Alt Linux Apt-Rpm repository support for Forgejo packages. (#6351)

Co-authored-by: Aleksandr Gamzin alexgamz1119@gmail.com Adds support for the Apt-Rpm registry of the Alt Lunux distribution. Alt Linux uses RPM packages to store and distribute software to its users. But the logic of the Alt Linux package registry is different from the Red Hat package registry. I have added support for the Alt Linux package registry. ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests - I added test coverage for Go changes... - [ ] in their respective `*_test.go` for unit tests. - [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I added test coverage for JavaScript changes... - [ ] in `web_src/js/*.test.js` if it can be unit tested. - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). ### Documentation - [x] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [ ] I did not document these changes and I do not expect someone else to do it. ### Release notes - [ ] I do not want this change to show in the release notes. - [x] I want the title to show in the release notes with a link to this pull request. - [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title. Co-authored-by: Aleksandr Gamzin <gamzin@altlinux.org> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6351 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Co-authored-by: Alex619829 <alex619829@noreply.codeberg.org> Co-committed-by: Alex619829 <alex619829@noreply.codeberg.org>
2025-01-22 14:01:49 +00:00 · 2025-01-22 14:01:49 +00:00 · 7ae5376573
commit 7ae5376573
parent a40284bec4
32 changed files with 2157 additions and 87 deletions
--- a/modules/packages/arch/metadata.go
+++ b/modules/packages/arch/metadata.go
@ -94,7 +94,7 @@ type FileMetadata struct {

 // ParsePackage Function that receives arch package archive data and returns it's metadata.
 func ParsePackage(r *packages.HashedBuffer) (*Package, error) {
-	md5, _, sha256, _ := r.Sums()
+	md5, _, sha256, _, _ := r.Sums()
 	_, err := r.Seek(0, io.SeekStart)
 	if err != nil {
 		return nil, err
--- a/modules/packages/hashed_buffer.go
+++ b/modules/packages/hashed_buffer.go
@ -75,7 +75,7 @@ func (b *HashedBuffer) Write(p []byte) (int, error) {
 	return b.combinedWriter.Write(p)
 }

-// Sums gets the MD5, SHA1, SHA256 and SHA512 checksums of the data
-func (b *HashedBuffer) Sums() (hashMD5, hashSHA1, hashSHA256, hashSHA512 []byte) {
+// Sums gets the MD5, SHA1, SHA256, SHA512 and BLAKE2B checksums of the data
+func (b *HashedBuffer) Sums() (hashMD5, hashSHA1, hashSHA256, hashSHA512, hashBlake2b []byte) {
 	return b.hash.Sums()
 }
--- a/modules/packages/hashed_buffer_test.go
+++ b/modules/packages/hashed_buffer_test.go
@ -21,9 +21,10 @@ func TestHashedBuffer(t *testing.T) {
 		HashSHA1      string
 		HashSHA256    string
 		HashSHA512    string
+		hashBlake2b   string
 	}{
-		{5, "test", "098f6bcd4621d373cade4e832627b4f6", "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3", "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08", "ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff"},
-		{5, "testtest", "05a671c66aefea124cc08b76ea6d30bb", "51abb9636078defbf888d8457a7c76f85c8f114c", "37268335dd6931045bdcdf92623ff819a64244b53d0e746d438797349d4da578", "125d6d03b32c84d492747f79cf0bf6e179d287f341384eb5d6d3197525ad6be8e6df0116032935698f99a09e265073d1d6c32c274591bf1d0a20ad67cba921bc"},
+		{5, "test", "098f6bcd4621d373cade4e832627b4f6", "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3", "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08", "ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff", "a71079d42853dea26e453004338670a53814b78137ffbed07603a41d76a483aa9bc33b582f77d30a65e6f29a896c0411f38312e1d66e0bf16386c86a89bea572"},
+		{5, "testtest", "05a671c66aefea124cc08b76ea6d30bb", "51abb9636078defbf888d8457a7c76f85c8f114c", "37268335dd6931045bdcdf92623ff819a64244b53d0e746d438797349d4da578", "125d6d03b32c84d492747f79cf0bf6e179d287f341384eb5d6d3197525ad6be8e6df0116032935698f99a09e265073d1d6c32c274591bf1d0a20ad67cba921bc", "372a53b95f46e775b973031e40b844f24389657019f7b7540a9f0496f4ead4a2e4b050909664611fb0f4b7c7e92c3c04c84787be7f6b8edf7bf6bc31856b6c76"},
 	}

 	for _, c := range cases {
@ -36,11 +37,12 @@ func TestHashedBuffer(t *testing.T) {
 		require.NoError(t, err)
 		assert.Equal(t, c.Data, string(data))

