*
*/
#include <iostream>
-
-#include "zypp/base/Logger.h"
-#include "zypp/base/DefaultIntegral.h"
-
-#include "zypp/RepoInfo.h"
-
-using namespace std;
+#include <vector>
+#include <fstream>
+
+#include <zypp/base/Gettext.h>
+#include <zypp/base/LogTools.h>
+#include <zypp/base/DefaultIntegral.h>
+#include <zypp/parser/xml/XmlEscape.h>
+
+#include <zypp/ManagedFile.h>
+#include <zypp/PublicKey.h>
+#include <zypp/MediaSetAccess.h>
+#include <zypp/RepoInfo.h>
+#include <zypp/Glob.h>
+#include <zypp/TriBool.h>
+#include <zypp/Pathname.h>
+#include <zypp/ZConfig.h>
+#include <zypp/repo/RepoMirrorList.h>
+#include <zypp/ExternalProgram.h>
+#include <zypp/media/MediaAccess.h>
+
+#include <zypp/base/IOStream.h>
+#include <zypp/base/InputStream.h>
+#include <zypp/parser/xml/Reader.h>
+
+
+#include <zypp/base/StrMatcher.h>
+#include <zypp/KeyRing.h>
+#include <zypp/TmpPath.h>
+#include <zypp/ZYppFactory.h>
+#include <zypp/ZYppCallbacks.h>
+
+using std::endl;
+using zypp::xml::escape;
///////////////////////////////////////////////////////////////////
namespace zypp
/** RepoInfo implementation. */
struct RepoInfo::Impl
{
-
Impl()
- : enabled (false),
- autorefresh(false),
- gpgcheck(true),
- keeppackages(false),
- type(repo::RepoType::NONE_e)
+ : _rawGpgCheck( indeterminate )
+ , _rawRepoGpgCheck( indeterminate )
+ , _rawPkgGpgCheck( indeterminate )
+ , _validRepoSignature( indeterminate )
+ , keeppackages(indeterminate)
+ , _mirrorListForceMetalink(false)
+ , type(repo::RepoType::NONE_e)
+ , emptybaseurls(false)
{}
~Impl()
+ {}
+
+ public:
+ static const unsigned defaultPriority = 99;
+ static const unsigned noPriority = unsigned(-1);
+
+ void setProbedType( const repo::RepoType & t ) const
{
- //MIL << std::endl;
+ if ( type == repo::RepoType::NONE
+ && t != repo::RepoType::NONE )
+ {
+ // lazy init!
+ const_cast<Impl*>(this)->type = t;
+ }
}
+
public:
- static const unsigned defaultPriority = 99;
+ /** Path to a license tarball in case it exists in the repo. */
+ Pathname licenseTgz( const std::string & name_r ) const
+ {
+ Pathname ret;
+ if ( !metadataPath().empty() )
+ {
+ std::string licenseStem( "license" );
+ if ( !name_r.empty() )
+ {
+ licenseStem += "-";
+ licenseStem += name_r;
+ }
+
+ filesystem::Glob g;
+ // TODO: REPOMD: this assumes we know the name of the tarball. In fact
+ // we'd need to get the file from repomd.xml (<data type="license[-name_r]">)
+ g.add( metadataPath() / path / ("repodata/*"+licenseStem+".tar.gz") );
+ if ( g.empty() )
+ g.add( metadataPath() / path / (licenseStem+".tar.gz") );
+
+ if ( !g.empty() )
+ ret = *g.begin();
+ }
+ return ret;
+ }
+
+ const RepoVariablesReplacedUrlList & baseUrls() const
+ {
+ const Url & mlurl( _mirrorListUrl.transformed() ); // Variables replaced!
+ if ( _baseUrls.empty() && ! mlurl.asString().empty() )
+ {
+ emptybaseurls = true;
+ DBG << "MetadataPath: " << metadataPath() << endl;
+ repo::RepoMirrorList rmurls( mlurl, metadataPath(), _mirrorListForceMetalink );
+ _baseUrls.raw().insert( _baseUrls.raw().end(), rmurls.getUrls().begin(), rmurls.getUrls().end() );
+ }
+ return _baseUrls;
+ }
+
+ RepoVariablesReplacedUrlList & baseUrls()
+ { return _baseUrls; }
+
+ bool baseurl2dump() const
+ { return !emptybaseurls && !_baseUrls.empty(); }
+
+
+ const RepoVariablesReplacedUrlList & gpgKeyUrls() const
+ { return _gpgKeyUrls; }
+
+ RepoVariablesReplacedUrlList & gpgKeyUrls()
+ { return _gpgKeyUrls; }
+
+
+ const std::set<std::string> & contentKeywords() const
+ { hasContent()/*init if not yet done*/; return _keywords.second; }
+
+ void addContent( const std::string & keyword_r )
+ { _keywords.second.insert( keyword_r ); if ( ! hasContent() ) _keywords.first = true; }
+
+ bool hasContent() const
+ {
+ if ( !_keywords.first && ! metadataPath().empty() )
+ {
+ // HACK directly check master index file until RepoManager offers
+ // some content probing and zypper uses it.
+ /////////////////////////////////////////////////////////////////
+ MIL << "Empty keywords...." << metadataPath() << endl;
+ Pathname master;
+ if ( PathInfo( (master=metadataPath()/"/repodata/repomd.xml") ).isFile() )
+ {
+ //MIL << "GO repomd.." << endl;
+ xml::Reader reader( master );
+ while ( reader.seekToNode( 2, "content" ) )
+ {
+ _keywords.second.insert( reader.nodeText().asString() );
+ reader.seekToEndNode( 2, "content" );
+ }
+ _keywords.first = true; // valid content in _keywords even if empty
+ }
+ else if ( PathInfo( (master=metadataPath()/"/content") ).isFile() )
+ {
+ //MIL << "GO content.." << endl;
+ iostr::forEachLine( InputStream( master ),
+ [this]( int num_r, std::string line_r )->bool
+ {
+ if ( str::startsWith( line_r, "REPOKEYWORDS" ) )
+ {
+ std::vector<std::string> words;
+ if ( str::split( line_r, std::back_inserter(words) ) > 1
+ && words[0].length() == 12 /*"REPOKEYWORDS"*/ )
+ {
+ this->_keywords.second.insert( ++words.begin(), words.end() );
+ }
+ return true; // mult. occurrances are ok.
