987 lines
29 KiB
Go
987 lines
29 KiB
Go
package lib
|
|
|
|
import (
|
|
"bytes"
|
|
"errors"
|
|
"io"
|
|
"os"
|
|
"strconv"
|
|
"strings"
|
|
|
|
"archive/tar"
|
|
"crypto/ed25519"
|
|
"encoding/binary"
|
|
"encoding/json"
|
|
"os/exec"
|
|
"path/filepath"
|
|
|
|
"github.com/Masterminds/semver"
|
|
"github.com/cespare/xxhash/v2"
|
|
"github.com/klauspost/compress/zstd"
|
|
)
|
|
|
|
// SpecialFiles is a struct that contains the special files that are not to be deleted or replaced
|
|
type SpecialFiles struct {
|
|
NoDelete []string `json:"noDelete"`
|
|
NoReplace []string `json:"noReplace"`
|
|
}
|
|
|
|
// Metadata is a struct that contains the metadata of the package
|
|
type Metadata struct {
|
|
Name string `json:"name"`
|
|
Description string `json:"desc"`
|
|
LongDescription string `json:"longDesc"`
|
|
Version *semver.Version
|
|
VersionString string `json:"version"`
|
|
Author string `json:"author"`
|
|
License string `json:"license"`
|
|
Architecture string `json:"arch"`
|
|
// The decompressed size may be larger than the int64 allocated for a compressed file
|
|
DecompressedSize int64
|
|
Dependencies []string `json:"deps"`
|
|
SpecialFiles SpecialFiles `json:"specialFiles"`
|
|
}
|
|
|
|
// Build is a struct that contains the build configuration of the package
|
|
type Build struct {
|
|
Type string `json:"type"`
|
|
Dependencies []string `json:"deps"`
|
|
Steps []string `json:"steps"`
|
|
TargetRoot string `json:"root"`
|
|
HooksFolder string `json:"hooks"`
|
|
FilesFolder string `json:"files"`
|
|
}
|
|
|
|
// Config is a struct that contains the configuration of the package
|
|
type Config struct {
|
|
Metadata Metadata `json:"metadata"`
|
|
Build Build `json:"build"`
|
|
}
|
|
|
|
// Log is a struct that contains the log information
|
|
type Log struct {
|
|
Level string
|
|
Content string
|
|
Prompt bool
|
|
}
|
|
|
|
// Logger is a struct that contains the functions and properties of the logger
|
|
type Logger struct {
|
|
LogFunc func(Log) string
|
|
PromptSupported bool
|
|
StdoutSupported bool
|
|
Stdout io.Writer
|
|
}
|
|
|
|
var ErrEternityJsonOpenError = errors.New("error opening eternity.json")
|
|
var ErrEternityJsonReadError = errors.New("error reading eternity.json")
|
|
var ErrEternityJsonParseError = errors.New("error parsing eternity.json")
|
|
var ErrEternityJsonMapError = errors.New("error mapping eternity.json")
|
|
|
|
// ParseConfig parses the eternity.json file
|
|
func ParseConfig(path string, logger *Logger) (Config, error, error) {
|
|
// Open eternity.json
|
|
logger.LogFunc(Log{
|
|
Level: "INFO",
|
|
Content: "Parsing eternity.json",
|
|
Prompt: false,
|
|
})
|
|
file, err := os.Open(path)
|
|
if err != nil {
|
|
return Config{}, err, ErrEternityJsonOpenError
|
|
}
|
|
|
|
// Parse the file as JSON
|
|
var config Config
|
|
decoder := json.NewDecoder(file)
|
|
err = decoder.Decode(&config)
|
|
if err != nil {
|
|
return Config{}, err, ErrEternityJsonParseError
|
|
}
|
|
|
|
// Map the JSON version to a semver version
|
|
config.Metadata.Version, err = semver.NewVersion(config.Metadata.VersionString)
|
|
if err != nil {
|
|
return Config{}, err, ErrEternityJsonMapError
|
|
}
|
|
|
|
// Return the final Config object
|
|
return config, nil, nil
|
|
}
|
|
|
|
var ErrBuildEPKTemporaryDirectoryError = errors.New("error creating temporary directory")
|
|
var ErrBuildEPKCreateHooksError = errors.New("error creating hooks directory")
|
|
var ErrBuildEPKCopyHooksError = errors.New("error copying hooks")
|
|
var ErrBuildEPKChrootError = errors.New("chroot builds are not supported yet")
|
|
var ErrBuildEPKUnrestrictedError = errors.New("unrestricted builds are not supported yet")
|
|
var ErrBuildEPKBuildShError = errors.New("error creating build.sh")
|
|
var ErrBuildEPKWritingBuildShError = errors.New("error writing to build.sh")
|
|
var ErrBuildEPKTargetRootError = errors.New("error creating target root")
|
|
var ErrBuildEPKExecutingBuildShError = errors.New("error executing build.sh")
|
|
var ErrBuildEPKCountingFilesError = errors.New("error counting files")
|
|
var ErrBuildEPKBadBuildType = errors.New("bad build type")
|
|
var ErrBuildEPKDirectoryDoesNotExist = errors.New("required directory does not exist")
|
|
var ErrBubbleWrapInsufficientPermissions = errors.New("bwrap does not have the necessary permissions")
|
|
|
|
// BuildEPK builds the EPK package into a build directory
|
|
func BuildEPK(projectDir string, inMemory bool, buildConfig Build, logger *Logger) (int64, string, error, error) {
|
|
var tempDir string
|
|
|
|
switch buildConfig.Type {
|
|
case "chroot":
|
|
return 0, "", nil, ErrBuildEPKChrootError
|
|
case "unrestricted":
|
|
return 0, "", nil, ErrBuildEPKUnrestrictedError
|
|
case "host":
|
|
// Set up the temp dir
|
|
var err error
|
|
if inMemory {
|
|
// Builds in /tmp. This means that the program must fit in RAM. Luckily, most programs do.
