diff options
author | Panu Matilainen <pmatilai@redhat.com> | 2010-09-03 16:09:47 +0300 |
---|---|---|
committer | Panu Matilainen <pmatilai@redhat.com> | 2010-09-03 16:16:57 +0300 |
commit | dfbaa77152ccf98524c4f27afe85d32e6f690522 (patch) | |
tree | 3e28230126ed40fbb063edce847a668a12eb6521 | |
parent | b195048bbb27a1aae4aa3938c3b1f79e0a26ae88 (diff) | |
download | librpm-tizen-dfbaa77152ccf98524c4f27afe85d32e6f690522.tar.gz librpm-tizen-dfbaa77152ccf98524c4f27afe85d32e6f690522.tar.bz2 librpm-tizen-dfbaa77152ccf98524c4f27afe85d32e6f690522.zip |
Add a brand new rpmkeys utility for keyring operations
- Keyring operations (adding/viewing/removing keys and verifying
packages against a given keyring) are different from main rpm operations
in that they only need access to the rpm keyring, and no write access
anywhere else in the system. At the moment the rpm keyring happens
to be the rpmdb but that's just an implementation detail that is
likely to change sooner or later. Besides paving way to separating
the rpm keyring from the rpmdb, splitting this to a small, separate
utility allows limiting its required access from SELinux POV etc.
- For now, this only implements what's already in rpm: --import and
--checksig, remaining operations like listing and manipulating
keyring contents is left as an exercise for another day...
-rw-r--r-- | Makefile.am | 8 | ||||
-rw-r--r-- | po/POTFILES.in | 1 | ||||
-rw-r--r-- | rpmkeys.c | 76 |
3 files changed, 84 insertions, 1 deletions
diff --git a/Makefile.am b/Makefile.am index 2077f00ad..1398e0f38 100644 --- a/Makefile.am +++ b/Makefile.am @@ -78,7 +78,7 @@ pkginclude_HEADERS += build/rpmspec.h rpmbindir = `echo $(bindir) | $(SED) -e s,usr/bin,bin,` rpmbin_PROGRAMS = rpm -bin_PROGRAMS = rpm2cpio rpmbuild rpmsign +bin_PROGRAMS = rpm2cpio rpmbuild rpmkeys rpmsign rpmlibexec_PROGRAMS = rpmconfig_SCRIPTS = find-provides find-requires mkinstalldirs \ @@ -98,6 +98,12 @@ rpm_LDADD = libcliutils.la rpm_LDADD += build/librpmbuild.la lib/librpm.la rpmio/librpmio.la rpm_LDADD += @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@ +rpmkeys_SOURCES = rpmkeys.c debug.h system.h +rpmkeys_CPPFLAGS = $(AM_CPPFLAGS) +rpmkeys_LDADD = libcliutils.la +rpmkeys_LDADD += lib/librpm.la rpmio/librpmio.la +rpmkeys_LDADD += @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@ + rpmsign_SOURCES = rpmsign.c debug.h system.h rpmsign_CPPFLAGS = $(AM_CPPFLAGS) rpmsign_LDADD = libcliutils.la diff --git a/po/POTFILES.in b/po/POTFILES.in index c1f28b0a5..dc6bea652 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -6,6 +6,7 @@ cliutils.c rpm2cpio.c rpmqv.c rpmbuild.c +rpmkeys.c rpmsign.c build/build.c build/expression.c diff --git a/rpmkeys.c b/rpmkeys.c new file mode 100644 index 000000000..45ca47e4e --- /dev/null +++ b/rpmkeys.c @@ -0,0 +1,76 @@ +#include "system.h" + +#include <popt.h> +#include <rpm/rpmcli.h> +#include "cliutils.h" +#include "debug.h" + +#if !defined(__GLIBC__) && !defined(__APPLE__) +char ** environ = NULL; +#endif + +enum modes { + MODE_CHECKSIG = (1 << 0), + MODE_IMPORTKEY = (1 << 1), + MODE_DELKEY = (1 << 2), + MODE_LISTKEY = (1 << 3), +}; + +static int mode = 0; + +static struct poptOption optionsTable[] = { + { NULL, '\0', POPT_ARG_INCLUDE_TABLE, rpmcliAllPoptTable, 0, + N_("Common options for all rpm modes and executables:"), NULL }, + { "checksig", 'K', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_CHECKSIG, + N_("verify package signature(s)"), NULL }, + { "import", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_IMPORTKEY, + N_("import an armored public key"), NULL }, +#if 0 + { "delete-key", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_DELKEY, + N_("list keys from RPM keyring"), NULL }, + { "list-keys", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_LISTKEY, + N_("list keys from RPM keyring"), NULL }, +#endif + + POPT_AUTOALIAS + POPT_AUTOHELP + POPT_TABLEEND +}; + +int main(int argc, char *argv[]) +{ + int ec = EXIT_FAILURE; + poptContext optCon = rpmcliInit(argc, argv, optionsTable); + rpmts ts = rpmtsCreate(); + ARGV_const_t args = NULL; + + if (argc < 2) { + printUsage(optCon, stderr, 0); + goto exit; + } + + args = (ARGV_const_t) poptGetArgs(optCon); + + if (mode != MODE_LISTKEY && args == NULL) + argerror(_("no arguments given")); + + switch (mode) { + case MODE_CHECKSIG: + ec = rpmcliVerifySignatures(ts, args); + break; + case MODE_IMPORTKEY: + ec = rpmcliImportPubkeys(ts, args); + break; + /* XXX TODO: actually implement these... */ + case MODE_DELKEY: + case MODE_LISTKEY: + break; + default: + argerror(_("only one major mode may be specified")); + } + +exit: + rpmtsFree(ts); + rpmcliFini(optCon); + return ec; +} |