+ }
+ return( ! str::startsWith( line_r, "META " ) ); // no need to parse into META section.
+ } );
+ _keywords.first = true; // valid content in _keywords even if empty
+ }
+ /////////////////////////////////////////////////////////////////
+ }
+ return _keywords.first;
+ }
+
+ bool hasContent( const std::string & keyword_r ) const
+ { return( hasContent() && _keywords.second.find( keyword_r ) != _keywords.second.end() ); }
+
+ /** Signature check result needs to be stored/retrieved from _metadataPath.
+ * Don't call them from outside validRepoSignature/setValidRepoSignature
+ */
+ //@{
+ TriBool internalValidRepoSignature() const
+ {
+ if ( ! indeterminate(_validRepoSignature) )
+ return _validRepoSignature;
+ // check metadata:
+ if ( ! metadataPath().empty() )
+ {
+ // A missing ".repo_gpgcheck" might be plaindir(no Downloader) or not yet refreshed signed repo!
+ TriBool linkval = triBoolFromPath( metadataPath() / ".repo_gpgcheck" );
+ return linkval;
+ }
+ return indeterminate;
+ }
+
+ void internalSetValidRepoSignature( TriBool value_r )
+ {
+ if ( PathInfo(metadataPath()).isDir() )
+ {
+ Pathname gpgcheckFile( metadataPath() / ".repo_gpgcheck" );
+ if ( PathInfo(gpgcheckFile).isExist() )
+ {
+ TriBool linkval( indeterminate );
+ if ( triBoolFromPath( gpgcheckFile, linkval ) && linkval == value_r )
+ return; // existing symlink fits value_r
+ else
+ filesystem::unlink( gpgcheckFile ); // will write a new one
+ }
+ filesystem::symlink( asString(value_r), gpgcheckFile );
+ }
+ _validRepoSignature = value_r;
+ }
+
+ /** We definitely have a symlink pointing to "indeterminate" (for repoGpgCheckIsMandatory)?
+ * I.e. user accepted the unsigned repo in Downloader. A test whether `internalValidRepoSignature`
+ * is indeterminate would include not yet checked repos, which is unwanted here.
+ */
+ bool internalUnsignedConfirmed() const
+ {
+ TriBool linkval( true ); // want to see it being switched to indeterminate
+ return triBoolFromPath( metadataPath() / ".repo_gpgcheck", linkval ) && indeterminate(linkval);
+ }
+
+ bool triBoolFromPath( const Pathname & path_r, TriBool & ret_r ) const
+ {
+ static const Pathname truePath( "true" );
+ static const Pathname falsePath( "false" );
+ static const Pathname indeterminatePath( "indeterminate" );
+
+ // Quiet readlink;
+ static const ssize_t bufsiz = 63;
+ static char buf[bufsiz+1];
+ ssize_t ret = ::readlink( path_r.c_str(), buf, bufsiz );
+ buf[ret == -1 ? 0 : ret] = '\0';
+
+ Pathname linkval( buf );
+
+ bool known = true;
+ if ( linkval == truePath )
+ ret_r = true;
+ else if ( linkval == falsePath )
+ ret_r = false;
+ else if ( linkval == indeterminatePath )
+ ret_r = indeterminate;
+ else
+ known = false;
+ return known;
+ }
+
+ TriBool triBoolFromPath( const Pathname & path_r ) const
+ { TriBool ret(indeterminate); triBoolFromPath( path_r, ret ); return ret; }
+
+ //@}
+
+ private:
+ TriBool _rawGpgCheck; ///< default gpgcheck behavior: Y/N/ZConf
+ TriBool _rawRepoGpgCheck; ///< need to check repo sign.: Y/N/(ZConf(Y/N/gpgCheck))
+ TriBool _rawPkgGpgCheck; ///< need to check pkg sign.: Y/N/(ZConf(Y/N/gpgCheck))
public:
- bool enabled;
- bool autorefresh;
- bool gpgcheck;
- bool keeppackages;
- Url gpgkey_url;
+ TriBool rawGpgCheck() const { return _rawGpgCheck; }
+ TriBool rawRepoGpgCheck() const { return _rawRepoGpgCheck; }
+ TriBool rawPkgGpgCheck() const { return _rawPkgGpgCheck; }
+
+ void rawGpgCheck( TriBool val_r ) { _rawGpgCheck = val_r; }
+ void rawRepoGpgCheck( TriBool val_r ) { _rawRepoGpgCheck = val_r; }
+ void rawPkgGpgCheck( TriBool val_r ) { _rawPkgGpgCheck = val_r; }
+
+ bool cfgGpgCheck() const
+ { return indeterminate(_rawGpgCheck) ? ZConfig::instance().gpgCheck() : (bool)_rawGpgCheck; }
+ TriBool cfgRepoGpgCheck() const
+ { return indeterminate(_rawGpgCheck) && indeterminate(_rawRepoGpgCheck) ? ZConfig::instance().repoGpgCheck() : _rawRepoGpgCheck; }
+ TriBool cfgPkgGpgCheck() const
+ { return indeterminate(_rawGpgCheck) && indeterminate(_rawPkgGpgCheck) ? ZConfig::instance().pkgGpgCheck() : _rawPkgGpgCheck; }
+
+ private:
+ TriBool _validRepoSignature;///< have signed and valid repo metadata
+ public:
+ TriBool keeppackages;
+ RepoVariablesReplacedUrl _mirrorListUrl;
+ bool _mirrorListForceMetalink;
repo::RepoType type;
- Url mirrorlist_url;
- std::set<Url> baseUrls;
Pathname path;
- std::string alias;
- std::string escaped_alias;
- std::string name;
- Pathname filepath;
- Pathname metadatapath;
- Pathname packagespath;
+ std::string service;
+ std::string targetDistro;
+
+ void metadataPath( Pathname new_r )
