Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits 0965e3f
pkg_create_repo now returns the checksum for the newly repository pkg repo can rsa sign this repository (need to be rewritten :))
Baptiste Daroussin committed 15 years ago
commit 0965e3fd966d8410ed9c6bc2ead439c016f79491
parent d95705a
3 files changed +102 -7
modified libpkg/pkg.h
@@ -348,8 +348,9 @@ const char *pkg_option_value(struct pkg_option *);
 * @param path The path where the repository live.

 * @param callback A function which is called at every step of the process.

 * @param data A pointer which is passed to the callback.
+ 
 * @param sum An 65 long char array to receive the sha256 sum

 */
- 
int pkg_create_repo(char *path, void (*callback)(struct pkg *, void *), void *);
+ 
int pkg_create_repo(char *path, void (*callback)(struct pkg *, void *), void *, char [65]);



/**

 * Open the local package database.
modified libpkg/pkg_repo.c
@@ -8,6 +8,7 @@
#include <unistd.h>

#include <stdio.h>

#include <string.h>
+ 
#include <sha256.h>



#include "pkg.h"

#include "pkg_error.h"
@@ -15,7 +16,7 @@
#include "pkg_util.h"



int
- 
pkg_create_repo(char *path, void (progress)(struct pkg *pkg, void *data), void *data)
+ 
pkg_create_repo(char *path, void (progress)(struct pkg *pkg, void *data), void *data, char sum[65])

{

	FTS *fts = NULL;

	FTSENT *ent = NULL;
@@ -181,7 +182,6 @@ pkg_create_repo(char *path, void (progress)(struct pkg *pkg, void *data), void *
	if (sqlite3_exec(sqlite, "COMMIT;", NULL, NULL, &errmsg) != SQLITE_OK)

		retcode = pkg_error_set(EPKG_FATAL, "%s", errmsg);
- 
	cleanup:

	if (fts != NULL)

		fts_close(fts);
@@ -197,6 +197,9 @@ pkg_create_repo(char *path, void (progress)(struct pkg *pkg, void *data), void *
	if (sqlite != NULL)

		sqlite3_close(sqlite);
+ 
	sha256_file(repodb, sum);
+
+ 
	cleanup:

	if (errmsg != NULL)

		sqlite3_free(errmsg);
modified pkg/repo.c
@@ -1,9 +1,14 @@
#include <sysexits.h>

#include <stdio.h>

#include <string.h>
+ 
#include <sys/param.h>



#include <pkg.h>
+ 
#include <openssl/rsa.h>
+ 
#include <openssl/err.h>
+ 
#include <openssl/ssl.h>
+ 


#include "repo.h"



void
@@ -14,7 +19,8 @@ usage_repo(void)
}



static void
- 
progress(struct pkg *pkg, void *data) {
+ 
progress(struct pkg *pkg, void *data)
+ 
{

	(void)data;



	if (pkg != NULL)
@@ -23,23 +29,108 @@ progress(struct pkg *pkg, void *data) {
		pkg_error_warn("");

}
+ 
static int
+ 
password_cb(char *buf, int size, int rwflag, void *key)
+ 
{
+ 
	int len;
+ 
	char passwd[BUFSIZ];
+ 
	(void)rwflag;
+
+ 
	printf("Enter pass phrase for '%s': ", (char *) key);
+ 
	scanf("%s", passwd);
+ 
	len = strlen(passwd);
+
+ 
	if (len <= 0)  return 0;
+ 
	if (len > size) len = size;
+
+ 
	memset(buf, '\0', size);
+ 
	memcpy(buf, passwd, len);
+ 
	return len;
+ 
}
+
+ 
static RSA *
+ 
load_rsa_private_key(char *rsa_key_path)
+ 
{
+ 
	FILE *fp;
+ 
	RSA *rsa = NULL;
+
+ 
	fp = fopen(rsa_key_path, "r");
+ 
	if (fp == 0) {
+ 
		return NULL;
+ 
	}
+
+ 
	rsa = RSA_new();
+ 
	if (rsa == NULL) {
+ 
		fclose(fp);
+ 
		return NULL;
+ 
	}
+
+ 
	rsa = PEM_read_RSAPrivateKey(fp, 0, password_cb, rsa_key_path);
+ 
	if (rsa == NULL) {
+
+ 
		fclose(fp);
+ 
		return NULL;
+ 
	}
+
+ 
	fclose(fp);
+ 
	return rsa;
+ 
}
+ 


int

exec_repo(int argc, char **argv)

{

	int ret;
- 
	if (argc != 2) {
+ 
	RSA *rsa = NULL;
+ 
	char sha256[65];
+ 
/*	char db_path[MAXPATHLEN];*/
+ 
	int max_len = 0;
+ 
	unsigned char *sigret = NULL;
+ 
	int siglen = 0;
+
+ 
	if (argc < 2 && argc > 3 ) {

		usage_repo();

		return (EX_USAGE);

	}
- 
	printf("Generating repo.db in %s\n", argv[1]);
- 
	ret = pkg_create_repo(argv[1], progress, NULL);
+ 
	printf("Generating repo.sqlite in %s\n", argv[1]);
+ 
	ret = pkg_create_repo(argv[1], progress, NULL, sha256);



	if (ret != EPKG_OK)

		pkg_error_warn("can not create repository");

	else

		printf("Done!\n");
+ 
	printf("sum: %s\n", sha256);
+
+ 
	if (argc == 3) {
+ 
		SSL_load_error_strings();
+
+ 
		OpenSSL_add_all_algorithms();
+ 
		OpenSSL_add_all_ciphers();
+
+
+ 
		rsa = load_rsa_private_key( argv[2] );
+
+ 
/*		snprintf(db_path, MAXPATHLEN, "%s/repo.sqlite", argv[1]); */
+
+ 
		max_len = RSA_size(rsa);
+ 
		sigret = malloc(max_len + 1);
+ 
		memset(sigret, 0, max_len);
+
+ 
		if (RSA_sign(NID_sha1, sha256, 65, sigret, &siglen, rsa) == 0) {
+ 
			return -1;
+ 
		}
+ 
		printf("signature: ");
+ 
		for (int i = 0; i < max_len; i++)
+ 
			 printf("%02x", sigret[i]);
+
+ 
		printf("\n");
+ 
		free(sigret);
+
+ 
		RSA_free( rsa );
+ 
		ERR_free_strings();
+ 
	}
+ 


	return (ret);

}