-		hashMD5, hashSHA1, hashSHA256, hashSHA512 := buf.Sums()
+		hashMD5, hashSHA1, hashSHA256, hashSHA512, hashBlake2b := buf.Sums()
 		assert.Equal(t, c.HashMD5, hex.EncodeToString(hashMD5))
 		assert.Equal(t, c.HashSHA1, hex.EncodeToString(hashSHA1))
 		assert.Equal(t, c.HashSHA256, hex.EncodeToString(hashSHA256))
 		assert.Equal(t, c.HashSHA512, hex.EncodeToString(hashSHA512))
+		assert.Equal(t, c.hashBlake2b, hex.EncodeToString(hashBlake2b))

 		require.NoError(t, buf.Close())
 	}
--- a/modules/packages/multi_hasher.go
+++ b/modules/packages/multi_hasher.go
@ -12,28 +12,32 @@ import (
 	"errors"
 	"hash"
 	"io"
+
+	"golang.org/x/crypto/blake2b"
 )

 const (
-	marshaledSizeMD5    = 92
-	marshaledSizeSHA1   = 96
-	marshaledSizeSHA256 = 108
-	marshaledSizeSHA512 = 204
+	marshaledSizeMD5     = 92
+	marshaledSizeSHA1    = 96
+	marshaledSizeSHA256  = 108
+	marshaledSizeSHA512  = 204
+	marshaledSizeBlake2b = 213

-	marshaledSize = marshaledSizeMD5 + marshaledSizeSHA1 + marshaledSizeSHA256 + marshaledSizeSHA512
+	marshaledSize = marshaledSizeMD5 + marshaledSizeSHA1 + marshaledSizeSHA256 + marshaledSizeSHA512 + marshaledSizeBlake2b
 )

 // HashSummer provide a Sums method
 type HashSummer interface {
-	Sums() (hashMD5, hashSHA1, hashSHA256, hashSHA512 []byte)
+	Sums() (hashMD5, hashSHA1, hashSHA256, hashSHA512, hashBlake2b []byte)
 }

 // MultiHasher calculates multiple checksums
 type MultiHasher struct {
-	md5    hash.Hash
-	sha1   hash.Hash
-	sha256 hash.Hash
-	sha512 hash.Hash
+	md5     hash.Hash
+	sha1    hash.Hash
+	sha256  hash.Hash
+	sha512  hash.Hash
+	blake2b hash.Hash

 	combinedWriter io.Writer
 }
@ -44,14 +48,16 @@ func NewMultiHasher() *MultiHasher {
 	sha1 := sha1.New()
 	sha256 := sha256.New()
 	sha512 := sha512.New()
+	blake2b, _ := blake2b.New512(nil)

-	combinedWriter := io.MultiWriter(md5, sha1, sha256, sha512)
+	combinedWriter := io.MultiWriter(md5, sha1, sha256, sha512, blake2b)

 	return &MultiHasher{
 		md5,
 		sha1,
 		sha256,
 		sha512,
+		blake2b,
 		combinedWriter,
 	}
 }
@ -74,12 +80,17 @@ func (h *MultiHasher) MarshalBinary() ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
+	blake2bBytes, err := h.blake2b.(encoding.BinaryMarshaler).MarshalBinary()
+	if err != nil {
+		return nil, err
+	}

 	b := make([]byte, 0, marshaledSize)
 	b = append(b, md5Bytes...)
 	b = append(b, sha1Bytes...)
 	b = append(b, sha256Bytes...)
 	b = append(b, sha512Bytes...)
+	b = append(b, blake2bBytes...)
 	return b, nil
 }

@ -104,7 +115,12 @@ func (h *MultiHasher) UnmarshalBinary(b []byte) error {
 	}

 	b = b[marshaledSizeSHA256:]
-	return h.sha512.(encoding.BinaryUnmarshaler).UnmarshalBinary(b[:marshaledSizeSHA512])
+	if err := h.sha512.(encoding.BinaryUnmarshaler).UnmarshalBinary(b[:marshaledSizeSHA512]); err != nil {
+		return err
+	}
+
+	b = b[marshaledSizeSHA512:]
+	return h.blake2b.(encoding.BinaryUnmarshaler).UnmarshalBinary(b[:marshaledSizeBlake2b])
 }

