Diff
Not logged in
Home Help Timeline Files Branches Tags Forum Tickets Wiki More... Login
Annotate Patch Unified Diff

Differences From Artifact [9a56a1bf87]:

To Artifact [9f02f489ad]:

392
393
394
395
396
397
398
399
400
401
402
403
404




405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423




424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440


441
442
443
444
445
446
447
448
449
450
451
452
453
454



455
456
457
458
459

460
461
462
463
464




465














466















467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486

487
488
489
490
491
492
493

  #       OpenPGP installation directory was successfully detected and added
  #       to the PATH -OR- detecting and adding it was not necessary because
  #       it already appeared to be available for use.
  #
  # <internal>
  proc probeForOpenPgpInstallation {} {
    global env
    variable openPgpInstalledDirectory
    variable openPgpInstalledFileName

    if {[catch {openPgpMustBeInstalled}] == 0} then {
      return true
    }





    if {[isWindows]} then {
      if {[info exists env(ProgramFiles(x86))]} then {
        set programFiles $env(ProgramFiles\(x86\))
      } elseif {[info exists env(ProgramFiles)]} then {
        set programFiles $env(ProgramFiles)
      } else {
        return false
      }

      set directory [file join $programFiles $openPgpInstalledDirectory]
    } else {
      set directory $openPgpInstalledDirectory
    }

    if {![file isdirectory $directory]} then {
      return false
    }





    set fileName [file join $directory $openPgpInstalledFileName]

    if {[file exists $fileName] && [file isfile $fileName]} then {
      return [addToPath $directory]
    }

    return false
  }

  #
  # NOTE: This procedure attempts to verify that a configured implementation
  #       of OpenPGP is installed locally.  There are no arguments.  Script
  #       errors are raised if any problems are found.  The return value is
  #       undefined.
  #
  # <public>
  proc openPgpMustBeInstalled {} {


    variable openPgpInstalledCommand
    variable openPgpInstalledPattern

    set message {
      Cannot use OpenPGP: it does not appear to be installed.

      GNU Privacy Guard (GPG) may be downloaded from "https://www.gnupg.org/"
      and then installed.  Signed binaries for Windows may be available from
      "https://www.gpg4win.org/".

      Alternatively, it may be possible to install GNU Privacy Guard (GPG) via
      the package management subsystem included with your operating system.
    }




    if {[isEagle]} then {
      if {[catch {
        eval exec -success Success $openPgpInstalledCommand
      } result]} then {
        error $message

      }
    } else {
      if {[catch {
        eval exec $openPgpInstalledCommand
      } result]} then {




        error $message














      }















    }

    if {![info exists result] || \
        ![regexp -- $openPgpInstalledPattern $result]} then {
      error "cannot use OpenPGP: unknown or unsupported version"
    }

    return ""
  }

  #
  # NOTE: This procedure attempts to verify the OpenPGP signature contained
  #       in the specified (named) file.  Non-zero is only returned if the
  #       OpenPGP signature is verified successfully.  A script error should
  #       not be raised by this procedure.  The fileName argument must be
  #       the fully qualified path and file name of the OpenPGP signature
  #       file to verify.
  #
  # <public>
  proc verifyOpenPgpSignature { fileName } {

    variable openPgpVerifyCommand

    if {[isEagle]} then {
      set fileName [formatExecArgument $fileName]

      if {[catch {
        eval exec -success Success [subst $openPgpVerifyCommand]








|
|




>
>
>
>



















>
>
>
>
|
















>
>














>
>
>
|
|
|
|
<
>
|
|
|
|
|
>
>
>
>
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>




















