9 #include "repo_pubkey.h"
17 cleanupgpg(char *gpgdir)
20 snprintf(cmd, sizeof(cmd), "%s/pubring.gpg", gpgdir);
22 snprintf(cmd, sizeof(cmd), "%s/pubring.gpg~", gpgdir);
24 snprintf(cmd, sizeof(cmd), "%s/secring.gpg", gpgdir);
26 snprintf(cmd, sizeof(cmd), "%s/trustdb.gpg", gpgdir);
28 snprintf(cmd, sizeof(cmd), "%s/keys", gpgdir);
30 snprintf(cmd, sizeof(cmd), "%s/pubring.kbx", gpgdir);
32 snprintf(cmd, sizeof(cmd), "%s/pubring.kbx~", gpgdir);
34 snprintf(cmd, sizeof(cmd), "%s/private-keys-v1.d", gpgdir);
40 checksig(Pool *sigpool, FILE *fp, FILE *sigfp)
44 const char *pubkey, *pubring;
49 off_t posfp, possigfp;
52 gpgdir = mkdtemp(pool_tmpjoin(sigpool, "/var/tmp/solvgpg.XXXXXX", 0, 0));
55 keysfile = pool_tmpjoin(sigpool, gpgdir, "/keys", 0);
56 if (!(kfp = fopen(keysfile, "w")) )
62 for (p = 1, s = sigpool->solvables + p; p < sigpool->nsolvables; p++, s++)
66 pubkey = solvable_lookup_str(s, SOLVABLE_DESCRIPTION);
67 if (!pubkey || !*pubkey)
69 if (fwrite(pubkey, strlen(pubkey), 1, kfp) != 1)
71 if (fputc('\n', kfp) == EOF) /* Just in case... */
75 if (fclose(kfp) || !nkeys || p < sigpool->nsolvables)
80 snprintf(cmd, sizeof(cmd), "gpg2 -q --homedir %s --import %s", gpgdir, keysfile);
83 fprintf(stderr, "key import error\n");
88 posfp = lseek(fileno(fp), 0, SEEK_CUR);
89 lseek(fileno(fp), 0, SEEK_SET);
90 possigfp = lseek(fileno(sigfp), 0, SEEK_CUR);
91 lseek(fileno(sigfp), 0, SEEK_SET);
92 snprintf(cmd, sizeof(cmd), "%s/pubring.kbx", gpgdir);
93 pubring = access(cmd, R_OK) == 0 ? "pubring.kbx" : "pubring.gpg";
94 snprintf(cmd, sizeof(cmd), "gpgv -q --homedir %s --keyring %s/%s /dev/fd/%d /dev/fd/%d >/dev/null 2>&1", gpgdir, gpgdir, pubring, fileno(sigfp), fileno(fp));
95 fcntl(fileno(fp), F_SETFD, 0); /* clear CLOEXEC */
96 fcntl(fileno(sigfp), F_SETFD, 0); /* clear CLOEXEC */
98 lseek(fileno(sigfp), possigfp, SEEK_SET);
99 lseek(fileno(fp), posfp, SEEK_SET);
100 fcntl(fileno(fp), F_SETFD, FD_CLOEXEC);
101 fcntl(fileno(sigfp), F_SETFD, FD_CLOEXEC);
103 return r == 0 ? 1 : 0;
109 checksig(Pool *sigpool, FILE *fp, FILE *sigfp)
114 snprintf(cmd, sizeof(cmd), "gpgv -q --keyring /etc/apt/trusted.gpg /dev/fd/%d /dev/fd/%d >/dev/null 2>&1", fileno(sigfp), fileno(fp));
115 fcntl(fileno(fp), F_SETFD, 0); /* clear CLOEXEC */
116 fcntl(fileno(sigfp), F_SETFD, 0); /* clear CLOEXEC */
118 fcntl(fileno(fp), F_SETFD, FD_CLOEXEC);
119 fcntl(fileno(sigfp), F_SETFD, FD_CLOEXEC);
120 return r == 0 ? 1 : 0;
128 Pool *sigpool = pool_create();
129 #if defined(ENABLE_PUBKEY) && defined(ENABLE_RPMDB)
130 Repo *repo = repo_create(sigpool, "pubkeys");
131 repo_add_rpmdb_pubkeys(repo, 0);