 // Write implements io.Writer
@ -113,10 +129,11 @@ func (h *MultiHasher) Write(p []byte) (int, error) {
 }

 // Sums gets the MD5, SHA1, SHA256 and SHA512 checksums of the data
-func (h *MultiHasher) Sums() (hashMD5, hashSHA1, hashSHA256, hashSHA512 []byte) {
+func (h *MultiHasher) Sums() (hashMD5, hashSHA1, hashSHA256, hashSHA512, hashBlake2b []byte) {
 	hashMD5 = h.md5.Sum(nil)
 	hashSHA1 = h.sha1.Sum(nil)
 	hashSHA256 = h.sha256.Sum(nil)
 	hashSHA512 = h.sha512.Sum(nil)
-	return hashMD5, hashSHA1, hashSHA256, hashSHA512
+	hashBlake2b = h.blake2b.Sum(nil)
+	return hashMD5, hashSHA1, hashSHA256, hashSHA512, hashBlake2b
 }
--- a/modules/packages/multi_hasher_test.go
+++ b/modules/packages/multi_hasher_test.go
@ -12,10 +12,11 @@ import (
 )

 const (
-	expectedMD5    = "e3bef03c5f3b7f6b3ab3e3053ed71e9c"
-	expectedSHA1   = "060b3b99f88e96085b4a68e095bc9e3d1d91e1bc"
-	expectedSHA256 = "6ccce4863b70f258d691f59609d31b4502e1ba5199942d3bc5d35d17a4ce771d"
-	expectedSHA512 = "7f70e439ba8c52025c1f06cdf6ae443c4b8ed2e90059cdb9bbbf8adf80846f185a24acca9245b128b226d61753b0d7ed46580a69c8999eeff3bc13a4d0bd816c"
+	expectedMD5     = "e3bef03c5f3b7f6b3ab3e3053ed71e9c"
+	expectedSHA1    = "060b3b99f88e96085b4a68e095bc9e3d1d91e1bc"
+	expectedSHA256  = "6ccce4863b70f258d691f59609d31b4502e1ba5199942d3bc5d35d17a4ce771d"
+	expectedSHA512  = "7f70e439ba8c52025c1f06cdf6ae443c4b8ed2e90059cdb9bbbf8adf80846f185a24acca9245b128b226d61753b0d7ed46580a69c8999eeff3bc13a4d0bd816c"
+	expectedBlake2b = "b3c3ad15c7e6cca543d651add9427727ffb525120eb23264ee35f16f408a369b599d4404a52d29f642fc0d869f9b55581b60e4e8b9b74997182705d3dcb01edb"
 )

 func TestMultiHasherSums(t *testing.T) {
@ -23,12 +24,13 @@ func TestMultiHasherSums(t *testing.T) {
 		h := NewMultiHasher()
 		h.Write([]byte("gitea"))

-		hashMD5, hashSHA1, hashSHA256, hashSHA512 := h.Sums()
+		hashMD5, hashSHA1, hashSHA256, hashSHA512, hashBlake2b := h.Sums()

 		assert.Equal(t, expectedMD5, hex.EncodeToString(hashMD5))
 		assert.Equal(t, expectedSHA1, hex.EncodeToString(hashSHA1))
 		assert.Equal(t, expectedSHA256, hex.EncodeToString(hashSHA256))
 		assert.Equal(t, expectedSHA512, hex.EncodeToString(hashSHA512))
+		assert.Equal(t, expectedBlake2b, hex.EncodeToString(hashBlake2b))
 	})

 	t.Run("State", func(t *testing.T) {
@ -44,11 +46,12 @@ func TestMultiHasherSums(t *testing.T) {

 		h2.Write([]byte("ea"))

