Diff
Not logged in
Home Help Timeline Files Branches Tags Forum Tickets Wiki More... Login
Annotate Patch Side-by-side Diff

Differences From Artifact [4bb89e0f4b]:

To Artifact [3456f0b008]:

272
273
274
275
276
277
278

































279
280
281
282
283
284
285
286
287
288
289

290
291
292
293
294
295

296
297
298
299
300
301

302
303
304
305
306
307
308

272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321

322
323
324
325
326
327

328
329
330
331
332
333

334
335
336
337
338
339
340
341








+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+










-
+





-
+





-
+








        }

        incr counter
      }
    }
  }

  #
  # NOTE: This procedure attempts to verify that a configured implementation
  #       of OpenPGP is installed locally.  There are no arguments.  Script
  #       errors are raised if any problems are found.  The return value is
  #       undefined.
  #
  # <public>
  proc openPgpMustBeInstalled {} {
    variable openPgpInstalledCommand
    variable openPgpInstalledPattern

    if {[isEagle]} then {
      if {[catch {
        eval exec -success Success $openPgpInstalledCommand
      } result]} then {
        error "cannot use OpenPGP: may not be installed and/or configured"
      }
    } else {
      if {[catch {
        eval exec [subst $openPgpInstalledCommand]
      } result]} then {
        error "cannot use OpenPGP: may not be installed and/or configured"
      }
    }

    if {![info exists result] || \
        ![regexp -- $openPgpInstalledPattern $result]} then {
      error "cannot use OpenPGP: unknown or unsupported version"
    }

    return ""
  }

  #
  # NOTE: This procedure attempts to verify the OpenPGP signature contained
  #       in the specified (named) file.  Non-zero is only returned if the
  #       OpenPGP signature is verified successfully.  A script error should
  #       not be raised by this procedure.  The fileName argument must be
  #       the fully qualified path and file name of the OpenPGP signature
  #       file to verify.
  #
  # <public>
  proc verifyOpenPgpSignature { fileName } {
    variable openPgpCommand
    variable openPgpVerifyCommand

    if {[isEagle]} then {
      set fileName [appendArgs \" $fileName \"]

      if {[catch {
        eval exec -success Success [subst $openPgpCommand]
        eval exec -success Success [subst $openPgpVerifyCommand]
      }] == 0} then {
        return true
      }
    } else {
      if {[catch {
        eval exec [subst $openPgpCommand] 2>@1
        eval exec [subst $openPgpVerifyCommand] 2>@1
      }] == 0} then {
        return true
      }
    }

    return false
  }

1185
1186
1187
1188
1189
1190
1191


1192
1193
1194
1195
1196
1197
1198

1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233








+
+








          writeFile $fileName(2) $metadata(certificate)
        }

        #
        # NOTE: Attempt to verify the OpenPGP signature for the package
        #       script.
        #
        openPgpMustBeInstalled

        if {[verifyOpenPgpSignature $fileName(2)]} then {
          #
          # NOTE: Delete the temporary files that we created for the
          #       OpenPGP signature verification.
          #
          eval $script(cleanup)
        } else {

1729
1730
1731
1732
1733
1734
1735
1736






















1737
1738


1739
1740

1741
1742
1743


1744
1745
1746
1747
1748
1749
1750

1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794

1795
1796
1797

1798
1799


1800
1801
1802
1803
1804
1805
1806
1807
1808









+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

-
+
+

-
+

-
-
+
+








          [llength [package versions Garuda]] > 0} then {
        set autoRequireGaruda true
      } else {
        set autoRequireGaruda false
      }
    }

    #
    # NOTE: The command to use when attempting to verify that OpenPGP is
    #       installed locally.  This must be configured according to the
    #       implementation of OpenPGP in use.
    #
    variable openPgpInstalledCommand; # DEFAULT: gpg2 --version

    if {![info exists openPgpInstalledCommand]} then {
      set openPgpInstalledCommand {gpg2 --version}
    }

    #
    # NOTE: The regular expression pattern used when attempting to verify
    #       that OpenPGP is installed locally.  This must be configured
    #       according to the implementation of OpenPGP in use.
    #
    variable openPgpInstalledPattern; # DEFAULT: ^gpg \(GnuPG\) 2\.0\.

    if {![info exists openPgpInstalledPattern]} then {
      set openPgpInstalledPattern {^gpg \(GnuPG\) 2\.0\.}
    }

    #
    # NOTE: The command to use when verifying OpenPGP signatures for the
    #       downloaded package scripts.
    #       downloaded package scripts.  This must be configured according
    #       to the implementation of OpenPGP in use.
    #
    variable openPgpCommand; # DEFAULT: gpg2 --verify {${fileName}}
    variable openPgpVerifyCommand; # DEFAULT: gpg2 --verify {${fileName}}

    if {![info exists openPgpCommand]} then {
      set openPgpCommand {gpg2 --verify {${fileName}}}
    if {![info exists openPgpVerifyCommand]} then {
      set openPgpVerifyCommand {gpg2 --verify {${fileName}}}
    }

    #
    # NOTE: Verify that the package script matches the current language
    #       when called from the [package unknown] handler?
    #
    variable strictUnknownLanguage; # DEFAULT: true
This page was generated in about 0.011s by Fossil version 2.20 Tcl version 8.6.12 [658547aa7c] 2022-10-09 01:11:55