Move librpmsign to its own subdirectory in the sources

author: Panu Matilainen <pmatilai@redhat.com> 2010-10-22 15:00:49 +0300
committer: Panu Matilainen <pmatilai@redhat.com> 2010-10-22 15:00:49 +0300
commit: 9f2c1bd9096cbf382c864737a6565e5487767ce2 (patch)
tree: f61fff8fee1b4b9f638f14c91beaa80d801121de
parent: 7c44f5797766f07a917f710bee71dfc88c9cbc6b (diff)
download: librpm-tizen-9f2c1bd9096cbf382c864737a6565e5487767ce2.tar.gz
librpm-tizen-9f2c1bd9096cbf382c864737a6565e5487767ce2.tar.bz2
librpm-tizen-9f2c1bd9096cbf382c864737a6565e5487767ce2.zip
8 files changed, 27 insertions, 701 deletions
diff --git a/Makefile.am b/Makefile.am
index 17a565685..4983ca954 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -19,7 +19,7 @@ endif
 if WITH_LUAEXT
 SUBDIRS += luaext
 endif
-SUBDIRS += rpmio lib build scripts fileattrs doc . tests
+SUBDIRS += rpmio lib sign build scripts fileattrs doc . tests
 
 if ENABLE_PYTHON
 SUBDIRS += python
@@ -29,7 +29,7 @@ if ENABLE_PLUGINS
 SUBDIRS += plugins
 endif
 
-DIST_SUBDIRS = po misc luaext rpmio lib build python scripts fileattrs doc tests plugins
+DIST_SUBDIRS = po misc luaext rpmio lib sign build python scripts fileattrs doc tests plugins
 
 pkgconfigdir = $(libdir)/pkgconfig
 
@@ -78,7 +78,7 @@ pkginclude_HEADERS += lib/rpmtypes.h
 pkginclude_HEADERS += lib/rpmvf.h
 pkginclude_HEADERS += lib/rpmplugins.h
 
-pkginclude_HEADERS += lib/rpmsign.h
+pkginclude_HEADERS += sign/rpmsign.h
 
 pkginclude_HEADERS += build/rpmbuild.h
 pkginclude_HEADERS += build/rpmfc.h
diff --git a/configure.ac b/configure.ac
index ee5588377..44c8472e6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -868,7 +868,7 @@ AC_PATH_PROG(AUTOM4TE,autom4te,:)
 AC_SUBST([dirstamp],[\${am__leading_dot}dirstamp])
 
 AC_CONFIG_FILES([Makefile
-	rpmio/Makefile lib/Makefile build/Makefile
+	rpmio/Makefile lib/Makefile build/Makefile sign/Makefile
 	po/Makefile.in scripts/Makefile fileattrs/Makefile
 	misc/Makefile 
 	doc/Makefile
diff --git a/lib/Makefile.am b/lib/Makefile.am
index 10b393864..1aeadb83e 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -17,9 +17,8 @@ check_PROGRAMS =
 CLEANFILES =
 EXTRA_DIST = gentagtbl.sh tagtbl.C rpmhash.C rpmhash.H
 EXTRA_PROGRAMS =
-usrlib_LTLIBRARIES =
 
-usrlib_LTLIBRARIES += librpm.la
+usrlib_LTLIBRARIES = librpm.la
 librpm_la_SOURCES = \
 	backend/dbconfig.c backend/db3.c backend/dbi.h \
 	headerutil.c header.c headerfmt.c header_internal.h \
@@ -60,15 +59,6 @@ tagtbl.C: Makefile.am $(srcdir)/rpmtag.h gentagtbl.sh
 	 mv -f $@.new $@
 BUILT_SOURCES = tagtbl.C
 
-usrlib_LTLIBRARIES += librpmsign.la
-librpmsign_la_SOURCES = rpmgensig.c
-librpmsign_la_LDFLAGS = -version-info 0:0:0
-librpmsign_la_LIBADD = \
-	librpm.la \
-	$(top_builddir)/rpmio/librpmio.la \
-	@WITH_POPT_LIB@ \
-	@LIBINTL@
-
 if WITH_INTERNAL_DB
 # XXX watchout, $(top_builddir)/db3/libdb.la created by this Makefile may surprise
 libdb_la = $(top_builddir)/db3/libdb.la
diff --git a/lib/rpmgensig.c b/lib/rpmgensig.c
deleted file mode 100644
index 44167b091..000000000
--- a/lib/rpmgensig.c
+++ /dev/null
@@ -1,645 +0,0 @@
-/** \ingroup rpmcli
- * \file lib/rpmchecksig.c
- * Verify the signature of a package.
