3177N/A#!/usr/bin/python2.7
2026N/A#
2026N/A# CDDL HEADER START
2026N/A#
2026N/A# The contents of this file are subject to the terms of the
2026N/A# Common Development and Distribution License (the "License").
2026N/A# You may not use this file except in compliance with the License.
2026N/A#
2026N/A# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
2026N/A# or http://www.opensolaris.org/os/licensing.
2026N/A# See the License for the specific language governing permissions
2026N/A# and limitations under the License.
2026N/A#
2026N/A# When distributing Covered Code, include this CDDL HEADER in each
2026N/A# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
2026N/A# If applicable, add the following below this CDDL HEADER, with the
2026N/A# fields enclosed by brackets "[]" replaced with your own identifying
2026N/A# information: Portions Copyright [yyyy] [name of copyright owner]
2026N/A#
2026N/A# CDDL HEADER END
2026N/A#
2026N/A
2026N/A#
3321N/A# Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved.
2026N/A#
2026N/A
2026N/Aimport getopt
2026N/Aimport gettext
2962N/Aimport hashlib
2026N/Aimport locale
2026N/Aimport os
2026N/Aimport shutil
2026N/Aimport sys
2026N/Aimport tempfile
2026N/Aimport traceback
3339N/Aif sys.version_info[:2] >= (3, 4):
3339N/A from importlib import reload
3339N/Aelse:
3339N/A from imp import reload
3321N/A
3321N/Afrom cryptography import x509
3321N/Afrom cryptography.hazmat.backends import default_backend
3321N/Afrom cryptography.hazmat.primitives import serialization
3194N/Afrom imp import reload
2026N/A
2026N/Aimport pkg
2026N/Aimport pkg.actions as actions
2026N/Aimport pkg.client.api_errors as api_errors
2026N/Aimport pkg.client.transport.transport as transport
2962N/Aimport pkg.digest as digest
2026N/Aimport pkg.fmri as fmri
2026N/Aimport pkg.manifest as manifest
2026N/Aimport pkg.misc as misc
2026N/Aimport pkg.publish.transaction as trans
2026N/Afrom pkg.client import global_settings
2962N/Afrom pkg.client.debugvalues import DebugValues
2026N/Afrom pkg.misc import emsg, msg, PipeError
2026N/A
2026N/APKG_CLIENT_NAME = "pkgsign"
2026N/A
2026N/A# pkg exit codes
2026N/AEXIT_OK = 0
2026N/AEXIT_OOPS = 1
2026N/AEXIT_BADOPT = 2
2026N/AEXIT_PARTIAL = 3
2026N/A
2026N/Arepo_cache = {}
2026N/A
2026N/Adef error(text, cmd=None):
2026N/A """Emit an error message prefixed by the command name """
2026N/A
2026N/A if cmd:
3158N/A text = "{0}: {1}".format(cmd, text)
2962N/A
2026N/A else:
3158N/A text = "{0}: {1}".format(PKG_CLIENT_NAME, text)
2026N/A
2026N/A
2026N/A # If the message starts with whitespace, assume that it should come
2026N/A # *before* the command-name prefix.
2026N/A text_nows = text.lstrip()
2026N/A ws = text[:len(text) - len(text_nows)]
2026N/A
2026N/A # This has to be a constant value as we can't reliably get our actual
2026N/A # program name on all platforms.
2026N/A emsg(ws + text_nows)
2026N/A
2026N/Adef usage(usage_error=None, cmd=None, retcode=EXIT_BADOPT):
2026N/A """Emit a usage message and optionally prefix it with a more specific
2026N/A error message. Causes program to exit."""
2026N/A
2026N/A if usage_error:
2026N/A error(usage_error, cmd=cmd)
2026N/A emsg (_("""\
2026N/AUsage:
2405N/A pkgsign -s path_or_uri [-acikn] [--no-index] [--no-catalog]
2405N/A (fmri|pattern) ...
2026N/A"""))
2026N/A
2026N/A sys.exit(retcode)
2026N/A
2405N/Adef fetch_catalog(src_pub, xport, temp_root):
2026N/A """Fetch the catalog from src_uri."""
2026N/A
2026N/A if not src_pub.meta_root:
2026N/A # Create a temporary directory for catalog.