>








392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471

472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540

  #       OpenPGP installation directory was successfully detected and added
  #       to the PATH -OR- detecting and adding it was not necessary because
  #       it already appeared to be available for use.
  #
  # <internal>
  proc probeForOpenPgpInstallation {} {
    global env
    variable openPgpFileNameOnly
    variable openPgpInstalledDirectory

    if {[catch {openPgpMustBeInstalled}] == 0} then {
      return true
    }

    if {![info exists openPgpInstalledDirectory]} then {
      return false
    }

    if {[isWindows]} then {
      if {[info exists env(ProgramFiles(x86))]} then {
        set programFiles $env(ProgramFiles\(x86\))
      } elseif {[info exists env(ProgramFiles)]} then {
        set programFiles $env(ProgramFiles)
      } else {
        return false
      }

      set directory [file join $programFiles $openPgpInstalledDirectory]
    } else {
      set directory $openPgpInstalledDirectory
    }

    if {![file isdirectory $directory]} then {
      return false
    }

    if {![info exists openPgpFileNameOnly]} then {
      return false
    }

    set fileName [file join $directory $openPgpFileNameOnly]

    if {[file exists $fileName] && [file isfile $fileName]} then {
      return [addToPath $directory]
    }

    return false
  }

  #
  # NOTE: This procedure attempts to verify that a configured implementation
  #       of OpenPGP is installed locally.  There are no arguments.  Script
  #       errors are raised if any problems are found.  The return value is
  #       undefined.
  #
  # <public>
  proc openPgpMustBeInstalled {} {
    variable openPgpFileNameOnly
    variable openPgpFileNamesOnly
    variable openPgpInstalledCommand
    variable openPgpInstalledPattern

    set message {
      Cannot use OpenPGP: it does not appear to be installed.

      GNU Privacy Guard (GPG) may be downloaded from "https://www.gnupg.org/"
      and then installed.  Signed binaries for Windows may be available from
      "https://www.gpg4win.org/".

      Alternatively, it may be possible to install GNU Privacy Guard (GPG) via
      the package management subsystem included with your operating system.
    }

    set found false

    foreach fileName $openPgpFileNamesOnly {
      if {[isEagle]} then {
        if {[catch {
          eval exec -success Success [subst $openPgpInstalledCommand]
        } result] == 0} then {

          set found true; break
        }
      } else {
        if {[catch {
          eval exec [subst $openPgpInstalledCommand]
        } result] == 0} then {
          set found true; break
        }
      }
    }

    if {$found} then {
      #
      # NOTE: Was this procedure already run -AND- did it actually find a
      #       viable OpenPGP file name?
      #
      if {[info exists openPgpFileNameOnly]} then {
        #
        # NOTE: If the OpenPGP file name that we found before (?) does not
        #       match what we already have, issue a log message.
        #
        if {$fileName ne $openPgpFileNameOnly} then {
          pkgLog [appendArgs \
              "the OpenPGP file name is being changed from \"" \
              $openPgpFileNameOnly "\" to \"" $fileName \"]

          set openPgpFileNameOnly $fileName
        }
      } else {
        #
        # NOTE: Configure the OpenPGP file name to the one that was just
        #       found.
        #
        set openPgpFileNameOnly $fileName
      }
    } else {
      #
      # NOTE: If no viable OpenPGP file name was found, raise the error
      #       message.
      #
      error $message
    }

    if {![info exists result] || \
        ![regexp -- $openPgpInstalledPattern $result]} then {
      error "cannot use OpenPGP: unknown or unsupported version"
    }

    return ""
  }

  #
  # NOTE: This procedure attempts to verify the OpenPGP signature contained
  #       in the specified (named) file.  Non-zero is only returned if the
  #       OpenPGP signature is verified successfully.  A script error should
  #       not be raised by this procedure.  The fileName argument must be
  #       the fully qualified path and file name of the OpenPGP signature
  #       file to verify.
  #
  # <public>
  proc verifyOpenPgpSignature { fileName } {
    variable openPgpFileNameOnly
    variable openPgpVerifyCommand

    if {[isEagle]} then {
      set fileName [formatExecArgument $fileName]

      if {[catch {
        eval exec -success Success [subst $openPgpVerifyCommand]

585
586
587
588
589
590
591

592
593
594
595
596
597
598

  #       signature is created successfully.  A script error should not be
  #       raised by this procedure.  The fileName argument must be the fully
  #       qualified path and file name of the file to be signed.
  #
  # <public>
  proc createOpenPgpSignature { fileName } {
    global env

    variable openPgpSignCommand

    if {[isEagle]} then {
      set fileName [formatExecArgument $fileName]

      if {[catch {
        eval exec -success Success [subst $openPgpSignCommand]