- */
-
-#include "system.h"
-
-#include <errno.h>
-#include <sys/wait.h>
-#include <popt.h>
-
-#include <rpm/rpmlib.h>			/* RPMSIGTAG & related */
-#include <rpm/rpmmacro.h>
-#include <rpm/rpmpgp.h>
-#include <rpm/rpmsign.h>
-#include <rpm/rpmfileutil.h>	/* rpmMkTemp() */
-#include <rpm/rpmlog.h>
-#include <rpm/rpmstring.h>
-
-#include "rpmio/digest.h"
-#include "lib/rpmlead.h"
-#include "lib/signature.h"
-
-#include "debug.h"
-
-#if !defined(__GLIBC__) && !defined(__APPLE__)
-char ** environ = NULL;
-#endif
-
-static int closeFile(FD_t *fdp)
-{
-    if (fdp == NULL || *fdp == NULL)
-	return 1;
-
-    /* close and reset *fdp to NULL */
-    (void) Fclose(*fdp);
-    *fdp = NULL;
-    return 0;
-}
-
-/**
- */
-static int manageFile(FD_t *fdp, const char *fn, int flags)
-{
-    FD_t fd;
-
-    if (fdp == NULL || fn == NULL)	/* programmer error */
-	return 1;
-
-    /* open a file and set *fdp */
-    if (*fdp == NULL && fn != NULL) {
-	fd = Fopen(fn, (flags & O_ACCMODE) == O_WRONLY ? "w.ufdio" : "r.ufdio");
-	if (fd == NULL || Ferror(fd)) {
-	    rpmlog(RPMLOG_ERR, _("%s: open failed: %s\n"), fn,
-		Fstrerror(fd));
-	    return 1;
-	}
-	*fdp = fd;
-	return 0;
-    }
-
-    /* no operation */
-    if (*fdp != NULL && fn != NULL)
-	return 0;
-
-    /* XXX never reached */
-    return 1;
-}
-
-/**
- * Copy header+payload, calculating digest(s) on the fly.
- */
-static int copyFile(FD_t *sfdp, const char *sfnp,
-		FD_t *tfdp, const char *tfnp)
-{
-    unsigned char buf[BUFSIZ];
-    ssize_t count;
-    int rc = 1;
-
-    if (manageFile(sfdp, sfnp, O_RDONLY))
-	goto exit;
-    if (manageFile(tfdp, tfnp, O_WRONLY|O_CREAT|O_TRUNC))
-	goto exit;
-
-    while ((count = Fread(buf, sizeof(buf[0]), sizeof(buf), *sfdp)) > 0)
-    {
-	if (Fwrite(buf, sizeof(buf[0]), count, *tfdp) != count) {
-	    rpmlog(RPMLOG_ERR, _("%s: Fwrite failed: %s\n"), tfnp,
-		Fstrerror(*tfdp));
-	    goto exit;
-	}
-    }
-    if (count < 0) {
-	rpmlog(RPMLOG_ERR, _("%s: Fread failed: %s\n"), sfnp, Fstrerror(*sfdp));
-	goto exit;
-    }
-    if (Fflush(*tfdp) != 0) {
-	rpmlog(RPMLOG_ERR, _("%s: Fflush failed: %s\n"), tfnp,
-	    Fstrerror(*tfdp));
-    }
-
-    rc = 0;
-
-exit:
-    if (*sfdp)	(void) closeFile(sfdp);
-    if (*tfdp)	(void) closeFile(tfdp);
-    return rc;
-}
-
-/*
- * Validate generated signature and insert to header if it looks sane.
