methods/gpgv.cc

   1 #include <config.h>
   2
   3 #include <apt-pkg/acquire-method.h>
   4 #include <apt-pkg/configuration.h>
   5 #include <apt-pkg/error.h>
   6 #include <apt-pkg/gpgv.h>
   7 #include <apt-pkg/strutl.h>
   8
   9 #include <ctype.h>
  10 #include <errno.h>
  11 #include <stddef.h>
  12 #include <stdio.h>
  13 #include <stdlib.h>
  14 #include <string.h>
  15 #include <sys/wait.h>
  16 #include <unistd.h>
  17 #include <iostream>
  18 #include <string>
  19 #include <vector>
  20
  21 #include <apti18n.h>
  22
  23 using std::string;
  24 using std::vector;
  25
  26 #define GNUPGPREFIX "[GNUPG:]"
  27 #define GNUPGBADSIG "[GNUPG:] BADSIG"
  28 #define GNUPGNOPUBKEY "[GNUPG:] NO_PUBKEY"
  29 #define GNUPGVALIDSIG "[GNUPG:] VALIDSIG"
  30 #define GNUPGGOODSIG "[GNUPG:] GOODSIG"
  31 #define GNUPGKEYEXPIRED "[GNUPG:] KEYEXPIRED"
  32 #define GNUPGREVKEYSIG "[GNUPG:] REVKEYSIG"
  33 #define GNUPGNODATA "[GNUPG:] NODATA"
  34
  35 class GPGVMethod : public pkgAcqMethod
  36 {
  37    private:
  38    string VerifyGetSigners(const char *file, const char *outfile,
  39                                 vector<string> &GoodSigners,
  40                                 vector<string> &BadSigners,
  41                                 vector<string> &WorthlessSigners,
  42                                 vector<string> &NoPubKeySigners);
  43
  44    protected:
  45    virtual bool Fetch(FetchItem *Itm);
  46
  47    public:
  48
  49    GPGVMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig) {};
  50 };
  51
  52 string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
  53                                          vector<string> &GoodSigners,
  54                                          vector<string> &BadSigners,
  55                                          vector<string> &WorthlessSigners,
  56                                          vector<string> &NoPubKeySigners)
  57 {
  58    bool const Debug = _config->FindB("Debug::Acquire::gpgv", false);
  59
  60    if (Debug == true)
  61       std::clog << "inside VerifyGetSigners" << std::endl;
  62
  63    int fd[2];
  64
  65    if (pipe(fd) < 0)
  66       return "Couldn't create pipe";
  67
  68    pid_t pid = fork();
  69    if (pid < 0)
  70       return string("Couldn't spawn new process") + strerror(errno);
  71    else if (pid == 0)
  72       ExecGPGV(outfile, file, 3, fd);
  73    close(fd[1]);
  74
  75    FILE *pipein = fdopen(fd[0], "r");
  76
  77    // Loop over the output of gpgv, and check the signatures.
  78    size_t buffersize = 64;
  79    char *buffer = (char *) malloc(buffersize);
  80    size_t bufferoff = 0;
  81    while (1)
  82    {
  83       int c;
  84
  85       // Read a line.  Sigh.
  86       while ((c = getc(pipein)) != EOF && c != '\n')
  87       {
  88          if (bufferoff == buffersize)
  89          {
  90             char* newBuffer = (char *) realloc(buffer, buffersize *= 2);
  91             if (newBuffer == NULL)
  92             {
  93                free(buffer);
  94                return "Couldn't allocate a buffer big enough for reading";
  95             }
  96             buffer = newBuffer;
  97          }
  98          *(buffer+bufferoff) = c;
  99          bufferoff++;
 100       }
 101       if (bufferoff == 0 && c == EOF)
 102          break;
 103       *(buffer+bufferoff) = '\0';
 104       bufferoff = 0;
 105       if (Debug == true)
 106          std::clog << "Read: " << buffer << std::endl;
 107
 108       // Push the data into three separate vectors, which
 109       // we later concatenate.  They're kept separate so
 110       // if we improve the apt method communication stuff later
 111       // it will be better.
