on file %s: %s\n"),
psm->goalName, psm->failedFile, emsg);
else
rpmlog(RPMLOG_ERR, _("%s failed: %s\n"),
psm->goalName, emsg);
free(emsg);
/* XXX notify callback on error. */
rpmtsNotify(ts, psm->te, RPMCALLBACK_CPIO_ERROR, 0, 0);
}
psm->failedFile = _free(psm->failedFile);
fi->apath = _free(fi->apath);
break;
case PSM_CREATE:
break;
case PSM_DESTROY:
break;
case PSM_SCRIPT: /* Run current package scriptlets. */
rc = runInstScript(psm);
break;
case PSM_TRIGGERS:
/* Run triggers in other package(s) this package sets off. */
rc = runTriggers(psm);
break;
case PSM_IMMED_TRIGGERS:
/* Run triggers in this package other package(s) set off. */
rc = runImmedTriggers(psm);
break;
case PSM_RPMDB_ADD: {
Header h = rpmteHeader(psm->te);
if (!headerIsEntry(h, RPMTAG_INSTALLTID)) {
rpm_tid_t tid = rpmtsGetTid(ts);
if (tid != 0 && tid != (rpm_tid_t)-1)
headerPutUint32(h, RPMTAG_INSTALLTID, &tid, 1);
}
(void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DBADD), 0);
rc = (rpmdbAdd(rpmtsGetRdb(ts), h) == 0) ? RPMRC_OK : RPMRC_FAIL;
(void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DBADD), 0);
if (rc == RPMRC_OK)
rpmteSetDBInstance(psm->te, headerGetInstance(h));
headerFree(h);
} break;
case PSM_RPMDB_REMOVE:
(void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DBREMOVE), 0);
rc = (rpmdbRemove(rpmtsGetRdb(ts), rpmteDBInstance(psm->te)) == 0) ?
RPMRC_OK : RPMRC_FAIL;
(void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DBREMOVE), 0);
if (rc == RPMRC_OK)
rpmteSetDBInstance(psm->te, 0);
break;
default:
break;
}
return rc;
}
int addReqProv(Package pkg, rpmTagVal tagN,
const char * N, const char * EVR, rpmsenseFlags Flags,
uint32_t index)
{
rpmTagVal versiontag = 0;
rpmTagVal flagtag = 0;
rpmTagVal indextag = 0;
rpmsenseFlags extra = RPMSENSE_ANY;
Header h = pkg->header; /* just a shortcut */
rpmds newds, *dsp = NULL;
switch (tagN) {
case RPMTAG_PROVIDENAME:
versiontag = RPMTAG_PROVIDEVERSION;
flagtag = RPMTAG_PROVIDEFLAGS;
extra = Flags & RPMSENSE_FIND_PROVIDES;
dsp = &pkg->provides;
break;
case RPMTAG_OBSOLETENAME:
versiontag = RPMTAG_OBSOLETEVERSION;
flagtag = RPMTAG_OBSOLETEFLAGS;
dsp = &pkg->obsoletes;
break;
case RPMTAG_CONFLICTNAME:
versiontag = RPMTAG_CONFLICTVERSION;
flagtag = RPMTAG_CONFLICTFLAGS;
dsp = &pkg->conflicts;
break;
case RPMTAG_ORDERNAME:
versiontag = RPMTAG_ORDERVERSION;
flagtag = RPMTAG_ORDERFLAGS;
dsp = &pkg->order;
break;
case RPMTAG_TRIGGERNAME:
versiontag = RPMTAG_TRIGGERVERSION;
flagtag = RPMTAG_TRIGGERFLAGS;
indextag = RPMTAG_TRIGGERINDEX;
extra = Flags & RPMSENSE_TRIGGER;
dsp = &pkg->triggers;
break;
case RPMTAG_REQUIRENAME:
default:
tagN = RPMTAG_REQUIRENAME;
versiontag = RPMTAG_REQUIREVERSION;
flagtag = RPMTAG_REQUIREFLAGS;
extra = Flags & _ALL_REQUIRES_MASK;
dsp = &pkg->requires;
}
/* rpmlib() dependency sanity: only requires permitted, ensure sense bit */
if (rstreqn(N, "rpmlib(", sizeof("rpmlib(")-1)) {
if (tagN != RPMTAG_REQUIRENAME) return 1;
extra |= RPMSENSE_RPMLIB;
}
Flags = (Flags & RPMSENSE_SENSEMASK) | extra;
if (EVR == NULL)
