• Your recent searches
perl
7 results

 view release on metacpan or  search on metacpan

cpan/CPAN/lib/CPAN/Distribution.pm  view on Meta::CPAN 

done with the command 'o conf init check_sigs'};

        $CPAN::Frontend->mydie(Text::Wrap::wrap("","",$wrap));
    } if ($rv == Module::Signature::SIGNATURE_OK()) {
        $CPAN::Frontend->myprint("Signature for $chk_file ok\n");
        return $self->{SIG_STATUS} = "OK";
    } else {
        $CPAN::Frontend->mywarn(qq{\nSignature invalid for }.
                                 qq{file $chk_file. }.
                                 qq{Please investigate.\n\n}.
                                 $self->as_string.
                                 qq{Module::Signature verification returned value $rv\n\n}
                                );

        my $wrap = qq{I\'d recommend removing $chk_file. Its signature
is invalid. Maybe you have configured your 'urllist' with
a bad URL. Please check this array with 'o conf urllist', and
retry.};

        $CPAN::Frontend->mydie(Text::Wrap::wrap("","",$wrap));
    }
}

#-> sub CPAN::Distribution::CHECKSUM_check_file ;

# sloppy is 1 when we have an old checksums file that maybe is good
# enough

sub CHECKSUM_check_file {
    my($self,$chk_file,$sloppy) = @_;
    my($cksum,$file,$basename);

    $sloppy ||= 0;
    $self->debug("chk_file[$chk_file]sloppy[$sloppy]") if $CPAN::DEBUG;
    my $check_sigs = CPAN::HandleConfig->prefs_lookup($self,
                                                      q{check_sigs});
    if ($check_sigs) {
        if ($CPAN::META->has_inst("Module::Signature")) {
            $self->debug("Module::Signature is installed, verifying") if $CPAN::DEBUG;
            $self->SIG_check_file($chk_file);
        } else {
            $self->debug("Module::Signature is NOT installed") if $CPAN::DEBUG;
        }
    }

    $file = $self->{localfile};
    $basename = File::Basename::basename($file);
    my($signed_data);
    my $fh = FileHandle->new;
    if ($check_sigs) {
        my $tempdir;
        if ($CPAN::META->has_usable("File::Temp")) {
            $tempdir = File::Temp::tempdir("CHECKSUMS-XXXX", CLEANUP => 1, DIR => "/tmp" );
        } else {
            $tempdir = File::Spec->catdir(File::Spec->tmpdir, "CHECKSUMS-$$");
            File::Path::mkpath($tempdir);
        }
        my $tempfile = File::Spec->catfile($tempdir, "CHECKSUMS.$$");
        unlink $tempfile; # ignore missing file
        my $devnull = File::Spec->devnull;
        my $gpg = $CPAN::Config->{gpg} or
            $CPAN::Frontend->mydie("Your configuration suggests that you do not have 'gpg' installed. This is needed to verify checksums with the config variable 'check_sigs' on. Please configure it with 'o conf init gpg'");
        my $system = qq{"$gpg" --verify --batch --no-tty --output "$tempfile" "$chk_file" 2> "$devnull"};
        0 == system $system or $CPAN::Frontend->mydie("gpg run was failing, cannot continue: $system");
        open $fh, $tempfile or $CPAN::Frontend->mydie("Could not open $tempfile: $!");
        local $/;
        $signed_data = <$fh>;
        close $fh;
        File::Path::rmtree($tempdir);
    } else {
        my $fh = FileHandle->new;
        if (open $fh, $chk_file) {
            local($/);
            $signed_data = <$fh>;
        } else {
            $CPAN::Frontend->mydie("Could not open $chk_file for reading");
        }
        close $fh;
    }
    $signed_data =~ s/\015?\012/\n/g;
    my($compmt) = Safe->new();
    $cksum = $compmt->reval($signed_data);
    if ($@) {
        rename $chk_file, "$chk_file.bad";
        Carp::confess($@) if $@;
    }

    if (! ref $cksum or ref $cksum ne "HASH") {
        $CPAN::Frontend->mywarn(qq{
Warning: checksum file '$chk_file' broken.

When trying to read that file I expected to get a hash reference
for further processing, but got garbage instead.
});
        my $answer = CPAN::Shell::colorable_makemaker_prompt("Proceed nonetheless?", "no");
        $answer =~ /^\s*y/i or $CPAN::Frontend->mydie("Aborted.\n");
        $self->{CHECKSUM_STATUS} = "NIL -- CHECKSUMS file broken";
        return;
    } elsif (exists $cksum->{$basename} && ! exists $cksum->{$basename}{cpan_path}) {
        $CPAN::Frontend->mywarn(qq{
Warning: checksum file '$chk_file' not conforming.

The cksum does not contain the key 'cpan_path' for '$basename'.
});
        my $answer = CPAN::Shell::colorable_makemaker_prompt("Proceed nonetheless?", "no");
        $answer =~ /^\s*y/i or $CPAN::Frontend->mydie("Aborted.\n");
        $self->{CHECKSUM_STATUS} = "NIL -- CHECKSUMS file without cpan_path";
        return;
    } elsif (exists $cksum->{$basename} && substr($self->{ID},0,length($cksum->{$basename}{cpan_path}))
             ne $cksum->{$basename}{cpan_path}) {
        $CPAN::Frontend->mywarn(qq{
Warning: checksum file not matching path '$self->{ID}'.

The cksum contain the key 'cpan_path=$cksum->{$basename}{cpan_path}'
which does not match the ID of the distribution '$self->{ID}'.
Something's suspicious might be going on here. Please investigate.

});
        my $answer = CPAN::Shell::colorable_makemaker_prompt("Proceed nonetheless?", "no");
        $answer =~ /^\s*y/i or $CPAN::Frontend->mydie("Aborted.\n");
        $self->{CHECKSUM_STATUS} = "NIL -- CHECKSUMS non-matching cpan_path vs. ID";
        return;
    } elsif (exists $cksum->{$basename}{sha256}) {
        $self->debug("Found checksum for $basename:" .



( run in 0.668 second using v1.01-cache-2.11-cpan-df04353d9ac )