rsa.c \

		update.c \

int pkg_finish_repo(char *path, pem_password_cb *cb, char *rsa_key_path);

/**

 * Download the latest repo db file and checks its signature if any

 */

int pkg_update(const char *name, const char *packagesite);

		NULL,

#include "private/utils.h"

	unsigned int siglen = 0;

		rsa_sign(repo_path, password_cb, rsa_key_path, &sigret,

				&siglen);

int rsa_sign(char *path, pem_password_cb *password_cb, char *rsa_key_path,

		 unsigned char **sigret, unsigned int *siglen);

int rsa_verify(const char *path, const char *key,

		unsigned char *sig, unsigned int sig_len);

/*

 * Copyright (c) 2011-2012 Baptiste Daroussin <bapt@FreeBSD.org>

 * Copyright (c) 2011-2012 Julien Laffaye <jlaffaye@FreeBSD.org>

 * All rights reserved.

 * 

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer

 *    in this position and unchanged.

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in the

 *    documentation and/or other materials provided with the distribution.

 * 

 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR

 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.

 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,

 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,

 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY

 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF

 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 */

#include <openssl/err.h>

#include <openssl/sha.h>

#include <openssl/rsa.h>

#include <openssl/ssl.h>

#include "pkg.h"

#include "private/event.h"

#include "private/pkg.h"

static RSA *

_load_rsa_private_key(char *rsa_key_path, pem_password_cb *password_cb)

{

	FILE *fp;

	RSA *rsa = NULL;

	if ((fp = fopen(rsa_key_path, "r")) == 0)

		return (NULL);

	if ((rsa = RSA_new()) == NULL) {

		fclose(fp);

		return (NULL);

	}

	if ((rsa = PEM_read_RSAPrivateKey(fp, 0, password_cb, rsa_key_path)) == NULL) {

		fclose(fp);

		return (NULL);

	}

	fclose(fp);

	return (rsa);

}

static RSA *

_load_rsa_public_key(const char *rsa_key_path)

{

	FILE *fp;

	RSA *rsa = NULL;

	char errbuf[1024];

	if ((fp = fopen(rsa_key_path, "rb")) == 0) {

		pkg_emit_errno("fopen", rsa_key_path);

		return (NULL);

	}

	if (!PEM_read_RSA_PUBKEY( fp, &rsa, NULL, NULL )) {

		pkg_emit_error("error reading public key(%s): %s", rsa_key_path,

					   ERR_error_string(ERR_get_error(), errbuf));

		fclose(fp);

		return (NULL);

	}

	fclose(fp);

	return (rsa);

}

int

rsa_verify(const char *path, const char *key, unsigned char *sig, unsigned int sig_len)

{

	char sha256[SHA256_DIGEST_LENGTH *2 +1];

	char errbuf[1024];

	RSA *rsa = NULL;

	sha256_file(path, sha256);

	SSL_load_error_strings();

	OpenSSL_add_all_algorithms();

	OpenSSL_add_all_ciphers();

	rsa = _load_rsa_public_key(key);

	if (rsa == NULL)

		return(EPKG_FATAL);

	if (RSA_verify(NID_sha1, sha256, sizeof(sha256), sig, sig_len, rsa) == 0) {

		pkg_emit_error("%s: %s", key,

					   ERR_error_string(ERR_get_error(), errbuf));

		return (EPKG_FATAL);

	}

	RSA_free(rsa);

	ERR_free_strings();

	return (EPKG_OK);

}

int

rsa_sign(char *path, pem_password_cb *password_cb, char *rsa_key_path,

		unsigned char **sigret, unsigned int *siglen)

{

	char errbuf[1024];

	int max_len = 0;

	RSA *rsa = NULL;

	char sha256[SHA256_DIGEST_LENGTH * 2 +1];

	if (access(rsa_key_path, R_OK) == -1) {

		pkg_emit_errno("access", rsa_key_path);

		return EPKG_FATAL;

	}

	SSL_load_error_strings();

	OpenSSL_add_all_algorithms();

	OpenSSL_add_all_ciphers();

	rsa = _load_rsa_private_key(rsa_key_path, password_cb);

	max_len = RSA_size(rsa);

	*sigret = calloc(1, max_len + 1);

	sha256_file(path, sha256);

	if (RSA_sign(NID_sha1, sha256, sizeof(sha256), *sigret, siglen, rsa) == 0) {

		/* XXX pass back RSA errors correctly */

		pkg_emit_error("%s: %s", rsa_key_path,

					   ERR_error_string(ERR_get_error(), errbuf));

		return EPKG_FATAL;

	}

	RSA_free(rsa);

	ERR_free_strings();

	return (EPKG_OK);

}

/*

 * Copyright (c) 2012 Julien Laffaye <jlaffaye@FreeBSD.org>

 * All rights reserved.

 * 

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer

 *    in this position and unchanged.

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in the

 *    documentation and/or other materials provided with the distribution.

 * 

 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR

 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.

