57a6813e1e
Note that to not interfer with finger print it expects a signature on pkg itself which is named pkg.txz.pubkeysign To genrate it: echo -n "$(sha256 -q pkg.txz)" | openssl dgst -sha256 -sign /thekey \ -binary -out ./pkg.txz.pubkeysig Note the "echo -n" which prevent signing the '\n' one would get otherwise PR: 202622 MFC after: 1 week
542 lines
12 KiB
C
542 lines
12 KiB
C
/*-
|
|
* Copyright (c) 2014 Baptiste Daroussin <bapt@FreeBSD.org>
|
|
* Copyright (c) 2013 Bryan Drewery <bdrewery@FreeBSD.org>
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#include <sys/cdefs.h>
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
#include <sys/param.h>
|
|
#include <sys/queue.h>
|
|
#include <sys/sbuf.h>
|
|
#include <sys/types.h>
|
|
#include <sys/utsname.h>
|
|
#include <sys/sysctl.h>
|
|
|
|
#include <assert.h>
|
|
#include <dirent.h>
|
|
#include <ucl.h>
|
|
#include <ctype.h>
|
|
#include <err.h>
|
|
#include <errno.h>
|
|
#include <fcntl.h>
|
|
#include <inttypes.h>
|
|
#include <paths.h>
|
|
#include <stdbool.h>
|
|
#include <string.h>
|
|
#include <unistd.h>
|
|
|
|
#include "config.h"
|
|
|
|
#define roundup2(x, y) (((x)+((y)-1))&(~((y)-1))) /* if y is powers of two */
|
|
|
|
struct config_value {
|
|
char *value;
|
|
STAILQ_ENTRY(config_value) next;
|
|
};
|
|
|
|
struct config_entry {
|
|
uint8_t type;
|
|
const char *key;
|
|
const char *val;
|
|
char *value;
|
|
STAILQ_HEAD(, config_value) *list;
|
|
bool envset;
|
|
bool main_only; /* Only set in pkg.conf. */
|
|
};
|
|
|
|
static struct config_entry c[] = {
|
|
[PACKAGESITE] = {
|
|
PKG_CONFIG_STRING,
|
|
"PACKAGESITE",
|
|
URL_SCHEME_PREFIX "http://pkg.FreeBSD.org/${ABI}/latest",
|
|
NULL,
|
|
NULL,
|
|
false,
|
|
false,
|
|
},
|
|
[ABI] = {
|
|
PKG_CONFIG_STRING,
|
|
"ABI",
|
|
NULL,
|
|
NULL,
|
|
NULL,
|
|
false,
|
|
true,
|
|
},
|
|
[MIRROR_TYPE] = {
|
|
PKG_CONFIG_STRING,
|
|
"MIRROR_TYPE",
|
|
"SRV",
|
|
NULL,
|
|
NULL,
|
|
false,
|
|
false,
|
|
},
|
|
[ASSUME_ALWAYS_YES] = {
|
|
PKG_CONFIG_BOOL,
|
|
"ASSUME_ALWAYS_YES",
|
|
"NO",
|
|
NULL,
|
|
NULL,
|
|
false,
|
|
true,
|
|
},
|
|
[SIGNATURE_TYPE] = {
|
|
PKG_CONFIG_STRING,
|
|
"SIGNATURE_TYPE",
|
|
NULL,
|
|
NULL,
|
|
NULL,
|
|
false,
|
|
false,
|
|
},
|
|
[FINGERPRINTS] = {
|
|
PKG_CONFIG_STRING,
|
|
"FINGERPRINTS",
|
|
NULL,
|
|
NULL,
|
|
NULL,
|
|
false,
|
|
false,
|
|
},
|
|
[REPOS_DIR] = {
|
|
PKG_CONFIG_LIST,
|
|
"REPOS_DIR",
|
|
NULL,
|
|
NULL,
|
|
NULL,
|
|
false,
|
|
true,
|
|
},
|
|
[PUBKEY] = {
|
|
PKG_CONFIG_STRING,
|
|
"PUBKEY",
|
|
NULL,
|
|
NULL,
|
|
NULL,
|
|
false,
|
|
false
|
|
}
|
|
};
|
|
|
|
static int
|
|
pkg_get_myabi(char *dest, size_t sz)
|
|
{
|
|
struct utsname uts;
|
|
char machine_arch[255];
|
|
size_t len;
|
|
int error;
|
|
|
|
error = uname(&uts);
|
|
if (error)
|
|
return (errno);
|
|
|
|
len = sizeof(machine_arch);
|
|
error = sysctlbyname("hw.machine_arch", machine_arch, &len, NULL, 0);
|
|
if (error)
|
|
return (errno);
|
|
machine_arch[len] = '\0';
|
|
|
|
/*
|
|
* Use __FreeBSD_version rather than kernel version (uts.release) for
|
|
* use in jails. This is equivalent to the value of uname -U.
