api: fix function name + allow unsigned packages

This commit is contained in:
Thomas Hobson 2021-02-21 12:56:35 +13:00
parent 8ad62ec983
commit b20f853ef1
No known key found for this signature in database
GPG Key ID: 9F1FD9D87950DB6F
3 changed files with 21 additions and 19 deletions

View File

@ -6,7 +6,7 @@ const fs = require('fs/promises'),
module.exports = { module.exports = {
async buffer_from_u_r_l(url){ async buffer_from_url(url){
if(!(url instanceof URL)) if(!(url instanceof URL))
url = new URL(url); url = new URL(url);
if(url.protocol == 'file:'){ if(url.protocol == 'file:'){

View File

@ -57,7 +57,7 @@ class Package {
logger.debug(`Downloading package from ${this.download_url} in to ${this.install_path}`); logger.debug(`Downloading package from ${this.download_url} in to ${this.install_path}`);
const pkgfile = helpers.url_basename(this.download_url); const pkgfile = helpers.url_basename(this.download_url);
const pkgpath = path.join(this.install_path, pkgfile); const pkgpath = path.join(this.install_path, pkgfile);
await helpers.buffer_from_u_r_l(this.download_url) await helpers.buffer_from_url(this.download_url)
.then(buf=> fs.write_file(pkgpath, buf)); .then(buf=> fs.write_file(pkgpath, buf));
logger.debug('Validating checksums'); logger.debug('Validating checksums');
@ -73,6 +73,7 @@ class Package {
await this.repo.import_keys(); await this.repo.import_keys();
logger.debug('Validating signatutes'); logger.debug('Validating signatutes');
if(this.signature != "")
await new Promise((resolve,reject)=>{ await new Promise((resolve,reject)=>{
const gpgspawn = cp.spawn('gpg', ['--verify', '-', pkgpath], { const gpgspawn = cp.spawn('gpg', ['--verify', '-', pkgpath], {
stdio: ['pipe', 'ignore', 'ignore'] stdio: ['pipe', 'ignore', 'ignore']
@ -89,7 +90,8 @@ class Package {
gpgspawn.stdin.end(); gpgspawn.stdin.end();
}); });
else
logger.warn("Package does not contain a signature - allowing install, but proceed with caution")
logger.debug(`Extracting package files from archive ${pkgfile} in to ${this.install_path}`); logger.debug(`Extracting package files from archive ${pkgfile} in to ${this.install_path}`);
await new Promise((resolve, reject)=>{ await new Promise((resolve, reject)=>{

View File

@ -24,7 +24,7 @@ class Repository {
async load(){ async load(){
try{ try{
var index = await cache.get(this.cache_key,async ()=>{ var index = await cache.get(this.cache_key,async ()=>{
return helpers.buffer_from_u_r_l(this.url); return helpers.buffer_from_url(this.url);
}); });
var repo = yaml.load(index); var repo = yaml.load(index);