]> git.saurik.com Git - apt.git/blob - apt-pkg/contrib/gpgv.h
reset HOME, USER(NAME), TMPDIR & SHELL in DropPrivileges
[apt.git] / apt-pkg / contrib / gpgv.h
1 // -*- mode: cpp; mode: fold -*-
2 // Description /*{{{*/
3 /* ######################################################################
4
5 Helpers to deal with gpgv better and more easily
6
7 ##################################################################### */
8 /*}}}*/
9 #ifndef CONTRIB_GPGV_H
10 #define CONTRIB_GPGV_H
11
12 #include <apt-pkg/macros.h>
13
14 #include <string>
15 #include <vector>
16
17 #ifndef APT_10_CLEANER_HEADERS
18 #include <apt-pkg/fileutl.h>
19 #endif
20
21 class FileFd;
22
23 /** \brief generates and run the command to verify a file with gpgv
24 *
25 * If File and FileSig specify the same file it is assumed that we
26 * deal with a clear-signed message. Note that the method will accept
27 * and validate files which include additional (unsigned) messages
28 * without complaining. Do NOT open files accepted by this method
29 * for reading. Use #OpenMaybeClearSignedFile to access the message
30 * instead to ensure you are only reading signed data.
31 *
32 * The method does not return, but has some notable exit-codes:
33 * 111 signals an internal error like the inability to execute gpgv,
34 * 112 indicates a clear-signed file which doesn't include a message,
35 * which can happen if APT is run while on a network requiring
36 * authentication before usage (e.g. in hotels)
37 * All other exit-codes are passed-through from gpgv.
38 *
39 * @param File is the message (unsigned or clear-signed)
40 * @param FileSig is the signature (detached or clear-signed)
41 * @param statusfd is the fd given to gpgv as --status-fd
42 * @param fd is used as a pipe for the standard output of gpgv
43 * @param key is the specific one to be used instead of using all
44 */
45 void ExecGPGV(std::string const &File, std::string const &FileSig,
46 int const &statusfd, int fd[2], std::string const &Key = "") APT_NORETURN;
47 inline APT_NORETURN void ExecGPGV(std::string const &File, std::string const &FileSig,
48 int const &statusfd = -1) {
49 int fd[2];
50 ExecGPGV(File, FileSig, statusfd, fd);
51 }
52
53 /** \brief Split an inline signature into message and signature
54 *
55 * Takes a clear-signed message and puts the first signed message
56 * in the content file and all signatures following it into the
57 * second. Unsigned messages, additional messages as well as
58 * whitespaces are discarded. The resulting files are suitable to
59 * be checked with gpgv.
60 *
61 * If a FileFd pointers is NULL it will not be used and the content
62 * which would have been written to it is silently discarded.
63 *
64 * The content of the split files is undefined if the splitting was
65 * unsuccessful.
66 *
67 * Note that trying to split an unsigned file will fail, but
68 * not generate an error message.
69 *
70 * @param InFile is the clear-signed file
71 * @param ContentFile is the FileFd the message will be written to
72 * @param ContentHeader is a list of all required Amored Headers for the message
73 * @param SignatureFile is the FileFd all signatures will be written to
74 * @return true if the splitting was successful, false otherwise
75 */
76 bool SplitClearSignedFile(std::string const &InFile, FileFd * const ContentFile,
77 std::vector<std::string> * const ContentHeader, FileFd * const SignatureFile);
78
79 /** \brief open a file which might be clear-signed
80 *
81 * This method tries to extract the (signed) message of a file.
82 * If the file isn't signed it will just open the given filename.
83 * Otherwise the message is extracted to a temporary file which
84 * will be opened instead.
85 *
86 * @param ClearSignedFileName is the name of the file to open
87 * @param[out] MessageFile is the FileFd in which the file will be opened
88 * @return true if opening was successful, otherwise false
89 */
90 bool OpenMaybeClearSignedFile(std::string const &ClearSignedFileName, FileFd &MessageFile);
91
92 #endif