+ { _metadataPath = std::move( new_r ); }
+
+ void packagesPath( Pathname new_r )
+ { _packagesPath = std::move( new_r ); }
+
+ bool usesAutoMethadataPaths() const
+ { return str::hasSuffix( _metadataPath.asString(), "/%AUTO%" ); }
+
+ Pathname metadataPath() const
+ {
+ if ( usesAutoMethadataPaths() )
+ return _metadataPath.dirname() / "%RAW%";
+ return _metadataPath;
+ }
+
+ Pathname packagesPath() const
+ {
+ if ( _packagesPath.empty() && usesAutoMethadataPaths() )
+ return _metadataPath.dirname() / "%PKG%";
+ return _packagesPath;
+ }
+
DefaultIntegral<unsigned,defaultPriority> priority;
- public:
+ mutable bool emptybaseurls;
private:
+ Pathname _metadataPath;
+ Pathname _packagesPath;
+
+ mutable RepoVariablesReplacedUrlList _baseUrls;
+ mutable std::pair<FalseBool, std::set<std::string> > _keywords;
+
+ RepoVariablesReplacedUrlList _gpgKeyUrls;
+
friend Impl * rwcowClone<Impl>( const Impl * rhs );
/** clone for RWCOW_pointer */
Impl * clone() const
//
///////////////////////////////////////////////////////////////////
- ///////////////////////////////////////////////////////////////////
- //
- // METHOD NAME : RepoInfo::RepoInfo
- // METHOD TYPE : Ctor
- //
+ const RepoInfo RepoInfo::noRepo;
+
RepoInfo::RepoInfo()
: _pimpl( new Impl() )
{}
- ///////////////////////////////////////////////////////////////////
- //
- // METHOD NAME : RepoInfo::~RepoInfo
- // METHOD TYPE : Dtor
- //
RepoInfo::~RepoInfo()
- {
- //MIL << std::endl;
- }
+ {}
unsigned RepoInfo::priority() const
{ return _pimpl->priority; }
+
unsigned RepoInfo::defaultPriority()
{ return Impl::defaultPriority; }
- RepoInfo & RepoInfo::setPriority( unsigned newval_r )
- {
- _pimpl->priority = newval_r ? newval_r : Impl::defaultPriority;
- return *this;
- }
+ unsigned RepoInfo::noPriority()
+ { return Impl::noPriority; }
+
+ void RepoInfo::setPriority( unsigned newval_r )
+ { _pimpl->priority = newval_r ? newval_r : Impl::defaultPriority; }
- RepoInfo & RepoInfo::setEnabled( bool enabled )
- {
- _pimpl->enabled = enabled;
- return *this;
- }
- RepoInfo & RepoInfo::setAutorefresh( bool autorefresh )
+ bool RepoInfo::gpgCheck() const
+ { return _pimpl->cfgGpgCheck(); }
+
+ void RepoInfo::setGpgCheck( TriBool value_r )
+ { _pimpl->rawGpgCheck( value_r ); }
+
+ void RepoInfo::setGpgCheck( bool value_r ) // deprecated legacy and for squid
+ { setGpgCheck( TriBool(value_r) ); }
+
+
+ bool RepoInfo::repoGpgCheck() const
+ { return gpgCheck() || bool(_pimpl->cfgRepoGpgCheck()); }
+
+ bool RepoInfo::repoGpgCheckIsMandatory() const
{
- _pimpl->autorefresh = autorefresh;
- return *this;
+ bool ret = ( gpgCheck() && indeterminate(_pimpl->cfgRepoGpgCheck()) ) || bool(_pimpl->cfgRepoGpgCheck());
+ if ( ret && _pimpl->internalUnsignedConfirmed() ) // relax if unsigned repo was confirmed in the past
+ ret = false;
+ return ret;
}
- RepoInfo & RepoInfo::setGpgCheck( bool check )
+ void RepoInfo::setRepoGpgCheck( TriBool value_r )
+ { _pimpl->rawRepoGpgCheck( value_r ); }
+
+
+ bool RepoInfo::pkgGpgCheck() const
+ { return bool(_pimpl->cfgPkgGpgCheck()) || ( gpgCheck() && !bool(validRepoSignature())/*enforced*/ ) ; }
+
+ bool RepoInfo::pkgGpgCheckIsMandatory() const
+ { return bool(_pimpl->cfgPkgGpgCheck()) || ( gpgCheck() && indeterminate(_pimpl->cfgPkgGpgCheck()) && !bool(validRepoSignature())/*enforced*/ ); }
+
+ void RepoInfo::setPkgGpgCheck( TriBool value_r )
+ { _pimpl->rawPkgGpgCheck( value_r ); }
+
+
+ void RepoInfo::getRawGpgChecks( TriBool & g_r, TriBool & r_r, TriBool & p_r ) const
{
- _pimpl->gpgcheck = check;
- return *this;
+ g_r = _pimpl->rawGpgCheck();
+ r_r = _pimpl->rawRepoGpgCheck();
+ p_r = _pimpl->rawPkgGpgCheck();
}
- RepoInfo & RepoInfo::setMirrorListUrl( const Url &url )
+
+ TriBool RepoInfo::validRepoSignature() const
{
- _pimpl->mirrorlist_url = url;
- return *this;
+ TriBool ret( _pimpl->internalValidRepoSignature() );
+ if ( ret && !repoGpgCheck() ) ret = false; // invalidate any old signature if repoGpgCheck is off
+ return ret;
}
- RepoInfo & RepoInfo::setGpgKeyUrl( const Url &url )
+ void RepoInfo::setValidRepoSignature( TriBool value_r )
+ { _pimpl->internalSetValidRepoSignature( value_r ); }
+
+ ///////////////////////////////////////////////////////////////////
+ namespace
{
- _pimpl->gpgkey_url = url;
- return *this;
- }
+ inline bool changeGpgCheckTo( TriBool & lhs, TriBool rhs )
+ { if ( ! sameTriboolState( lhs, rhs ) ) { lhs = rhs; return true; } return false; }
- RepoInfo & RepoInfo::addBaseUrl( const Url &url )
+ inline bool changeGpgCheckTo( TriBool ogpg[3], TriBool g, TriBool r, TriBool p )
+ {
+ bool changed = false;
