summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPanu Matilainen <pmatilai@redhat.com>2010-09-03 16:09:47 +0300
committerPanu Matilainen <pmatilai@redhat.com>2010-09-03 16:16:57 +0300
commitdfbaa77152ccf98524c4f27afe85d32e6f690522 (patch)
tree3e28230126ed40fbb063edce847a668a12eb6521
parentb195048bbb27a1aae4aa3938c3b1f79e0a26ae88 (diff)
downloadlibrpm-tizen-dfbaa77152ccf98524c4f27afe85d32e6f690522.tar.gz
librpm-tizen-dfbaa77152ccf98524c4f27afe85d32e6f690522.tar.bz2
librpm-tizen-dfbaa77152ccf98524c4f27afe85d32e6f690522.zip
Add a brand new rpmkeys utility for keyring operations
- Keyring operations (adding/viewing/removing keys and verifying packages against a given keyring) are different from main rpm operations in that they only need access to the rpm keyring, and no write access anywhere else in the system. At the moment the rpm keyring happens to be the rpmdb but that's just an implementation detail that is likely to change sooner or later. Besides paving way to separating the rpm keyring from the rpmdb, splitting this to a small, separate utility allows limiting its required access from SELinux POV etc. - For now, this only implements what's already in rpm: --import and --checksig, remaining operations like listing and manipulating keyring contents is left as an exercise for another day...
-rw-r--r--Makefile.am8
-rw-r--r--po/POTFILES.in1
-rw-r--r--rpmkeys.c76
3 files changed, 84 insertions, 1 deletions
diff --git a/Makefile.am b/Makefile.am
index 2077f00ad..1398e0f38 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -78,7 +78,7 @@ pkginclude_HEADERS += build/rpmspec.h
rpmbindir = `echo $(bindir) | $(SED) -e s,usr/bin,bin,`
rpmbin_PROGRAMS = rpm
-bin_PROGRAMS = rpm2cpio rpmbuild rpmsign
+bin_PROGRAMS = rpm2cpio rpmbuild rpmkeys rpmsign
rpmlibexec_PROGRAMS =
rpmconfig_SCRIPTS = find-provides find-requires mkinstalldirs \
@@ -98,6 +98,12 @@ rpm_LDADD = libcliutils.la
rpm_LDADD += build/librpmbuild.la lib/librpm.la rpmio/librpmio.la
rpm_LDADD += @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
+rpmkeys_SOURCES = rpmkeys.c debug.h system.h
+rpmkeys_CPPFLAGS = $(AM_CPPFLAGS)
+rpmkeys_LDADD = libcliutils.la
+rpmkeys_LDADD += lib/librpm.la rpmio/librpmio.la
+rpmkeys_LDADD += @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
+
rpmsign_SOURCES = rpmsign.c debug.h system.h
rpmsign_CPPFLAGS = $(AM_CPPFLAGS)
rpmsign_LDADD = libcliutils.la
diff --git a/po/POTFILES.in b/po/POTFILES.in
index c1f28b0a5..dc6bea652 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -6,6 +6,7 @@ cliutils.c
rpm2cpio.c
rpmqv.c
rpmbuild.c
+rpmkeys.c
rpmsign.c
build/build.c
build/expression.c
diff --git a/rpmkeys.c b/rpmkeys.c
new file mode 100644
index 000000000..45ca47e4e
--- /dev/null
+++ b/rpmkeys.c
@@ -0,0 +1,76 @@
+#include "system.h"
+
+#include <popt.h>
+#include <rpm/rpmcli.h>
+#include "cliutils.h"
+#include "debug.h"
+
+#if !defined(__GLIBC__) && !defined(__APPLE__)
+char ** environ = NULL;
+#endif
+
+enum modes {
+ MODE_CHECKSIG = (1 << 0),
+ MODE_IMPORTKEY = (1 << 1),
+ MODE_DELKEY = (1 << 2),
+ MODE_LISTKEY = (1 << 3),
+};
+
+static int mode = 0;
+
+static struct poptOption optionsTable[] = {
+ { NULL, '\0', POPT_ARG_INCLUDE_TABLE, rpmcliAllPoptTable, 0,
+ N_("Common options for all rpm modes and executables:"), NULL },
+ { "checksig", 'K', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_CHECKSIG,
+ N_("verify package signature(s)"), NULL },
+ { "import", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_IMPORTKEY,
+ N_("import an armored public key"), NULL },
+#if 0
+ { "delete-key", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_DELKEY,
+ N_("list keys from RPM keyring"), NULL },
+ { "list-keys", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_LISTKEY,
+ N_("list keys from RPM keyring"), NULL },
+#endif
+
+ POPT_AUTOALIAS
+ POPT_AUTOHELP
+ POPT_TABLEEND
+};
+
+int main(int argc, char *argv[])
+{
+ int ec = EXIT_FAILURE;
+ poptContext optCon = rpmcliInit(argc, argv, optionsTable);
+ rpmts ts = rpmtsCreate();
+ ARGV_const_t args = NULL;
+
+ if (argc < 2) {
+ printUsage(optCon, stderr, 0);
+ goto exit;
+ }
+
+ args = (ARGV_const_t) poptGetArgs(optCon);
+
+ if (mode != MODE_LISTKEY && args == NULL)
+ argerror(_("no arguments given"));
+
+ switch (mode) {
+ case MODE_CHECKSIG:
+ ec = rpmcliVerifySignatures(ts, args);
+ break;
+ case MODE_IMPORTKEY:
+ ec = rpmcliImportPubkeys(ts, args);
+ break;
+ /* XXX TODO: actually implement these... */
+ case MODE_DELKEY:
+ case MODE_LISTKEY:
+ break;
+ default:
+ argerror(_("only one major mode may be specified"));
+ }
+
+exit:
+ rpmtsFree(ts);
+ rpmcliFini(optCon);
+ return ec;
+}