>








632
633
634
635
636
637
638
639
640
641
642
643
644
645
646

  #       signature is created successfully.  A script error should not be
  #       raised by this procedure.  The fileName argument must be the fully
  #       qualified path and file name of the file to be signed.
  #
  # <public>
  proc createOpenPgpSignature { fileName } {
    global env
    variable openPgpFileNameOnly
    variable openPgpSignCommand

    if {[isEagle]} then {
      set fileName [formatExecArgument $fileName]

      if {[catch {
        eval exec -success Success [subst $openPgpSignCommand]

618
619
620
621
622
623
624

625
626
627
628
629
630
631

  #       the fully qualified path and file name of the OpenPGP key file
  #       to import.  This procedure is only intended to be used from the
  #       "pkgr_setup.eagle" tool script and may go away in later versions
  #       of this package.
  #
  # <internal>
  proc importOpenPgpKeyFile { fileName varName } {

    variable openPgpImportCommand
    variable openPgpImportPattern

    if {[string length $varName] > 0} then {
      upvar 1 $varName result
    }









>








666
667
668
669
670
671
672
673
674
675
676
677
678
679
680

  #       the fully qualified path and file name of the OpenPGP key file
  #       to import.  This procedure is only intended to be used from the
  #       "pkgr_setup.eagle" tool script and may go away in later versions
  #       of this package.
  #
  # <internal>
  proc importOpenPgpKeyFile { fileName varName } {
    variable openPgpFileNameOnly
    variable openPgpImportCommand
    variable openPgpImportPattern

    if {[string length $varName] > 0} then {
      upvar 1 $varName result
    }


2065
2066
2067
2068
2069
2070
2071























































































































2072
2073
2074
2075
2076
2077
2078


      if {[file exists $fileName] && [file isfile $fileName]} then {
        uplevel 1 [list source $fileName]
      }
    }
  }
























































































































  #
  # NOTE: This procedure sets up the default values for all configuration
  #       parameters used by the package repository client.  There are no
  #       arguments.
  #
  proc setupPackageUnknownVars {} {
    #








>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>








2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246


      if {[file exists $fileName] && [file isfile $fileName]} then {
        uplevel 1 [list source $fileName]
      }
    }
  }

  #
  # NOTE: This procedure sets up the default values for all configuration
  #       parameters used to interact with the OpenPGP implementation.
  #       There are no arguments.
  #
  proc setupRepositoryOpenPgpVars {} {
    #
    # NOTE: This is the name of the sub-directory containing the OpenPGP
    #       implementation.  It is platform-specific.  On Windows, this
    #       sub-directory is relative to the "Program Files" directory.
    #
    variable openPgpInstalledDirectory; # DEFAULT: [file join GNU GnuPG]

    if {![info exists openPgpInstalledDirectory]} then {
      if {[isWindows]} then {
        set openPgpInstalledDirectory [file join GNU GnuPG]
      } else {
        set openPgpInstalledDirectory [file join / usr bin]
      }
    }

    #
    # NOTE: These are the candidate names of the executable file used to
    #       invoke the OpenPGP implementation, possibly without a file
    #       extension.
    #
    variable openPgpFileNamesOnly; # DEFAULT: [list gpg2 gpg]

    if {![info exists openPgpFileNamesOnly]} then {
      if {[isWindows]} then {
        set openPgpFileNamesOnly [list gpg2.exe gpg.exe]
      } else {
        set openPgpFileNamesOnly [list gpg2 gpg]
      }
    }

    #
    # NOTE: This is the name of the executable file used to invoke the
    #       OpenPGP implementation, possibly without a file extension.
    #
    variable openPgpFileNameOnly; # DEFAULT: <unset>

    #
    # NOTE: The command to use when attempting to import an OpenPGP key
    #       file.  This must be configured according to the implementation
    #       of OpenPGP in use.
    #
    variable openPgpImportCommand; # DEFAULT: gpg2 --import

    if {![info exists openPgpImportCommand]} then {
      set openPgpImportCommand \
          {{${openPgpFileNameOnly}} --import {${fileName}}}
    }