|
|
// If you're building a large program, you might want to consider using a disk build.
|
|
logger.LogFunc(Log{
|
|
Level: "INFO",
|
|
Content: "Creating temp directory",
|
|
Prompt: false,
|
|
})
|
|
tempDir, err = os.MkdirTemp("/tmp", "eternity-build-")
|
|
} else {
|
|
// Builds on disk. This is slower but if your program can't fit in RAM, you're out of luck.
|
|
// If your program can fit in RAM, you might want to consider using an in-memory build.
|
|
logger.LogFunc(Log{
|
|
Level: "INFO",
|
|
Content: "Creating temp directory on disk",
|
|
Prompt: false,
|
|
})
|
|
tempDir, err = os.MkdirTemp(projectDir, "eternity-build-")
|
|
}
|
|
if err != nil {
|
|
logger.LogFunc(Log{
|
|
Level: "INFO",
|
|
Content: "Failed to create temporary directory, returning the error",
|
|
Prompt: false,
|
|
})
|
|
return 0, tempDir, err, ErrBuildEPKTemporaryDirectoryError
|
|
}
|
|
|
|
// Copy the hooks folder
|
|
if buildConfig.HooksFolder != "" {
|
|
hooksDir := filepath.Join(projectDir, buildConfig.HooksFolder)
|
|
targetHooksDir := filepath.Join(tempDir, buildConfig.HooksFolder)
|
|
logger.LogFunc(Log{
|
|
Level: "INFO", Content: "Copying hooks from " + hooksDir + " to " + targetHooksDir, Prompt: false,
|
|
})
|
|
|
|
err = os.MkdirAll(targetHooksDir, 0755)
|
|
if err != nil {
|
|
return 0, tempDir, err, ErrBuildEPKCreateHooksError
|
|
}
|
|
|
|
err = os.CopyFS(targetHooksDir, os.DirFS(hooksDir))
|
|
if err != nil {
|
|
return 0, tempDir, err, ErrBuildEPKCopyHooksError
|
|
}
|
|
}
|
|
|
|
// Generate the shell script
|
|
logger.LogFunc(Log{
|
|
Level: "INFO", Content: "Generating shell script", Prompt: false,
|
|
})
|
|
|
|
// Create the shell script
|
|
shellScript := "#!/bin/sh\n"
|
|
for _, step := range buildConfig.Steps {
|
|
shellScript += step + "\n"
|
|
}
|
|
|
|
file, err := os.OpenFile(tempDir+"/build.sh", os.O_CREATE|os.O_RDWR, 0755)
|
|
if err != nil {
|
|
return 0, tempDir, err, ErrBuildEPKBuildShError
|
|
}
|
|
|
|
_, err = file.WriteString(shellScript)
|
|
if err != nil {
|
|
return 0, tempDir, err, ErrBuildEPKWritingBuildShError
|
|
}
|
|
|
|
// Set up the target root
|
|
targetRoot := filepath.Join(tempDir, buildConfig.TargetRoot)
|
|
err = os.MkdirAll(targetRoot, 0755)
|
|
if err != nil {
|
|
return 0, tempDir, err, ErrBuildEPKTargetRootError
|
|
}
|
|
|
|
// Execute the shell script in BWrap
|
|
logger.LogFunc(Log{
|
|
Level: "INFO", Content: "Starting up container environment (replicating host files)", Prompt: false,
|
|
})
|
|
|
|
// Allow me to explain why it's in BWrap. It's very difficult to cut off internet access without root, so I just
|
|
// copy-pasted most of the host files into the container, then disabled networking. This also allows us to use
|
|
// fakeroot and minimises the blast radius of a malicious package (hopefully) by not allowing the home directory
|
|
// or any files owned by root to be viewed or modified (too bad if you've got sensitive data in /var or /etc :P)
|
|
// Ensure all directories being bound exist
|
|
directoriesToCheck := []string{"/bin", "/lib", "/lib64", "/usr", "/etc", "/var", "/sys", "/opt", targetRoot, tempDir}
|
|
for _, dir := range directoriesToCheck {
|
|
if _, err := os.Stat(dir); os.IsNotExist(err) {
|
|
logger.LogFunc(Log{
|
|
Level: "ERROR",
|
|
Content: "Directory does not exist: " + dir,
|
|
Prompt: false,
|
|
})
|
|
return 0, tempDir, err, ErrBuildEPKDirectoryDoesNotExist
|
|
}
|
|
}
|
|
|
|
// ensure fakeroot-tcp is installed at /usr/bin/fakeroot-tcp
|
|
// if _, err := os.Stat("/usr/bin/fakeroot-tcp"); os.IsNotExist(err) {
|
|
