texlive[47210] Master/texmf-dist/scripts/texlive/tlmgr.pl: start on

Sun Apr 1 02:48:43 CEST 2018

Revision: 47210
          http://tug.org/svn/texlive?view=revision&revision=47210
Author:   preining
Date:     2018-04-01 02:48:43 +0200 (Sun, 01 Apr 2018)
Log Message:
-----------
start on crypto options rework

Modified Paths:
--------------
    trunk/Master/texmf-dist/scripts/texlive/tlmgr.pl

Modified: trunk/Master/texmf-dist/scripts/texlive/tlmgr.pl
===================================================================

--- trunk/Master/texmf-dist/scripts/texlive/tlmgr.pl	2018-04-01 00:40:06 UTC (rev 47209)
+++ trunk/Master/texmf-dist/scripts/texlive/tlmgr.pl	2018-04-01 00:48:43 UTC (rev 47210)
@@ -362,6 +362,7 @@
   "print-platform-info" => 1,
   "usermode|user-mode" => 1,
   "usertree|user-tree" => "=s",
+  "verify-repos" => "=s",
   "verify-downloads" => "!",
   "require-verification" => "!",
   "version" => 1,
@@ -479,6 +480,52 @@
     $action = "remove";
   }
 
+  # crypto options rewriting
+  if ((defined($opts{"verify-downloads"}) || 
+       defined($opts{"require-verification")) &&
+      defined($opts{"verify-repos"})) {
+    # we cannot have all three, warn and bail out
+    tldie("The options verify-downloads and require-verification have been\n" .
+          "superseeded by verify-repos, please use only the later on!\n");
+  }
+  if (defined($opts{"verify-downloads"})) {
+    if ($opts{"verify-downloads"}) {
+      # explicit --verify-downloads was given
+      if ($opts{"require-verification") {
+        # --require-verification was given
+        $opts{"verify-repos"} = "all";
+      } else {
+        # either nothing passed or --no-require-verification (default)
+        # use explit setting to main
+        $opts{"verify-repos"} = "main";
+      }
+    } else {
+      # explicit --no-verify-downloads was given
+      if ($opts"require-verification") {
+        # --require-verification was given
+        tldie("You cannot ask for no verification and require it at the same time!\n");
+      } else {
+        $opts{"verify-repos"} = "none";
+      }
+    }
+  } else {
+    # nothing related to verify-download was given, so it is by default
+    # set to true
+    if ($opts{"require-verification") {
+      $opts{"verify-repos"} = "all";
+    } else {
+      # dont set anything, as nothing has been passed in
+    }
+  }
+  delete $opts{"require-verification"};
+  delete $opts{"verify-downloads"};
+  #
+  # check for correctness of verify-repo argument
+  if (defined($opts{"verify-repo"}) &&
+      ($opts{"verify-repo"} !~ m/^(none|main|all)$/)) {
+    tldie("Unknown value for --verify-repo; $opts{verify-repo}\n");
+  }
+
   # now $action should be part of %actionoptions, otherwise this is
   # an error
   if (defined($action) && $action && !exists $action_specification{$action}) {
@@ -6199,7 +6246,7 @@
   # keys which can be set/get and are also settable via global cmdline opts
   my @valid_bool_keys
     = qw/debug-translation machine-readable no-execute-actions
-         require-verification verify-downloads json/;  
+         verify-repos json/;  
   my @valid_string_keys = qw/repository prompt/;
   my @valid_keys = (@valid_bool_keys, @valid_string_keys);
   # set auto flush unconditionally in action shell
@@ -6518,26 +6565,26 @@
   # setup gpg if available
   # by default we setup gpg
   # default value
-  my $do_setup_gpg = 1;
+  my $do_setup_gpg = "main";
   # the value is set in the config file
-  if (defined($config{'verify-downloads'})) {
-    $do_setup_gpg = $config{'verify-downloads'};
+  if (defined($config{'verify-repos'})) {
+    $do_setup_gpg = $config{'verify-repos'};
   }
   # command line
-  if (defined($opts{'verify-downloads'})) {
-    $do_setup_gpg = $opts{'verify-downloads'};
+  if (defined($opts{'verify-repos'})) {
+    $do_setup_gpg = $opts{'verify-repos'};
   }
   # now we know whether we setup gpg or not
-  if ($do_setup_gpg) {
+  if ($do_setup_gpg ne "none") {
     if (TeXLive::TLCrypto::setup_gpg($Master)) {
       debug("will verify cryptographic signatures\n")
     } else {
       my $prefix = "$prg: No gpg found"; # just to shorten the strings
-      if ($opts{'verify-downloads'}) {
+      if ($opts{'verify-repos'} eq "all") {
         # verification was requested on the command line, but did not succeed, die
         tldie("$prefix, verification explicitly requested on command line, quitting.\n");
       }
-      if ($config{'verify-downloads'}) {
+      if ($config{'verify-repos'} eq "all") {
         # verification explicitly requested in config file, but not gpg, die
         tldie("$prefix, verification explicitly requested in config file, quitting.\n");
       }
@@ -6549,12 +6596,12 @@
   } else {
     # we do not setup gpg: when explicitly requested, be silent, otherwise info
     my $prefix = "$prg: not setting up gpg";
-    if (defined($opts{'verify-downloads'})) {
+    if (defined($opts{'verify-repos'})) {
       # log normally is *NOT* logged to a file
       # tlmgr does by default *NOT* set up a log file (cmd line option)
       # user requested it, so don't bother with output
       debug("$prefix, requested on command line\n");
-    } elsif (defined($config{'verify-downloads'})) {
+    } elsif (defined($config{'verify-repos'})) {
       debug("$prefix, requested in config file\n");
     } else {
       tldie("$prg: how could this happen? gpg setup.\n");
@@ -6978,6 +7025,7 @@
   $config{"auto-remove"} = 1;
   $config{"require-verification"} = 0;
   $config{"persistent-downloads"} = 1;
+  $config{"verify-repo"} = "auto";
   # do NOT set this here, we distinguish between explicitly set in the config file
   # or implicitly true
   # $config{"verify-downloads"} = 1;
@@ -7046,21 +7094,32 @@
       }
 
