X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fimport%2Fimport-raw.c;h=8d99f1085cb1111519dcd0db29b4fa8760c9543e;hb=ee5de57b9d474161df259e7faa958fa9d7bbd736;hp=8ca10919afa27d2882f80b26f2ff8e29680030d6;hpb=85dbc41dc67ff49fd8a843dbac5b8b5cb0b61155;p=elogind.git diff --git a/src/import/import-raw.c b/src/import/import-raw.c index 8ca10919a..8d99f1085 100644 --- a/src/import/import-raw.c +++ b/src/import/import-raw.c @@ -22,8 +22,8 @@ #include #include #include -#include +#include "sd-daemon.h" #include "utf8.h" #include "strv.h" #include "copy.h" @@ -31,13 +31,20 @@ #include "util.h" #include "macro.h" #include "mkdir.h" +#include "import-util.h" #include "curl-util.h" #include "qcow2-util.h" #include "import-job.h" -#include "import-util.h" +#include "import-common.h" #include "import-raw.h" -typedef struct RawImportFile RawImportFile; +typedef enum RawProgress { + RAW_DOWNLOADING, + RAW_VERIFYING, + RAW_UNPACKING, + RAW_FINALIZING, + RAW_COPYING, +} RawProgress; struct RawImport { sd_event *event; @@ -46,7 +53,8 @@ struct RawImport { char *image_root; ImportJob *raw_job; - ImportJob *sha256sums_job; + ImportJob *checksum_job; + ImportJob *signature_job; RawImportFinished on_finished; void *userdata; @@ -56,6 +64,8 @@ struct RawImport { char *temp_path; char *final_path; + + ImportVerify verify; }; RawImport* raw_import_unref(RawImport *i) { @@ -63,6 +73,8 @@ RawImport* raw_import_unref(RawImport *i) { return NULL; import_job_unref(i->raw_job); + import_job_unref(i->checksum_job); + import_job_unref(i->signature_job); curl_glue_unref(i->glue); sd_event_unref(i->event); @@ -80,7 +92,13 @@ RawImport* raw_import_unref(RawImport *i) { return NULL; } -int raw_import_new(RawImport **ret, sd_event *event, const char *image_root, RawImportFinished on_finished, void *userdata) { +int raw_import_new( + RawImport **ret, + sd_event *event, + const char *image_root, + RawImportFinished on_finished, + void *userdata) { + _cleanup_(raw_import_unrefp) RawImport *i = NULL; int r; @@ -118,6 +136,57 @@ int raw_import_new(RawImport **ret, sd_event *event, const char *image_root, Raw return 0; } +static void raw_import_report_progress(RawImport *i, RawProgress p) { + unsigned percent; + + assert(i); + + switch (p) { + + case RAW_DOWNLOADING: { + unsigned remain = 80; + + percent = 0; + + if (i->checksum_job) { + percent += i->checksum_job->progress_percent * 5 / 100; + remain -= 5; + } + + if (i->signature_job) { + percent += i->signature_job->progress_percent * 5 / 100; + remain -= 5; + } + + if (i->raw_job) + percent += i->raw_job->progress_percent * remain / 100; + break; + } + + case RAW_VERIFYING: + percent = 80; + break; + + case RAW_UNPACKING: + percent = 85; + break; + + case RAW_FINALIZING: + percent = 90; + break; + + case RAW_COPYING: + percent = 95; + break; + + default: + assert_not_reached("Unknown progress state"); + } + + sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent); + log_debug("Combined progress %u%%", percent); +} + static int raw_import_maybe_convert_qcow2(RawImport *i) { _cleanup_close_ int converted_fd = -1; _cleanup_free_ char *t = NULL; @@ -201,7 +270,7 @@ static int raw_import_make_local_copy(RawImport *i) { return log_error_errno(errno, "Failed to seek to beginning of vendor image: %m"); } - p = strappenda(i->image_root, "/", i->local, ".raw"); + p = strjoina(i->image_root, "/", i->local, ".raw"); if (i->force_local) { (void) btrfs_subvol_remove(p); @@ -245,91 +314,21 @@ static int raw_import_make_local_copy(RawImport *i) { return 0; } -static int raw_import_verify_sha256sum(RawImport *i) { - _cleanup_free_ char *fn = NULL; - const char *p, *line; - int r; - +static bool raw_import_is_done(RawImport *i) { assert(i); - assert(i->raw_job); - assert(i->raw_job->sha256); - - assert(i->sha256sums_job); - assert(i->sha256sums_job->payload); - assert(i->sha256sums_job->payload_size > 0); - - r = import_url_last_component(i->raw_job->url, &fn); - if (r < 0) - return log_oom(); - - if (!filename_is_valid(fn)) { - log_error("Cannot verify checksum, could not determine valid server-side file name."); - return -EBADMSG; - } - - line = strappenda(i->raw_job->sha256, " *", fn, "\n"); - - p = memmem(i->sha256sums_job->payload, - i->sha256sums_job->payload_size, - line, - strlen(line)); - - if (!p || (p != (char*) i->sha256sums_job->payload && p[-1] != '\n')) { - log_error("Checksum did not check out, payload has been tempered with."); - return -EBADMSG; - } - - log_info("SHA256 checksum of %s is valid.", i->raw_job->url); - - return 0; -} - -static int raw_import_finalize(RawImport *i) { - int r; - - assert(i); - - if (!IMPORT_JOB_STATE_IS_COMPLETE(i->raw_job) || - !IMPORT_JOB_STATE_IS_COMPLETE(i->sha256sums_job)) - return 0; - - if (!i->raw_job->etag_exists) { - assert(i->temp_path); - assert(i->final_path); - assert(i->raw_job->disk_fd >= 0); - - r = raw_import_verify_sha256sum(i); - if (r < 0) - return r; - - r = rename(i->temp_path, i->final_path); - if (r < 0) - return log_error_errno(errno, "Failed to move RAW file into place: %m"); - - free(i->temp_path); - i->temp_path = NULL; - } - - r = raw_import_make_local_copy(i); - if (r < 0) - return r; - i->raw_job->disk_fd = safe_close(i->raw_job->disk_fd); + if (i->raw_job->state != IMPORT_JOB_DONE) + return false; + if (i->checksum_job && i->checksum_job->state != IMPORT_JOB_DONE) + return false; + if (i->signature_job && i->signature_job->state != IMPORT_JOB_DONE) + return false; - return 1; -} - -static void raw_import_invoke_finished(RawImport *i, int r) { - assert(i); - - if (i->on_finished) - i->on_finished(i, r, i->userdata); - else - sd_event_exit(i->event, r); + return true; } -static void raw_import_raw_job_on_finished(ImportJob *j) { +static void raw_import_job_on_finished(ImportJob *j) { RawImport *i; int r; @@ -338,6 +337,13 @@ static void raw_import_raw_job_on_finished(ImportJob *j) { i = j->userdata; if (j->error != 0) { + if (j == i->checksum_job) + log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)"); + else if (j == i->signature_job) + log_error_errno(j->error, "Failed to retrieve signature file, cannot verify. (Try --verify=no?)"); + else + log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)"); + r = j->error; goto finish; } @@ -345,57 +351,61 @@ static void raw_import_raw_job_on_finished(ImportJob *j) { /* This is invoked if either the download completed * successfully, or the download was skipped because we * already have the etag. In this case ->etag_exists is - * true. */ + * true. + * + * We only do something when we got all three files */ - if (!j->etag_exists) { - assert(j->disk_fd >= 0); + if (!raw_import_is_done(i)) + return; - r = raw_import_maybe_convert_qcow2(i); - if (r < 0) - goto finish; + if (!i->raw_job->etag_exists) { + /* This is a new download, verify it, and move it into place */ + assert(i->raw_job->disk_fd >= 0); + + raw_import_report_progress(i, RAW_VERIFYING); - r = import_make_read_only_fd(j->disk_fd); + r = import_verify(i->raw_job, i->checksum_job, i->signature_job); if (r < 0) goto finish; - } - r = raw_import_finalize(i); - if (r < 0) - goto finish; - if (r == 0) - return; + raw_import_report_progress(i, RAW_UNPACKING); - r = 0; + r = raw_import_maybe_convert_qcow2(i); + if (r < 0) + goto finish; -finish: - raw_import_invoke_finished(i, r); -} + raw_import_report_progress(i, RAW_FINALIZING); -static void raw_import_sha256sums_job_on_finished(ImportJob *j) { - RawImport *i; - int r; + r = import_make_read_only_fd(i->raw_job->disk_fd); + if (r < 0) + goto finish; - assert(j); - assert(j->userdata); + r = rename(i->temp_path, i->final_path); + if (r < 0) { + r = log_error_errno(errno, "Failed to move RAW file into place: %m"); + goto finish; + } - i = j->userdata; - if (j->error != 0) { - r = j->error; - goto finish; + free(i->temp_path); + i->temp_path = NULL; } - r = raw_import_finalize(i); + raw_import_report_progress(i, RAW_COPYING); + + r = raw_import_make_local_copy(i); if (r < 0) goto finish; - if (r == 0) - return; r = 0; + finish: - raw_import_invoke_finished(i, r); + if (i->on_finished) + i->on_finished(i, r, i->userdata); + else + sd_event_exit(i->event, r); } -static int raw_import_raw_job_on_open_disk(ImportJob *j) { +static int raw_import_job_on_open_disk(ImportJob *j) { RawImport *i; int r; @@ -403,6 +413,9 @@ static int raw_import_raw_job_on_open_disk(ImportJob *j) { assert(j->userdata); i = j->userdata; + assert(i->raw_job == j); + assert(!i->final_path); + assert(!i->temp_path); r = import_make_path(j->url, j->etag, i->image_root, ".raw-", ".raw", &i->final_path); if (r < 0) @@ -425,14 +438,23 @@ static int raw_import_raw_job_on_open_disk(ImportJob *j) { return 0; } -int raw_import_pull(RawImport *i, const char *url, const char *local, bool force_local) { - _cleanup_free_ char *sha256sums_url = NULL; +static void raw_import_job_on_progress(ImportJob *j) { + RawImport *i; + + assert(j); + assert(j->userdata); + + i = j->userdata; + + raw_import_report_progress(i, RAW_DOWNLOADING); +} + +int raw_import_pull(RawImport *i, const char *url, const char *local, bool force_local, ImportVerify verify) { int r; assert(i); - - if (i->raw_job) - return -EBUSY; + assert(verify < _IMPORT_VERIFY_MAX); + assert(verify >= 0); if (!http_url_is_valid(url)) return -EINVAL; @@ -440,43 +462,52 @@ int raw_import_pull(RawImport *i, const char *url, const char *local, bool force if (local && !machine_name_is_valid(local)) return -EINVAL; + if (i->raw_job) + return -EBUSY; + r = free_and_strdup(&i->local, local); if (r < 0) return r; i->force_local = force_local; + i->verify = verify; /* Queue job for the image itself */ r = import_job_new(&i->raw_job, url, i->glue, i); if (r < 0) return r; - i->raw_job->on_finished = raw_import_raw_job_on_finished; - i->raw_job->on_open_disk = raw_import_raw_job_on_open_disk; - i->raw_job->calc_hash = true; + i->raw_job->on_finished = raw_import_job_on_finished; + i->raw_job->on_open_disk = raw_import_job_on_open_disk; + i->raw_job->on_progress = raw_import_job_on_progress; + i->raw_job->calc_checksum = verify != IMPORT_VERIFY_NO; r = import_find_old_etags(url, i->image_root, DT_REG, ".raw-", ".raw", &i->raw_job->old_etags); if (r < 0) return r; - /* Queue job for the SHA256SUMS file for the image */ - r = import_url_change_last_component(url, "SHA256SUMS", &sha256sums_url); + r = import_make_verification_jobs(&i->checksum_job, &i->signature_job, verify, url, i->glue, raw_import_job_on_finished, i); if (r < 0) return r; - r = import_job_new(&i->sha256sums_job, sha256sums_url, i->glue, i); + r = import_job_begin(i->raw_job); if (r < 0) return r; - i->sha256sums_job->on_finished = raw_import_sha256sums_job_on_finished; - i->sha256sums_job->uncompressed_max = i->sha256sums_job->compressed_max = 1ULL * 1024ULL * 1024ULL; + if (i->checksum_job) { + i->checksum_job->on_progress = raw_import_job_on_progress; - r = import_job_begin(i->raw_job); - if (r < 0) - return r; + r = import_job_begin(i->checksum_job); + if (r < 0) + return r; + } - r = import_job_begin(i->sha256sums_job); - if (r < 0) - return r; + if (i->signature_job) { + i->signature_job->on_progress = raw_import_job_on_progress; + + r = import_job_begin(i->signature_job); + if (r < 0) + return r; + } return 0; }