EVR = "";
newds = rpmdsSinglePool(pkg->pool, tagN, N, EVR, Flags);
/* Avoid adding duplicate dependencies. */
if (isNewDep(dsp, newds, h, indextag, index)) {
headerPutString(h, tagN, N);
headerPutString(h, versiontag, EVR);
headerPutUint32(h, flagtag, &Flags, 1);
if (indextag) {
headerPutUint32(h, indextag, &index, 1);
}
}
rpmdsFree(newds);
return 0;
}
static rpmRC rpmpkgRead(rpmKeyring keyring, rpmVSFlags vsflags,
FD_t fd,
Header * hdrp, unsigned int *keyidp, char **msg)
{
pgpDigParams sig = NULL;
Header sigh = NULL;
rpmTagVal sigtag;
struct rpmtd_s sigtd;
struct sigtInfo_s sinfo;
Header h = NULL;
rpmRC rc = RPMRC_FAIL; /* assume failure */
int leadtype = -1;
headerGetFlags hgeflags = HEADERGET_DEFAULT;
if (hdrp) *hdrp = NULL;
rpmtdReset(&sigtd);
if ((rc = rpmLeadRead(fd, &leadtype, msg)) != RPMRC_OK) {
/* Avoid message spew on manifests */
if (rc == RPMRC_NOTFOUND) {
*msg = _free(*msg);
}
goto exit;
}
/* Read the signature header. */
rc = rpmReadSignature(fd, &sigh, msg);
if (rc != RPMRC_OK) {
goto exit;
}
#define _chk(_mask, _tag) \
(sigtag == 0 && !(vsflags & (_mask)) && headerIsEntry(sigh, (_tag)))
/*
* Figger the most effective means of verification available, prefer
* signatures over digests. Legacy header+payload entries are not used.
* DSA will be preferred over RSA if both exist because tested first.
*/
sigtag = 0;
if (_chk(RPMVSF_NODSAHEADER, RPMSIGTAG_DSA)) {
sigtag = RPMSIGTAG_DSA;
} else if (_chk(RPMVSF_NORSAHEADER, RPMSIGTAG_RSA)) {
sigtag = RPMSIGTAG_RSA;
} else if (_chk(RPMVSF_NOSHA1HEADER, RPMSIGTAG_SHA1)) {
sigtag = RPMSIGTAG_SHA1;
}
/* Read the metadata, computing digest(s) on the fly. */
h = NULL;
rc = rpmpkgReadHeader(fd, &h, msg);
if (rc != RPMRC_OK || h == NULL) {
goto exit;
}
/* Any digests or signatures to check? */
if (sigtag == 0) {
rc = RPMRC_OK;
goto exit;
}
/* Free up any previous "ok" message before signature/digest check */
*msg = _free(*msg);
/* Retrieve the tag parameters from the signature header. */
if (!headerGet(sigh, sigtag, &sigtd, hgeflags)) {
rc = RPMRC_FAIL;
goto exit;
}
if (rpmSigInfoParse(&sigtd, "package", &sinfo, &sig, msg) == RPMRC_OK) {
struct rpmtd_s utd;
DIGEST_CTX ctx = rpmDigestInit(sinfo.hashalgo, RPMDIGEST_NONE);
if (headerGet(h, RPMTAG_HEADERIMMUTABLE, &utd, hgeflags)) {
rpmDigestUpdate(ctx, rpm_header_magic, sizeof(rpm_header_magic));
rpmDigestUpdate(ctx, utd.data, utd.count);
rpmtdFreeData(&utd);
}
/** @todo Implement disable/enable/warn/error/anal policy. */
rc = rpmVerifySignature(keyring, &sigtd, sig, ctx, msg);
rpmDigestFinal(ctx, NULL, NULL, 0);
} else {
rc = RPMRC_FAIL;
}
exit:
if (rc != RPMRC_FAIL && h != NULL && hdrp != NULL) {
/* Retrofit RPMTAG_SOURCEPACKAGE to srpms for compatibility */
if (leadtype == RPMLEAD_SOURCE && headerIsSource(h)) {
if (!headerIsEntry(h, RPMTAG_SOURCEPACKAGE)) {
uint32_t one = 1;
headerPutUint32(h, RPMTAG_SOURCEPACKAGE, &one, 1);
}
}
/*
* Try to make sure binary rpms have RPMTAG_SOURCERPM set as that's
* what we use for differentiating binary vs source elsewhere.