-		hashMD5, hashSHA1, hashSHA256, hashSHA512 := h2.Sums()
+		hashMD5, hashSHA1, hashSHA256, hashSHA512, hashBlake2b := h2.Sums()

 		assert.Equal(t, expectedMD5, hex.EncodeToString(hashMD5))
 		assert.Equal(t, expectedSHA1, hex.EncodeToString(hashSHA1))
 		assert.Equal(t, expectedSHA256, hex.EncodeToString(hashSHA256))
 		assert.Equal(t, expectedSHA512, hex.EncodeToString(hashSHA512))
+		assert.Equal(t, expectedBlake2b, hex.EncodeToString(hashBlake2b))
 	})
 }
--- a/modules/packages/rpm/metadata.go
+++ b/modules/packages/rpm/metadata.go
@ -78,11 +78,12 @@ type FileMetadata struct {
 }

 type Entry struct {
-	Name    string `json:"name" xml:"name,attr"`
-	Flags   string `json:"flags,omitempty" xml:"flags,attr,omitempty"`
-	Version string `json:"version,omitempty" xml:"ver,attr,omitempty"`
-	Epoch   string `json:"epoch,omitempty" xml:"epoch,attr,omitempty"`
-	Release string `json:"release,omitempty" xml:"rel,attr,omitempty"`
+	Name     string `json:"name" xml:"name,attr"`
+	Flags    string `json:"flags,omitempty" xml:"flags,attr,omitempty"`
+	AltFlags uint32 `json:"alt_flags,omitempty" xml:"alt_flags,attr,omitempty"`
+	Version  string `json:"version,omitempty" xml:"ver,attr,omitempty"`
+	Epoch    string `json:"epoch,omitempty" xml:"epoch,attr,omitempty"`
+	Release  string `json:"release,omitempty" xml:"rel,attr,omitempty"`
 }

 type File struct {
@ -98,7 +99,7 @@ type Changelog struct {
 }

 // ParsePackage parses the RPM package file
-func ParsePackage(r io.Reader) (*Package, error) {
+func ParsePackage(r io.Reader, repoType string) (*Package, error) {
 	rpm, err := rpmutils.ReadRpm(r)
 	if err != nil {
 		return nil, err
@ -138,10 +139,10 @@ func ParsePackage(r io.Reader) (*Package, error) {
 			InstalledSize: getUInt64(rpm.Header, rpmutils.SIZE),
 			ArchiveSize:   getUInt64(rpm.Header, rpmutils.SIG_PAYLOADSIZE),

-			Provides:   getEntries(rpm.Header, rpmutils.PROVIDENAME, rpmutils.PROVIDEVERSION, rpmutils.PROVIDEFLAGS),
-			Requires:   getEntries(rpm.Header, rpmutils.REQUIRENAME, rpmutils.REQUIREVERSION, rpmutils.REQUIREFLAGS),
-			Conflicts:  getEntries(rpm.Header, rpmutils.CONFLICTNAME, rpmutils.CONFLICTVERSION, rpmutils.CONFLICTFLAGS),
-			Obsoletes:  getEntries(rpm.Header, rpmutils.OBSOLETENAME, rpmutils.OBSOLETEVERSION, rpmutils.OBSOLETEFLAGS),
+			Provides:   getEntries(rpm.Header, rpmutils.PROVIDENAME, rpmutils.PROVIDEVERSION, rpmutils.PROVIDEFLAGS, repoType),
+			Requires:   getEntries(rpm.Header, rpmutils.REQUIRENAME, rpmutils.REQUIREVERSION, rpmutils.REQUIREFLAGS, repoType),
+			Conflicts:  getEntries(rpm.Header, rpmutils.CONFLICTNAME, rpmutils.CONFLICTVERSION, rpmutils.CONFLICTFLAGS, repoType),
+			Obsoletes:  getEntries(rpm.Header, rpmutils.OBSOLETENAME, rpmutils.OBSOLETEVERSION, rpmutils.OBSOLETEFLAGS, repoType),
 			Files:      getFiles(rpm.Header),
 			Changelogs: getChangelogs(rpm.Header),
 		},
@ -170,7 +171,7 @@ func getUInt64(h *rpmutils.RpmHeader, tag int) uint64 {
 	return values[0]
 }

-func getEntries(h *rpmutils.RpmHeader, namesTag, versionsTag, flagsTag int) []*Entry {
+func getEntries(h *rpmutils.RpmHeader, namesTag, versionsTag, flagsTag int, repoType string) []*Entry {
 	names, err := h.GetStrings(namesTag)
 	if err != nil || len(names) == 0 {
 		return nil
@ -188,43 +189,54 @@ func getEntries(h *rpmutils.RpmHeader, namesTag, versionsTag, flagsTag int) []*E
 	}

 	entries := make([]*Entry, 0, len(names))
-	for i := range names {
-		e := &Entry{
-			Name: names[i],
-		}

