[apt.git] / methods / gpgv.cc

#include <apt-pkg/error.h>
#include <apt-pkg/acquire-method.h>
#include <apt-pkg/strutl.h>

#include <sys/stat.h>
#include <unistd.h>
#include <utime.h>
#include <stdio.h>
#include <fcntl.h>
#include <errno.h>
#include <sys/wait.h>
#include <iostream>

#define GNUPGPREFIX "[GNUPG:]"
#define GNUPGBADSIG "[GNUPG:] BADSIG"
#define GNUPGNOPUBKEY "[GNUPG:] NO_PUBKEY"
#define GNUPGVALIDSIG "[GNUPG:] VALIDSIG"

class GPGVMethod : public pkgAcqMethod
{
   private:
   const char *VerifyGetSigners(const char *file, const char *outfile,
				vector<string> &GoodSigners, vector<string> &BadSigners,
				vector<string> &NoPubKeySigners);
   
   protected:
   virtual bool Fetch(FetchItem *Itm);
   
   public:
   
   GPGVMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig) {};
};

const char *GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
					 vector<string> &GoodSigners,
					 vector<string> &BadSigners,
					 vector<string> &NoPubKeySigners)
{
   if (_config->FindB("Debug::Acquire::gpgv", false))
   {
      std::cerr << "inside VerifyGetSigners" << std::endl;
   }
   pid_t pid;
   int fd[2];
   FILE *pipein;
   int status;
   struct stat buff;
   string gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
   string pubringpath = _config->Find("Apt::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg");
   if (_config->FindB("Debug::Acquire::gpgv", false))
   {
      std::cerr << "gpgv path: " << gpgvpath << std::endl;
      std::cerr << "Keyring path: " << pubringpath << std::endl;
   }

   if (stat(pubringpath.c_str(), &buff) != 0)
      return (string("Couldn't access keyring: ") + strerror(errno)).c_str();

   if (pipe(fd) < 0)
   {
      return "Couldn't create pipe";
   }

   pid = fork();
   if (pid < 0)
   {
      return (string("Couldn't spawn new process") + strerror(errno)).c_str();
   }
   else if (pid == 0)
   {
      const char *Args[400];
      unsigned int i = 0;

      Args[i++] = gpgvpath.c_str();
      Args[i++] = "--status-fd";
      Args[i++] = "3";
      Args[i++] = "--keyring";
      Args[i++] = pubringpath.c_str();

      Configuration::Item const *Opts;
      Opts = _config->Tree("Acquire::gpgv::Options");
      if (Opts != 0)
      {
         Opts = Opts->Child;
	 for (; Opts != 0; Opts = Opts->Next)
         {
            if (Opts->Value.empty() == true)
               continue;
            Args[i++] = Opts->Value.c_str();
	    if(i >= 395) { 
	       std::cerr << "E: Argument list from Acquire::gpgv::Options too long. Exiting." << std::endl;
	       exit(111);
	    }
         }
      }
      Args[i++] = file;
      Args[i++] = outfile;
      Args[i++] = NULL;

      if (_config->FindB("Debug::Acquire::gpgv", false))
      {
         std::cerr << "Preparing to exec: " << gpgvpath;
	 int j;
	 for(j=0;Args[j] != NULL; j++)
	    std::cerr << Args[j] << " ";
	 std::cerr << std::endl;
      }
      int nullfd = open("/dev/null", O_RDONLY);
      close(fd[0]);
      // Redirect output to /dev/null; we read from the status fd
      dup2(nullfd, STDOUT_FILENO); 
      dup2(nullfd, STDERR_FILENO); 
      // Redirect the pipe to the status fd (3)
      dup2(fd[1], 3);

      putenv("LANG=");
      putenv("LC_ALL=");
      putenv("LC_MESSAGES=");
      execvp(gpgvpath.c_str(), (char **)Args);
             
      exit(111);
   }
   close(fd[1]);

   pipein = fdopen(fd[0], "r"); 
   
   // Loop over the output of gpgv, and check the signatures.
   size_t buffersize = 64;
   char *buffer = (char *) malloc(buffersize);
   size_t bufferoff = 0;
   while (1)
   {
      int c;

