| Message ID | 20220528141812.2355346-1-foxboron@archlinux.org |
|---|---|
| State | New, archived |
| Headers | show |
| Series | makepkg: Implement the verify function | expand |
On 29/5/22 00:18, Morten Linderud wrote: > From: Morten Linderud <morten@linderud.pw> > > This patch implements a new verify function in makepkg. It allows us to > do arbitrary authentication on sources before extraction. > > There are several new signing and validation methods being implemented > and it would be hard to have `makepkg` implement support for things such > as sequoia, cosign or minisign. This would allow us to distribute > generic validation functions. > > This also implements a new `copy_` routine for our protocols as we need > to have a separation between extracting sources and copying sources. I have looked at this patch and I have no idea what the copy_... is supposed to do here at all. Why would anything need copied into $srcdir before verification? This does not appear necessary for and of sequoia, cosign or minisign. Allan
On Sun, Jun 26, 2022 at 12:55:22AM +1000, Allan McRae wrote: > On 29/5/22 00:18, Morten Linderud wrote: > > From: Morten Linderud <morten@linderud.pw> > > > > This patch implements a new verify function in makepkg. It allows us to > > do arbitrary authentication on sources before extraction. > > > > There are several new signing and validation methods being implemented > > and it would be hard to have `makepkg` implement support for things such > > as sequoia, cosign or minisign. This would allow us to distribute > > generic validation functions. > > > > This also implements a new `copy_` routine for our protocols as we need > > to have a separation between extracting sources and copying sources. > > I have looked at this patch and I have no idea what the copy_... is supposed > to do here at all. Why would anything need copied into $srcdir before > verification? This does not appear necessary for and of sequoia, cosign or > minisign. > > Allan Currently makepkg does copying and extraction as one routine. Nothing is currently available in `$srcdir` and there is no way to have files available in `$srcdir` without actually extracting them as well. How could sequioa/cosign/minisign verify files if there is no files in `$srcdir`?
On 26/6/22 00:59, Morten Linderud wrote: > On Sun, Jun 26, 2022 at 12:55:22AM +1000, Allan McRae wrote: >> On 29/5/22 00:18, Morten Linderud wrote: >>> From: Morten Linderud <morten@linderud.pw> >>> >>> This patch implements a new verify function in makepkg. It allows us to >>> do arbitrary authentication on sources before extraction. >>> >>> There are several new signing and validation methods being implemented >>> and it would be hard to have `makepkg` implement support for things such >>> as sequoia, cosign or minisign. This would allow us to distribute >>> generic validation functions. >>> >>> This also implements a new `copy_` routine for our protocols as we need >>> to have a separation between extracting sources and copying sources. >> >> I have looked at this patch and I have no idea what the copy_... is supposed >> to do here at all. Why would anything need copied into $srcdir before >> verification? This does not appear necessary for and of sequoia, cosign or >> minisign. >> >> Allan > > Currently makepkg does copying and extraction as one routine. Nothing is > currently available in `$srcdir` and there is no way to have files available in > `$srcdir` without actually extracting them as well. > > How could sequioa/cosign/minisign verify files if there is no files in `$srcdir`? All other verification happens in $startdir. I don't see why a verify() function needs $srcdir. Allan