// logger.LogFunc(Log{
|
|
// Level: "FATAL",
|
|
// Content: "fakeroot-tcp is not installed",
|
|
// Prompt: false,
|
|
// })
|
|
// return 0, tempDir, err, errors.New("fakeroot-tcp is not installed")
|
|
// }
|
|
|
|
// Check if bwrap is available and has the necessary permissions
|
|
logger.LogFunc(Log{
|
|
Level: "INFO",
|
|
Content: "Checking if bwrap is available and has the necessary permissions",
|
|
Prompt: false,
|
|
})
|
|
cmd := exec.Command("bwrap", "--version")
|
|
err = cmd.Run()
|
|
if err != nil {
|
|
logger.LogFunc(Log{
|
|
Level: "ERROR",
|
|
Content: "bwrap is not available or does not have the necessary permissions",
|
|
Prompt: false,
|
|
})
|
|
return 0, tempDir, err, ErrBubbleWrapInsufficientPermissions
|
|
}
|
|
|
|
logger.LogFunc(Log{
|
|
Level: "DEBUG",
|
|
Content: "Temp directory: " + tempDir,
|
|
Prompt: false,
|
|
})
|
|
logger.LogFunc(Log{
|
|
Level: "DEBUG",
|
|
Content: "Target root: " + targetRoot,
|
|
Prompt: false,
|
|
})
|
|
logger.LogFunc(Log{
|
|
Level: "DEBUG",
|
|
Content: "Joined path: " + filepath.Join("/", buildConfig.TargetRoot),
|
|
Prompt: false,
|
|
})
|
|
|
|
arguments := []string{
|
|
"--unshare-net",
|
|
"--bind", "/bin", "/bin",
|
|
"--bind", "/lib", "/lib",
|
|
"--bind", "/lib64", "/lib64",
|
|
"--bind", "/usr", "/usr",
|
|
"--bind", "/etc", "/etc",
|
|
"--bind", "/var", "/var",
|
|
"--bind", "/sys", "/sys",
|
|
"--bind", "/opt", "/opt",
|
|
"--bind", targetRoot, filepath.Join("/", buildConfig.TargetRoot),
|
|
"--bind", tempDir, "/eternity",
|
|
"--dev", "/dev",
|
|
"--tmpfs", "/run",
|
|
"--tmpfs", "/tmp",
|
|
"--proc", "/proc",
|
|
"/usr/bin/fakeroot-tcp", "--", // fakeroot-tcp still installs as "fakeroot" for some reason TODO: handle wrong fakeroot installation
|
|
"/bin/sh", "/eternity/build.sh",
|
|
}
|
|
|
|
if buildConfig.FilesFolder != "" {
|
|
logger.LogFunc(Log{
|
|
Level: "INFO",
|
|
Content: "Binding files folder to container",
|
|
Prompt: false,
|
|
})
|
|
arguments = arguments[:len(arguments)-4]
|
|
arguments = append(
|
|
arguments, "--bind", filepath.Join(projectDir, buildConfig.FilesFolder), filepath.Join("/", buildConfig.FilesFolder),
|
|
"/usr/bin/fakeroot-tcp", "--",
|
|
"/bin/sh", "/eternity/build.sh",
|
|
)
|
|
}
|
|
|
|
logger.LogFunc(Log{
|
|
Level: "INFO",
|
|
Content: "Executing build script in container",
|
|
Prompt: false,
|
|
})
|
|
logger.LogFunc(Log{
|
|
Level: "DEBUG",
|
|
Content: "Command: bwrap " + strings.Join(arguments, " "),
|
|
Prompt: false,
|
|
})
|
|
cmd = exec.Command("bwrap", arguments...)
|
|
if logger.StdoutSupported {
|
|
cmd.Stdout = logger.Stdout
|
|
}
|
|
var stdoutBuf, stderrBuf bytes.Buffer
|
|
cmd.Stdout = &stdoutBuf
|
|
cmd.Stderr = &stderrBuf
|
|
err = cmd.Run()
|
|
stdoutStr := stdoutBuf.String()
|
|
stderrStr := stderrBuf.String()
|
|
if logger.StdoutSupported {
|
|
logger.Stdout.Write([]byte(stdoutStr))
|
|
logger.Stdout.Write([]byte(stderrStr))
|
|
}
|
|
logger.LogFunc(Log{
|
|
Level: "INFO",
|
|
Content: "Command stdout: " + stdoutStr,
|
|
Prompt: false,
|
|
})
|
|
logger.LogFunc(Log{
|
|
Level: "INFO",
|
|
Content: "Command stderr: " + stderrStr,
|
|
Prompt: false,
|
|
})
|
|
if err != nil {
|
|
logger.LogFunc(Log{
|
|
Level: "ERROR",
|
|
Content: "Error occurred while executing build.sh, returning error",
|
|
Prompt: false,
|
|
})
|
|
return 0, tempDir, err, ErrBuildEPKExecutingBuildShError
|
|
}
|
|
|
|
logger.LogFunc(Log{
|
|
Level: "INFO",
|
|
Content: "Build finished",
|
|
Prompt: false,
|
|
})
|
|
// Hopefully, the build was successful. Let's give the user a file and size count.