|
|
*/
|
|
snprintf(dest, sz, "%s:%d:%s", uts.sysname, __FreeBSD_version/100000,
|
|
machine_arch);
|
|
|
|
return (error);
|
|
}
|
|
|
|
static void
|
|
subst_packagesite(const char *abi)
|
|
{
|
|
struct sbuf *newval;
|
|
const char *variable_string;
|
|
const char *oldval;
|
|
|
|
if (c[PACKAGESITE].value != NULL)
|
|
oldval = c[PACKAGESITE].value;
|
|
else
|
|
oldval = c[PACKAGESITE].val;
|
|
|
|
if ((variable_string = strstr(oldval, "${ABI}")) == NULL)
|
|
return;
|
|
|
|
newval = sbuf_new_auto();
|
|
sbuf_bcat(newval, oldval, variable_string - oldval);
|
|
sbuf_cat(newval, abi);
|
|
sbuf_cat(newval, variable_string + strlen("${ABI}"));
|
|
sbuf_finish(newval);
|
|
|
|
free(c[PACKAGESITE].value);
|
|
c[PACKAGESITE].value = strdup(sbuf_data(newval));
|
|
}
|
|
|
|
static int
|
|
boolstr_to_bool(const char *str)
|
|
{
|
|
if (str != NULL && (strcasecmp(str, "true") == 0 ||
|
|
strcasecmp(str, "yes") == 0 || strcasecmp(str, "on") == 0 ||
|
|
str[0] == '1'))
|
|
return (true);
|
|
|
|
return (false);
|
|
}
|
|
|
|
static void
|
|
config_parse(const ucl_object_t *obj, pkg_conf_file_t conftype)
|
|
{
|
|
struct sbuf *buf = sbuf_new_auto();
|
|
const ucl_object_t *cur, *seq;
|
|
ucl_object_iter_t it = NULL, itseq = NULL;
|
|
struct config_entry *temp_config;
|
|
struct config_value *cv;
|
|
const char *key;
|
|
int i;
|
|
size_t j;
|
|
|
|
/* Temporary config for configs that may be disabled. */
|
|
temp_config = calloc(CONFIG_SIZE, sizeof(struct config_entry));
|
|
|
|
while ((cur = ucl_iterate_object(obj, &it, true))) {
|
|
key = ucl_object_key(cur);
|
|
if (key == NULL)
|
|
continue;
|
|
sbuf_clear(buf);
|
|
|
|
if (conftype == CONFFILE_PKG) {
|
|
for (j = 0; j < strlen(key); ++j)
|
|
sbuf_putc(buf, key[j]);
|
|
sbuf_finish(buf);
|
|
} else if (conftype == CONFFILE_REPO) {
|
|
if (strcasecmp(key, "url") == 0)
|
|
sbuf_cpy(buf, "PACKAGESITE");
|
|
else if (strcasecmp(key, "mirror_type") == 0)
|
|
sbuf_cpy(buf, "MIRROR_TYPE");
|
|
else if (strcasecmp(key, "signature_type") == 0)
|
|
sbuf_cpy(buf, "SIGNATURE_TYPE");
|
|
else if (strcasecmp(key, "fingerprints") == 0)
|
|
sbuf_cpy(buf, "FINGERPRINTS");
|
|
else if (strcasecmp(key, "pubkey") == 0)
|
|
sbuf_cpy(buf, "PUBKEY");
|
|
else if (strcasecmp(key, "enabled") == 0) {
|
|
if ((cur->type != UCL_BOOLEAN) ||
|
|
!ucl_object_toboolean(cur))
|
|
goto cleanup;
|
|
} else
|
|
continue;
|
|
sbuf_finish(buf);
|
|
}
|
|
|
|
for (i = 0; i < CONFIG_SIZE; i++) {
|
|
if (strcmp(sbuf_data(buf), c[i].key) == 0)
|
|
break;
|
|
}
|
|
|
|
/* Silently skip unknown keys to be future compatible. */
|
|
if (i == CONFIG_SIZE)
|
|
continue;
|
|
|
|
/* env has priority over config file */
|
|
if (c[i].envset)
|
|
continue;
|
|
|
|
/* Parse sequence value ["item1", "item2"] */
|
|
switch (c[i].type) {
|
|
case PKG_CONFIG_LIST:
|
|
if (cur->type != UCL_ARRAY) {
|
|
warnx("Skipping invalid array "
|
|
"value for %s.\n", c[i].key);
|
|
continue;
|
|
}
|
|
temp_config[i].list =
|
|
malloc(sizeof(*temp_config[i].list));