+ if ( changeGpgCheckTo( ogpg[0], g ) ) changed = true;
+ if ( changeGpgCheckTo( ogpg[1], r ) ) changed = true;
+ if ( changeGpgCheckTo( ogpg[2], p ) ) changed = true;
+ return changed;
+ }
+ } // namespace
+ ///////////////////////////////////////////////////////////////////
+ bool RepoInfo::setGpgCheck( GpgCheck mode_r )
{
- if ( _pimpl->baseUrls.size()==0 ) //first url
+ TriBool ogpg[3]; // Gpg RepoGpg PkgGpg
+ getRawGpgChecks( ogpg[0], ogpg[1], ogpg[2] );
+
+ bool changed = false;
+ switch ( mode_r )
{
- if ( url.isLocal() )
- setKeepPackages(false);
- else
- setKeepPackages(true);
+ case GpgCheck::On:
+ changed = changeGpgCheckTo( ogpg, true, indeterminate, indeterminate );
+ break;
+ case GpgCheck::Strict:
+ changed = changeGpgCheckTo( ogpg, true, true, true );
+ break;
+ case GpgCheck::AllowUnsigned:
+ changed = changeGpgCheckTo( ogpg, true, false, false );
+ break;
+ case GpgCheck::AllowUnsignedRepo:
+ changed = changeGpgCheckTo( ogpg, true, false, indeterminate );
+ break;
+ case GpgCheck::AllowUnsignedPackage:
+ changed = changeGpgCheckTo( ogpg, true, indeterminate, false );
+ break;
+ case GpgCheck::Default:
+ changed = changeGpgCheckTo( ogpg, indeterminate, indeterminate, indeterminate );
+ break;
+ case GpgCheck::Off:
+ changed = changeGpgCheckTo( ogpg, false, indeterminate, indeterminate );
+ break;
+ case GpgCheck::indeterminate: // no change
+ break;
}
- _pimpl->baseUrls.insert(url);
- return *this;
+ if ( changed )
+ {
+ setGpgCheck ( ogpg[0] );
+ setRepoGpgCheck( ogpg[1] );
+ setPkgGpgCheck ( ogpg[2] );
+ }
+ return changed;
}
- RepoInfo & RepoInfo::setBaseUrl( const Url &url )
- {
- _pimpl->baseUrls.clear();
- addBaseUrl(url);
- return *this;
- }
+ void RepoInfo::setMirrorListUrl( const Url & url_r ) // Raw
+ { _pimpl->_mirrorListUrl.raw() = url_r; _pimpl->_mirrorListForceMetalink = false; }
+
+ void RepoInfo::setMetalinkUrl( const Url & url_r ) // Raw
+ { _pimpl->_mirrorListUrl.raw() = url_r; _pimpl->_mirrorListForceMetalink = true; }
+
+ void RepoInfo::setGpgKeyUrls( url_set urls )
+ { _pimpl->gpgKeyUrls().raw().swap( urls ); }
- RepoInfo & RepoInfo::setPath( const Pathname &path )
+ void RepoInfo::setGpgKeyUrl( const Url & url_r )
{
- _pimpl->path = path;
- return *this;
+ _pimpl->gpgKeyUrls().raw().clear();
+ _pimpl->gpgKeyUrls().raw().push_back( url_r );
}
- RepoInfo & RepoInfo::setAlias( const std::string &alias )
+ Pathname RepoInfo::provideKey(const std::string &keyID_r, const Pathname &targetDirectory_r) const
{
- _pimpl->alias = alias;
- // replace slashes with underscores
- std::string fnd="/";
- std::string rep="_";
- std::string escaped_alias = alias;
- size_t pos = escaped_alias.find(fnd);
- while(pos!=string::npos)
- {
- escaped_alias.replace(pos,fnd.length(),rep);
- pos = escaped_alias.find(fnd,pos+rep.length());
+ if ( keyID_r.empty() )
+ return Pathname();
+
+ MIL << "Check for " << keyID_r << " at " << targetDirectory_r << endl;
+ std::string keyIDStr( keyID_r.size() > 8 ? keyID_r.substr( keyID_r.size()-8 ) : keyID_r ); // print short ID in Jobreports
+ filesystem::TmpDir tmpKeyRingDir;
+ KeyRing tempKeyRing(tmpKeyRingDir.path());
+
+ // translator: %1% is a gpg key ID like 3DBDC284
+ // %2% is a cache directories path
+ JobReport::info( str::Format(_("Looking for gpg key ID %1% in cache %2%.") ) % keyIDStr % targetDirectory_r );
+ filesystem::dirForEach(targetDirectory_r,
+ StrMatcher(".key", Match::STRINGEND),
+ [&tempKeyRing]( const Pathname & dir_r, const std::string & str_r ){
+ try {
+
+ // deprecate a month old keys
+ PathInfo fileInfo ( dir_r/str_r );
+ if ( Date::now() - fileInfo.mtime() > Date::month ) {
+ //if unlink fails, the file will be overriden in the next step, no need
+ //to show a error
+ filesystem::unlink( dir_r/str_r );
+ } else {
+ tempKeyRing.multiKeyImport(dir_r/str_r, true);
+ }
+ } catch (const KeyRingException& e) {
+ ZYPP_CAUGHT(e);
+ ERR << "Error importing cached key from file '"<<dir_r/str_r<<"'."<<endl;
+ }
+ return true;
+ });
+
+ // no key in the cache is what we are looking for, lets download
+ // all keys specified in gpgkey= entries
+ if ( !tempKeyRing.isKeyTrusted(keyID_r) ) {
+ if ( ! gpgKeyUrlsEmpty() ) {
+ // translator: %1% is a gpg key ID like 3DBDC284
+ // %2% is a repositories name
+ JobReport::info( str::Format(_("Looking for gpg key ID %1% in repository %2%.") ) % keyIDStr % asUserString() );
+ for ( const Url &url : gpgKeyUrls() ) {
+ try {
+ JobReport::info( " gpgkey=" + url.asString() );
+ ManagedFile f = MediaSetAccess::provideOptionalFileFromUrl( url );
+ if ( f->empty() )
+ continue;
+
+ PublicKey key(f);