|
|
var fileCount int
|
|
var sizeCount int64
|
|
// We start at -1 because the root directory is not counted
|
|
dirCount := -1
|
|
err = filepath.Walk(targetRoot, func(path string, info os.FileInfo, err error) error {
|
|
if info.IsDir() {
|
|
dirCount++
|
|
} else {
|
|
fileCount++
|
|
}
|
|
// Both directories and files need to have their sizes counted
|
|
sizeCount += info.Size()
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return 0, tempDir, err, ErrBuildEPKCountingFilesError
|
|
}
|
|
|
|
logger.LogFunc(Log{
|
|
Level: "INFO",
|
|
Content: "Build successful. " + strconv.Itoa(fileCount) + " files and " + strconv.Itoa(dirCount) +
|
|
" directories created," + " totalling " + strconv.FormatInt(sizeCount, 10) + " bytes.",
|
|
Prompt: false,
|
|
})
|
|
|
|
return sizeCount, tempDir, nil, nil
|
|
default:
|
|
return 0, "", errors.New(buildConfig.Type), ErrBuildEPKBadBuildType
|
|
}
|
|
}
|
|
|
|
// CreateTar creates a tar archive from a directory
|
|
func CreateTar(targetDir string, output io.Writer) error {
|
|
tarWriter := tar.NewWriter(output)
|
|
err := filepath.Walk(targetDir, func(path string, info os.FileInfo, err error) error {
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if !info.Mode().IsRegular() && info.Mode()&os.ModeSymlink == 0 {
|
|
return nil
|
|
}
|
|
|
|
header, err := tar.FileInfoHeader(info, path)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
header.Name = strings.TrimPrefix(strings.Replace(path, targetDir, "", -1), string(filepath.Separator))
|
|
|
|
if info.Mode()&os.ModeSymlink != 0 {
|
|
linkTarget, err := os.Readlink(path)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
header.Linkname = linkTarget
|
|
}
|
|
|
|
err = tarWriter.WriteHeader(header)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if info.Mode().IsRegular() {
|
|
file, err := os.Open(path)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
_, err = io.Copy(tarWriter, file)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
err = file.Close()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
return nil
|
|
})
|
|
|
|
if err != nil {
|
|
return err
|
|
} else {
|
|
err = tarWriter.Close()
|
|
if err != nil {
|
|
return err
|
|
} else {
|
|
return nil
|
|
}
|
|
}
|
|
}
|
|
|
|
// These errors are in the wrong order due to this function being rewritten.
|
|
// Oh well, not like it matters.
|
|
|
|
// ConstPackageEPKMagicNumber is the magic number for an EPK file: "epk" in ASCII / UTF-8
|
|
var ConstPackageEPKMagicNumber = []byte{0x65, 0x70, 0x6B}
|
|
|
|
// ConstPackageEPKBigEndian is the letter "b" in ASCII / UTF-8
|
|
var ConstPackageEPKBigEndian = []byte{0x62}
|
|
|
|
// ConstPackageEPKLittleEndian is the letter "l" in ASCII / UTF-8
|
|
var ConstPackageEPKLittleEndian = []byte{0x6C}
|
|
|
|
// ConstPackageEPKInitialByteOffset is the initial byte offset for an EPK file until we arrive at the signature. 12 = 3 + 1 + 8: 3 for the magic number, 1 for the endian, and 8 for the tar offset
|
|
var ConstPackageEPKInitialByteOffset int64 = 12
|
|
|
|
// ConstPackageEPKSignatureLength is the length of the signature
|
|
var ConstPackageEPKSignatureLength int64 = 64
|
|
|
|
// ConstPackageEPKPublicKeyLength is the length of the public key
|
|
var ConstPackageEPKPublicKeyLength int64 = 32
|
|
|
|
// ConstPackageEPKMetadataOffset is the offset of the metadata in the EPK file
|
|
var ConstPackageEPKMetadataOffset = 108
|
|
|
|
// All these errors are out of order once I rewrote this to stream instead of using a buffer.
|
|
// Oh well, not like it matters.
