Commit Graph

13 Commits

Author SHA1 Message Date
0d90534236 libxbps: ABI/API break due to hash function changes 2020-02-10 13:32:17 +01:00
6cf1555398 Revert "libxbps: verify repodata signatures even if rootdir is unset."
This reverts commit be05118aa8.
2020-01-06 15:33:25 +01:00
d2208f91e0 Revert "Verify repodata signature"
This reverts commit a7830cf780.
2020-01-06 14:33:49 +01:00
be05118aa8 libxbps: verify repodata signatures even if rootdir is unset.
xbps-rindex(1) has a -r option that sets the remove mode,
due to the changes added to sign repodata we need to access
to the correct directory where repository public keys are
stored. This makes the code use `$PWD/keys` before falling
back to `metadir`.

Fixes the test suite to run with unprivileged users (non root).
2019-11-24 12:52:50 +01:00
a7830cf780 Verify repodata signature 2019-11-02 11:53:14 +01:00
6ed0c8c5c5 lib/verifysig.c: add xbps_verify_signature to verify signature against digest 2019-10-25 23:38:01 +02:00
df97be6a54 lib/verifysig.c: use xbps_file_hash_raw()
instead of mmap'ing the source file, xbps_file_hash_raw is used
to generate a digest of the file.
2016-06-16 06:51:10 +02:00
769a997afb Introduce xbps_plist_{array,dictionary}_from_file().
Those are a wrapper around xbps_{array,dictionary}_internalize_from_zfile()
that prints a debugging msg when the plist file cannot be internalized.

Update xbps to use these wrappers.
2015-05-28 10:15:05 +02:00
aae88aa253 lib/verifysig.c: resource leak (CID 62727) 2014-10-05 07:27:13 +02:00
72cefcfc83 Introduce xbps_mmap_file() and use it in strategic points.
Rather than using a random buffer from stack or heap, and decide
what size to use, create a private memory mapped object...

This simplifies the code in lib/verifysig.c and xbps-create.
2014-09-27 13:00:34 +02:00
27f7bbd44d xbps_verify_file_signature: there's no repo->hexfp anymore, compute it instead. 2014-01-30 19:34:26 +01:00
d08e76a386 Keep repo metadata if possible when updating repodata (xbps-rindex -a/-c).
API/ABI incompat changes, you've been warned.
2014-01-30 13:07:34 +01:00
ec0d38c469 Implement per pkg RSA signatures and on-demand repository access. 2013-12-24 10:43:55 +01:00