+ if ( !key.isValid() )
+ continue;
+
+ // import all keys into our temporary keyring
+ tempKeyRing.multiKeyImport(f, true);
+
+ } catch ( const std::exception & e ) {
+ //ignore and continue to next url
+ ZYPP_CAUGHT(e);
+ MIL << "Key import from url:'"<<url<<"' failed." << endl;
+ }
+ }
+ }
+ else {
+ // translator: %1% is a repositories name
+ JobReport::info( str::Format(_("Repository %1% does not define additional 'gpgkey=' URLs.") ) % asUserString() );
+ }
}
- _pimpl->escaped_alias = escaped_alias;
- return *this;
- }
- RepoInfo & RepoInfo::setType( const repo::RepoType &t )
- {
- _pimpl->type = t;
- return *this;
- }
+ filesystem::assert_dir( targetDirectory_r );
- RepoInfo & RepoInfo::setName( const std::string &name )
- {
- _pimpl->name = name;
- return *this;
- }
+ //now write all keys into their own files in cache, override existing ones to always have
+ //up to date key data
+ for ( const auto & key: tempKeyRing.trustedPublicKeyData()) {
+ MIL << "KEY ID in KEYRING: " << key.id() << endl;
- RepoInfo & RepoInfo::setFilepath( const Pathname &filepath )
- {
- _pimpl->filepath = filepath;
- return *this;
- }
+ Pathname keyFile = targetDirectory_r/(str::Format("%1%.key") % key.rpmName()).asString();
- RepoInfo & RepoInfo::setMetadataPath( const Pathname &path )
- {
- _pimpl->metadatapath = path;
- return *this;
+ std::ofstream fout( keyFile.c_str(), std::ios_base::out | std::ios_base::trunc );
+
+ if (!fout)
+ ZYPP_THROW(Exception(str::form("Cannot open file %s",keyFile.c_str())));
+
+ tempKeyRing.dumpTrustedPublicKey( key.id(), fout );
+ }
+
+ // key is STILL not known, we give up
+ if ( !tempKeyRing.isKeyTrusted(keyID_r) ) {
+ return Pathname();
+ }
+
+ PublicKeyData keyData( tempKeyRing.trustedPublicKeyData( keyID_r ) );
+ if ( !keyData ) {
+ ERR << "Error when exporting key from temporary keychain." << endl;
+ return Pathname();
+ }
+
+ return targetDirectory_r/(str::Format("%1%.key") % keyData.rpmName()).asString();
}
- RepoInfo & RepoInfo::setPackagesPath( const Pathname &path )
+ void RepoInfo::addBaseUrl( const Url & url_r )
{
- _pimpl->packagespath = path;
- return *this;
+ for ( const auto & url : _pimpl->baseUrls().raw() ) // Raw unique!
+ if ( url == url_r )
+ return;
+ _pimpl->baseUrls().raw().push_back( url_r );
}
- RepoInfo & RepoInfo::setKeepPackages( bool keep )
+ void RepoInfo::setBaseUrl( const Url & url_r )
{
- _pimpl->keeppackages = keep;
- return *this;
+ _pimpl->baseUrls().raw().clear();
+ _pimpl->baseUrls().raw().push_back( url_r );
}
- bool RepoInfo::enabled() const
- { return _pimpl->enabled; }
+ void RepoInfo::setBaseUrls( url_set urls )
+ { _pimpl->baseUrls().raw().swap( urls ); }
- bool RepoInfo::autorefresh() const
- { return _pimpl->autorefresh; }
+ void RepoInfo::setPath( const Pathname &path )
+ { _pimpl->path = path; }
- bool RepoInfo::gpgCheck() const
- { return _pimpl->gpgcheck; }
+ void RepoInfo::setType( const repo::RepoType &t )
+ { _pimpl->type = t; }
- std::string RepoInfo::alias() const
- { return _pimpl->alias; }
+ void RepoInfo::setProbedType( const repo::RepoType &t ) const
+ { _pimpl->setProbedType( t ); }
- std::string RepoInfo::escaped_alias() const
- { return _pimpl->escaped_alias; }
- std::string RepoInfo::name() const
- {
- if ( _pimpl->name.empty() )
- {
- return alias();
- }
+ void RepoInfo::setMetadataPath( const Pathname &path )
+ { _pimpl->metadataPath( path ); }
- repo::RepoVariablesStringReplacer replacer;
- return replacer(_pimpl->name);
- }
+ void RepoInfo::setPackagesPath( const Pathname &path )
+ { _pimpl->packagesPath( path ); }
+
+ void RepoInfo::setKeepPackages( bool keep )
+ { _pimpl->keeppackages = keep; }
+
+ void RepoInfo::setService( const std::string& name )
+ { _pimpl->service = name; }
- Pathname RepoInfo::filepath() const
- { return _pimpl->filepath; }
+ void RepoInfo::setTargetDistribution( const std::string & targetDistribution )
+ { _pimpl->targetDistro = targetDistribution; }
+
+ bool RepoInfo::keepPackages() const
+ { return indeterminate(_pimpl->keeppackages) ? false : (bool)_pimpl->keeppackages; }
Pathname RepoInfo::metadataPath() const
- { return _pimpl->metadatapath; }
+ { return _pimpl->metadataPath(); }
Pathname RepoInfo::packagesPath() const
- { return _pimpl->packagespath; }
+ { return _pimpl->packagesPath(); }
+
+ bool RepoInfo::usesAutoMethadataPaths() const
+ { return _pimpl->usesAutoMethadataPaths(); }
repo::RepoType RepoInfo::type() const
{ return _pimpl->type; }
- Url RepoInfo::mirrorListUrl() const
- { return _pimpl->mirrorlist_url; }
+ Url RepoInfo::mirrorListUrl() const // Variables replaced!