      // Read a line.  Sigh.
      while ((c = getc(pipein)) != EOF && c != '\n')
      {
         if (bufferoff == buffersize)
            buffer = (char *) realloc(buffer, buffersize *= 2);
         *(buffer+bufferoff) = c;
         bufferoff++;
      }
      if (bufferoff == 0 && c == EOF)
         break;
      *(buffer+bufferoff) = '\0';
      bufferoff = 0;
      if (_config->FindB("Debug::Acquire::gpgv", false))
         std::cerr << "Read: " << buffer << std::endl;

      // Push the data into three separate vectors, which
      // we later concatenate.  They're kept separate so
      // if we improve the apt method communication stuff later
      // it will be better.
      if (strncmp(buffer, GNUPGBADSIG, sizeof(GNUPGBADSIG)-1) == 0)
      {
         if (_config->FindB("Debug::Acquire::gpgv", false))
            std::cerr << "Got BADSIG! " << std::endl;
         BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
      }
      
      if (strncmp(buffer, GNUPGNOPUBKEY, sizeof(GNUPGNOPUBKEY)-1) == 0)
      {
         if (_config->FindB("Debug::Acquire::gpgv", false))
            std::cerr << "Got NO_PUBKEY " << std::endl;
         NoPubKeySigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
      }

      if (strncmp(buffer, GNUPGVALIDSIG, sizeof(GNUPGVALIDSIG)-1) == 0)
      {
         char *sig = buffer + sizeof(GNUPGPREFIX);
         char *p = sig + sizeof("VALIDSIG");
         while (*p && isxdigit(*p)) 
            p++;
         *p = 0;
         if (_config->FindB("Debug::Acquire::gpgv", false))
            std::cerr << "Got VALIDSIG, key ID:" << sig << std::endl;
         GoodSigners.push_back(string(sig));
      }
   }
   fclose(pipein);

   waitpid(pid, &status, 0);
   if (_config->FindB("Debug::Acquire::gpgv", false))
   {
      std::cerr <<"gpgv exited\n";
   }
   
   if (WEXITSTATUS(status) == 0)
   {
      if (GoodSigners.empty())
         return "Internal error: Good signature, but could not determine key fingerprint?!";
      return NULL;
   }
   else if (WEXITSTATUS(status) == 1)
   {
      return "At least one invalid signature was encountered.";
   }
   else if (WEXITSTATUS(status) == 111)
   {
      return (string("Could not execute ") + gpgvpath +
	      string(" to verify signature (is gnupg installed?)")).c_str();
   }
   else
   {
      return "Unknown error executing gpgv";
   }
}

bool GPGVMethod::Fetch(FetchItem *Itm)
{
   URI Get = Itm->Uri;
   string Path = Get.Host + Get.Path; // To account for relative paths
   string keyID;
   vector<string> GoodSigners;
   vector<string> BadSigners;
   vector<string> NoPubKeySigners;
   
   FetchResult Res;
   Res.Filename = Itm->DestFile;
   URIStart(Res);

   // Run gpgv on file, extract contents and get the key ID of the signer
   const char *msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(),
				      GoodSigners, BadSigners, NoPubKeySigners);
   if (GoodSigners.empty() || !BadSigners.empty() || !NoPubKeySigners.empty())
   {
      string errmsg;
      // In this case, something bad probably happened, so we just go
      // with what the other method gave us for an error message.
      if (BadSigners.empty() && NoPubKeySigners.empty())
         errmsg = msg;
      else
      {
         if (!BadSigners.empty())
         {
            errmsg += "The following signatures were invalid:\n";
            for (vector<string>::iterator I = BadSigners.begin();
		 I != BadSigners.end(); I++)
               errmsg += (*I + "\n");
         }
         if (!NoPubKeySigners.empty())
         {
             errmsg += "The following signatures couldn't be verified because the public key is not available:\n";
            for (vector<string>::iterator I = NoPubKeySigners.begin();
		 I != NoPubKeySigners.end(); I++)
               errmsg += (*I + "\n");
         }
      }
      return _error->Error(errmsg.c_str());
   }
      
