summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLuiz Ramos2012-07-22 22:05:16 -0300
committerJason Woodward2012-08-02 13:47:13 +0000
commitea329d741a16e11515e9936ca5adcea4a57028da (patch)
treede7bee4362254cf86e001fdd18583af450d567eb
parentcab5cd008c766df8c3708745416491eb4888b749 (diff)
downloadslapt-get-ea329d741a16e11515e9936ca5adcea4a57028da.tar.gz
included option --allow-unauthenticated
This option permits installation of repositories whose signatures were not verified for some "acceptable" reason
-rw-r--r--src/configuration.c1
-rw-r--r--src/configuration.h1
-rw-r--r--src/main.c38
-rw-r--r--src/main.h1
-rw-r--r--src/package.c27
5 files changed, 53 insertions, 15 deletions
diff --git a/src/configuration.c b/src/configuration.c
index a572a84..b4299c5 100644
--- a/src/configuration.c
+++ b/src/configuration.c
@@ -42,6 +42,7 @@ slapt_rc_config *slapt_init_config(void)
global_config->use_priority = SLAPT_FALSE;
global_config->working_dir[0] = '\0';
global_config->progress_cb = NULL;
+ global_config->gpgme_allow_unauth = SLAPT_FALSE; /* even without GPGME */
global_config->sources = slapt_init_source_list();
global_config->exclude_list = slapt_init_list();
diff --git a/src/configuration.h b/src/configuration.h
index 11d65b8..407a04a 100644
--- a/src/configuration.h
+++ b/src/configuration.h
@@ -38,6 +38,7 @@ typedef struct {
SLAPT_BOOL_T no_upgrade;
unsigned int retry;
SLAPT_BOOL_T use_priority;
+ SLAPT_BOOL_T gpgme_allow_unauth;
} slapt_rc_config;
/* initialize slapt_rc_config */
diff --git a/src/main.c b/src/main.c
index 86ef860..0d347bb 100644
--- a/src/main.c
+++ b/src/main.c
@@ -73,6 +73,7 @@ int main( int argc, char *argv[] )
{"install-set", 0, 0, SLAPT_INSTALL_DISK_SET_OPT},
#ifdef SLAPT_HAS_GPGME
{"add-keys", 0, 0, SLAPT_ADD_KEYS_OPT},
+ {"allow-unauthenticated", 0, 0, SLAPT_ALLOW_UNAUTH},
#endif
{"filelist", 0, 0, SLAPT_FILELIST},
{0, 0, 0, 0},
@@ -213,6 +214,9 @@ int main( int argc, char *argv[] )
case SLAPT_ADD_KEYS_OPT: /* retrieve GPG keys for sources */
do_action = ADD_KEYS;
break;
+ case SLAPT_ALLOW_UNAUTH: /* allow unauthenticated key */
+ initial_config->gpgme_allow_unauth = SLAPT_TRUE;
+ break;
#endif
case SLAPT_FILELIST:
do_action = FILELIST;
@@ -253,6 +257,7 @@ int main( int argc, char *argv[] )
global_config->remove_obsolete = initial_config->remove_obsolete;
global_config->retry = initial_config->retry;
global_config->simulate = initial_config->simulate;
+ global_config->gpgme_allow_unauth = initial_config->gpgme_allow_unauth;
slapt_free_rc_config(initial_config);
@@ -453,21 +458,24 @@ void usage(void)
printf(" --version %s\n",gettext("print version and license info"));
printf("\n");
printf(gettext("Options:\n"));
- printf(" -d, --download-only %s\n",gettext("only download pkg on install/upgrade"));
- printf(" -s, --simulate %s\n",gettext("show pkgs to be installed/upgraded"));
- printf(" -y, --no-prompt %s\n",gettext("do not prompt during install/upgrade"));
- printf(" -p, --prompt %s\n",gettext("always prompt during install/upgrade"));
- printf(" --reinstall %s\n",gettext("reinstall the pkg"));
- printf(" --ignore-excludes %s\n",gettext("install/upgrade excludes"));
- printf(" --no-md5 %s\n",gettext("do not perform md5 check sum"));
- printf(" --no-dep %s\n",gettext("skip dependency check"));
- printf(" --ignore-dep %s\n",gettext("ignore dependency failures"));
- printf(" --print-uris %s\n",gettext("print URIs only, do not download"));
- printf(" -S, --show-stats %s\n",gettext("show download statistics"));
- printf(" -c, --config [] %s\n",gettext("specify alternate slapt-getrc location"));
