emo/xbps
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Redo how the repository keys are stored.

Browse Source 
- Repository keys are now stored in a new directory on metadir (/var/db/xbps):

	<metadir>/key>

- Repository keys are stored with the hex fingerprint of its RSA
  public key in a plist dictionary:

	<metadir>/keys/xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.plist

- Drop xbps-rkeys(8) and merge its functionality into xbps-install(8) and
  xbps-query(8).

- xbps-query(8) -vL now shows some more details of remote repositories:

 3134 http://localhost:8000 (RSA signed, verified)
      Signed-by: Void Linux
      4096 60:ae:0c:d6:f0:95:17:80:bc:93:46:7a:89:af:a3:2d
   16 http://localhost:8000/nonfree (RSA signed, verified)
      Signed-by: Void Linux
      4096 60:ae:0c:d6:f0:95:17:80:bc:93:46:7a:89:af:a3:2d

Bump XBPS_API_VERSION.
This commit is contained in:
Juan RP
2013-11-18 16:05:46 +01:00
parent c9825feb29
commit 8882b0215f
22 changed files with 183 additions and 509 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
lib/repo.c
View File

@ -91,6 +91,7 @@ repo_get_dict(struct xbps_repo *repo, const char *fname)
struct xbps_repo *
xbps_repo_open(struct xbps_handle *xhp, const char *url)
{
xbps_dictionary_t meta;
struct xbps_repo *repo;
struct stat st;
const char *arch;
@ -119,14 +120,12 @@ xbps_repo_open(struct xbps_handle *xhp, const char *url)
repofile = xbps_repo_path(xhp, url);
}
repo = malloc(sizeof(struct xbps_repo));
repo = calloc(1, sizeof(struct xbps_repo));
assert(repo);
repo->xhp = xhp;
repo->uri = url;
repo->ar = archive_read_new();
repo->is_verified = false;
repo->is_signed = false;
repo->is_remote = is_remote;
archive_read_support_compression_gzip(repo->ar);
archive_read_support_format_tar(repo->ar);
@ -157,10 +156,18 @@ xbps_repo_open(struct xbps_handle *xhp, const char *url)
repo = NULL;
goto out;
}
if ((repo->meta = repo_get_dict(repo, XBPS_REPOIDX_META)))
repo->is_signed = true;
if (!is_remote)
goto out;
if ((meta = repo_get_dict(repo, XBPS_REPOIDX_META))) {
repo->is_signed = true;
repo->signature = xbps_dictionary_get(meta, "signature");
xbps_dictionary_get_cstring_nocopy(meta, "signature-by", &repo->signedby);
repo->pubkey = xbps_dictionary_get(meta, "public-key");
xbps_dictionary_get_uint16(meta, "public-key-size", &repo->pubkey_size);
repo->hexfp = xbps_pubkey2fp(repo->xhp, repo->pubkey);
}
repo->idxfiles = NULL;
out:
free(repofile);
return repo;
@ -198,10 +205,6 @@ xbps_repo_close(struct xbps_repo *repo)
if (repo->ar != NULL)
archive_read_finish(repo->ar);
if (repo->meta != NULL) {
xbps_object_release(repo->meta);
repo->meta = NULL;
}
if (repo->idx != NULL) {
xbps_object_release(repo->idx);
repo->idx = NULL;
@ -210,6 +213,8 @@ xbps_repo_close(struct xbps_repo *repo)
xbps_object_release(repo->idxfiles);
repo->idxfiles = NULL;
}
if (repo->hexfp != NULL)
free(repo->hexfp);
}
xbps_dictionary_t