- * NSS doesn't support everything GPG does. Basic tests to see if the 
- * generated signature is something we can use.
- * Return 0 on success, 1 on failure.
- */
-static int putSignature(Header sigh, int ishdr, uint8_t *pkt, size_t pktlen)
-{
-    pgpDig dig = pgpNewDig();
-    pgpDigParams sigp = &dig->signature;
-    rpmTagVal sigtag;
-    struct rpmtd_s sigtd;
-    int rc = 1; /* assume failure */
-
-    if (pgpPrtPkts(pkt, pktlen, dig, 0) != 0)
-	goto exit;
-
-    if (rpmDigestLength(sigp->hash_algo) == 0) {
-	rpmlog(RPMLOG_ERR, _("Unsupported PGP hash algorithm %d\n"),
-	       sigp->hash_algo);
-	goto exit;
-    }
-
-    switch (sigp->pubkey_algo) {
-    case PGPPUBKEYALGO_DSA:
-	sigtag = ishdr ? RPMSIGTAG_DSA : RPMSIGTAG_GPG;
-	break;
-    case PGPPUBKEYALGO_RSA:
-	sigtag = ishdr ? RPMSIGTAG_RSA : RPMSIGTAG_PGP;
-	break;
-    default:
-	rpmlog(RPMLOG_ERR, _("Unsupported PGP pubkey algorithm %d\n"),
-		sigp->pubkey_algo);
-	goto exit;
-	break;
-    }
-
-    /* Looks sane, insert into header */
-    rpmtdReset(&sigtd);
-    sigtd.count = pktlen;
-    sigtd.data = pkt;
-    sigtd.type = RPM_BIN_TYPE;
-    sigtd.tag = sigtag;
-
-    /* Argh, reversed return codes */
-    rc = (headerPut(sigh, &sigtd, HEADERPUT_DEFAULT) == 0);
-
-exit:
-    dig = pgpFreeDig(dig);
-    return rc;
-}
-
-static int runGPG(const char *file, const char *sigfile, const char * passPhrase)
-{
-    int pid, status;
-    int inpipe[2];
-    FILE * fpipe;
-    int rc = 1; /* assume failure */
-
-    inpipe[0] = inpipe[1] = 0;
-    if (pipe(inpipe) < 0) {
-	rpmlog(RPMLOG_ERR, _("Couldn't create pipe for signing: %m"));
-	goto exit;
-    }
-
-    addMacro(NULL, "__plaintext_filename", NULL, file, -1);
-    addMacro(NULL, "__signature_filename", NULL, sigfile, -1);
-
-    if (!(pid = fork())) {
-	char *const *av;
-	char *cmd = NULL;
-	const char *gpg_path = rpmExpand("%{?_gpg_path}", NULL);
-
-	(void) dup2(inpipe[0], 3);
-	(void) close(inpipe[1]);
-
-	if (gpg_path && *gpg_path != '\0')
-	    (void) setenv("GNUPGHOME", gpg_path, 1);
-	(void) setenv("LC_ALL", "C", 1);
-
-	unsetenv("MALLOC_CHECK_");
-	cmd = rpmExpand("%{?__gpg_sign_cmd}", NULL);
-	rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
-	if (!rc)
-	    rc = execve(av[0], av+1, environ);
-
-	rpmlog(RPMLOG_ERR, _("Could not exec %s: %s\n"), "gpg",
-			strerror(errno));
-	_exit(EXIT_FAILURE);
-    }
-
-    delMacro(NULL, "__plaintext_filename");
-    delMacro(NULL, "__signature_filename");
-
-    fpipe = fdopen(inpipe[1], "w");
-    (void) close(inpipe[0]);
-    if (fpipe) {
-	fprintf(fpipe, "%s\n", (passPhrase ? passPhrase : ""));
-	(void) fclose(fpipe);
-    }
-
-    (void) waitpid(pid, &status, 0);
-    if (!WIFEXITED(status) || WEXITSTATUS(status)) {
-	rpmlog(RPMLOG_ERR, _("gpg exec failed (%d)\n"), WEXITSTATUS(status));
-    } else {
-	rc = 0;
-    }
-exit:
-    return rc;
-}
-
-/**
- * Generate GPG signature(s) for a header+payload file.