|
|
|
|
var ErrPackageEPKFailedToWriteHash = errors.New("error writing hash to EPK file")
|
|
var ErrPackageEPKFailedToSeek = errors.New("error seeking in EPK file")
|
|
var ErrPackageEPKCreateDistDirError = errors.New("error creating dist directory")
|
|
var ErrPackageEPKMoveToDistError = errors.New("error moving to dist directory")
|
|
var ErrPackageEPKTarError = errors.New("error creating tar")
|
|
var ErrPackageEPKJSONMarshal = errors.New("error marshalling JSON")
|
|
var ErrPackageEPKCreateCompressionWriterError = errors.New("error creating ZStandard writer")
|
|
var ErrPackageEPKCompressCloseError = errors.New("error closing EPK ZStandard writer")
|
|
var ErrPackageEPKCannotOpenFile = errors.New("error opening EPK file for writing")
|
|
var ErrPackageEPKCannotWriteFile = errors.New("error writing to EPK file")
|
|
var ErrPackageEPKCannotCloseFile = errors.New("error closing EPK file")
|
|
|
|
// PackageEPK packages the EPK work directory into an EPK file
|
|
func PackageEPK(metaData Metadata, build Build, tempDir string, output string, privateKey ed25519.PrivateKey, logger *Logger) (error, error) {
|
|
// Create the EPK
|
|
logger.LogFunc(Log{
|
|
Level: "INFO", Content: "Packaging EPK", Prompt: false,
|
|
})
|
|
|
|
// Ok. Let's construct targetDir, then hooksDir
|
|
targetDir := filepath.Join(tempDir, build.TargetRoot)
|
|
distDir := tempDir + "/dist"
|
|
|
|
err := os.MkdirAll(distDir, 0755)
|
|
if err != nil {
|
|
return err, ErrPackageEPKCreateDistDirError
|
|
}
|
|
|
|
err = os.Rename(targetDir, distDir+"/root")
|
|
if err != nil {
|
|
return err, ErrPackageEPKMoveToDistError
|
|
}
|
|
|
|
if build.HooksFolder != "" {
|
|
hooksDir := filepath.Join(tempDir, build.HooksFolder)
|
|
err = os.Rename(hooksDir, distDir+"/hooks")
|
|
if err != nil {
|
|
return err, ErrPackageEPKMoveToDistError
|
|
}
|
|
}
|
|
|
|
// Map the metadata to a JSON string
|
|
logger.LogFunc(Log{
|
|
Level: "INFO", Content: "Calculating package metadata", Prompt: false,
|
|
})
|
|
|
|
dataTemplate := map[string]interface{}{
|
|
"name": metaData.Name,
|
|
"author": metaData.Author,
|
|
"version": metaData.Version.String(),
|
|
"desc": metaData.Description,
|
|
"longDesc": metaData.LongDescription,
|
|
"license": metaData.License,
|
|
"arch": metaData.Architecture,
|
|
"deps": metaData.Dependencies,
|
|
"specialFiles": map[string][]string{
|
|
"noDelete": metaData.SpecialFiles.NoDelete,
|
|
"noReplace": metaData.SpecialFiles.NoReplace,
|
|
},
|
|
"size": metaData.DecompressedSize,
|
|
}
|
|
|
|
// Make the data template into a JSON string
|
|
dataTemplateBytes, err := json.Marshal(dataTemplate)
|
|
if err != nil {
|
|
return err, ErrPackageEPKJSONMarshal
|
|
}
|
|
|
|
// Calculate the offsets
|
|
logger.LogFunc(Log{
|
|
Level: "INFO", Content: "Calculating binary offsets", Prompt: false,
|
|
})
|
|
|
|
// Calculate the length of the data template
|
|
var dataTemplateLength int64
|
|
for range dataTemplateBytes {
|
|
dataTemplateLength++
|
|
}
|
|
|
|
// Calculate the tar offset
|
|
var tarOffset int64 = int64(ConstPackageEPKMetadataOffset) + dataTemplateLength
|
|
|
|
logger.LogFunc(Log{
|
|
Level: "INFO", Content: "Calculating binary properties", Prompt: false,
|
|
})
|
|
|
|
// We need to determine the endianness of the architecture so that it's optimal for the target system
|
|
// We assume little-endian by default because most architectures are little-endian (why would you use big-endian?)
|
|
littleEndian := true
|
|
switch metaData.Architecture {
|
|
case "ppc64":
|
|
littleEndian = false
|
|
case "ppc":
|
|
littleEndian = false
|
|
case "mips64":
|
|
littleEndian = false
|
|
case "mips":
|
|
littleEndian = false
|
|
case "s390":
|
|
littleEndian = false
|
|
case "s390x":
|
|
littleEndian = false
|
|
case "sparc64":
|
|
littleEndian = false
|
|
case "sparc":
|
|
littleEndian = false
|
|
default:
|
|
littleEndian = true
|
|
}
|
|
|
|
// Create the byte arrays for the tar offset
|
|
tarOffsetBytes := make([]byte, 8)
|
|
|
|
// Write as much as we can to the file
|
|
logger.LogFunc(Log{
|
|
Level: "INFO", Content: "Writing to file", Prompt: false,
|
|
})
|
|
|
|
// Open the file buffer
|
|
file, err := os.OpenFile(output, os.O_CREATE|os.O_RDWR|os.O_TRUNC, 0644)
|
|
if err != nil {
|
|
return err, ErrPackageEPKCannotOpenFile
|
|
}
|
|
|
|
// Write the magic number
|
|
_, err = file.Write(ConstPackageEPKMagicNumber)
|
|
if err != nil {
|
|
return err, ErrPackageEPKCannotWriteFile
|
|
}
|
|
|
|
// Write the endianness and correct the offsets based on the endianness
|
|
// I know it's wasteful to convert an int64 to an uint64, but binary doesn't support int64 with custom Endian-ness
|
|
// and file.Seek doesn't
|
|
// support uint64.
