20 Commits

Author SHA1 Message Date
classabbyamp
406f109100 lib/, bin/: fix signature type, now called *.sig2
Since 8d5c48b, xbps has used a sha1 ASN1 prefix with a sha256 hash, and
as of openssl v3, openssl cares about this. This works around that in a
compatible way by moving to a second sig file, binpkg.sig2.

For xbps-remove -O and xbps-rindex -r, also clean up obselete .sig files.
2023-08-30 21:00:37 +02:00
Duncan Overbruck
d962eaaf3c
lib: remove xhp argument from xbps_pubkey2fp 2022-12-24 14:29:24 +01:00
Duncan Overbruck
9efba6749f
lib: remove xhp argument from xbps_plist_{array,dictionary}_from_file 2022-12-24 14:29:24 +01:00
Duncan Overbruck
de484e9369
lib: change xbps_dbg_printf to not require xbps_handle
This allows to simplify a lot of code by not having to pass around
the xbps handle everywhere just to print some debug information.
2022-12-24 14:29:23 +01:00
Érico Rolim
47df729bcc
tree-wide: remove unnecessary __UNCONST usage. 2021-02-04 23:02:39 +01:00
Duncan Overbruck
44cd938115
Revert "Use shared LICENSE file for all xbps code."
This reverts commit be7d8cfaf1d303cc460ec32207b6f05cd0f86293.

This commit missed some previous copyrights mentioned,
in general I think its better to have this per-file to
follow who wrote what and when.
2020-04-29 14:12:10 +02:00
Juan RP
be7d8cfaf1
Use shared LICENSE file for all xbps code. 2020-04-24 11:44:19 +02:00
Duncan Overbruck
0d90534236
libxbps: ABI/API break due to hash function changes 2020-02-10 13:32:17 +01:00
Piotr Wójcik
6cf1555398 Revert "libxbps: verify repodata signatures even if rootdir is unset."
This reverts commit be05118aa8adb9f2520c679c8649ce76eea28858.
2020-01-06 15:33:25 +01:00
Juan RP
d2208f91e0
Revert "Verify repodata signature"
This reverts commit a7830cf780716d71bde396cbe3697994fc94e129.
2020-01-06 14:33:49 +01:00
Juan RP
be05118aa8
libxbps: verify repodata signatures even if rootdir is unset.
xbps-rindex(1) has a -r option that sets the remove mode,
due to the changes added to sign repodata we need to access
to the correct directory where repository public keys are
stored. This makes the code use `$PWD/keys` before falling
back to `metadir`.

Fixes the test suite to run with unprivileged users (non root).
2019-11-24 12:52:50 +01:00
Piotr Wójcik
a7830cf780 Verify repodata signature 2019-11-02 11:53:14 +01:00
Duncaen
6ed0c8c5c5 lib/verifysig.c: add xbps_verify_signature to verify signature against digest 2019-10-25 23:38:01 +02:00
Enno Boland
df97be6a54 lib/verifysig.c: use xbps_file_hash_raw()
instead of mmap'ing the source file, xbps_file_hash_raw is used
to generate a digest of the file.
2016-06-16 06:51:10 +02:00
Juan RP
769a997afb Introduce xbps_plist_{array,dictionary}_from_file().
Those are a wrapper around xbps_{array,dictionary}_internalize_from_zfile()
that prints a debugging msg when the plist file cannot be internalized.

Update xbps to use these wrappers.
2015-05-28 10:15:05 +02:00
Juan RP
aae88aa253 lib/verifysig.c: resource leak (CID 62727) 2014-10-05 07:27:13 +02:00
Juan RP
72cefcfc83 Introduce xbps_mmap_file() and use it in strategic points.
Rather than using a random buffer from stack or heap, and decide
what size to use, create a private memory mapped object...

This simplifies the code in lib/verifysig.c and xbps-create.
2014-09-27 13:00:34 +02:00
Juan RP
27f7bbd44d xbps_verify_file_signature: there's no repo->hexfp anymore, compute it instead. 2014-01-30 19:34:26 +01:00
Juan RP
d08e76a386 Keep repo metadata if possible when updating repodata (xbps-rindex -a/-c).
API/ABI incompat changes, you've been warned.
2014-01-30 13:07:34 +01:00
Juan RP
ec0d38c469 Implement per pkg RSA signatures and on-demand repository access. 2013-12-24 10:43:55 +01:00