*/
if (!headerIsEntry(h, RPMTAG_SOURCEPACKAGE) && headerIsSource(h)) {
headerPutString(h, RPMTAG_SOURCERPM, "(none)");
}
/*
* Convert legacy headers on the fly. Not having immutable region
* equals a truly ancient package, do full retrofit. OTOH newer
* packages might have been built with --nodirtokens, test and handle
* the non-compressed filelist case separately.
*/
if (!headerIsEntry(h, RPMTAG_HEADERIMMUTABLE))
headerConvert(h, HEADERCONV_RETROFIT_V3);
else if (headerIsEntry(h, RPMTAG_OLDFILENAMES))
headerConvert(h, HEADERCONV_COMPRESSFILELIST);
/* Append (and remap) signature tags to the metadata. */
headerMergeLegacySigs(h, sigh);
/* Bump reference count for return. */
*hdrp = headerLink(h);
if (keyidp)
*keyidp = getKeyid(sig);
}
rpmtdFreeData(&sigtd);
h = headerFree(h);
pgpDigParamsFree(sig);
sigh = headerFree(sigh);
return rc;
}
static rpmRC writeModuleToHeader(ModuleRec mod, Package pkg)
{
rpmRC rc = RPMRC_FAIL;
ARGV_t av;
uint32_t count;
struct rpmtd_s policies;
struct rpmtd_s policynames;
struct rpmtd_s policyflags;
struct rpmtd_s policytypes;
struct rpmtd_s policytypesidx;
rpmtdReset(&policies);
rpmtdReset(&policynames);
rpmtdReset(&policyflags);
rpmtdReset(&policytypes);
rpmtdReset(&policytypesidx);
if (!mod || !pkg) {
goto exit;
}
/* check for duplicates */
if (headerIsEntry(pkg->header, RPMTAG_POLICYNAMES)) {
int typeCount;
const char *name;
char *type;
int i;
int idx;
headerGet(pkg->header, RPMTAG_POLICYNAMES, &policynames, HEADERGET_MINMEM);
headerGet(pkg->header, RPMTAG_POLICYFLAGS, &policyflags, HEADERGET_ARGV | HEADERGET_MINMEM);
headerGet(pkg->header, RPMTAG_POLICYTYPES, &policytypes, HEADERGET_ARGV | HEADERGET_MINMEM);
headerGet(pkg->header, RPMTAG_POLICYTYPESINDEXES, &policytypesidx, HEADERGET_ARGV | HEADERGET_MINMEM);
typeCount = rpmtdCount(&policytypes);
while ((name = rpmtdNextString(&policynames))) {
int overlappingtypes = 0;
idx = rpmtdGetIndex(&policynames);
for (i = 0; i < typeCount; i++) {
if (((int *) policytypesidx.data)[i] != idx) {
continue;
}
type = ((char **) policytypes.data)[i];
if (rstreq(type, RPMPOL_TYPE_DEFAULT) ||
argvSearch(mod->types, type, NULL) ||
argvSearch(mod->types, RPMPOL_TYPE_DEFAULT, NULL)) {
overlappingtypes = 1;
break;
}
}
if (!overlappingtypes) {
continue;
}
if (rstreq(mod->name, name)) {
rpmlog(RPMLOG_ERR, _("Policy module '%s' duplicated with overlapping types\n"), name);
goto exit;
}
if ((mod->flags && RPMPOL_FLAG_BASE) &&
(((int *) policyflags.data)[idx] & RPMPOL_FLAG_BASE)) {
rpmlog(RPMLOG_ERR, _("Base modules '%s' and '%s' have overlapping types\n"), mod->name, name);
goto exit;
}
}
}
if (headerIsEntry(pkg->header, RPMTAG_POLICIES)) {
if (!headerGet(pkg->header, RPMTAG_POLICIES, &policies, HEADERGET_MINMEM)) {
rpmlog(RPMLOG_ERR, _("Failed to get policies from header\n"));
goto exit;
}
count = rpmtdCount(&policies);
} else {
count = 0;
}
/* save everything to the header */
headerPutString(pkg->header, RPMTAG_POLICIES, mod->data);