|
|
if littleEndian {
|
|
binary.LittleEndian.PutUint64(tarOffsetBytes, uint64(tarOffset))
|
|
_, err = file.Write(ConstPackageEPKLittleEndian)
|
|
} else {
|
|
binary.BigEndian.PutUint64(tarOffsetBytes, uint64(tarOffset))
|
|
_, err = file.Write(ConstPackageEPKBigEndian)
|
|
}
|
|
if err != nil {
|
|
return err, ErrPackageEPKCannotWriteFile
|
|
}
|
|
|
|
_, err = file.Write(tarOffsetBytes)
|
|
if err != nil {
|
|
return err, ErrPackageEPKCannotWriteFile
|
|
}
|
|
_, err = file.WriteAt(dataTemplateBytes, int64(ConstPackageEPKMetadataOffset))
|
|
if err != nil {
|
|
return err, ErrPackageEPKCannotWriteFile
|
|
}
|
|
|
|
// Create the tar archive
|
|
logger.LogFunc(Log{
|
|
Level: "INFO", Content: "Creating tar", Prompt: false,
|
|
})
|
|
|
|
// Move the file pointer to the tar offset so that we can write the tar archive
|
|
seek, err := file.Seek(tarOffset, io.SeekStart)
|
|
if err != nil {
|
|
return err, ErrPackageEPKFailedToSeek
|
|
}
|
|
if seek != tarOffset {
|
|
return err, ErrPackageEPKFailedToSeek
|
|
}
|
|
|
|
// Create the hash writer
|
|
xxHash := xxhash.New()
|
|
_, err = xxHash.Write(dataTemplateBytes)
|
|
if err != nil {
|
|
return err, nil
|
|
}
|
|
|
|
// Create a multi-writer so we can write to the file and the hash at the same time
|
|
multiWriter := io.MultiWriter(file, xxHash)
|
|
|
|
// Create the ZStandard writer
|
|
writer, err := zstd.NewWriter(multiWriter, zstd.WithEncoderLevel(zstd.SpeedDefault))
|
|
if err != nil {
|
|
return err, ErrPackageEPKCreateCompressionWriterError
|
|
}
|
|
|
|
// We start writing the tar archive
|
|
err = CreateTar(distDir, writer)
|
|
if err != nil {
|
|
return err, ErrPackageEPKTarError
|
|
}
|
|
|
|
// Close the ZStandard writer
|
|
err = writer.Close()
|
|
if err != nil {
|
|
return err, ErrPackageEPKCompressCloseError
|
|
}
|
|
|
|
// Great, let's sign the EPK
|
|
logger.LogFunc(Log{
|
|
Level: "INFO", Content: "Signing EPK", Prompt: false,
|
|
})
|
|
|
|
// Sign the hash
|
|
signature := ed25519.Sign(privateKey, xxHash.Sum(nil))
|
|
publicKey := privateKey.Public().(ed25519.PublicKey)
|
|
|
|
// Write the signature and public key to the file
|
|
// Reverse the pointer back to the start of the file so our offsets are correct
|
|
_, err = file.Seek(0, io.SeekStart)
|
|
if err != nil {
|
|
return err, ErrPackageEPKFailedToSeek
|
|
}
|
|
|
|
// Write the signature
|
|
_, err = file.WriteAt(signature, ConstPackageEPKInitialByteOffset)
|
|
if err != nil {
|
|
return err, ErrPackageEPKCannotWriteFile
|
|
}
|
|
|
|
// Write the public key
|
|
_, err = file.WriteAt(publicKey, ConstPackageEPKInitialByteOffset+ConstPackageEPKSignatureLength)
|
|
if err != nil {
|
|
return err, ErrPackageEPKCannotWriteFile
|
|
}
|
|
|
|
// Close the file
|
|
err = file.Close()
|
|
if err != nil {
|
|
return err, ErrPackageEPKCannotCloseFile
|
|
}
|
|
|
|
return nil, nil
|
|
}
|
|
|
|
// ConstGenerateRepositoryRepoDataOffset is the offset of the repository data in the repository.json file: it is 3 (magic) + 64 (the signature) + 32 (the public key) = 99
|
|
var ConstGenerateRepositoryRepoDataOffset int64 = 99
|
|
|
|
// ConstGenerateRepositoryEPKMagicNumber is the magic number for an EPK repository: "eon" in ASCII / UTF-8, for obvious reasons
|
|
var ConstGenerateRepositoryEPKMagicNumber = []byte{0x65, 0x6F, 0x6E}
|
|
|
|
var ErrGenerateRepositoryStatError = errors.New("error stating file or directory")
|
|
var ErrGenerateRepositoryNotDirectory = errors.New("not a directory")
|
|
var ErrGenerateRepositoryRepositoryNameContainsSlash = errors.New("repository name contains a slash")
|
|
var ErrGenerateRepositoryFailedToWalk = errors.New("error walking directory")
|
|
var ErrGenerateRepositoryCannotUnmarshalJSON = errors.New("error unmarshalling JSON")
|
|
var ErrGenerateRepositoryCannotMarshalJSON = errors.New("error marshalling JSON")
|
|
var ErrGenerateRepositoryCannotOpenFile = errors.New("error opening file for writing")
|
|
var ErrGenerateRepositoryCannotWriteFile = errors.New("error writing to file")