   // Transfer the modification times
   struct stat Buf;
   if (stat(Path.c_str(),&Buf) != 0)
      return _error->Errno("stat","Failed to stat %s", Path.c_str());

   struct utimbuf TimeBuf;
   TimeBuf.actime = Buf.st_atime;
   TimeBuf.modtime = Buf.st_mtime;
   if (utime(Itm->DestFile.c_str(),&TimeBuf) != 0)
      return _error->Errno("utime","Failed to set modification time");

   if (stat(Itm->DestFile.c_str(),&Buf) != 0)
      return _error->Errno("stat","Failed to stat");
   
   // Return a Done response
   Res.LastModified = Buf.st_mtime;
   Res.Size = Buf.st_size;
   // Just pass the raw output up, because passing it as a real data
   // structure is too difficult with the method stuff.  We keep it
   // as three separate vectors for future extensibility.
   Res.GPGVOutput = GoodSigners;
   Res.GPGVOutput.insert(Res.GPGVOutput.end(),BadSigners.begin(),BadSigners.end());
   Res.GPGVOutput.insert(Res.GPGVOutput.end(),NoPubKeySigners.begin(),NoPubKeySigners.end());
   URIDone(Res);

   if (_config->FindB("Debug::Acquire::gpgv", false))
   {
      std::cerr <<"gpgv suceeded\n";
   }

   return true;
}


int main()
{
   GPGVMethod Mth;