headerPutString(pkg->header, RPMTAG_POLICYNAMES, mod->name);
headerPutUint32(pkg->header, RPMTAG_POLICYFLAGS, &mod->flags, 1);
for (av = mod->types; av && *av; av++) {
headerPutString(pkg->header, RPMTAG_POLICYTYPES, *av);
headerPutUint32(pkg->header, RPMTAG_POLICYTYPESINDEXES, &count, 1);
}
rc = RPMRC_OK;
exit:
rpmtdFreeData(&policies);
rpmtdFreeData(&policynames);
rpmtdFreeData(&policyflags);
rpmtdFreeData(&policytypes);
rpmtdFreeData(&policytypesidx);
return rc;
}
static rpmRC handlePreambleTag(rpmSpec spec, Package pkg, rpmTagVal tag,
const char *macro, const char *lang)
{
char * field = spec->line;
char * end;
int multiToken = 0;
rpmsenseFlags tagflags = RPMSENSE_ANY;
rpmRC rc = RPMRC_FAIL;
if (field == NULL) /* XXX can't happen */
goto exit;
/* Find the start of the "field" and strip trailing space */
while ((*field) && (*field != ':'))
field++;
if (*field != ':') {
rpmlog(RPMLOG_ERR, _("line %d: Malformed tag: %s\n"),
spec->lineNum, spec->line);
goto exit;
}
field++;
SKIPSPACE(field);
if (!*field) {
/* Empty field */
rpmlog(RPMLOG_ERR, _("line %d: Empty tag: %s\n"),
spec->lineNum, spec->line);
goto exit;
}
end = findLastChar(field);
*(end+1) = '\0';
/* See if this is multi-token */
end = field;
SKIPNONSPACE(end);
if (*end != '\0')
multiToken = 1;
switch (tag) {
case RPMTAG_NAME:
SINGLE_TOKEN_ONLY;
if (rpmCharCheck(spec, field, WHITELIST_NAME))
goto exit;
headerPutString(pkg->header, tag, field);
/* Main pkg name is unknown at the start, populate as soon as we can */
if (pkg == spec->packages)
pkg->name = rpmstrPoolId(spec->pool, field, 1);
break;
case RPMTAG_VERSION:
case RPMTAG_RELEASE:
SINGLE_TOKEN_ONLY;
if (rpmCharCheck(spec, field, "._+%{}~"))
goto exit;
headerPutString(pkg->header, tag, field);
break;
case RPMTAG_URL:
case RPMTAG_DISTTAG:
case RPMTAG_BUGURL:
/* XXX TODO: validate format somehow */
case RPMTAG_VCS:
SINGLE_TOKEN_ONLY;
headerPutString(pkg->header, tag, field);
break;
case RPMTAG_GROUP:
case RPMTAG_SUMMARY:
case RPMTAG_DISTRIBUTION:
case RPMTAG_VENDOR:
case RPMTAG_LICENSE:
case RPMTAG_PACKAGER:
if (addLangTag(spec, pkg->header, tag, field, lang))
goto exit;
break;
case RPMTAG_BUILDROOT:
/* just silently ignore BuildRoot */
macro = NULL;
break;
case RPMTAG_PREFIXES: {
struct rpmtd_s td;
const char *str;
if (addOrAppendListEntry(pkg->header, tag, field))
goto exit;
headerGet(pkg->header, tag, &td, HEADERGET_MINMEM);
while ((str = rpmtdNextString(&td))) {
size_t len = strlen(str);
if (len > 1 && str[len-1] == '/') {
rpmlog(RPMLOG_ERR,
_("line %d: Prefixes must not end with \"/\": %s\n"),
spec->lineNum, spec->line);
rpmtdFreeData(&td);
goto exit;
}
}
rpmtdFreeData(&td);
break;
}
case RPMTAG_DOCDIR:
SINGLE_TOKEN_ONLY;
if (field[0] != '/') {
rpmlog(RPMLOG_ERR, _("line %d: Docdir must begin with '/': %s\n"),
spec->lineNum, spec->line);
goto exit;
}
macro = NULL;
rpmPopMacro(NULL, "_docdir");
rpmPushMacro(NULL, "_docdir", NULL, field, RMIL_SPEC);
break;
case RPMTAG_EPOCH: {
SINGLE_TOKEN_ONLY;
uint32_t epoch;