2026N/A cat_dir = tempfile.mkdtemp(dir=temp_root)
2026N/A src_pub.meta_root = cat_dir
2026N/A
2026N/A src_pub.transport = xport
2026N/A src_pub.refresh(True, True)
2026N/A
2405N/A return src_pub.catalog
2026N/A
2414N/Adef __make_tmp_cert(d, pth):
2414N/A try:
3321N/A with open(pth, "rb") as f:
3321N/A cert = x509.load_pem_x509_certificate(f.read(),
3321N/A default_backend())
3321N/A except (ValueError, IOError) as e:
3158N/A raise api_errors.BadFileFormat(_("The file {0} was expected to "
3158N/A "be a PEM certificate but it could not be read.").format(
3158N/A pth))
2414N/A fd, fp = tempfile.mkstemp(dir=d)
2414N/A with os.fdopen(fd, "wb") as fh:
3321N/A fh.write(cert.public_bytes(serialization.Encoding.PEM))
2414N/A return fp
2414N/A
2026N/Adef main_func():
2026N/A global_settings.client_name = "pkgsign"
2026N/A
2026N/A try:
2962N/A opts, pargs = getopt.getopt(sys.argv[1:], "a:c:i:k:ns:D:",
2405N/A ["help", "no-index", "no-catalog"])
3171N/A except getopt.GetoptError as e:
3158N/A usage(_("illegal global option -- {0}").format(e.opt))
2026N/A
2026N/A show_usage = False
2026N/A sig_alg = "rsa-sha256"
2026N/A cert_path = None
2026N/A key_path = None
2026N/A chain_certs = []
2026N/A add_to_catalog = True
2026N/A set_alg = False
2405N/A dry_run = False
2026N/A
2268N/A repo_uri = os.getenv("PKG_REPO", None)
2026N/A for opt, arg in opts:
2026N/A if opt == "-a":
2026N/A sig_alg = arg
2026N/A set_alg = True
2026N/A elif opt == "-c":
2026N/A cert_path = os.path.abspath(arg)
2026N/A if not os.path.isfile(cert_path):
3158N/A usage(_("{0} was expected to be a certificate "
3158N/A "but isn't a file.").format(cert_path))
2026N/A elif opt == "-i":
2026N/A p = os.path.abspath(arg)
2026N/A if not os.path.isfile(p):
3158N/A usage(_("{0} was expected to be a certificate "
3158N/A "but isn't a file.").format(p))
2026N/A chain_certs.append(p)
2026N/A elif opt == "-k":
2026N/A key_path = os.path.abspath(arg)
2026N/A if not os.path.isfile(key_path):
3158N/A usage(_("{0} was expected to be a key file "
3158N/A "but isn't a file.").format(key_path))
2405N/A elif opt == "-n":
2405N/A dry_run = True
2026N/A elif opt == "-s":
2268N/A repo_uri = misc.parse_uri(arg)
2026N/A elif opt == "--help":
2026N/A show_usage = True
2026N/A elif opt == "--no-catalog":
2026N/A add_to_catalog = False
2962N/A elif opt == "-D":
2962N/A try:
2962N/A key, value = arg.split("=", 1)
2962N/A DebugValues.set_value(key, value)
2962N/A except (AttributeError, ValueError):
3158N/A error(_("{opt} takes argument of form "
3158N/A "name=value, not {arg}").format(
3158N/A opt=opt, arg=arg))
2026N/A if show_usage:
2026N/A usage(retcode=EXIT_OK)
2026N/A
2268N/A if not repo_uri:
2268N/A usage(_("a repository must be provided"))
2268N/A
2026N/A if key_path and not cert_path:
2026N/A usage(_("If a key is given to sign with, its associated "
2026N/A "certificate must be given."))
2026N/A
2026N/A if cert_path and not key_path:
2026N/A usage(_("If a certificate is given, its associated key must be "
2026N/A "given."))
2026N/A
2026N/A if chain_certs and not cert_path:
2026N/A usage(_("Intermediate certificates are only valid if a key "
2026N/A "and certificate are also provided."))
2026N/A
2405N/A if not pargs:
2405N/A usage(_("At least one fmri or pattern must be provided to "
2405N/A "sign."))