 112       if (strncmp(buffer, GNUPGBADSIG, sizeof(GNUPGBADSIG)-1) == 0)
 113       {
 114          if (Debug == true)
 115             std::clog << "Got BADSIG! " << std::endl;
 116          BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 117       }
 118
 119       if (strncmp(buffer, GNUPGNOPUBKEY, sizeof(GNUPGNOPUBKEY)-1) == 0)
 120       {
 121          if (Debug == true)
 122             std::clog << "Got NO_PUBKEY " << std::endl;
 123          NoPubKeySigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 124       }
 125       if (strncmp(buffer, GNUPGNODATA, sizeof(GNUPGBADSIG)-1) == 0)
 126       {
 127          if (Debug == true)
 128             std::clog << "Got NODATA! " << std::endl;
 129          BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 130       }
 131       if (strncmp(buffer, GNUPGKEYEXPIRED, sizeof(GNUPGKEYEXPIRED)-1) == 0)
 132       {
 133          if (Debug == true)
 134             std::clog << "Got KEYEXPIRED! " << std::endl;
 135          WorthlessSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 136       }
 137       if (strncmp(buffer, GNUPGREVKEYSIG, sizeof(GNUPGREVKEYSIG)-1) == 0)
 138       {
 139          if (Debug == true)
 140             std::clog << "Got REVKEYSIG! " << std::endl;
 141          WorthlessSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 142       }
 143       if (strncmp(buffer, GNUPGGOODSIG, sizeof(GNUPGGOODSIG)-1) == 0)
 144       {
 145          char *sig = buffer + sizeof(GNUPGPREFIX);
 146          char *p = sig + sizeof("GOODSIG");
 147          while (*p && isxdigit(*p))
 148             p++;
 149          *p = 0;
 150          if (Debug == true)
 151             std::clog << "Got GOODSIG, key ID:" << sig << std::endl;
 152          GoodSigners.push_back(string(sig));
 153       }
 154    }
 155    fclose(pipein);
 156    free(buffer);
 157
 158    int status;
 159    waitpid(pid, &status, 0);
 160    if (Debug == true)
 161    {
 162       std::clog << "gpgv exited\n";
 163    }
 164
 165    if (WEXITSTATUS(status) == 0)
 166    {
 167       if (GoodSigners.empty())
 168          return _("Internal error: Good signature, but could not determine key fingerprint?!");
 169       return "";
 170    }
 171    else if (WEXITSTATUS(status) == 1)
 172       return _("At least one invalid signature was encountered.");
 173    else if (WEXITSTATUS(status) == 111)
 174       return _("Could not execute 'gpgv' to verify signature (is gpgv installed?)");
 175    else if (WEXITSTATUS(status) == 112)
 176    {
 177       // acquire system checks for "NODATA" to generate GPG errors (the others are only warnings)
 178       std::string errmsg;
 179       //TRANSLATORS: %s is a single techy word like 'NODATA'
 180       strprintf(errmsg, _("Clearsigned file isn't valid, got '%s' (does the network require authentication?)"), "NODATA");
 181       return errmsg;
 182    }
 183    else
 184       return _("Unknown error executing gpgv");
 185 }
 186
 187 bool GPGVMethod::Fetch(FetchItem *Itm)
 188 {
 189    URI Get = Itm->Uri;
 190    string Path = Get.Host + Get.Path; // To account for relative paths
 191    string keyID;
 192    vector<string> GoodSigners;
 193    vector<string> BadSigners;
 194    // a worthless signature is a expired or revoked one
 195    vector<string> WorthlessSigners;
 196    vector<string> NoPubKeySigners;
 197
 198    FetchResult Res;
 199    Res.Filename = Itm->DestFile;
 200    URIStart(Res);
 201
 202    // Run gpgv on file, extract contents and get the key ID of the signer
 203    string msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(),
 204                                  GoodSigners, BadSigners, WorthlessSigners,
 205                                  NoPubKeySigners);
 206    if (GoodSigners.empty() || !BadSigners.empty() || !NoPubKeySigners.empty())
 207    {
 208       string errmsg;
 209       // In this case, something bad probably happened, so we just go
 210       // with what the other method gave us for an error message.
 211       if (BadSigners.empty() && WorthlessSigners.empty() && NoPubKeySigners.empty())
 212          errmsg = msg;
 213       else
 214       {
 215          if (!BadSigners.empty())
 216          {
 217             errmsg += _("The following signatures were invalid:\n");
 218             for (vector<string>::iterator I = BadSigners.begin();
 219                  I != BadSigners.end(); ++I)
 220                errmsg += (*I + "\n");
 221          }
 222          if (!WorthlessSigners.empty())
 223          {
 224             errmsg += _("The following signatures were invalid:\n");
 225             for (vector<string>::iterator I = WorthlessSigners.begin();
 226                  I != WorthlessSigners.end(); ++I)
 227                errmsg += (*I + "\n");
 228          }
 229          if (!NoPubKeySigners.empty())
 230          {
 231              errmsg += _("The following signatures couldn't be verified because the public key is not available:\n");
 232             for (vector<string>::iterator I = NoPubKeySigners.begin();
 233                  I != NoPubKeySigners.end(); ++I)
 234                errmsg += (*I + "\n");
 235          }
 236       }
 237       // this is only fatal if we have no good sigs or if we have at
 238       // least one bad signature. good signatures and NoPubKey signatures
 239       // happen easily when a file is signed with multiple signatures
 240       if(GoodSigners.empty() or !BadSigners.empty())
 241          return _error->Error("%s", errmsg.c_str());
 242    }
 243
 244    // Just pass the raw output up, because passing it as a real data
 245    // structure is too difficult with the method stuff.  We keep it
 246    // as three separate vectors for future extensibility.
 247    Res.GPGVOutput = GoodSigners;
 248    Res.GPGVOutput.insert(Res.GPGVOutput.end(),BadSigners.begin(),BadSigners.end());
 249    Res.GPGVOutput.insert(Res.GPGVOutput.end(),NoPubKeySigners.begin(),NoPubKeySigners.end());
 250    URIDone(Res);
 251
 252    if (_config->FindB("Debug::Acquire::gpgv", false))
 253    {
 254       std::clog << "gpgv succeeded\n";
 255    }
 256
 257    return true;
 258 }
 259
 260
 261 int main()
 262 {
 263    setlocale(LC_ALL, "");
 264
 265    GPGVMethod Mth;
 266
 267    return Mth.Run();
 268 }