    #
    # NOTE: The regular expression pattern used when attempting to verify
    #       that OpenPGP successfully imported one or more keys.  This must
    #       be configured according to the implementation of OpenPGP in use.
    #
    variable openPgpImportPattern; # DEFAULT: ^gpg: Total number processed: 1$

    if {![info exists openPgpImportPattern]} then {
      set openPgpImportPattern {^gpg: Total number processed: 1$}
    }

    #
    # NOTE: The command to use when attempting to verify that OpenPGP is
    #       installed locally.  This must be configured according to the
    #       implementation of OpenPGP in use.
    #
    variable openPgpInstalledCommand; # DEFAULT: gpg2 --version

    if {![info exists openPgpInstalledCommand]} then {
      set openPgpInstalledCommand {{${fileName}} --version}
    }

    #
    # NOTE: The regular expression pattern used when attempting to verify
    #       that OpenPGP is installed locally.  This must be configured
    #       according to the implementation of OpenPGP in use.
    #
    variable openPgpInstalledPattern; # DEFAULT: ^gpg \(GnuPG\) 2\.[012]\.

    if {![info exists openPgpInstalledPattern]} then {
      set openPgpInstalledPattern {^gpg \(GnuPG\) 2\.[012]\.}
    }

    #
    # NOTE: The command to use when verifying OpenPGP signatures for the
    #       downloaded package scripts.  This must be configured according
    #       to the implementation of OpenPGP in use.
    #
    variable openPgpVerifyCommand; # DEFAULT: gpg2 --verify {${fileName}}

    if {![info exists openPgpVerifyCommand]} then {
      set openPgpVerifyCommand \
          {{${openPgpFileNameOnly}} --verify {${fileName}}}
    }

    #
    # NOTE: The command to use when creating OpenPGP signatures for the
    #       downloaded package scripts.  This must be configured according
    #       to the implementation of OpenPGP in use.
    #
    variable openPgpSignCommand; # DEFAULT: gpg2 --detach-sign ...

    if {![info exists openPgpSignCommand]} then {
      set openPgpSignCommand ""

      append openPgpSignCommand \
          {{${openPgpFileNameOnly}} --detach-sign --armor}

      append openPgpSignCommand \
          { --passphrase-file [formatExecArgument [getOpenPgpPassphraseFile]]}

      append openPgpSignCommand { --batch --yes {${fileName}}}
    }
  }

  #
  # NOTE: This procedure sets up the default values for all configuration
  #       parameters used by the package repository client.  There are no
  #       arguments.
  #
  proc setupPackageUnknownVars {} {
    #

2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243

          [llength [package versions Garuda]] > 0} then {
        set autoRequireGaruda true
      } else {
        set autoRequireGaruda false
      }
    }

    #
    # NOTE: This is the name of the sub-directory containing the OpenPGP
    #       implementation.  It is platform-specific.  On Windows, this
    #       sub-directory is relative to the "Program Files" directory.
    #
    variable openPgpInstalledDirectory; # DEFAULT: [file join GNU GnuPG]

    if {![info exists openPgpInstalledDirectory]} then {
      if {[isWindows]} then {
        set openPgpInstalledDirectory [file join GNU GnuPG]
      } else {
        set openPgpInstalledDirectory [file join / usr bin]
      }
    }

    #
    # NOTE: This is the name of the executable file used to invoke the
    #       OpenPGP implementation, without an extension.
    #
    variable openPgpInstalledFileName; # DEFAULT: gpg2

    if {![info exists openPgpInstalledFileName]} then {
      if {[isWindows]} then {
        set openPgpInstalledFileName gpg2.exe
      } else {
        set openPgpInstalledFileName gpg2
      }
    }

    #
    # NOTE: The command to use when attempting to import an OpenPGP key
    #       file.  This must be configured according to the implementation
    #       of OpenPGP in use.
    #
    variable openPgpImportCommand; # DEFAULT: gpg2 --import

    if {![info exists openPgpImportCommand]} then {
      set openPgpImportCommand {gpg2 --import {${fileName}}}
    }