if (parseUnsignedNum(field, &epoch)) {
rpmlog(RPMLOG_ERR,
_("line %d: Epoch field must be an unsigned number: %s\n"),
spec->lineNum, spec->line);
goto exit;
}
headerPutUint32(pkg->header, tag, &epoch, 1);
break;
}
case RPMTAG_AUTOREQPROV:
pkg->autoReq = parseYesNo(field);
pkg->autoProv = pkg->autoReq;
break;
case RPMTAG_AUTOREQ:
pkg->autoReq = parseYesNo(field);
break;
case RPMTAG_AUTOPROV:
pkg->autoProv = parseYesNo(field);
break;
case RPMTAG_SOURCE:
case RPMTAG_PATCH:
macro = NULL;
if (addSource(spec, pkg, field, tag))
goto exit;
break;
case RPMTAG_ICON:
SINGLE_TOKEN_ONLY;
if (addSource(spec, pkg, field, tag) || readIcon(pkg->header, field))
goto exit;
break;
case RPMTAG_NOSOURCE:
case RPMTAG_NOPATCH:
spec->noSource = 1;
if (parseNoSource(spec, field, tag))
goto exit;
break;
case RPMTAG_ORDERFLAGS:
case RPMTAG_REQUIREFLAGS:
if (parseBits(lang, installScriptBits, &tagflags)) {
rpmlog(RPMLOG_ERR, _("line %d: Bad %s: qualifiers: %s\n"),
spec->lineNum, rpmTagGetName(tag), spec->line);
goto exit;
}
/* fallthrough */
case RPMTAG_PREREQ:
case RPMTAG_RECOMMENDFLAGS:
case RPMTAG_SUGGESTFLAGS:
case RPMTAG_SUPPLEMENTFLAGS:
case RPMTAG_ENHANCEFLAGS:
case RPMTAG_CONFLICTFLAGS:
case RPMTAG_OBSOLETEFLAGS:
case RPMTAG_PROVIDEFLAGS:
if (parseRCPOT(spec, pkg, field, tag, 0, tagflags))
goto exit;
break;
case RPMTAG_BUILDPREREQ:
case RPMTAG_BUILDREQUIRES:
case RPMTAG_BUILDCONFLICTS:
if (parseRCPOT(spec, spec->sourcePackage, field, tag, 0, tagflags))
goto exit;
break;
case RPMTAG_EXCLUDEARCH:
case RPMTAG_EXCLUSIVEARCH:
case RPMTAG_EXCLUDEOS:
case RPMTAG_EXCLUSIVEOS:
if (addOrAppendListEntry(spec->buildRestrictions, tag, field))
goto exit;
break;
case RPMTAG_BUILDARCHS: {
int BACount;
const char **BANames = NULL;
if (poptParseArgvString(field, &BACount, &BANames)) {
rpmlog(RPMLOG_ERR,
_("line %d: Bad BuildArchitecture format: %s\n"),
spec->lineNum, spec->line);
goto exit;
}
if (spec->packages == pkg) {
if (spec->BANames) {
rpmlog(RPMLOG_ERR,
_("line %d: Duplicate BuildArch entry: %s\n"),
spec->lineNum, spec->line);
BANames = _free(BANames);
goto exit;
}
spec->BACount = BACount;
spec->BANames = BANames;
} else {
if (BACount != 1 || !rstreq(BANames[0], "noarch")) {
rpmlog(RPMLOG_ERR,
_("line %d: Only noarch subpackages are supported: %s\n"),
spec->lineNum, spec->line);
BANames = _free(BANames);
goto exit;
}
headerPutString(pkg->header, RPMTAG_ARCH, "noarch");
}
if (!BACount)
spec->BANames = _free(spec->BANames);
break;
}
case RPMTAG_REMOVEPATHPOSTFIXES:
argvSplit(&pkg->removePostfixes, field, ":");
break;
default:
rpmlog(RPMLOG_ERR, _("Internal error: Bogus tag %d\n"), tag);
goto exit;
}
if (macro) {
rpmPushMacro(spec->macros, macro, NULL, field, RMIL_SPEC);
/* Add a separate uppercase macro for tags from the main package */
if (pkg == spec->packages) {
char *m = xstrdup(macro);
for (char *p = m; *p; ++p)
*p = rtoupper(*p);
rpmPushMacro(spec->macros, m, NULL, field, RMIL_SPEC);
free(m);
}
}
rc = RPMRC_OK;
exit:
return rc;
}