|
|
STAILQ_INIT(temp_config[i].list);
|
|
|
|
while ((seq = ucl_iterate_object(cur, &itseq, true))) {
|
|
if (seq->type != UCL_STRING)
|
|
continue;
|
|
cv = malloc(sizeof(struct config_value));
|
|
cv->value =
|
|
strdup(ucl_object_tostring(seq));
|
|
STAILQ_INSERT_TAIL(temp_config[i].list, cv,
|
|
next);
|
|
}
|
|
break;
|
|
case PKG_CONFIG_BOOL:
|
|
temp_config[i].value =
|
|
strdup(ucl_object_toboolean(cur) ? "yes" : "no");
|
|
break;
|
|
default:
|
|
/* Normal string value. */
|
|
temp_config[i].value = strdup(ucl_object_tostring(cur));
|
|
break;
|
|
}
|
|
}
|
|
|
|
/* Repo is enabled, copy over all settings from temp_config. */
|
|
for (i = 0; i < CONFIG_SIZE; i++) {
|
|
if (c[i].envset)
|
|
continue;
|
|
/* Prevent overriding ABI, ASSUME_ALWAYS_YES, etc. */
|
|
if (conftype != CONFFILE_PKG && c[i].main_only == true)
|
|
continue;
|
|
switch (c[i].type) {
|
|
case PKG_CONFIG_LIST:
|
|
c[i].list = temp_config[i].list;
|
|
break;
|
|
default:
|
|
c[i].value = temp_config[i].value;
|
|
break;
|
|
}
|
|
}
|
|
|
|
cleanup:
|
|
free(temp_config);
|
|
sbuf_delete(buf);
|
|
}
|
|
|
|
/*-
|
|
* Parse new repo style configs in style:
|
|
* Name:
|
|
* URL:
|
|
* MIRROR_TYPE:
|
|
* etc...
|
|
*/
|
|
static void
|
|
parse_repo_file(ucl_object_t *obj)
|
|
{
|
|
ucl_object_iter_t it = NULL;
|
|
const ucl_object_t *cur;
|
|
const char *key;
|
|
|
|
while ((cur = ucl_iterate_object(obj, &it, true))) {
|
|
key = ucl_object_key(cur);
|
|
|
|
if (key == NULL)
|
|
continue;
|
|
|
|
if (cur->type != UCL_OBJECT)
|
|
continue;
|
|
|
|
config_parse(cur, CONFFILE_REPO);
|
|
}
|
|
}
|
|
|
|
|
|
static int
|
|
read_conf_file(const char *confpath, pkg_conf_file_t conftype)
|
|
{
|
|
struct ucl_parser *p;
|
|
ucl_object_t *obj = NULL;
|
|
|
|
p = ucl_parser_new(0);
|
|
|
|
if (!ucl_parser_add_file(p, confpath)) {
|
|
if (errno != ENOENT)
|
|
errx(EXIT_FAILURE, "Unable to parse configuration "
|
|
"file %s: %s", confpath, ucl_parser_get_error(p));
|
|
ucl_parser_free(p);
|
|
/* no configuration present */
|
|
return (1);
|
|
}
|
|
|
|
obj = ucl_parser_get_object(p);
|
|
if (obj->type != UCL_OBJECT)
|
|
warnx("Invalid configuration format, ignoring the "
|
|
"configuration file %s", confpath);
|
|
else {
|
|
if (conftype == CONFFILE_PKG)
|
|
config_parse(obj, conftype);
|
|
else if (conftype == CONFFILE_REPO)
|
|
parse_repo_file(obj);
|
|
}
|
|
|
|
ucl_object_unref(obj);
|
|
ucl_parser_free(p);
|
|
|
|
return (0);
|
|
}
|
|
|
|
static int
|
|
load_repositories(const char *repodir)
|
|
{
|
|
struct dirent *ent;
|
|
DIR *d;
|
|
char *p;
|
|
size_t n;
|
|
char path[MAXPATHLEN];
|
|
int ret;
|
|
|
|
ret = 0;
|
|
|
|
if ((d = opendir(repodir)) == NULL)
|
|
return (1);
|
|
|
|
while ((ent = readdir(d))) {
|
|
/* Trim out 'repos'. */
|
|
if ((n = strlen(ent->d_name)) <= 5)
|
|
continue;
|
|
p = &ent->d_name[n - 5];
|
|
if (strcmp(p, ".conf") == 0) {
|
|
snprintf(path, sizeof(path), "%s%s%s",
|
|
repodir,
|
|
repodir[strlen(repodir) - 1] == '/' ? "" : "/",
|
|