   return Mth.Run();
}
Commit	Line	Data
b3d44315 MV	1	#include <apt-pkg/error.h>
	2	#include <apt-pkg/acquire-method.h>
	3	#include <apt-pkg/strutl.h>
	4
	5	#include <sys/stat.h>
	6	#include <unistd.h>
	7	#include <utime.h>
	8	#include <stdio.h>
	9	#include <fcntl.h>
	10	#include <errno.h>
	11	#include <sys/wait.h>
	12	#include <iostream>
	13
	14	#define GNUPGPREFIX "[GNUPG:]"
	15	#define GNUPGBADSIG "[GNUPG:] BADSIG"
	16	#define GNUPGNOPUBKEY "[GNUPG:] NO_PUBKEY"
	17	#define GNUPGVALIDSIG "[GNUPG:] VALIDSIG"
	18
	19	class GPGVMethod : public pkgAcqMethod
	20	{
	21	private:
	22	const char VerifyGetSigners(const char file, const char *outfile,
	23	vector<string> &GoodSigners, vector<string> &BadSigners,
	24	vector<string> &NoPubKeySigners);
	25
	26	protected:
	27	virtual bool Fetch(FetchItem *Itm);
	28
	29	public:
	30
	31	GPGVMethod() : pkgAcqMethod("1.0",SingleInstance \| SendConfig) {};
	32	};
	33
	34	const char GPGVMethod::VerifyGetSigners(const char file, const char *outfile,
	35	vector<string> &GoodSigners,
	36	vector<string> &BadSigners,
	37	vector<string> &NoPubKeySigners)
	38	{
	39	if (_config->FindB("Debug::Acquire::gpgv", false))
	40	{
	41	std::cerr << "inside VerifyGetSigners" << std::endl;
	42	}
	43	pid_t pid;
	44	int fd[2];
	45	FILE *pipein;
	46	int status;
	47	struct stat buff;
	48	string gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
	49	string pubringpath = _config->Find("Apt::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg");
	50	if (_config->FindB("Debug::Acquire::gpgv", false))
	51	{
	52	std::cerr << "gpgv path: " << gpgvpath << std::endl;
	53	std::cerr << "Keyring path: " << pubringpath << std::endl;
	54	}
	55
	56	if (stat(pubringpath.c_str(), &buff) != 0)
	57	return (string("Couldn't access keyring: ") + strerror(errno)).c_str();
	58
	59	if (pipe(fd) < 0)
	60	{
	61	return "Couldn't create pipe";
	62	}
	63
	64	pid = fork();
65	if (pid < 0)
66	{
67	return (string("Couldn't spawn new process") + strerror(errno)).c_str();
68	}
69	else if (pid == 0)
70	{
ad6a45d8 MV	71	const char *Args[400];
	72	unsigned int i = 0;
	73
	74	Args[i++] = gpgvpath.c_str();
	75	Args[i++] = "--status-fd";
	76	Args[i++] = "3";
	77	Args[i++] = "--keyring";
	78	Args[i++] = pubringpath.c_str();
	79
	80	Configuration::Item const *Opts;
	81	Opts = _config->Tree("Acquire::gpgv::Options");
	82	if (Opts != 0)
	83	{
	84	Opts = Opts->Child;
	85	for (; Opts != 0; Opts = Opts->Next)
	86	{
	87	if (Opts->Value.empty() == true)
	88	continue;
	89	Args[i++] = Opts->Value.c_str();
	90	if(i >= 395) {
	91	std::cerr << "E: Argument list from Acquire::gpgv::Options too long. Exiting." << std::endl;
	92	exit(111);
	93	}
	94	}
	95	}
	96	Args[i++] = file;
	97	Args[i++] = outfile;
	98	Args[i++] = NULL;
	99
b3d44315 MV	100	if (_config->FindB("Debug::Acquire::gpgv", false))
b3d44315 MV	101	{
ad6a45d8 MV	102	std::cerr << "Preparing to exec: " << gpgvpath;
	103	int j;
	104	for(j=0;Args[j] != NULL; j++)
	105	std::cerr << Args[j] << " ";
	106	std::cerr << std::endl;
b3d44315 MV	107	}
	108	int nullfd = open("/dev/null", O_RDONLY);
	109	close(fd[0]);
	110	// Redirect output to /dev/null; we read from the status fd
	111	dup2(nullfd, STDOUT_FILENO);
	112	dup2(nullfd, STDERR_FILENO);
	113	// Redirect the pipe to the status fd (3)
	114	dup2(fd[1], 3);
	115
	116	putenv("LANG=");
	117	putenv("LC_ALL=");
	118	putenv("LC_MESSAGES=");
ad6a45d8	119	execvp(gpgvpath.c_str(), (char **)Args);
b3d44315 MV	120
	121	exit(111);
	122	}
	123	close(fd[1]);
	124
	125	pipein = fdopen(fd[0], "r");
	126
	127	// Loop over the output of gpgv, and check the signatures.
	128	size_t buffersize = 64;
	129	char buffer = (char ) malloc(buffersize);
	130	size_t bufferoff = 0;
	131	while (1)
	132	{
	133	int c;
	134
	135	// Read a line. Sigh.
	136	while ((c = getc(pipein)) != EOF && c != '\n')
	137	{
	138	if (bufferoff == buffersize)
	139	buffer = (char ) realloc(buffer, buffersize = 2);
	140	*(buffer+bufferoff) = c;
	141	bufferoff++;
	142	}
	143	if (bufferoff == 0 && c == EOF)
	144	break;
	145	*(buffer+bufferoff) = '\0';
	146	bufferoff = 0;
	147	if (_config->FindB("Debug::Acquire::gpgv", false))
	148	std::cerr << "Read: " << buffer << std::endl;
	149
	150	// Push the data into three separate vectors, which
	151	// we later concatenate. They're kept separate so
	152	// if we improve the apt method communication stuff later
