methods/gpgv.cc

   1 #include <config.h>
   2
   3 #include <apt-pkg/error.h>
   4 #include <apt-pkg/acquire-method.h>
   5 #include <apt-pkg/strutl.h>
   6 #include <apt-pkg/fileutl.h>
   7 #include <apt-pkg/indexcopy.h>
   8 #include <apt-pkg/configuration.h>
   9
  10 #include <utime.h>
  11 #include <stdio.h>
  12 #include <fcntl.h>
  13 #include <errno.h>
  14 #include <sys/wait.h>
  15 #include <iostream>
  16 #include <sstream>
  17 #include <vector>
  18
  19 #include <apti18n.h>
  20
  21 using std::string;
  22 using std::vector;
  23
  24 #define GNUPGPREFIX "[GNUPG:]"
  25 #define GNUPGBADSIG "[GNUPG:] BADSIG"
  26 #define GNUPGNOPUBKEY "[GNUPG:] NO_PUBKEY"
  27 #define GNUPGVALIDSIG "[GNUPG:] VALIDSIG"
  28 #define GNUPGGOODSIG "[GNUPG:] GOODSIG"
  29 #define GNUPGKEYEXPIRED "[GNUPG:] KEYEXPIRED"
  30 #define GNUPGREVKEYSIG "[GNUPG:] REVKEYSIG"
  31 #define GNUPGNODATA "[GNUPG:] NODATA"
  32
  33 class GPGVMethod : public pkgAcqMethod
  34 {
  35    private:
  36    string VerifyGetSigners(const char *file, const char *outfile,
  37                                 vector<string> &GoodSigners,
  38                                 vector<string> &BadSigners,
  39                                 vector<string> &WorthlessSigners,
  40                                 vector<string> &NoPubKeySigners);
  41
  42    protected:
  43    virtual bool Fetch(FetchItem *Itm);
  44
  45    public:
  46
  47    GPGVMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig) {};
  48 };
  49
  50 string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
  51                                          vector<string> &GoodSigners,
  52                                          vector<string> &BadSigners,
  53                                          vector<string> &WorthlessSigners,
  54                                          vector<string> &NoPubKeySigners)
  55 {
  56    bool const Debug = _config->FindB("Debug::Acquire::gpgv", false);
  57    // setup a (empty) stringstream for formating the return value
  58    std::stringstream ret;
  59    ret.str("");
  60
  61    if (Debug == true)
  62       std::clog << "inside VerifyGetSigners" << std::endl;
  63
  64    int fd[2];
  65
  66    if (pipe(fd) < 0)
  67       return "Couldn't create pipe";
  68
  69    pid_t pid = fork();
  70    if (pid < 0)
  71       return string("Couldn't spawn new process") + strerror(errno);
  72    else if (pid == 0)
  73    {
  74       _error->PushToStack();
  75       bool const success = SigVerify::RunGPGV(outfile, file, 3, fd);
  76       if (success == false)
  77       {
  78          string errmsg;
  79          _error->PopMessage(errmsg);
  80          _error->RevertToStack();
  81          return errmsg;
  82       }
  83       _error->RevertToStack();
  84       exit(111);
  85    }
  86    close(fd[1]);
  87
  88    FILE *pipein = fdopen(fd[0], "r");
  89
  90    // Loop over the output of gpgv, and check the signatures.
  91    size_t buffersize = 64;
  92    char *buffer = (char *) malloc(buffersize);
  93    size_t bufferoff = 0;
  94    while (1)
  95    {
  96       int c;
  97
  98       // Read a line.  Sigh.
  99       while ((c = getc(pipein)) != EOF && c != '\n')
 100       {
 101          if (bufferoff == buffersize)
 102          {
 103             char* newBuffer = (char *) realloc(buffer, buffersize *= 2);
 104             if (newBuffer == NULL)
 105             {
 106                free(buffer);
 107                return "Couldn't allocate a buffer big enough for reading";
 108             }
 109             buffer = newBuffer;
 110          }
 111          *(buffer+bufferoff) = c;
 112          bufferoff++;
 113       }
 114       if (bufferoff == 0 && c == EOF)
 115          break;
 116       *(buffer+bufferoff) = '\0';
 117       bufferoff = 0;
 118       if (Debug == true)
 119          std::clog << "Read: " << buffer << std::endl;
 120
 121       // Push the data into three separate vectors, which
 122       // we later concatenate.  They're kept separate so
 123       // if we improve the apt method communication stuff later
 124       // it will be better.