    #
    # NOTE: The regular expression pattern used when attempting to verify
    #       that OpenPGP successfully imported one or more keys.  This must
    #       be configured according to the implementation of OpenPGP in use.
    #
    variable openPgpImportPattern; # DEFAULT: ^gpg: Total number processed: 1$

    if {![info exists openPgpImportPattern]} then {
      set openPgpImportPattern {^gpg: Total number processed: 1$}
    }

    #
    # NOTE: The command to use when attempting to verify that OpenPGP is
    #       installed locally.  This must be configured according to the
    #       implementation of OpenPGP in use.
    #
    variable openPgpInstalledCommand; # DEFAULT: gpg2 --version

    if {![info exists openPgpInstalledCommand]} then {
      set openPgpInstalledCommand {gpg2 --version}
    }

    #
    # NOTE: The regular expression pattern used when attempting to verify
    #       that OpenPGP is installed locally.  This must be configured
    #       according to the implementation of OpenPGP in use.
    #
    variable openPgpInstalledPattern; # DEFAULT: ^gpg \(GnuPG\) 2\.[01]\.

    if {![info exists openPgpInstalledPattern]} then {
      set openPgpInstalledPattern {^gpg \(GnuPG\) 2\.[01]\.}
    }

    #
    # NOTE: The command to use when verifying OpenPGP signatures for the
    #       downloaded package scripts.  This must be configured according
    #       to the implementation of OpenPGP in use.
    #
    variable openPgpVerifyCommand; # DEFAULT: gpg2 --verify {${fileName}}

    if {![info exists openPgpVerifyCommand]} then {
      set openPgpVerifyCommand {gpg2 --verify {${fileName}}}
    }

    #
    # NOTE: The command to use when creating OpenPGP signatures for the
    #       downloaded package scripts.  This must be configured according
    #       to the implementation of OpenPGP in use.
    #
    variable openPgpSignCommand; # DEFAULT: gpg2 --detach-sign ...

    if {![info exists openPgpSignCommand]} then {
      set openPgpSignCommand ""

      append openPgpSignCommand {gpg2 --detach-sign --armor}

      append openPgpSignCommand \
          { --passphrase-file [formatExecArgument [getOpenPgpPassphraseFile]]}

      append openPgpSignCommand { --batch --yes {${fileName}}}
    }

    #
    # NOTE: The command to use when creating Harpy signatures for downloaded
    #       package scripts.
    #
    variable harpySignCommand; # DEFAULT: {${shellFileName}} -file ...

    if {![info exists harpySignCommand]} then {








<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<








2296
2297
2298
2299
2300
2301
2302






































































































2303
2304
2305
2306
2307
2308
2309

          [llength [package versions Garuda]] > 0} then {
        set autoRequireGaruda true
      } else {
        set autoRequireGaruda false
      }
    }







































































































    #
    # NOTE: The command to use when creating Harpy signatures for downloaded
    #       package scripts.
    #
    variable harpySignCommand; # DEFAULT: {${shellFileName}} -file ...

    if {![info exists harpySignCommand]} then {

2381
2382
2383
2384
2385
2386
2387






2388
2389
2390
2391
2392
2393
2394

  #
  # NOTE: Setup the server and URI variables, in this namespace, that are
  #       used by this script.
  #
  setupRepositoryServerVars false
  setupRepositoryUriVars false







  #
  # NOTE: Setup the variables, within this namespace, used by this script.
  #
  setupPackageUnknownVars

  #
  # NOTE: Setup for our [package unknown] handler, which may involve a few








>
>
>
>
>
>








2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466

  #
  # NOTE: Setup the server and URI variables, in this namespace, that are
  #       used by this script.
  #
  setupRepositoryServerVars false
  setupRepositoryUriVars false

  #
  # NOTE: Setup the OpenPGP implementation related variables, in this
  #       namespace, that are used by this script.
  #
  setupRepositoryOpenPgpVars

  #
  # NOTE: Setup the variables, within this namespace, used by this script.
  #
  setupPackageUnknownVars

  #
  # NOTE: Setup for our [package unknown] handler, which may involve a few
This page was generated in about 0.011s by Fossil version 2.20 Tcl version 8.6.12 [658547aa7c] 2022-10-09 01:11:55