- * @param sigh		signature header
- * @param ishdr		header-only signature?
- * @param file		header+payload file name
- * @param passPhrase	private key pass phrase
- * @return		0 on success, 1 on failure
- */
-static int makeGPGSignature(Header sigh, int ishdr,
-			    const char * file, const char * passPhrase)
-{
-    char * sigfile = rstrscat(NULL, file, ".sig", NULL);
-    struct stat st;
-    uint8_t * pkt = NULL;
-    size_t pktlen = 0;
-    int rc = 1; /* assume failure */
-
-    if (runGPG(file, sigfile, passPhrase))
-	goto exit;
-
-    if (stat(sigfile, &st)) {
-	/* GPG failed to write signature */
-	rpmlog(RPMLOG_ERR, _("gpg failed to write signature\n"));
-	goto exit;
-    }
-
-    pktlen = st.st_size;
-    rpmlog(RPMLOG_DEBUG, "GPG sig size: %zd\n", pktlen);
-    pkt = xmalloc(pktlen);
-
-    {	FD_t fd;
-
-	rc = 0;
-	fd = Fopen(sigfile, "r.ufdio");
-	if (fd != NULL && !Ferror(fd)) {
-	    rc = Fread(pkt, sizeof(*pkt), pktlen, fd);
-	    (void) Fclose(fd);
-	}
-	if (rc != pktlen) {
-	    rpmlog(RPMLOG_ERR, _("unable to read the signature\n"));
-	    goto exit;
-	}
-    }
-
-    rpmlog(RPMLOG_DEBUG, "Got %zd bytes of GPG sig\n", pktlen);
-
-    /* Parse the signature, change signature tag as appropriate. */
-    rc = putSignature(sigh, ishdr, pkt, pktlen);
-exit:
-    (void) unlink(sigfile);
-    free(sigfile);
-    free(pkt);
-
-    return rc;
-}
-
-/**
- * Generate header only signature(s) from a header+payload file.
- * @param sigh		signature header
- * @param file		header+payload file name
- * @param passPhrase	private key pass phrase
- * @return		0 on success, -1 on failure
- */
-static int makeHDRSignature(Header sigh, const char * file,
-		const char * passPhrase)
-{
-    Header h = NULL;
-    FD_t fd = NULL;
-    char * fn = NULL;
-    int ret = -1;	/* assume failure. */
-
-    fd = Fopen(file, "r.fdio");
-    if (fd == NULL || Ferror(fd))
-	goto exit;
-    h = headerRead(fd, HEADER_MAGIC_YES);
-    if (h == NULL)
-	goto exit;
-    (void) Fclose(fd);
-
-    fd = rpmMkTempFile(NULL, &fn);
-    if (fd == NULL || Ferror(fd))
-	goto exit;
-    if (headerWrite(fd, h, HEADER_MAGIC_YES))
-	goto exit;
-
-    ret = makeGPGSignature(sigh, 1, fn, passPhrase);
-
-exit:
-    if (fn) {
-	(void) unlink(fn);
-	free(fn);
-    }
-    h = headerFree(h);
-    if (fd != NULL) (void) Fclose(fd);
-    return ret;
-}
-
-static int rpmGenSignature(Header sigh, const char * file,
-		const char * passPhrase)
-{
-    int ret = -1;	/* assume failure. */
-
-    if (makeGPGSignature(sigh, 0, file, passPhrase) == 0) {
-	/* XXX Piggyback a header-only DSA/RSA signature as well. */