ent->d_name);
|
|
if (access(path, F_OK) == 0 &&
|
|
read_conf_file(path, CONFFILE_REPO)) {
|
|
ret = 1;
|
|
goto cleanup;
|
|
}
|
|
}
|
|
}
|
|
|
|
cleanup:
|
|
closedir(d);
|
|
|
|
return (ret);
|
|
}
|
|
|
|
int
|
|
config_init(void)
|
|
{
|
|
char *val;
|
|
int i;
|
|
const char *localbase;
|
|
char *env_list_item;
|
|
char confpath[MAXPATHLEN];
|
|
struct config_value *cv;
|
|
char abi[BUFSIZ];
|
|
|
|
for (i = 0; i < CONFIG_SIZE; i++) {
|
|
val = getenv(c[i].key);
|
|
if (val != NULL) {
|
|
c[i].envset = true;
|
|
switch (c[i].type) {
|
|
case PKG_CONFIG_LIST:
|
|
/* Split up comma-separated items from env. */
|
|
c[i].list = malloc(sizeof(*c[i].list));
|
|
STAILQ_INIT(c[i].list);
|
|
for (env_list_item = strtok(val, ",");
|
|
env_list_item != NULL;
|
|
env_list_item = strtok(NULL, ",")) {
|
|
cv =
|
|
malloc(sizeof(struct config_value));
|
|
cv->value =
|
|
strdup(env_list_item);
|
|
STAILQ_INSERT_TAIL(c[i].list, cv,
|
|
next);
|
|
}
|
|
break;
|
|
default:
|
|
c[i].val = val;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
/* Read LOCALBASE/etc/pkg.conf first. */
|
|
localbase = getenv("LOCALBASE") ? getenv("LOCALBASE") : _LOCALBASE;
|
|
snprintf(confpath, sizeof(confpath), "%s/etc/pkg.conf",
|
|
localbase);
|
|
|
|
if (access(confpath, F_OK) == 0 && read_conf_file(confpath,
|
|
CONFFILE_PKG))
|
|
goto finalize;
|
|
|
|
/* Then read in all repos from REPOS_DIR list of directories. */
|
|
if (c[REPOS_DIR].list == NULL) {
|
|
c[REPOS_DIR].list = malloc(sizeof(*c[REPOS_DIR].list));
|
|
STAILQ_INIT(c[REPOS_DIR].list);
|
|
cv = malloc(sizeof(struct config_value));
|
|
cv->value = strdup("/etc/pkg");
|
|
STAILQ_INSERT_TAIL(c[REPOS_DIR].list, cv, next);
|
|
cv = malloc(sizeof(struct config_value));
|
|
if (asprintf(&cv->value, "%s/etc/pkg/repos", localbase) < 0)
|
|
goto finalize;
|
|
STAILQ_INSERT_TAIL(c[REPOS_DIR].list, cv, next);
|
|
}
|
|
|
|
STAILQ_FOREACH(cv, c[REPOS_DIR].list, next)
|
|
if (load_repositories(cv->value))
|
|
goto finalize;
|
|
|
|
finalize:
|
|
if (c[ABI].val == NULL && c[ABI].value == NULL) {
|
|
if (pkg_get_myabi(abi, BUFSIZ) != 0)
|
|
errx(EXIT_FAILURE, "Failed to determine the system "
|
|
"ABI");
|
|
c[ABI].val = abi;
|
|
}
|
|
|
|
subst_packagesite(c[ABI].value != NULL ? c[ABI].value : c[ABI].val);
|
|
|
|
return (0);
|
|
}
|
|
|
|
int
|
|
config_string(pkg_config_key k, const char **val)
|
|
{
|
|
if (c[k].type != PKG_CONFIG_STRING)
|
|
return (-1);
|
|
|
|
if (c[k].value != NULL)
|
|
*val = c[k].value;
|
|
else
|
|
*val = c[k].val;
|
|
|
|
return (0);
|
|
}
|
|
|
|
int
|
|
config_bool(pkg_config_key k, bool *val)
|
|
{
|
|
const char *value;
|
|
|
|
if (c[k].type != PKG_CONFIG_BOOL)
|
|
return (-1);
|
|
|
|
*val = false;
|
|
|
|
if (c[k].value != NULL)
|
|
value = c[k].value;
|
|
else
|
|
value = c[k].val;
|
|
|
|
if (boolstr_to_bool(value))
|
|
*val = true;
|
|
|
|
return (0);
|
|
}
|
|
|
|
void
|
|
config_finish(void) {
|
|
int i;
|
|
|
|
for (i = 0; i < CONFIG_SIZE; i++)
|
|
free(c[i].value);
|
|
}
|