     } elsif ($key eq "require-verification") {
-      if ($val eq "0") {
-        $config{"require-verification"} = 0;
-      } elsif ($val eq "1") {
-        $config{"require-verification"} = 1;
-      } else {
-        tlwarn("$prg: $fn: Unknown value for require-verification: $val\n");
-      }
+      tlwarn("Configuration file setting \"require-verification\" is being ignored!\n");
+      tlwarn("Please update the config file using \"verify-repo\"!\n");
+      #if ($val eq "0") {
+      #  $config{"require-verification"} = 0;
+      #} elsif ($val eq "1") {
+      #  $config{"require-verification"} = 1;
+      #} else {
+      #  tlwarn("$prg: $fn: Unknown value for require-verification: $val\n");
+      #}
 
     } elsif ($key eq "verify-downloads") {
-      if ($val eq "0") {
-        $config{"verify-downloads"} = 0;
-      } elsif ($val eq "1") {
-        $config{"verify-downloads"} = 1;
+      tlwarn("Configuration file setting \"verify-downloads\" is being ignored!\n");
+      tlwarn("Please update the config file using \"verify-repo\"!\n");
+      #if ($val eq "0") {
+      #  $config{"verify-downloads"} = 0;
+      #} elsif ($val eq "1") {
+      #  $config{"verify-downloads"} = 1;
+      #} else {
+      #  tlwarn("$prg: $fn: Unknown value for verify-downloads: $val\n");
+      #}
+
+    } elsif ($key eq "verify-repo") {
+      if ($val =~ m/^(none|main|all)$/) {
+        $config{"verify-repo"} = $val;
       } else {
-        tlwarn("$prg: $fn: Unknown value for verify-downloads: $val\n");
+        tlwarn("$prg: $fn: Unknown value for verify-repo: $val\n");
       }
 
     } elsif ($key eq "no-checksums") {
@@ -7432,16 +7491,6 @@
 (see L</Pinning> below).  Documented only for completeness, as this is
 only useful in debugging.
 
-=item B<--require-verification>
-
-=item B<--no-require-verification>
-
-Verify that all remote repositories to be correctly signed, or quit.
-With C<--no-require-verification>, all verification is omitted.  By
-default, verification is performed (but not required) if GnuPG and the
-relevant keys are available. See L<CRYPTOGRAPHIC VERIFICATION> below for
-details.
-
 =item B<--usermode>
 
 Activates user mode for this run of C<tlmgr>; see L<USER MODE> below.
@@ -7450,14 +7499,13 @@
 
 Uses I<dir> for the tree in user mode; see L<USER MODE> below.
 
-=item B<--verify-downloads>
+=item B<--verify-repos=[none|main|all]>
 
-=item B<--no-verify-downloads>
-
-Enables or disables cryptographic verification of all downloaded
-database files.  A working GnuPG (C<gpg>) binary needs to be present in
-the path, otherwise this option has no effect.  By default, the main
-repository is verified, while any other repositories are not verified.
+Defines the level of verification done: If C<none> is passed, no
+verification whatsoever is done. If C<main> and a working GnuPG (C<gpg>)
+binary is available, all repositories are checked, but only the main 
+repository is required to be signed. If C<all> then all repositories
+need to be signed.
 See L<CRYPTOGRAPHIC VERIFICATION> below for details.
 
 =back
@@ -9027,11 +9075,16 @@
 C<gpg> is not available, signatures are not checked and no verification
 is carried out, but C<tlmgr> proceeds normally.
 
+The verification can be controlled by the c
+
+
+TODO TODO
+
 The attempted verification can be suppressed entirely by specifying
-C<--no-verify-downloads> on the command line, or a line
-C<verify-downloads=0> in a C<tlmgr> config file (see L<CONFIGURATION
+C<--verify-repos=none> on the command line, or a line
+C<verify-repos = none> in a C<tlmgr> config file (see L<CONFIGURATION
 FILE FOR TLMGR>).  On the other hand, you can I<require> successful
-verification by specifying C<--require-verification> on the command
+verification of all repos  by specifying C<--require-verification> on the command
 line, or C<require-verification=1> in a C<tlmgr> config file; in this
 case, if verification is not possible, or fails, the program quits.
 