-	ret = makeHDRSignature(sigh, file, passPhrase);
-    }
-
-    return ret;
-}
-
-/**
- * Retrieve signature from header tag
- * @param sigh		signature header
- * @param sigtag	signature tag
- * @return		parsed pgp dig or NULL
- */
-static pgpDig getSig(Header sigh, rpmTagVal sigtag)
-{
-    struct rpmtd_s pkt;
-    pgpDig dig = NULL;
-
-    if (headerGet(sigh, sigtag, &pkt, HEADERGET_DEFAULT) && pkt.data != NULL) {
-	dig = pgpNewDig();
-
-	if (pgpPrtPkts(pkt.data, pkt.count, dig, 0) != 0) {
-	    dig = pgpFreeDig(dig);
-	}
-	rpmtdFreeData(&pkt);
-    }
-    return dig;
-}
-
-static void deleteSigs(Header sigh)
-{
-    headerDel(sigh, RPMSIGTAG_GPG);
-    headerDel(sigh, RPMSIGTAG_PGP);
-    headerDel(sigh, RPMSIGTAG_DSA);
-    headerDel(sigh, RPMSIGTAG_RSA);
-    headerDel(sigh, RPMSIGTAG_PGP5);
-}
-
-static int sameSignature(rpmTagVal sigtag, Header h1, Header h2)
-{
-    pgpDig dig1 = getSig(h1, sigtag);
-    pgpDig dig2 = getSig(h2, sigtag);
-    int rc = 0; /* assume different, eg if either signature doesn't exist */
-
-    /* XXX This part really belongs to rpmpgp.[ch] */
-    if (dig1 && dig2) {
-	pgpDigParams sig1 = &dig1->signature;
-	pgpDigParams sig2 = &dig2->signature;
-
-	/* XXX Should we compare something else too? */
-	if (sig1->hash_algo != sig2->hash_algo)
-	    goto exit;
-	if (sig1->pubkey_algo != sig2->pubkey_algo)
-	    goto exit;
-	if (sig1->version != sig2->version)
-	    goto exit;
-	if (sig1->sigtype != sig2->sigtype)
-	    goto exit;
-	if (memcmp(sig1->signid, sig2->signid, sizeof(sig1->signid)) != 0)
-	    goto exit;
-
-	/* Parameters match, assume same signature */
-	rc = 1;
-    }
-
-exit:
-    pgpFreeDig(dig1);
-    pgpFreeDig(dig2);
-    return rc;
-}
-
-static int replaceSignature(Header sigh, const char *sigtarget,
-			    const char *passPhrase)
-{
-    /* Grab a copy of the header so we can compare the result */
-    Header oldsigh = headerCopy(sigh);
-    int rc = -1;
-    
-    /* Nuke all signature tags */
-    deleteSigs(sigh);
-
-    /*
-     * rpmGenSignature() internals parse the actual signing result and 
-     * adds appropriate tags for DSA/RSA.
-     */
-    if (rpmGenSignature(sigh, sigtarget, passPhrase) == 0) {
-	/* Lets see what we got and whether its the same signature as before */
-	rpmTagVal sigtag = headerIsEntry(sigh, RPMSIGTAG_DSA) ?
-					RPMSIGTAG_DSA : RPMSIGTAG_RSA;
-
-	rc = sameSignature(sigtag, sigh, oldsigh);
-
-    }
-
-    headerFree(oldsigh);
-    return rc;
-}
-
-/** \ingroup rpmcli
- * Create/modify elements in signature header.
- * @param rpm		path to package
- * @param deleting	adding or deleting signature?