|
|
var ErrGenerateRepositoryCannotCloseFile = errors.New("error closing file")
|
|
|
|
func GenerateRepository(directory string, privateKey ed25519.PrivateKey, logger *Logger) (error, error) {
|
|
// First, we need to see if the directory exists
|
|
logger.LogFunc(Log{
|
|
Level: "INFO", Content: "Generating repository", Prompt: false,
|
|
})
|
|
|
|
info, err := os.Stat(directory)
|
|
if err != nil {
|
|
return err, ErrGenerateRepositoryStatError
|
|
}
|
|
|
|
if !info.IsDir() {
|
|
return nil, ErrGenerateRepositoryNotDirectory
|
|
}
|
|
|
|
// Create the EPK map
|
|
epkMap := make(map[string]interface{})
|
|
|
|
// See if the repository.json file exists
|
|
_, err = os.Stat(directory + "/repository.erf")
|
|
if err != nil {
|
|
if !errors.Is(err, os.ErrNotExist) {
|
|
return err, ErrGenerateRepositoryStatError
|
|
} else {
|
|
if logger.PromptSupported {
|
|
// Ask the user for the name of the repository
|
|
repoName := logger.LogFunc(Log{
|
|
Level: "PROMPT", Content: "Enter the name of the repository", Prompt: true,
|
|
})
|
|
|
|
// Check the repository name does not contain any slashes
|
|
if strings.Contains(repoName, "/") {
|
|
return nil, ErrGenerateRepositoryRepositoryNameContainsSlash
|
|
}
|
|
|
|
// Ask the user for the description of the repository
|
|
repoDesc := logger.LogFunc(Log{
|
|
Level: "PROMPT", Content: "Enter a short description of the repository", Prompt: true,
|
|
})
|
|
|
|
// Ask the user for the author of the repository
|
|
repoAuthor := logger.LogFunc(Log{
|
|
Level: "PROMPT",
|
|
Content: "Enter your preferred author name. This must be the same as the author name used in " +
|
|
"eternity.json and associated with your keypair, otherwise it will cause issues with EPK" +
|
|
" verification and your repository will be rejected by Eon and cannot be trusted.",
|
|
Prompt: true,
|
|
})
|
|
|
|
// Now append the metadata to the EPK map
|
|
epkMap["name"] = repoName
|
|
epkMap["desc"] = repoDesc
|
|
epkMap["author"] = repoAuthor
|
|
} else {
|
|
logger.LogFunc(Log{
|
|
Level: "FATAL",
|
|
Content: "Please fill in the author, name, and description of the repository in repository.json. " +
|
|
"Your author name must be the same as the author name used in eternity.json and associated with " +
|
|
"your keypair, otherwise it will cause issues with EPK verification and your repository will be " +
|
|
"rejected by Eon and cannot be trusted.",
|
|
Prompt: false,
|
|
})
|
|
}
|
|
}
|
|
} else {
|
|
// Since it does exist, we can extract the name and description from it
|
|
file, err := os.ReadFile(directory + "/repository.erf")
|
|
if err != nil {
|
|
return err, ErrGenerateRepositoryCannotOpenFile
|
|
}
|
|
|
|
// Unmarshal the JSON
|
|
var oldRepositoryMap map[string]interface{}
|
|
|
|
err = json.Unmarshal(file[ConstGenerateRepositoryRepoDataOffset:], &oldRepositoryMap)
|
|
if err != nil {
|
|
return err, ErrGenerateRepositoryCannotUnmarshalJSON
|
|
}
|
|
|
|
// Copy the author, name, and description to the EPK map
|
|
epkMap["name"] = oldRepositoryMap["name"]
|
|
epkMap["desc"] = oldRepositoryMap["desc"]
|
|
epkMap["author"] = oldRepositoryMap["author"]
|
|
}
|
|
|
|
// Add a list of packages to the EPK map
|
|
epkMap["packages"] = make([]map[string]interface{}, 0)
|
|
|
|
// Now, walk the directory
|
|
err = filepath.Walk(directory, func(path string, info os.FileInfo, err error) error {
|
|
// If error is not nil, return it
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Ignore directories
|
|
if info.IsDir() {
|
|
return nil
|
|
}
|
|
|
|
// Ok. We need to check if the file actually is an EPK file
|
|
file, err := os.Open(path)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Read the first 3 bytes
|
|
magicNumber := make([]byte, 3)
|
|
_, err = file.Read(magicNumber)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Check if the magic number is correct
|
|
if !bytes.Equal(magicNumber, ConstPackageEPKMagicNumber) {
|
|
// It isn't an EPK file, so we can ignore it