diff --git a/doc/PKGBUILD.5.asciidoc b/doc/PKGBUILD.5.asciidoc index 4ca8eb3b..e7743c88 100644 --- a/doc/PKGBUILD.5.asciidoc +++ b/doc/PKGBUILD.5.asciidoc @@ -344,6 +344,10 @@ function. fakeroot to ensure correct file permissions in the resulting package. All other functions will be run as the user calling makepkg. +*verify() Function*:: + An optional `verify()` function can be specified to implement arbiterary + source authentication. This function is run before sources are extracted. + *prepare() Function*:: An optional `prepare()` function can be specified in which operations to prepare the sources for building, such as patching, are performed. This diff --git a/doc/makepkg.8.asciidoc b/doc/makepkg.8.asciidoc index 38032e7b..75b2139f 100644 --- a/doc/makepkg.8.asciidoc +++ b/doc/makepkg.8.asciidoc @@ -168,6 +168,9 @@ Options *\--noprepare*:: Do not run the prepare() function in the PKGBUILD. +*\--noverify*:: + Do not run the verify() function in the PKGBUILD. + *\--sign*:: Sign the resulting package with gpg, overriding the setting in linkman:makepkg.conf[5]. diff --git a/scripts/libmakepkg/integrity.sh.in b/scripts/libmakepkg/integrity.sh.in index 070392fa..81f935df 100644 --- a/scripts/libmakepkg/integrity.sh.in +++ b/scripts/libmakepkg/integrity.sh.in @@ -42,4 +42,7 @@ check_source_integrity() { check_checksums "$@" check_pgpsigs "$@" fi + if (( VERIFYFUNC )); then + run_verify + fi } diff --git a/scripts/libmakepkg/source.sh.in b/scripts/libmakepkg/source.sh.in index e39dd16c..92dc71e4 100644 --- a/scripts/libmakepkg/source.sh.in +++ b/scripts/libmakepkg/source.sh.in @@ -69,6 +69,21 @@ download_sources() { done } +copy_sources(){ + msg "$(gettext "Copying sources...")" + local netfile all_sources + + get_all_sources_for_arch 'all_sources' + for netfile in "${all_sources[@]}"; do + local proto=$(get_protocol "$netfile") + if declare -f copy_$proto > /dev/null; then + copy_$proto "$netfile" + else + copy_file "$netfile" + fi + done +} + extract_sources() { msg "$(gettext "Extracting sources...")" local netfile all_sources diff --git a/scripts/libmakepkg/source/file.sh.in b/scripts/libmakepkg/source/file.sh.in index fa09d446..51452550 100644 --- a/scripts/libmakepkg/source/file.sh.in +++ b/scripts/libmakepkg/source/file.sh.in @@ -82,13 +82,20 @@ download_file() { fi } -extract_file() { +copy_file(){ local netfile=$1 local file=$(get_filename "$netfile") local filepath=$(get_filepath "$file") rm -f "$srcdir/${file}" ln -s "$filepath" "$srcdir/" +} + +extract_file() { + local netfile=$1 + + local file=$(get_filename "$netfile") + local filepath=$(get_filepath "$file") if in_array "$file" "${noextract[@]}"; then # skip source files in the noextract=() array diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 5aaabf63..b7b21af1 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -144,6 +144,9 @@ clean_up() { if (( PKGVERFUNC )); then rm -f "${pkgbase}-${fullver}-${CARCH}-pkgver.log"* fi + if (( VERIFYFUNC )); then + rm -f "${pkgbase}-${fullver}-${CARCH}-verify.log"* + fi if (( PREPAREFUNC )); then rm -f "${pkgbase}-${fullver}-${CARCH}-prepare.log"* fi @@ -447,6 +450,10 @@ run_function() { fi } +run_verify() { + run_function_safe "verify" +} + run_prepare() { run_function_safe "prepare" } @@ -973,6 +980,7 @@ while true; do -m|--nocolor) USE_COLOR='n'; PACMAN_OPTS+=("--color" "never") ;; --noarchive) NOARCHIVE=1 ;; --nocheck) RUN_CHECK='n' ;; + --noverify) RUN_VERIFY='n' ;; --noprepare) RUN_PREPARE='n' ;; --nosign) SIGNPKG='n' ;; -o|--nobuild) BUILDPKG=0 NOBUILD=1 ;; @@ -1093,7 +1101,7 @@ fi unset pkgname "${pkgbuild_schema_strings[@]}" "${pkgbuild_schema_arrays[@]}" unset "${known_hash_algos[@]/%/sums}" -unset -f pkgver prepare build check package "${!package_@}" +unset -f pkgver verify prepare build check package "${!package_@}" unset "${!makedepends_@}" "${!depends_@}" "${!source_@}" "${!checkdepends_@}" unset "${!optdepends_@}" "${!conflicts_@}" "${!provides_@}" "${!replaces_@}" unset "${!cksums_@}" "${!md5sums_@}" "${!sha1sums_@}" "${!sha224sums_@}" @@ -1165,6 +1173,12 @@ if (( ${#pkgname[@]} > 1 )) || have_function package_${pkgname}; then fi # test for available PKGBUILD functions +if have_function verify; then + # "Hide" verify() function if not going to be run + if [[ $RUN_VERIFY != "n" ]]; then + VERIFYFUNC=1 + fi +fi if have_function prepare; then # "Hide" prepare() function if not going to be run if [[ $RUN_PREPARE != "n" ]]; then @@ -1312,6 +1326,7 @@ if (( !REPKG )); then warning "$(gettext "Using existing %s tree")" "\$srcdir/" else download_sources + copy_sources check_source_integrity (( VERIFYSOURCE )) && exit $E_OK