diff options
| author | Karen Arutyunov <karen@codesynthesis.com> | 2016-04-14 17:59:24 +0300 |
|---|---|---|
| committer | Karen Arutyunov <karen@codesynthesis.com> | 2016-05-04 20:47:45 +0300 |
| commit | b13332c991ce2695626eaca367dd8208b174c9ca (patch) | |
| tree | 809dc321b47d5ef9c72935637f94bf5b84ed640d /bpkg/rep-create.cxx | |
| parent | c9831f760a83e36a3a2ac84b1bd3f573e47ef195 (diff) | |
Add support for repository authentication
Diffstat (limited to 'bpkg/rep-create.cxx')
| -rw-r--r-- | bpkg/rep-create.cxx | 50 |
1 files changed, 43 insertions, 7 deletions
diff --git a/bpkg/rep-create.cxx b/bpkg/rep-create.cxx index 9c6f275..2ab52fb 100644 --- a/bpkg/rep-create.cxx +++ b/bpkg/rep-create.cxx @@ -13,6 +13,7 @@ #include <bpkg/manifest> #include <bpkg/manifest-serializer> +#include <bpkg/auth> #include <bpkg/fetch> #include <bpkg/archive> #include <bpkg/checksum> @@ -52,6 +53,7 @@ namespace bpkg static const path repositories ("repositories"); static const path packages ("packages"); + static const path signature ("signature"); static void collect (const rep_create_options& o, @@ -91,7 +93,7 @@ namespace bpkg // if (d == root) { - if (p == repositories || p == packages) + if (p == repositories || p == packages || p == signature) continue; } @@ -208,18 +210,52 @@ namespace bpkg manifests.emplace_back (move (m)); } - // Serialize. + // Serialize packages manifest, optionally generate the signature manifest. // path p (d / packages); try { - ofstream ofs; - ofs.exceptions (ofstream::badbit | ofstream::failbit); - ofs.open (p.string ()); + { + ofstream ofs; + ofs.exceptions (ofstream::badbit | ofstream::failbit); + ofs.open (p.string ()); + + manifest_serializer s (ofs, p.string ()); + manifests.serialize (s); + } + + const optional<string>& cert (rms.back ().certificate); + if (cert) + { + const string& key (o.key ()); + if (key.empty ()) + fail << "--key option required" << + info << "repository manifest contains a certificate" << + info << "run 'bpkg help rep-create' for more information"; + + signature_manifest m; + m.sha256sum = sha256 (o, p); + m.signature = sign_repository (o, m.sha256sum, key, *cert, d); - manifest_serializer s (ofs, p.string ()); - manifests.serialize (s); + p = path (d / signature); + + ofstream ofs; + ofs.exceptions (ofstream::badbit | ofstream::failbit); + ofs.open (p.string ()); + + manifest_serializer s (ofs, p.string ()); + m.serialize (s); + } + else + { + if (o.key_specified ()) + warn << "--key option ignored" << + info << "repository manifest contains no certificate" << + info << "run 'bpkg help rep-create' for more information"; + + try_rmfile (path (d / signature), true); + } } catch (const manifest_serialization& e) { |