+ { return _pimpl->_mirrorListUrl.transformed(); }
- Url RepoInfo::gpgKeyUrl() const
- { return _pimpl->gpgkey_url; }
+ Url RepoInfo::rawMirrorListUrl() const // Raw
+ { return _pimpl->_mirrorListUrl.raw(); }
- std::set<Url> RepoInfo::baseUrls() const
- {
- RepoInfo::url_set replaced_urls;
- repo::RepoVariablesUrlReplacer replacer;
- for ( url_set::const_iterator it = _pimpl->baseUrls.begin();
- it != _pimpl->baseUrls.end();
- ++it )
- {
- replaced_urls.insert(replacer(*it));
- }
- return replaced_urls;
+ bool RepoInfo::gpgKeyUrlsEmpty() const
+ { return _pimpl->gpgKeyUrls().empty(); }
- return _pimpl->baseUrls;
- }
+ RepoInfo::urls_size_type RepoInfo::gpgKeyUrlsSize() const
+ { return _pimpl->gpgKeyUrls().size(); }
+
+ RepoInfo::url_set RepoInfo::gpgKeyUrls() const // Variables replaced!
+ { return _pimpl->gpgKeyUrls().transformed(); }
+
+ RepoInfo::url_set RepoInfo::rawGpgKeyUrls() const // Raw
+ { return _pimpl->gpgKeyUrls().raw(); }
+
+ Url RepoInfo::gpgKeyUrl() const // Variables replaced!
+ { return( _pimpl->gpgKeyUrls().empty() ? Url() : *_pimpl->gpgKeyUrls().transformedBegin() ); }
+
+ Url RepoInfo::rawGpgKeyUrl() const // Raw
+ { return( _pimpl->gpgKeyUrls().empty() ? Url() : *_pimpl->gpgKeyUrls().rawBegin() ) ; }
+
+ RepoInfo::url_set RepoInfo::baseUrls() const // Variables replaced!
+ { return _pimpl->baseUrls().transformed(); }
+
+ RepoInfo::url_set RepoInfo::rawBaseUrls() const // Raw
+ { return _pimpl->baseUrls().raw(); }
Pathname RepoInfo::path() const
{ return _pimpl->path; }
+ std::string RepoInfo::service() const
+ { return _pimpl->service; }
+
+ std::string RepoInfo::targetDistribution() const
+ { return _pimpl->targetDistro; }
+
+ Url RepoInfo::rawUrl() const
+ { return( _pimpl->baseUrls().empty() ? Url() : *_pimpl->baseUrls().rawBegin() ); }
+
RepoInfo::urls_const_iterator RepoInfo::baseUrlsBegin() const
+ { return _pimpl->baseUrls().transformedBegin(); }
+
+ RepoInfo::urls_const_iterator RepoInfo::baseUrlsEnd() const
+ { return _pimpl->baseUrls().transformedEnd(); }
+
+ RepoInfo::urls_size_type RepoInfo::baseUrlsSize() const
+ { return _pimpl->baseUrls().size(); }
+
+ bool RepoInfo::baseUrlsEmpty() const
+ { return _pimpl->baseUrls().empty(); }
+
+ bool RepoInfo::baseUrlSet() const
+ { return _pimpl->baseurl2dump(); }
+
+ const std::set<std::string> & RepoInfo::contentKeywords() const
+ { return _pimpl->contentKeywords(); }
+
+ void RepoInfo::addContent( const std::string & keyword_r )
+ { _pimpl->addContent( keyword_r ); }
+
+ bool RepoInfo::hasContent() const
+ { return _pimpl->hasContent(); }
+
+ bool RepoInfo::hasContent( const std::string & keyword_r ) const
+ { return _pimpl->hasContent( keyword_r ); }
+
+ ///////////////////////////////////////////////////////////////////
+
+ bool RepoInfo::hasLicense() const
+ { return hasLicense( std::string() ); }
+
+ bool RepoInfo::hasLicense( const std::string & name_r ) const
+ { return !_pimpl->licenseTgz( name_r ).empty(); }
+
+
+ bool RepoInfo::needToAcceptLicense() const
+ { return needToAcceptLicense( std::string() ); }
+
+ bool RepoInfo::needToAcceptLicense( const std::string & name_r ) const
{
- return make_transform_iterator( _pimpl->baseUrls.begin(),
- repo::RepoVariablesUrlReplacer() );
- //return _pimpl->baseUrls.begin();
+ const Pathname & licenseTgz( _pimpl->licenseTgz( name_r ) );
+ if ( licenseTgz.empty() )
+ return false; // no licenses at all
+
+ ExternalProgram::Arguments cmd;
+ cmd.push_back( "tar" );
+ cmd.push_back( "-t" );
+ cmd.push_back( "-z" );
+ cmd.push_back( "-f" );
+ cmd.push_back( licenseTgz.asString() );
+ ExternalProgram prog( cmd, ExternalProgram::Stderr_To_Stdout );
+
+ bool accept = true;
+ static const std::string noAcceptanceFile = "no-acceptance-needed\n";
+ for ( std::string output( prog.receiveLine() ); output.length(); output = prog.receiveLine() )
+ {
+ if ( output == noAcceptanceFile )
+ {
+ accept = false;
+ }
+ }
+ prog.close();
+ MIL << "License(" << name_r << ") in " << name() << " has to be accepted: " << (accept?"true":"false" ) << endl;
+ return accept;
}
- RepoInfo::urls_const_iterator RepoInfo::baseUrlsEnd() const
+
+ std::string RepoInfo::getLicense( const Locale & lang_r )
+ { return const_cast<const RepoInfo *>(this)->getLicense( std::string(), lang_r ); }
+
+ std::string RepoInfo::getLicense( const Locale & lang_r ) const
+ { return getLicense( std::string(), lang_r ); }
+
+ std::string RepoInfo::getLicense( const std::string & name_r, const Locale & lang_r ) const
{
- //return _pimpl->baseUrls.end();
- return make_transform_iterator( _pimpl->baseUrls.end(),
- repo::RepoVariablesUrlReplacer() );
+ LocaleSet avlocales( getLicenseLocales( name_r ) );
+ if ( avlocales.empty() )
+ return std::string();
+
+ Locale getLang( Locale::bestMatch( avlocales, lang_r ) );
+ if ( !getLang && avlocales.find( Locale::noCode ) == avlocales.end() )
+ {
+ WAR << "License(" << name_r << ") in " << name() << " contains no fallback text!" << endl;
+ // Using the fist locale instead of returning no text at all.