- * @param passPhrase	passPhrase (ignored when deleting)
- * @return		0 on success, -1 on error
- */
-static int rpmSign(const char *rpm, int deleting, const char *passPhrase)
-{
-    FD_t fd = NULL;
-    FD_t ofd = NULL;
-    rpmlead lead;
-    char *sigtarget = NULL, *trpm = NULL;
-    Header sigh = NULL;
-    char * msg;
-    int res = -1; /* assume failure */
-    int xx;
-    
-    {
-    	rpmRC rc;
-	struct rpmtd_s utd;
-
-	fprintf(stdout, "%s:\n", rpm);
-
-	if (manageFile(&fd, rpm, O_RDONLY))
-	    goto exit;
-
-	lead = rpmLeadNew();
-
-	if ((rc = rpmLeadRead(fd, lead)) == RPMRC_OK) {
-	    const char *lmsg = NULL;
-	    rc = rpmLeadCheck(lead, &lmsg);
-	    if (rc != RPMRC_OK) 
-		rpmlog(RPMLOG_ERR, "%s: %s\n", rpm, lmsg);
-	}
-
-	if (rc != RPMRC_OK) {
-	    lead = rpmLeadFree(lead);
-	    goto exit;
-	}
-
-	msg = NULL;
-	rc = rpmReadSignature(fd, &sigh, RPMSIGTYPE_HEADERSIG, &msg);
-	switch (rc) {
-	default:
-	    rpmlog(RPMLOG_ERR, _("%s: rpmReadSignature failed: %s"), rpm,
-			(msg && *msg ? msg : "\n"));
-	    msg = _free(msg);
-	    goto exit;
-	    break;
-	case RPMRC_OK:
-	    if (sigh == NULL) {
-		rpmlog(RPMLOG_ERR, _("%s: No signature available\n"), rpm);
-		goto exit;
-	    }
-	    break;
-	}
-	msg = _free(msg);
-
-	/* ASSERT: ofd == NULL && sigtarget == NULL */
-	ofd = rpmMkTempFile(NULL, &sigtarget);
-	if (ofd == NULL || Ferror(ofd)) {
-	    rpmlog(RPMLOG_ERR, _("rpmMkTemp failed\n"));
-	    goto exit;
-	}
-	/* Write the header and archive to a temp file */
-	if (copyFile(&fd, rpm, &ofd, sigtarget))
-	    goto exit;
-	/* Both fd and ofd are now closed. sigtarget contains tempfile name. */
-	/* ASSERT: fd == NULL && ofd == NULL */
-
-	/* Dump the immutable region (if present). */
-	if (headerGet(sigh, RPMTAG_HEADERSIGNATURES, &utd, HEADERGET_DEFAULT)) {
-	    struct rpmtd_s copytd;
-	    Header nh = headerNew();
-	    Header oh = headerCopyLoad(utd.data);
-	    HeaderIterator hi = headerInitIterator(oh);
-	    while (headerNext(hi, &copytd)) {
-		if (copytd.data)
-		    xx = headerPut(nh, &copytd, HEADERPUT_DEFAULT);
-		rpmtdFreeData(&copytd);
-	    }
-	    hi = headerFreeIterator(hi);
-	    oh = headerFree(oh);
-
-	    sigh = headerFree(sigh);
-	    sigh = headerLink(nh);
-	    nh = headerFree(nh);
-	}
-
-	/* Eliminate broken digest values. */
-	xx = headerDel(sigh, RPMSIGTAG_BADSHA1_1);
-	xx = headerDel(sigh, RPMSIGTAG_BADSHA1_2);
-
-	/* Toss and recalculate header+payload size and digests. */
-	{
-	    rpmTagVal const sigs[] = { 	RPMSIGTAG_SIZE, 
-					RPMSIGTAG_MD5,
-				  	RPMSIGTAG_SHA1,
-				     };
-	    int nsigs = sizeof(sigs) / sizeof(rpmTagVal);
-	    for (int i = 0; i < nsigs; i++) {
-		(void) headerDel(sigh, sigs[i]);
-		if (rpmGenDigest(sigh, sigtarget, sigs[i]))
-		    goto exit;
-	    }
-	}
-
-	if (deleting) {	/* Nuke all the signature tags. */
-	    deleteSigs(sigh);
-	} else {
-	    res = replaceSignature(sigh, sigtarget, passPhrase);