2026N/A
2026N/A if not set_alg and not key_path:
2026N/A sig_alg = "sha256"
2026N/A
2026N/A s, h = actions.signature.SignatureAction.decompose_sig_alg(sig_alg)
2026N/A if h is None:
3158N/A usage(_("{0} is not a recognized signature algorithm.").format(
3158N/A sig_alg))
2026N/A if s and not key_path:
3158N/A usage(_("Using {0} as the signature algorithm requires that a "
2026N/A "key and certificate pair be presented using the -k and -c "
3158N/A "options.").format(sig_alg))
2026N/A if not s and key_path:
3158N/A usage(_("The {0} hash algorithm does not use a key or "
2026N/A "certificate. Do not use the -k or -c options with this "
3158N/A "algorithm.").format(sig_alg))
2026N/A
2962N/A if DebugValues:
2962N/A reload(digest)
2962N/A
2026N/A errors = []
2026N/A
2026N/A t = misc.config_temp_root()
2026N/A temp_root = tempfile.mkdtemp(dir=t)
2026N/A del t
2962N/A
2026N/A cache_dir = tempfile.mkdtemp(dir=temp_root)
2026N/A incoming_dir = tempfile.mkdtemp(dir=temp_root)
2286N/A chash_dir = tempfile.mkdtemp(dir=temp_root)
2414N/A cert_dir = tempfile.mkdtemp(dir=temp_root)
2026N/A
2026N/A try:
2414N/A chain_certs = [
2414N/A __make_tmp_cert(cert_dir, c) for c in chain_certs
2414N/A ]
2414N/A if cert_path is not None:
2414N/A cert_path = __make_tmp_cert(cert_dir, cert_path)
2414N/A
2026N/A xport, xport_cfg = transport.setup_transport()
2073N/A xport_cfg.add_cache(cache_dir, readonly=False)
2073N/A xport_cfg.incoming_root = incoming_dir
2026N/A
2405N/A # Configure publisher(s)
2405N/A transport.setup_publisher(repo_uri, "source", xport,
2026N/A xport_cfg, remote_prefix=True)
2405N/A pats = pargs
2028N/A successful_publish = False
2026N/A
2405N/A concrete_fmris = []
2405N/A unmatched_pats = set(pats)
2405N/A all_pats = frozenset(pats)
2405N/A get_all_pubs = False
2405N/A pub_prefs = set()
2405N/A # Gather the publishers whose catalogs will be needed.
2405N/A for pat in pats:
2026N/A try:
2405N/A p_obj = fmri.MatchingPkgFmri(pat)
3171N/A except fmri.IllegalMatchingFmri as e:
2405N/A errors.append(e)
2405N/A continue
2405N/A pub_prefix = p_obj.get_publisher()
2405N/A if pub_prefix:
2405N/A pub_prefs.add(pub_prefix)
2405N/A else:
2405N/A get_all_pubs = True
2405N/A # Check each publisher for matches to our patterns.
2405N/A for p in xport_cfg.gen_publishers():
2405N/A if not get_all_pubs and p.prefix not in pub_prefs:
2405N/A continue
2405N/A cat = fetch_catalog(p, xport, temp_root)
2591N/A ms, tmp1, u = cat.get_matching_fmris(pats)
2405N/A # Find which patterns matched.
2405N/A matched_pats = all_pats - u
2405N/A # Remove those patterns from the unmatched set.
2405N/A unmatched_pats -= matched_pats
2405N/A for v_list in ms.values():
2405N/A concrete_fmris.extend([(v, p) for v in v_list])
2405N/A if unmatched_pats:
2405N/A raise api_errors.PackageMatchErrors(
2405N/A unmatched_fmris=unmatched_pats)
2026N/A
2405N/A for pfmri, src_pub in sorted(set(concrete_fmris)):
2405N/A try:
2026N/A # Get the existing manifest for the package to
2405N/A # be signed.
2026N/A m_str = xport.get_manifest(pfmri,
2026N/A content_only=True, pub=src_pub)
2026N/A m = manifest.Manifest()
2073N/A m.set_content(content=m_str)
2026N/A
2026N/A # Construct the base signature action.
2026N/A attrs = { "algorithm": sig_alg }
2026N/A a = actions.signature.SignatureAction(cert_path,
2026N/A **attrs)
2026N/A a.hash = cert_path
2026N/A
2026N/A # Add the action to the manifest to be signed
2026N/A # since the action signs itself.