- printf(" --remove-obsolete %s\n",gettext("remove obsolete packages"));
- printf(" --retry [] %s\n",gettext("specify number of download retry attempts"));
- printf(" --no-upgrade %s\n",gettext("install package, do not attempt to upgrade"));
+ printf(" -d, --download-only %s\n",gettext("only download pkg on install/upgrade"));
+ printf(" -s, --simulate %s\n",gettext("show pkgs to be installed/upgraded"));
+ printf(" -y, --no-prompt %s\n",gettext("do not prompt during install/upgrade"));
+ printf(" -p, --prompt %s\n",gettext("always prompt during install/upgrade"));
+ printf(" --reinstall %s\n",gettext("reinstall the pkg"));
+ printf(" --ignore-excludes %s\n",gettext("install/upgrade excludes"));
+ printf(" --no-md5 %s\n",gettext("do not perform md5 check sum"));
+ printf(" --no-dep %s\n",gettext("skip dependency check"));
+ printf(" --ignore-dep %s\n",gettext("ignore dependency failures"));
+ printf(" --print-uris %s\n",gettext("print URIs only, do not download"));
+ printf(" -S, --show-stats %s\n",gettext("show download statistics"));
+ printf(" -c, --config [] %s\n",gettext("specify alternate slapt-getrc location"));
+ printf(" --remove-obsolete %s\n",gettext("remove obsolete packages"));
+ printf(" --retry [] %s\n",gettext("specify number of download retry attempts"));
+ printf(" --no-upgrade %s\n",gettext("install package, do not attempt to upgrade"));
+ #ifdef SLAPT_HAS_GPGME
+ printf(" --allow-unauthenticated %s\n",gettext("allow unauthenticated packages"));
+ #endif
}
void version_info(void)
diff --git a/src/main.h b/src/main.h
index f6df1b8..68bb74f 100644
--- a/src/main.h
+++ b/src/main.h
@@ -92,6 +92,7 @@ enum slapt_action {
#define SLAPT_NO_UPGRADE_OPT 'N'
#ifdef SLAPT_HAS_GPGME
#define SLAPT_ADD_KEYS_OPT 'k'
+ #define SLAPT_ALLOW_UNAUTH 'U'
#endif
#define SLAPT_FILELIST 'f'
diff --git a/src/package.c b/src/package.c
index e5d58cc..919c1e9 100644
--- a/src/package.c
+++ b/src/package.c
@@ -48,6 +48,11 @@ static slapt_pkg_info_t *find_or_requirement(slapt_pkg_list_t *avail_pkgs,
/* uncompress compressed package data */
static FILE *slapt_gunzip_file (const char *file_name,FILE *dest_file);
+#ifdef SLAPT_HAS_GPGME
+/* check if signature is unauthenticated by "acceptable" reasons */
+SLAPT_BOOL_T slapt_pkg_sign_is_unauthenticated(slapt_code_t code);
+#endif
+
/* parse the PACKAGES.TXT file */
slapt_pkg_list_t *slapt_get_available_pkgs(void)
{
@@ -2022,6 +2027,8 @@ int slapt_update_pkg_cache(const slapt_rc_config *global_config)
printf("%s\n",gettext("Verified"));
} else if (verified == SLAPT_CHECKSUMS_MISSING_KEY) {
printf("%s\n",gettext("No key for verification"));
+ } else if ((global_config->gpgme_allow_unauth == SLAPT_TRUE) && (slapt_pkg_sign_is_unauthenticated(verified) == SLAPT_TRUE)) {
+ printf("%s%s\n", slapt_strerror(verified), gettext(", but accepted as an exception"));
} else {
printf("%s\n",gettext(slapt_strerror(verified)));
source_dl_failed = 1;
@@ -2139,6 +2146,26 @@ int slapt_update_pkg_cache(const slapt_rc_config *global_config)
return source_dl_failed;
}
+#ifdef SLAPT_HAS_GPGME
+SLAPT_BOOL_T slapt_pkg_sign_is_unauthenticated(slapt_code_t code)
+{
+ switch (code)
+ {
+ case SLAPT_CHECKSUMS_NOT_VERIFIED_GPGME_KEY_REVOKED:
+ case SLAPT_CHECKSUMS_NOT_VERIFIED_GPGME_KEY_EXPIRED:
+ case SLAPT_CHECKSUMS_NOT_VERIFIED_GPGME_SIG_EXPIRED:
+ case SLAPT_CHECKSUMS_NOT_VERIFIED_GPGME_CRL_MISSING:
+ case SLAPT_CHECKSUMS_NOT_VERIFIED_GPGME_CRL_TOO_OLD:
+ case SLAPT_CHECKSUMS_NOT_VERIFIED_GPGME_BAD_POLICY:
+ return SLAPT_TRUE;
+ default:
+ break;
+ }
+
+ return SLAPT_FALSE;
+}
+#endif
+
slapt_pkg_list_t *slapt_init_pkg_list(void)
{
slapt_pkg_list_t *list = NULL;