-	    if (res != 0) {
-		if (res == 1) {
-		    rpmlog(RPMLOG_WARNING,
-			"%s already contains identical signature, skipping\n",
-			rpm);
-		    /* Identical signature is not an error */
-		    res = 0;
-		}
-		goto exit;
-	    }
-	}
-
-	/* Reallocate the signature into one contiguous region. */
-	sigh = headerReload(sigh, RPMTAG_HEADERSIGNATURES);
-	if (sigh == NULL)	/* XXX can't happen */
-	    goto exit;
-
-	rasprintf(&trpm, "%s.XXXXXX", rpm);
-	ofd = rpmMkTemp(trpm);
-	if (ofd == NULL || Ferror(ofd)) {
-	    rpmlog(RPMLOG_ERR, _("rpmMkTemp failed\n"));
-	    goto exit;
-	}
-
-	/* Write the lead/signature of the output rpm */
-	rc = rpmLeadWrite(ofd, lead);
-	lead = rpmLeadFree(lead);
-	if (rc != RPMRC_OK) {
-	    rpmlog(RPMLOG_ERR, _("%s: writeLead failed: %s\n"), trpm,
-		Fstrerror(ofd));
-	    goto exit;
-	}
-
-	if (rpmWriteSignature(ofd, sigh)) {
-	    rpmlog(RPMLOG_ERR, _("%s: rpmWriteSignature failed: %s\n"), trpm,
-		Fstrerror(ofd));
-	    goto exit;
-	}
-
-	/* Append the header and archive from the temp file */
-	/* ASSERT: fd == NULL && ofd != NULL */
-	if (copyFile(&fd, sigtarget, &ofd, trpm))
-	    goto exit;
-	/* Both fd and ofd are now closed. */
-	/* ASSERT: fd == NULL && ofd == NULL */
-
-	/* Move final target into place, restore file permissions. */
-	{
-	    struct stat st;
-	    xx = stat(rpm, &st);
-	    xx = unlink(rpm);
-	    xx = rename(trpm, rpm);
-	    xx = chmod(rpm, st.st_mode);
-	}
-    }
-
-    res = 0;
-
-exit:
-    if (fd)	(void) closeFile(&fd);
-    if (ofd)	(void) closeFile(&ofd);
-
-    sigh = rpmFreeSignature(sigh);
-
-    /* Clean up intermediate target */
-    if (sigtarget) {
-	xx = unlink(sigtarget);
-	sigtarget = _free(sigtarget);
-    }
-    if (trpm) {
-	(void) unlink(trpm);
-	free(trpm);
-    }
-
-    return res;
-}
-
-int rpmPkgSign(const char *path,
-		const struct rpmSignArgs * args, const char *passPhrase)
-{
-    int rc;
-
-    if (args) {
-	if (args->hashalgo) {
-	    char *algo = NULL;
-	    rasprintf(&algo, "%d", args->hashalgo);
-	    addMacro(NULL, "_gpg_digest_algo", NULL, algo, RMIL_GLOBAL);
-	    free(algo);
-	}
-	if (args->keyid) {
-	    addMacro(NULL, "_gpg_name", NULL, args->keyid, RMIL_GLOBAL);
-	}
-    }
-
-    rc = rpmSign(path, 0, passPhrase);
-
-    if (args) {
-	if (args->hashalgo) {
-	    delMacro(NULL, "_gpg_digest_algo");
-	}
-	if (args->keyid) {
-	    delMacro(NULL, "_gpg_name");
-	}
-    }
-
-    return rc;
-}
-
-int rpmPkgDelSign(const char *path)
-{
-    return rpmSign(path, 1, NULL);
-}
diff --git a/lib/rpmsign.h b/lib/rpmsign.h
deleted file mode 100644
index 15b3e0fe8..000000000
--- a/lib/rpmsign.h
+++ /dev/null
@@ -1,38 +0,0 @@
-#ifndef _RPMSIGN_H
-#define _RPMSIGN_H
-
-#include <rpm/argv.h>
-#include <rpm/rpmpgp.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-struct rpmSignArgs {
-    char *keyid;
-    pgpHashAlgo hashalgo;
