Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits 3b61d10
Introduce a new "fingerprint" type of signature
Baptiste Daroussin committed 12 years ago
commit 3b61d10ddca39861e58f0da75e697e41664fd287
parent cf5d06f
4 files changed +70 -9
modified libpkg/pkg.h.in
@@ -278,6 +278,12 @@ typedef enum {
	NOMIRROR,

} mirror_t;
+ 
typedef enum {
+ 
	SIG_PUBKEY,
+ 
	SIG_FINGERPRINT,
+ 
	SIG_NONE
+ 
} signature_t;
+ 


/**

 * Determine the type of a pkg_script.

 */
@@ -1396,6 +1402,8 @@ const char *pkg_repo_ident(struct pkg_repo *r);
const char *pkg_repo_name(struct pkg_repo *r);

const char * pkg_repo_ident_from_name(const char *repo_name);

const char *pkg_repo_key(struct pkg_repo *r);
+ 
const char *pkg_repo_fingerprints(struct pkg_repo *r);
+ 
signature_t pkg_repo_signature_type(struct pkg_repo *r);

bool pkg_repo_enabled(struct pkg_repo *r);

mirror_t pkg_repo_mirror_type(struct pkg_repo *r);

struct pkg_repo *pkg_repo_find_ident(const char *ident);
modified libpkg/pkg_config.c
@@ -738,6 +738,7 @@ add_repo(yaml_document_t *doc, yaml_node_t *repo, yaml_node_t *node, struct pkg_
{

	yaml_node_pair_t *pair;

	yaml_char_t *url = NULL, *pubkey = NULL, *enable = NULL, *mirror_type = NULL;
+ 
	yaml_char_t *signature_type = NULL, *fingerprints = NULL;



	pair = node->data.mapping.pairs.start;

	while (pair < node->data.mapping.pairs.top) {
@@ -762,6 +763,10 @@ add_repo(yaml_document_t *doc, yaml_node_t *repo, yaml_node_t *node, struct pkg_
			enable = val->data.scalar.value;

		else if (strcasecmp(key->data.scalar.value, "mirror_type") == 0)

			mirror_type = val->data.scalar.value;
+ 
		else if (strcasecmp(key->data.scalar.value, "signature") == 0)
+ 
			signature_type = val->data.scalar.value;
+ 
		else if (strcasecmp(key->data.scalar.value, "fingerprints") == 0)
+ 
			fingerprints = val->data.scalar.value;



		++pair;

		continue;
@@ -774,6 +779,7 @@ add_repo(yaml_document_t *doc, yaml_node_t *repo, yaml_node_t *node, struct pkg_
		r = calloc(1, sizeof(struct pkg_repo));

		r->enable = true;

		r->mirror_type = NOMIRROR;
+ 
		r->signature_type = SIG_NONE;

		asprintf(&r->name, REPO_NAME_PREFIX"%s", repo->data.scalar.value);

		HASH_ADD_KEYPTR(hh, repos, r->name, strlen(r->name), r);

	}
@@ -782,11 +788,26 @@ add_repo(yaml_document_t *doc, yaml_node_t *repo, yaml_node_t *node, struct pkg_
		free(r->url);

		r->url = subst_packagesite_str(url);

	}
+
+ 
	if (signature_type != NULL) {
+ 
		if (strcasecmp(signature_type, "pubkey") == 0)
+ 
			r->signature_type = SIG_PUBKEY;
+ 
		else if (strcasecmp(signature_type, "fingerprints") == 0)
+ 
			r->signature_type = SIG_FINGERPRINT;
+ 
		else
+ 
			r->signature_type = SIG_NONE;
+ 
	}
+ 


	if (pubkey != NULL) {

		free(r->pubkey);

		r->pubkey = strdup(pubkey);

	}
+ 
	if (fingerprints != NULL) {
+ 
		free(r->fingerprints);
+ 
		r->fingerprints = strdup(fingerprints);
+ 
	}
+ 


	if (enable != NULL &&

	    (strcasecmp(enable, "off") == 0 ||

	     strcasecmp(enable, "no") == 0 ||
@@ -1283,6 +1304,18 @@ pkg_repo_key(struct pkg_repo *r)
	return (r->pubkey);

}
+ 
const char *
+ 
pkg_repo_fingerprints(struct pkg_repo *r)
+ 
{
+ 
	return (r->fingerprints);
+ 
}
+
+ 
signature_t
+ 
pkg_repo_signature_type(struct pkg_repo *r)
+ 
{
+ 
	return (r->signature_type);
+ 
}
+ 


bool

pkg_repo_enabled(struct pkg_repo *r)

{
modified libpkg/private/pkg.h
@@ -266,6 +266,8 @@ struct pkg_repo {
		struct dns_srvinfo *srv;

		struct http_mirror *http;

	};
+ 
	signature_t signature_type;
+ 
	char *fingerprints;

	FILE *ssh;

	bool enable;

	UT_hash_handle hh;
modified pkg/main.c
@@ -407,32 +407,50 @@ show_plugin_info(void)
static void

show_repository_info(void)

{
- 
	const char	*buf;
+ 
	const char	*mirror, *sig;

	struct pkg_repo	*repo = NULL;



	printf("\nRepositories:\n");

	while (pkg_repos(&repo) == EPKG_OK) {

		switch (pkg_repo_mirror_type(repo)) {

		case SRV:
- 
			buf = "SRV";
+ 
			mirror = "SRV";

			break;

		case HTTP:
- 
			buf = "HTTP";
+ 
			mirror = "HTTP";

			break;

		case NOMIRROR:
- 
			buf = "NONE";
+ 
			mirror = "NONE";

			break;

		default:
- 
			buf = "-unknown-";
+ 
			mirror = "-unknown-";

			break;

		}
- 
		printf("  %s:\n%16s: %s\n%16s: %s\n%16s: %s\n%16s: %s\n",
+ 
		switch (pkg_repo_signature_type(repo)) {
+ 
		case SIG_PUBKEY:
+ 
			sig = "PUBKEY";
+ 
			break;
+ 
		case SIG_FINGERPRINT:
+ 
			sig = "FINGERPRINTS";
+ 
			break;
+ 
		case SIG_NONE:
+ 
			sig = "NONE";
+ 
			break;
+ 
		default:
+ 
			sig = "-unknown-";
+ 
			break;
+ 
		}
+
+ 
		printf("  %s:\n%16s: %s\n%16s: %s\n%16s: %s\n%16s: %s\n%16s: %s\n%16s: %s\n",

		    pkg_repo_ident(repo),

                    "url", pkg_repo_url(repo),
- 
		    "key", pkg_repo_key(repo) == NULL ?
- 
		       "" : pkg_repo_key(repo),
+ 
		    "signature", sig,
+ 
		    "pubkey", pkg_repo_key(repo) == NULL ?
+ 
		        "" : pkg_repo_key(repo),
+ 
		    "fingerprints", pkg_repo_fingerprints(repo) == NULL ?
+ 
		        "" : pkg_repo_fingerprints(repo),

		    "enabled", pkg_repo_enabled(repo) ? "yes" : "no",
- 
		    "mirror_type", buf);
+ 
		    "mirror_type", mirror);

	}

}