|
|
return nil
|
|
}
|
|
|
|
// We need to create a hash of the file
|
|
xxHash := xxhash.New()
|
|
_, err = io.Copy(xxHash, file)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Extract the metadata. First, we get the endian-ness
|
|
var littleEndian bool
|
|
endian := make([]byte, 1)
|
|
_, err = file.ReadAt(endian, 3)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if bytes.Equal(endian, ConstPackageEPKLittleEndian) {
|
|
littleEndian = true
|
|
} else if bytes.Equal(endian, ConstPackageEPKBigEndian) {
|
|
littleEndian = false
|
|
} else {
|
|
return errors.New("invalid endianness")
|
|
}
|
|
|
|
// Now we get the tar offset
|
|
var tarOffset int64
|
|
tarOffsetBytes := make([]byte, 8)
|
|
_, err = file.ReadAt(tarOffsetBytes, 4)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Now we convert the tar offset to an int64
|
|
if littleEndian {
|
|
tarOffset = int64(binary.LittleEndian.Uint64(tarOffsetBytes))
|
|
} else {
|
|
tarOffset = int64(binary.BigEndian.Uint64(tarOffsetBytes))
|
|
}
|
|
|
|
// Now we can read in the metadata
|
|
metadataBytes := make([]byte, tarOffset-int64(ConstPackageEPKMetadataOffset))
|
|
_, err = file.ReadAt(metadataBytes, int64(ConstPackageEPKMetadataOffset))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Now we can unmarshal the metadata
|
|
var metadata map[string]interface{}
|
|
err = json.Unmarshal(metadataBytes, &metadata)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// Now we have the hash, we need to add it to our data template
|
|
dataTemplate := make(map[string]interface{})
|
|
dataTemplate["hash"] = xxHash.Sum64()
|
|
|
|
// Now we add some basic metadata
|
|
dataTemplate["name"] = metadata["name"]
|
|
dataTemplate["author"] = metadata["author"]
|
|
dataTemplate["version"] = metadata["version"]
|
|
dataTemplate["size"] = metadata["size"]
|
|
dataTemplate["arch"] = metadata["arch"]
|
|
dataTemplate["desc"] = metadata["desc"]
|
|
dataTemplate["deps"] = metadata["deps"]
|
|
|
|
// We add the path to the EPK file, relative to the directory
|
|
relativePath, err := filepath.Rel(directory, path)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
dataTemplate["path"] = relativePath
|
|
|
|
// Append it to a list in the EPK map
|
|
epkMap["packages"] = append(epkMap["packages"].([]map[string]interface{}), dataTemplate)
|
|
|
|
return nil
|
|
})
|
|
|
|
// This error message is a bit vague, but meh.
|
|
if err != nil {
|
|
return err, ErrGenerateRepositoryFailedToWalk
|
|
}
|
|
|
|
// Great, now we need to marshal the EPK map and write it to a file
|
|
epkMapBytes, err := json.Marshal(epkMap)
|
|
if err != nil {
|
|
return err, ErrGenerateRepositoryCannotMarshalJSON
|
|
}
|
|
|
|
// Write the EPK map to a file
|
|
file, err := os.OpenFile(directory+"/repository.erf", os.O_CREATE|os.O_RDWR|os.O_TRUNC, 0644)
|
|
if err != nil {
|
|
return err, ErrGenerateRepositoryCannotOpenFile
|
|
}
|
|
|
|
// Sign the epk map
|
|
xxHash := xxhash.New()
|
|
_, err = xxHash.Write(epkMapBytes)
|
|
if err != nil {
|
|
return err, nil
|
|
}
|
|
|
|
signature := ed25519.Sign(privateKey, xxHash.Sum(nil))
|
|
publicKey := privateKey.Public().(ed25519.PublicKey)
|
|
|
|
// Write magic number
|
|
_, err = file.Write(ConstGenerateRepositoryEPKMagicNumber)
|
|
if err != nil {
|
|
return err, ErrGenerateRepositoryCannotWriteFile
|
|
}
|
|
|
|
// Write signature
|
|
_, err = file.WriteAt(signature, 3)
|
|
if err != nil {
|
|
return err, ErrGenerateRepositoryCannotWriteFile
|
|
}
|
|
|
|
// Write public key
|
|
_, err = file.WriteAt(publicKey, 67)
|
|
if err != nil {
|
|
return err, ErrGenerateRepositoryCannotWriteFile
|
|
}
|
|
|
|
// Write the EPK map to the file
|
|
_, err = file.WriteAt(epkMapBytes, ConstGenerateRepositoryRepoDataOffset)
|
|
if err != nil {
|
|
return err, ErrGenerateRepositoryCannotWriteFile
|
|
}
|
|
|
|
// Close the file
|
|
err = file.Close()
|
|
if err != nil {
|
|
return err, ErrGenerateRepositoryCannotCloseFile
|
|
}
|
|
|
|
return nil, nil
|
|
}
|