	153	// it will be better.
	154	if (strncmp(buffer, GNUPGBADSIG, sizeof(GNUPGBADSIG)-1) == 0)
	155	{
	156	if (_config->FindB("Debug::Acquire::gpgv", false))
	157	std::cerr << "Got BADSIG! " << std::endl;
	158	BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
	159	}
	160
	161	if (strncmp(buffer, GNUPGNOPUBKEY, sizeof(GNUPGNOPUBKEY)-1) == 0)
	162	{
	163	if (_config->FindB("Debug::Acquire::gpgv", false))
	164	std::cerr << "Got NO_PUBKEY " << std::endl;
	165	NoPubKeySigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
	166	}
	167
	168	if (strncmp(buffer, GNUPGVALIDSIG, sizeof(GNUPGVALIDSIG)-1) == 0)
	169	{
	170	char *sig = buffer + sizeof(GNUPGPREFIX);
	171	char *p = sig + sizeof("VALIDSIG");
	172	while (p && isxdigit(p))
	173	p++;
	174	*p = 0;
	175	if (_config->FindB("Debug::Acquire::gpgv", false))
	176	std::cerr << "Got VALIDSIG, key ID:" << sig << std::endl;
	177	GoodSigners.push_back(string(sig));
	178	}
	179	}
	180	fclose(pipein);
	181
	182	waitpid(pid, &status, 0);
	183	if (_config->FindB("Debug::Acquire::gpgv", false))
184	{
185	std::cerr <<"gpgv exited\n";
186	}
187
188	if (WEXITSTATUS(status) == 0)
189	{
190	if (GoodSigners.empty())
191	return "Internal error: Good signature, but could not determine key fingerprint?!";
192	return NULL;
193	}
194	else if (WEXITSTATUS(status) == 1)
195	{
196	return "At least one invalid signature was encountered.";
197	}
198	else if (WEXITSTATUS(status) == 111)
199	{
200	return (string("Could not execute ") + gpgvpath +
201	string(" to verify signature (is gnupg installed?)")).c_str();
202	}
203	else
204	{
205	return "Unknown error executing gpgv";
206	}
207	}
208
209	bool GPGVMethod::Fetch(FetchItem *Itm)
210	{
211	URI Get = Itm->Uri;
212	string Path = Get.Host + Get.Path; // To account for relative paths
213	string keyID;
214	vector<string> GoodSigners;
215	vector<string> BadSigners;
216	vector<string> NoPubKeySigners;
217
218	FetchResult Res;
219	Res.Filename = Itm->DestFile;
220	URIStart(Res);
221
222	// Run gpgv on file, extract contents and get the key ID of the signer
223	const char *msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(),
224	GoodSigners, BadSigners, NoPubKeySigners);
225	if (GoodSigners.empty() \|\| !BadSigners.empty() \|\| !NoPubKeySigners.empty())
226	{
227	string errmsg;
228	// In this case, something bad probably happened, so we just go
229	// with what the other method gave us for an error message.
230	if (BadSigners.empty() && NoPubKeySigners.empty())
231	errmsg = msg;
232	else
233	{
234	if (!BadSigners.empty())
235	{
236	errmsg += "The following signatures were invalid:\n";
237	for (vector<string>::iterator I = BadSigners.begin();
238	I != BadSigners.end(); I++)
239	errmsg += (*I + "\n");
240	}
241	if (!NoPubKeySigners.empty())
242	{
243	errmsg += "The following signatures couldn't be verified because the public key is not available:\n";
244	for (vector<string>::iterator I = NoPubKeySigners.begin();
245	I != NoPubKeySigners.end(); I++)
246	errmsg += (*I + "\n");
247	}
248	}
249	return _error->Error(errmsg.c_str());
250	}
251
252	// Transfer the modification times
253	struct stat Buf;
254	if (stat(Path.c_str(),&Buf) != 0)
255	return _error->Errno("stat","Failed to stat %s", Path.c_str());
256
257	struct utimbuf TimeBuf;
258	TimeBuf.actime = Buf.st_atime;
259	TimeBuf.modtime = Buf.st_mtime;
260	if (utime(Itm->DestFile.c_str(),&TimeBuf) != 0)
261	return _error->Errno("utime","Failed to set modification time");
262
263	if (stat(Itm->DestFile.c_str(),&Buf) != 0)
264	return _error->Errno("stat","Failed to stat");
265
266	// Return a Done response
267	Res.LastModified = Buf.st_mtime;
268	Res.Size = Buf.st_size;
269	// Just pass the raw output up, because passing it as a real data
270	// structure is too difficult with the method stuff. We keep it
271	// as three separate vectors for future extensibility.
272	Res.GPGVOutput = GoodSigners;
273	Res.GPGVOutput.insert(Res.GPGVOutput.end(),BadSigners.begin(),BadSigners.end());
274	Res.GPGVOutput.insert(Res.GPGVOutput.end(),NoPubKeySigners.begin(),NoPubKeySigners.end());
275	URIDone(Res);
276
277	if (_config->FindB("Debug::Acquire::gpgv", false))
278	{
279	std::cerr <<"gpgv suceeded\n";
280	}
281
282	return true;
283	}
284
285
286	int main()
287	{
288	GPGVMethod Mth;
289
290	return Mth.Run();
291	}