2026N/A m.add_action(a, misc.EmptyI)
2026N/A
2026N/A # Set the signature value and certificate
2026N/A # information for the signature action.
2026N/A a.set_signature(m.gen_actions(),
2286N/A key_path=key_path, chain_paths=chain_certs,
2286N/A chash_dir=chash_dir)
2286N/A
2286N/A # The hash of 'a' is currently a path, we need
2286N/A # to find the hash of that file to allow
2286N/A # comparison to existing signatures.
2286N/A hsh = None
2286N/A if cert_path:
2962N/A # Action identity still uses the 'hash'
2962N/A # member of the action, so we need to
2962N/A # stay with the sha1 hash.
2286N/A hsh, _dummy = \
2962N/A misc.get_data_digest(cert_path,
2962N/A hash_func=hashlib.sha1)
2286N/A
2286N/A # Check whether the signature about to be added
2286N/A # is identical, or almost identical, to existing
2286N/A # signatures on the package. Because 'a' has
2286N/A # already been added to the manifest, it is
2286N/A # generated by gen_actions_by_type, so the cnt
2286N/A # must be 2 or higher to be an issue.
2286N/A cnt = 0
2286N/A almost_identical = False
2286N/A for a2 in m.gen_actions_by_type("signature"):
2286N/A try:
2286N/A if a.identical(a2, hsh):
2286N/A cnt += 1
3171N/A except api_errors.AlmostIdentical as e:
2286N/A e.pkg = pfmri
2286N/A errors.append(e)
2286N/A almost_identical = True
2286N/A if almost_identical:
2286N/A continue
2286N/A if cnt == 2:
2286N/A continue
2286N/A elif cnt > 2:
2286N/A raise api_errors.DuplicateSignaturesAlreadyExist(pfmri)
3158N/A assert cnt == 1, "Cnt was:{0}".format(cnt)
2026N/A
2405N/A if not dry_run:
2405N/A # Append the finished signature action
2405N/A # to the published manifest.
2405N/A t = trans.Transaction(repo_uri,
2405N/A pkg_name=str(pfmri), xport=xport,
2405N/A pub=src_pub)
2405N/A try:
2405N/A t.append()
2405N/A t.add(a)
2405N/A for c in chain_certs:
2405N/A t.add_file(c)
2405N/A t.close(add_to_catalog=
2405N/A add_to_catalog)
2405N/A except:
2405N/A if t.trans_id:
2405N/A t.close(abandon=True)
2405N/A raise
3158N/A msg(_("Signed {0}").format(pfmri.get_fmri(
3158N/A include_build=False)))
2028N/A successful_publish = True
2026N/A except (api_errors.ApiException, fmri.FmriError,
3171N/A trans.TransactionError) as e:
2026N/A errors.append(e)
2026N/A if errors:
2026N/A error("\n".join([str(e) for e in errors]))
2028N/A if successful_publish:
2026N/A return EXIT_PARTIAL
2026N/A else:
2026N/A return EXIT_OOPS
2026N/A return EXIT_OK
3171N/A except api_errors.ApiException as e:
2026N/A error(e)
2026N/A return EXIT_OOPS
2026N/A finally:
2245N/A shutil.rmtree(temp_root)
2026N/A
2026N/A#
2026N/A# Establish a specific exit status which means: "python barfed an exception"
2026N/A# so that we can more easily detect these in testing of the CLI commands.
2026N/A#
2026N/Aif __name__ == "__main__":
3447N/A misc.setlocale(locale.LC_ALL, "", error)
3447N/A gettext.install("pkg", "/usr/share/locale",
3447N/A codeset=locale.getpreferredencoding())
3447N/A misc.set_fd_limits(printer=error)
3447N/A
2026N/A try:
2026N/A __ret = main_func()
2026N/A except (PipeError, KeyboardInterrupt):
2026N/A # We don't want to display any messages here to prevent
2026N/A # possible further broken pipe (EPIPE) errors.
2026N/A __ret = EXIT_OOPS
3171N/A except SystemExit as _e:
2026N/A raise _e
2026N/A except:
2026N/A traceback.print_exc()
2569N/A error(misc.get_traceback_message())
2026N/A __ret = 99
2026N/A sys.exit(__ret)