 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,

 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,

 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY

 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF

 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 */

#include <sys/stat.h>

#include <sys/param.h>

#include <stdio.h>

#include <stdlib.h>

#include <string.h>

#include <unistd.h>

#include <archive.h>

#include <archive_entry.h>

#include "pkg.h"

#include "private/event.h"

#include "private/utils.h"

#define EXTRACT_ARCHIVE_FLAGS  (ARCHIVE_EXTRACT_OWNER |ARCHIVE_EXTRACT_PERM)

/* Add indexes to the repo */

static int

remote_add_indexes(const char *reponame)

{

	struct pkgdb *db = NULL;

	int ret = EPKG_FATAL;

	if (pkgdb_open(&db, PKGDB_REMOTE) != EPKG_OK)

		goto cleanup;

	/* Initialize the remote remote */

	if (pkgdb_remote_init(db, reponame) != EPKG_OK)

		goto cleanup;

	ret = EPKG_OK;

	cleanup:

	if (db)

		pkgdb_close(db);

	return (ret);

}

int

pkg_update(const char *name, const char *packagesite)

{

	char url[MAXPATHLEN];

	struct archive *a = NULL;

	struct archive_entry *ae = NULL;

	char repofile[MAXPATHLEN];

	char repofile_unchecked[MAXPATHLEN];

	char tmp[21];

	const char *dbdir = NULL;

	const char *repokey;

	unsigned char *sig = NULL;

	int siglen = 0;

	int rc = EPKG_FATAL;

	bool alwayssigned = false;

	struct stat st;

	time_t t = 0;

	snprintf(url, MAXPATHLEN, "%s/repo.txz", packagesite);

	pkg_config_bool(PKG_CONFIG_SIGNED_REPOS, &alwayssigned);

	(void)strlcpy(tmp, "/tmp/repo.txz.XXXXXX", sizeof(tmp));

	if (mktemp(tmp) == NULL) {

		pkg_emit_error("Could not create temporary file %s, aborting update.\n", tmp);

		return (EPKG_FATAL);

	}

	if (pkg_config_string(PKG_CONFIG_DBDIR, &dbdir) != EPKG_OK) {

		pkg_emit_error("Cant get dbdir config entry");

		return (EPKG_FATAL);

	}

	snprintf(repofile, sizeof(repofile), "%s/%s.sqlite", dbdir, name);

	if (stat(repofile, &st) != -1) {

		t = st.st_mtime;

		/* add 10 minutes to the timestap because repo.sqlite is

		 * always newer than repo.txz, 10 minutes should be enough

		 */

		t += 600;

	}

	if ((rc = pkg_fetch_file(url, tmp, t)) != EPKG_OK) {

		/*

		 * No need to unlink(tmp) here as it is already

		 * done in pkg_fetch_file() in case fetch failed.

		 */

		return (rc);

	}

	a = archive_read_new();

	archive_read_support_compression_all(a);

	archive_read_support_format_tar(a);

	archive_read_open_filename(a, tmp, 4096);

	while (archive_read_next_header(a, &ae) == ARCHIVE_OK) {

		if (strcmp(archive_entry_pathname(ae), "repo.sqlite") == 0) {

			snprintf(repofile_unchecked, sizeof(repofile_unchecked), "%s.unchecked", repofile);

			archive_entry_set_pathname(ae, repofile_unchecked);

			/*

			 * The repo should be owned by root and not writable

			 */

			archive_entry_set_uid(ae, 0);

			archive_entry_set_gid(ae, 0);

			archive_entry_set_perm(ae, 0644);

			archive_read_extract(a, ae, EXTRACT_ARCHIVE_FLAGS);

		}

		if (strcmp(archive_entry_pathname(ae), "signature") == 0) {

			siglen = archive_entry_size(ae);

			sig = malloc(siglen);

			archive_read_data(a, sig, siglen);

		}

	}

	if (pkg_config_string(PKG_CONFIG_REPOKEY, &repokey) != EPKG_OK)

		return (EPKG_FATAL);

	if (repokey != NULL) {

		if (sig != NULL) {

			if (rsa_verify(repofile_unchecked, repokey, sig, siglen - 1) != EPKG_OK) {

				pkg_emit_error("Invalid signature, removing repository.\n");

				unlink(repofile_unchecked);

				free(sig);

				rc = EPKG_FATAL;

				goto cleanup;

			}

		} else {

			pkg_emit_error("No signature found in the repository, this is mandatory");

			rc = EPKG_FATAL;

			unlink(repofile_unchecked);

			goto cleanup;

		}

	}

	if (rename(repofile_unchecked, repofile) != 0) {

		pkg_emit_errno("rename", "");

		goto cleanup;

	}

	if ((rc = remote_add_indexes(name)) != EPKG_OK)

		goto cleanup;

	rc = EPKG_OK;

	cleanup:

	if (a != NULL)

		archive_read_finish(a);

	(void)unlink(tmp);

	return (rc);

}

		retcode = pkg_update("repo", url);

			retcode = pkg_update(repo_name, url);