-    /* ... what else? */
-};
-
-/** \ingroup rpmsign
- * Sign a package
- * @param path		path to package
- * @param args		signing parameters (or NULL for defaults)
- * @param passPhrase	passphrase for the signing key
- * @return		0 on success
- */
-int rpmPkgSign(const char *path,
-	       const struct rpmSignArgs * args, const char *passPhrase);
-
-/** \ingroup rpmsign
- * Delete signature(s) from a package
- * @param path		path to package
- * @return		0 on success
- */
-int rpmPkgDelSign(const char *path);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _RPMSIGN_H */
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 500334213..c112a6a69 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -48,7 +48,6 @@ lib/rpmchecksig.c
 lib/rpmchroot.c
 lib/rpmds.c
 lib/rpmfi.c
-lib/rpmgensig.c
 lib/rpmgi.c
 lib/rpminstall.c
 lib/rpmlead.c
@@ -90,5 +89,6 @@ rpmio/rpmstring.c
 rpmio/rpmsq.c
 rpmio/rpmsw.c
 rpmio/url.c
+sign/rpmgensig.c
 tools/rpmdeps.c
 tools/rpmgraph.c
diff --git a/preinstall.am b/preinstall.am
index 00687c7d4..b29854f54 100644
--- a/preinstall.am
+++ b/preinstall.am
@@ -118,8 +118,8 @@ include/rpm/rpmplugins.h: lib/rpmplugins.h include/rpm/$(dirstamp)
 	$(INSTALL_DATA) $(top_srcdir)/lib/rpmplugins.h include/rpm/rpmplugins.h
 BUILT_SOURCES += include/rpm/rpmplugins.h
 CLEANFILES += include/rpm/rpmplugins.h
-include/rpm/rpmsign.h: lib/rpmsign.h include/rpm/$(dirstamp)
-	$(INSTALL_DATA) $(top_srcdir)/lib/rpmsign.h include/rpm/rpmsign.h
+include/rpm/rpmsign.h: sign/rpmsign.h include/rpm/$(dirstamp)
+	$(INSTALL_DATA) $(top_srcdir)/sign/rpmsign.h include/rpm/rpmsign.h
 BUILT_SOURCES += include/rpm/rpmsign.h
 CLEANFILES += include/rpm/rpmsign.h
 include/rpm/rpmbuild.h: build/rpmbuild.h include/rpm/$(dirstamp)
diff --git a/sign/Makefile.am b/sign/Makefile.am
new file mode 100644
index 000000000..eb28a8db3
--- /dev/null
+++ b/sign/Makefile.am
@@ -0,0 +1,19 @@
+# Makefile for rpm library.
+
+include $(top_srcdir)/rpm.am
+
+AM_CPPFLAGS = -I$(top_builddir) -I$(top_srcdir) -I$(top_builddir)/include/
+AM_CPPFLAGS += @WITH_NSS_INCLUDE@
+AM_CPPFLAGS += @WITH_POPT_INCLUDE@
+AM_CPPFLAGS += -I$(top_srcdir)/misc
+
+usrlibdir = $(libdir)
+
+usrlib_LTLIBRARIES = librpmsign.la
+librpmsign_la_SOURCES = rpmgensig.c
+librpmsign_la_LDFLAGS = -version-info 0:0:0
+librpmsign_la_LIBADD = \
+	$(top_builddir)/lib/librpm.la \
+	$(top_builddir)/rpmio/librpmio.la \
+	@WITH_POPT_LIB@ \
+	@LIBINTL@
author	Panu Matilainen <pmatilai@redhat.com>	2010-10-22 15:00:49 +0300
committer	Panu Matilainen <pmatilai@redhat.com>	2010-10-22 15:00:49 +0300
commit	9f2c1bd9096cbf382c864737a6565e5487767ce2 (patch)
tree	f61fff8fee1b4b9f638f14c91beaa80d801121de
parent	7c44f5797766f07a917f710bee71dfc88c9cbc6b (diff)
download	librpm-tizen-9f2c1bd9096cbf382c864737a6565e5487767ce2.tar.gz librpm-tizen-9f2c1bd9096cbf382c864737a6565e5487767ce2.tar.bz2 librpm-tizen-9f2c1bd9096cbf382c864737a6565e5487767ce2.zip