-		flags := flags[i]
-		if (flags&rpmutils.RPMSENSE_GREATER) != 0 && (flags&rpmutils.RPMSENSE_EQUAL) != 0 {
-			e.Flags = "GE"
-		} else if (flags&rpmutils.RPMSENSE_LESS) != 0 && (flags&rpmutils.RPMSENSE_EQUAL) != 0 {
-			e.Flags = "LE"
-		} else if (flags & rpmutils.RPMSENSE_GREATER) != 0 {
-			e.Flags = "GT"
-		} else if (flags & rpmutils.RPMSENSE_LESS) != 0 {
-			e.Flags = "LT"
-		} else if (flags & rpmutils.RPMSENSE_EQUAL) != 0 {
-			e.Flags = "EQ"
-		}
-
-		version := versions[i]
-		if version != "" {
-			parts := strings.Split(version, "-")
-
-			versionParts := strings.Split(parts[0], ":")
-			if len(versionParts) == 2 {
-				e.Version = versionParts[1]
-				e.Epoch = versionParts[0]
-			} else {
-				e.Version = versionParts[0]
-				e.Epoch = "0"
+	switch repoType {
+	case "rpm":
+		for i := range names {
+			e := &Entry{
+				Name: names[i],
 			}

-			if len(parts) > 1 {
-				e.Release = parts[1]
+			flags := flags[i]
+			if (flags&rpmutils.RPMSENSE_GREATER) != 0 && (flags&rpmutils.RPMSENSE_EQUAL) != 0 {
+				e.Flags = "GE"
+			} else if (flags&rpmutils.RPMSENSE_LESS) != 0 && (flags&rpmutils.RPMSENSE_EQUAL) != 0 {
+				e.Flags = "LE"
+			} else if (flags & rpmutils.RPMSENSE_GREATER) != 0 {
+				e.Flags = "GT"
+			} else if (flags & rpmutils.RPMSENSE_LESS) != 0 {
+				e.Flags = "LT"
+			} else if (flags & rpmutils.RPMSENSE_EQUAL) != 0 {
+				e.Flags = "EQ"
 			}
-		}

-		entries = append(entries, e)
+			version := versions[i]
+			if version != "" {
+				parts := strings.Split(version, "-")
+
+				versionParts := strings.Split(parts[0], ":")
+				if len(versionParts) == 2 {
+					e.Version = versionParts[1]
+					e.Epoch = versionParts[0]
+				} else {
+					e.Version = versionParts[0]
+					e.Epoch = "0"
+				}
+
+				if len(parts) > 1 {
+					e.Release = parts[1]
+				}
+			}
+			entries = append(entries, e)
+		}
+	case "alt":
+		for i := range names {
+			e := &Entry{
+				AltFlags: uint32(flags[i]),
+			}
+			e.Version = versions[i]
+			entries = append(entries, e)
+		}
 	}
 	return entries
 }
--- a/modules/packages/rpm/metadata_test.go
+++ b/modules/packages/rpm/metadata_test.go
@ -48,7 +48,7 @@ Mu0UFYgZ/bYnuvn/vz4wtCz8qMwsHUvP0PX3tbYFUctAPdrY6tiiDtcCddDECahx7SuVNP5dpmb5
 	zr, err := gzip.NewReader(bytes.NewReader(rpmPackageContent))
 	require.NoError(t, err)

-	p, err := ParsePackage(zr)
+	p, err := ParsePackage(zr, "rpm")
 	assert.NotNil(t, p)
 	require.NoError(t, err)

--- a/modules/setting/packages.go
+++ b/modules/setting/packages.go
@ -42,6 +42,7 @@ var (
 		LimitSizePub          int64
 		LimitSizePyPI         int64
 		LimitSizeRpm          int64
+		LimitSizeAlt          int64
 		LimitSizeRubyGems     int64
 		LimitSizeSwift        int64
 		LimitSizeVagrant      int64
@ -106,6 +107,7 @@ func loadPackagesFrom(rootCfg ConfigProvider) (err error) {
 	Packages.LimitSizeSwift = mustBytes(sec, "LIMIT_SIZE_SWIFT")
 	Packages.LimitSizeVagrant = mustBytes(sec, "LIMIT_SIZE_VAGRANT")
 	Packages.DefaultRPMSignEnabled = sec.Key("DEFAULT_RPM_SIGN_ENABLED").MustBool(false)
+	Packages.LimitSizeAlt = mustBytes(sec, "LIMIT_SIZE_ALT")
 	return nil
 }