deps fixes

2018-10-15 14:58:24 +02:00 · 2018-10-15 14:58:24 +02:00 · de0dcc79f4
commit de0dcc79f4
parent 14984b3199
2 changed files with 16 additions and 11 deletions
--- a/basic/srv/vm/mgr/pkgmgr.py
+++ b/basic/srv/vm/mgr/pkgmgr.py
@ -1,8 +1,10 @@
 # -*- coding: utf-8 -*-
 import json
 import os
 import requests
 import shutil
 import subprocess
 import tempfile
 from cryptography.exceptions import InvalidSignature
@ -20,6 +22,7 @@ class PackageManager:
        # Load JSON configuration
        with open(CONF_FILE, 'r') as f:
            self.conf = json.load(f)
        self.repo_url = self.conf['host']['repo']
        self.online_packages = {}
    def save_conf(self):
@ -29,9 +32,8 @@ class PackageManager:
    def get_online_packages(self):
        # Fetches and verifies online packages. Can raise InvalidSignature
-        repo_url = self.conf['host']['repo']
+        packages = requests.get('{}/packages'.format(self.repo_url)).content
-        packages = requests.get('{}/packages'.format(repo_url)).content
+        packages_sig = requests.get('{}/packages.sig'.format(self.repo_url)).content
        packages_sig = requests.get('{}/packages.sig'.format(repo_url)).content
        with open(PUB_FILE, 'rb') as f:
            pub_key = load_pem_public_key(f.read(), default_backend())
        pub_key.verify(packages_sig, packages, ec.ECDSA(hashes.SHA512()))
@ -47,20 +49,21 @@ class PackageManager:
    def download_package(self, name):
        # Downloads, verifies, unpacks and sets up a package
-        local_archive = tempfile.mkstemp('.tar.xz')
+        tmp_archive = tempfile.mkstemp('.tar.xz')[1]
        r = requests.get('{}/{}.tar.xz'.format(self.repo_url, name), auth=('test', 'txUqqZLaM.Z;3E2E'), stream=True) # TODO: Remove the testing password
-        with open(local_archive, 'wb') as f:
+        with open(tmp_archive, 'wb') as f:
            for chunk in r.iter_content(chunk_size=65536):
                if chunk:
                    f.write(chunk)
        # Verify hash
-        if self.online_packages[name]['sha512'] != hash_file(local_archive):
+        if self.online_packages[name]['sha512'] != hash_file(tmp_archive):
            raise InvalidSignature(name)
        # Unpack
-        subprocess.run(['tar', 'xJf', local_archive], cwd=LXC_ROOT)
+        subprocess.run(['tar', 'xJf', tmp_archive], cwd=LXC_ROOT)
-        os.unlink(local_archive)
+        os.unlink(tmp_archive)
-    def register_package(self, name, metadata):
+    def register_package(self, name):
        metadata = self.online_packages[name]
        self.conf['packages'][name] = {
            'version': metadata['version'],
        }
@ -84,9 +87,10 @@ class PackageManager:
            shutil.rmtree(setup_dir)
    def get_deps(self, name):
-        deps = self.online_packages[name]['deps'] + [name]
+        deps = self.online_packages[name]['deps'].copy()
        for dep in deps:
            deps[:0] = [d for d in self.get_deps(dep) if d not in deps]
        deps.append(name)
        return deps
 def hash_file(file_path):
--- a/zz-extra/lxc-pack
+++ b/zz-extra/lxc-pack
@ -54,6 +54,7 @@ def pack(pkg_file):
        with open(packages_file, 'r') as f:
            packages = json.load(f)
    packages[pkg_name] = meta
    packages[pkg_name]['sha512'] = hash_file(xz_path)
    with open(packages_file, 'w') as f:
        json.dump(packages, f, sort_keys=True, indent=4)