+ // So the user might recognize that there is a license, even if he
+ // can't read it.
+ getLang = *avlocales.begin();
+ }
+
+ // now extract the license file.
+ static const std::string licenseFileFallback( "license.txt" );
+ std::string licenseFile( !getLang ? licenseFileFallback
+ : str::form( "license.%s.txt", getLang.c_str() ) );
+
+ ExternalProgram::Arguments cmd;
+ cmd.push_back( "tar" );
+ cmd.push_back( "-x" );
+ cmd.push_back( "-z" );
+ cmd.push_back( "-O" );
+ cmd.push_back( "-f" );
+ cmd.push_back( _pimpl->licenseTgz( name_r ).asString() ); // if it not exists, avlocales was empty.
+ cmd.push_back( licenseFile );
+
+ std::string ret;
+ ExternalProgram prog( cmd, ExternalProgram::Discard_Stderr );
+ for ( std::string output( prog.receiveLine() ); output.length(); output = prog.receiveLine() )
+ {
+ ret += output;
+ }
+ prog.close();
+ return ret;
}
- RepoInfo::urls_size_type RepoInfo::baseUrlsSize() const
- { return _pimpl->baseUrls.size(); }
- bool RepoInfo::baseUrlsEmpty() const
- { return _pimpl->baseUrls.empty(); }
+ LocaleSet RepoInfo::getLicenseLocales() const
+ { return getLicenseLocales( std::string() ); }
- bool RepoInfo::keepPackages() const
- { return _pimpl->keeppackages; }
+ LocaleSet RepoInfo::getLicenseLocales( const std::string & name_r ) const
+ {
+ const Pathname & licenseTgz( _pimpl->licenseTgz( name_r ) );
+ if ( licenseTgz.empty() )
+ return LocaleSet();
+
+ ExternalProgram::Arguments cmd;
+ cmd.push_back( "tar" );
+ cmd.push_back( "-t" );
+ cmd.push_back( "-z" );
+ cmd.push_back( "-f" );
+ cmd.push_back( licenseTgz.asString() );
+
+ LocaleSet ret;
+ ExternalProgram prog( cmd, ExternalProgram::Stderr_To_Stdout );
+ for ( std::string output( prog.receiveLine() ); output.length(); output = prog.receiveLine() )
+ {
+ static const C_Str license( "license." );
+ static const C_Str dotTxt( ".txt\n" );
+ if ( str::hasPrefix( output, license ) && str::hasSuffix( output, dotTxt ) )
+ {
+ if ( output.size() <= license.size() + dotTxt.size() ) // license.txt
+ ret.insert( Locale() );
+ else
+ ret.insert( Locale( std::string( output.c_str()+license.size(), output.size()- license.size() - dotTxt.size() ) ) );
+ }
+ }
+ prog.close();
+ return ret;
+ }
+
+ ///////////////////////////////////////////////////////////////////
std::ostream & RepoInfo::dumpOn( std::ostream & str ) const
{
- str << "--------------------------------------" << std::endl;
- str << "- alias : " << alias() << std::endl;
- for ( urls_const_iterator it = baseUrlsBegin();
- it != baseUrlsEnd();
- ++it )
+ RepoInfoBase::dumpOn(str);
+ if ( _pimpl->baseurl2dump() )
{
- str << "- url : " << *it << std::endl;
+ for ( const auto & url : _pimpl->baseUrls().raw() )
+ {
+ str << "- url : " << url << std::endl;
+ }
}
- str << "- path : " << path() << std::endl;
+
+ // print if non empty value
+ auto strif( [&] ( const std::string & tag_r, const std::string & value_r ) {
+ if ( ! value_r.empty() )
+ str << tag_r << value_r << std::endl;
+ });
+
+ strif( (_pimpl->_mirrorListForceMetalink ? "- metalink : " : "- mirrorlist : "), rawMirrorListUrl().asString() );
+ strif( "- path : ", path().asString() );
str << "- type : " << type() << std::endl;
- str << "- enabled : " << enabled() << std::endl;
str << "- priority : " << priority() << std::endl;
- str << "- autorefresh : " << autorefresh() << std::endl;
- str << "- gpgcheck : " << gpgCheck() << std::endl;
- str << "- gpgkey : " << gpgKeyUrl() << std::endl;
- str << "- keeppackages: " << keepPackages() << std::endl;
+ // Yes No Default(Y) Default(N)
+#define OUTS(T,B) ( indeterminate(T) ? (std::string("D(")+(B?"Y":"N")+")") : ((bool)T?"Y":"N") )
+ str << "- gpgcheck : " << OUTS(_pimpl->rawGpgCheck(),gpgCheck())
+ << " repo" << OUTS(_pimpl->rawRepoGpgCheck(),repoGpgCheck()) << (repoGpgCheckIsMandatory() ? "* ": " " )
+ << "sig" << asString( validRepoSignature(), "?", "Y", "N" )
+ << " pkg" << OUTS(_pimpl->rawPkgGpgCheck(),pkgGpgCheck()) << (pkgGpgCheckIsMandatory() ? "* ": " " )
+ << std::endl;
+#undef OUTS
+
+ for ( const auto & url : _pimpl->gpgKeyUrls().raw() )
+ {
+ str << "- gpgkey : " << url << std::endl;
+ }
+
+ if ( ! indeterminate(_pimpl->keeppackages) )
+ str << "- keeppackages: " << keepPackages() << std::endl;
+
+ strif( "- service : ", service() );
+ strif( "- targetdistro: ", targetDistribution() );
