From 8b9468fa1577d9c9b8e0c11d50484c72970856c4 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Thu, 1 Jun 2023 20:26:38 +0000 Subject: [PATCH] repos: Write database signature to the correct place Signed-off-by: Michael Tremer --- src/libpakfire/repo.c | 112 +++++++++++++++++++++--------------------- 1 file changed, 56 insertions(+), 56 deletions(-) diff --git a/src/libpakfire/repo.c b/src/libpakfire/repo.c index ded2237fc..4e51cfb99 100644 --- a/src/libpakfire/repo.c +++ b/src/libpakfire/repo.c @@ -1372,8 +1372,52 @@ PAKFIRE_EXPORT int pakfire_repo_refresh(struct pakfire_repo* repo, int force) { return pakfire_repo_refresh_metadata(repo, force); } -static int pakfire_repo_write_database(struct pakfire_repo* repo, const char* path, - char* filename, size_t length) { +static int pakfire_repo_sign_database(struct pakfire_repo* repo, struct pakfire_key* key, + const char* database_path) { + char signature_path[PATH_MAX]; + FILE* f = NULL; + FILE* s = NULL; + int r; + + // Compose the signature path + r = pakfire_string_format(signature_path, "%s.sig", database_path); + if (r) + return r; + + // Open the signature file for writing + s = fopen(signature_path, "w"); + if (!s) { + ERROR(repo->pakfire, "Could not open %s for writing: %m\n", signature_path); + r = 1; + goto ERROR; + } + + // Open the database for reading + f = fopen(database_path, "r"); + if (!f) { + ERROR(repo->pakfire, "Could not open %s for reading: %m\n", database_path); + r = 1; + goto ERROR; + } + + // Create the signature + r = pakfire_key_signf(key, s, f, "Database Signature"); + if (r) { + ERROR(repo->pakfire, "Could not sign the database: %m\n"); + goto ERROR; + } + +ERROR: + if (f) + fclose(f); + if (s) + fclose(s); + + return r; +} + +static int pakfire_repo_write_database(struct pakfire_repo* repo, struct pakfire_key* key, + const char* path, char* filename, size_t length) { char database[PATH_MAX]; char tmp[PATH_MAX]; int r; @@ -1429,6 +1473,15 @@ static int pakfire_repo_write_database(struct pakfire_repo* repo, const char* pa goto ERROR; } + // Sign the database + if (key) { + r = pakfire_repo_sign_database(repo, key, database); + if (r) { + ERROR(repo->pakfire, "Could not sign the database: %m\n"); + goto ERROR; + } + } + ERROR: if (f) fclose(f); @@ -1439,50 +1492,6 @@ ERROR: return r; } -static int pakfire_repo_sign_database(struct pakfire_repo* repo, struct pakfire_key* key, - const char* database_path) { - char signature_path[PATH_MAX]; - FILE* f = NULL; - FILE* s = NULL; - int r; - - // Compose the signature path - r = pakfire_string_format(signature_path, "%s.sig", database_path); - if (r) - return r; - - // Open the signature file for writing - s = fopen(signature_path, "w"); - if (!s) { - ERROR(repo->pakfire, "Could not open %s for writing: %m\n", signature_path); - r = 1; - goto ERROR; - } - - // Open the database for reading - f = fopen(database_path, "r"); - if (!f) { - ERROR(repo->pakfire, "Could not open %s for reading: %m\n", database_path); - r = 1; - goto ERROR; - } - - // Create the signature - r = pakfire_key_signf(key, s, f, "Database Signature"); - if (r) { - ERROR(repo->pakfire, "Could not sign the database: %m\n"); - goto ERROR; - } - -ERROR: - if (f) - fclose(f); - if (s) - fclose(s); - - return r; -} - static int pakfire_repo_write_metadata(struct pakfire_repo* repo, struct pakfire_key* key) { struct json_object* repomd = NULL; FILE* f = NULL; @@ -1502,19 +1511,10 @@ static int pakfire_repo_write_metadata(struct pakfire_repo* repo, struct pakfire char database[PATH_MAX]; // Write the database - r = pakfire_repo_write_database(repo, path, database, sizeof(database)); + r = pakfire_repo_write_database(repo, key, path, database, sizeof(database)); if (r) return r; - // Sign the database - if (key) { - r = pakfire_repo_sign_database(repo, key, database); - if (r) { - ERROR(repo->pakfire, "Could not sign the database: %m\n"); - goto ERROR; - } - } - // Compose JSON object repomd = json_object_new_object(); if (!repomd) { -- 2.39.5