+ strif( "- filePath: ", filepath().asString() );
+ strif( "- metadataPath: ", metadataPath().asString() );
+ strif( "- packagesPath: ", packagesPath().asString() );
return str;
}
- std::ostream & RepoInfo::dumpRepoOn( std::ostream & str ) const
+ std::ostream & RepoInfo::dumpAsIniOn( std::ostream & str ) const
{
- // we save the original data without variable replacement
- str << "[" << alias() << "]" << endl;
- str << "name=" << _pimpl->name << endl;
+ RepoInfoBase::dumpAsIniOn(str);
- if ( ! _pimpl->baseUrls.empty() )
- str << "baseurl=";
- for ( url_set::const_iterator it = _pimpl->baseUrls.begin();
- it != _pimpl->baseUrls.end();
- ++it )
+ if ( _pimpl->baseurl2dump() )
{
- str << *it << endl;
+ str << "baseurl=";
+ std::string indent;
+ for ( const auto & url : _pimpl->baseUrls().raw() )
+ {
+ str << indent << url << endl;
+ if ( indent.empty() ) indent = " "; // "baseurl="
+ }
}
if ( ! _pimpl->path.empty() )
str << "path="<< path() << endl;
- if ( ! (_pimpl->mirrorlist_url.asString().empty()) )
- str << "mirrorlist=" << _pimpl->mirrorlist_url << endl;
+ if ( ! (rawMirrorListUrl().asString().empty()) )
+ str << (_pimpl->_mirrorListForceMetalink ? "metalink=" : "mirrorlist=") << rawMirrorListUrl() << endl;
str << "type=" << type().asString() << endl;
- str << "enabled=" << (enabled() ? "1" : "0") << endl;
if ( priority() != defaultPriority() )
str << "priority=" << priority() << endl;
- str << "autorefresh=" << (autorefresh() ? "1" : "0") << endl;
- str << "gpgcheck=" << (gpgCheck() ? "1" : "0") << endl;
- if ( ! (gpgKeyUrl().asString().empty()) )
- str << "gpgkey=" <<gpgKeyUrl() << endl;
+ if ( ! indeterminate(_pimpl->rawGpgCheck()) )
+ str << "gpgcheck=" << (_pimpl->rawGpgCheck() ? "1" : "0") << endl;
+
+ if ( ! indeterminate(_pimpl->rawRepoGpgCheck()) )
+ str << "repo_gpgcheck=" << (_pimpl->rawRepoGpgCheck() ? "1" : "0") << endl;
+
+ if ( ! indeterminate(_pimpl->rawPkgGpgCheck()) )
+ str << "pkg_gpgcheck=" << (_pimpl->rawPkgGpgCheck() ? "1" : "0") << endl;
+
+ {
+ std::string indent( "gpgkey=");
+ for ( const auto & url : _pimpl->gpgKeyUrls().raw() )
+ {
+ str << indent << url << endl;
+ if ( indent[0] != ' ' )
+ indent = " ";
+ }
+ }
+
+ if (!indeterminate(_pimpl->keeppackages))
+ str << "keeppackages=" << keepPackages() << endl;
- str << "keeppackages=" << keepPackages() << endl;
+ if( ! service().empty() )
+ str << "service=" << service() << endl;
return str;
}
+ std::ostream & RepoInfo::dumpAsXmlOn( std::ostream & str, const std::string & content ) const
+ {
+ std::string tmpstr;
+ str
+ << "<repo"
+ << " alias=\"" << escape(alias()) << "\""
+ << " name=\"" << escape(name()) << "\"";
+ if (type() != repo::RepoType::NONE)
+ str << " type=\"" << type().asString() << "\"";
+ str
+ << " priority=\"" << priority() << "\""
+ << " enabled=\"" << enabled() << "\""
+ << " autorefresh=\"" << autorefresh() << "\""
+ << " gpgcheck=\"" << gpgCheck() << "\""
+ << " repo_gpgcheck=\"" << repoGpgCheck() << "\""
+ << " pkg_gpgcheck=\"" << pkgGpgCheck() << "\"";
+ if (!(tmpstr = gpgKeyUrl().asString()).empty())
+ str << " gpgkey=\"" << escape(tmpstr) << "\"";
+ if (!(tmpstr = mirrorListUrl().asString()).empty())
+ str << (_pimpl->_mirrorListForceMetalink ? " metalink=\"" : " mirrorlist=\"") << escape(tmpstr) << "\"";
+ str << ">" << endl;
+
+ if ( _pimpl->baseurl2dump() )
+ {
+ for_( it, baseUrlsBegin(), baseUrlsEnd() ) // !transform iterator replaces variables
+ str << "<url>" << escape((*it).asString()) << "</url>" << endl;
+ }
+
+ str << "</repo>" << endl;
+ return str;
+ }
+
+
std::ostream & operator<<( std::ostream & str, const RepoInfo & obj )
{
return obj.dumpOn(str);
}
+ std::ostream & operator<<( std::ostream & str, const RepoInfo::GpgCheck & obj )
+ {
+ switch ( obj )
+ {
+#define OUTS( V ) case RepoInfo::V: return str << #V; break
+ OUTS( GpgCheck::On );
+ OUTS( GpgCheck::Strict );
+ OUTS( GpgCheck::AllowUnsigned );
+ OUTS( GpgCheck::AllowUnsignedRepo );
+ OUTS( GpgCheck::AllowUnsignedPackage );
+ OUTS( GpgCheck::Default );
+ OUTS( GpgCheck::Off );
+ OUTS( GpgCheck::indeterminate );
+#undef OUTS
+ }
+ return str << "GpgCheck::UNKNOWN";
+ }
+
/////////////////////////////////////////////////////////////////
} // namespace zypp
///////////////////////////////////////////////////////////////////
projects / platform / upstream / libzypp.git / blobdiff