 125       if (strncmp(buffer, GNUPGBADSIG, sizeof(GNUPGBADSIG)-1) == 0)
 126       {
 127          if (Debug == true)
 128             std::clog << "Got BADSIG! " << std::endl;
 129          BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 130       }
 131
 132       if (strncmp(buffer, GNUPGNOPUBKEY, sizeof(GNUPGNOPUBKEY)-1) == 0)
 133       {
 134          if (Debug == true)
 135             std::clog << "Got NO_PUBKEY " << std::endl;
 136          NoPubKeySigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 137       }
 138       if (strncmp(buffer, GNUPGNODATA, sizeof(GNUPGBADSIG)-1) == 0)
 139       {
 140          if (Debug == true)
 141             std::clog << "Got NODATA! " << std::endl;
 142          BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 143       }
 144       if (strncmp(buffer, GNUPGKEYEXPIRED, sizeof(GNUPGKEYEXPIRED)-1) == 0)
 145       {
 146          if (Debug == true)
 147             std::clog << "Got KEYEXPIRED! " << std::endl;
 148          WorthlessSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 149       }
 150       if (strncmp(buffer, GNUPGREVKEYSIG, sizeof(GNUPGREVKEYSIG)-1) == 0)
 151       {
 152          if (Debug == true)
 153             std::clog << "Got REVKEYSIG! " << std::endl;
 154          WorthlessSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 155       }
 156       if (strncmp(buffer, GNUPGGOODSIG, sizeof(GNUPGGOODSIG)-1) == 0)
 157       {
 158          char *sig = buffer + sizeof(GNUPGPREFIX);
 159          char *p = sig + sizeof("GOODSIG");
 160          while (*p && isxdigit(*p))
 161             p++;
 162          *p = 0;
 163          if (Debug == true)
 164             std::clog << "Got GOODSIG, key ID:" << sig << std::endl;
 165          GoodSigners.push_back(string(sig));
 166       }
 167    }
 168    fclose(pipein);
 169
 170    int status;
 171    waitpid(pid, &status, 0);
 172    if (Debug == true)
 173    {
 174       std::clog << "gpgv exited\n";
 175    }
 176
 177    if (WEXITSTATUS(status) == 0)
 178    {
 179       if (GoodSigners.empty())
 180          return _("Internal error: Good signature, but could not determine key fingerprint?!");
 181       return "";
 182    }
 183    else if (WEXITSTATUS(status) == 1)
 184    {
 185       return _("At least one invalid signature was encountered.");
 186    }
 187    else if (WEXITSTATUS(status) == 111)
 188    {
 189       ioprintf(ret, _("Could not execute 'gpgv' to verify signature (is gpgv installed?)"));
 190       return ret.str();
 191    }
 192    else
 193    {
 194       return _("Unknown error executing gpgv");
 195    }
 196 }
 197
 198 bool GPGVMethod::Fetch(FetchItem *Itm)
 199 {
 200    URI Get = Itm->Uri;
 201    string Path = Get.Host + Get.Path; // To account for relative paths
 202    string keyID;
 203    vector<string> GoodSigners;
 204    vector<string> BadSigners;
 205    // a worthless signature is a expired or revoked one
 206    vector<string> WorthlessSigners;
 207    vector<string> NoPubKeySigners;
 208
 209    FetchResult Res;
 210    Res.Filename = Itm->DestFile;
 211    URIStart(Res);
 212
 213    // Run gpgv on file, extract contents and get the key ID of the signer
 214    string msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(),
 215                                  GoodSigners, BadSigners, WorthlessSigners,
 216                                  NoPubKeySigners);
 217    if (GoodSigners.empty() || !BadSigners.empty() || !NoPubKeySigners.empty())
 218    {
 219       string errmsg;
 220       // In this case, something bad probably happened, so we just go
 221       // with what the other method gave us for an error message.
 222       if (BadSigners.empty() && WorthlessSigners.empty() && NoPubKeySigners.empty())
 223          errmsg = msg;
 224       else
 225       {
 226          if (!BadSigners.empty())
 227          {
 228             errmsg += _("The following signatures were invalid:\n");
 229             for (vector<string>::iterator I = BadSigners.begin();
 230                  I != BadSigners.end(); ++I)
 231                errmsg += (*I + "\n");
 232          }
 233          if (!WorthlessSigners.empty())
 234          {
 235             errmsg += _("The following signatures were invalid:\n");
 236             for (vector<string>::iterator I = WorthlessSigners.begin();
 237                  I != WorthlessSigners.end(); ++I)
 238                errmsg += (*I + "\n");
 239          }
 240          if (!NoPubKeySigners.empty())
 241          {
 242              errmsg += _("The following signatures couldn't be verified because the public key is not available:\n");
 243             for (vector<string>::iterator I = NoPubKeySigners.begin();
 244                  I != NoPubKeySigners.end(); ++I)
 245                errmsg += (*I + "\n");
 246          }
 247       }
 248       // this is only fatal if we have no good sigs or if we have at
 249       // least one bad signature. good signatures and NoPubKey signatures
 250       // happen easily when a file is signed with multiple signatures
 251       if(GoodSigners.empty() or !BadSigners.empty())
 252          return _error->Error("%s", errmsg.c_str());
 253    }
 254
 255    // Just pass the raw output up, because passing it as a real data
 256    // structure is too difficult with the method stuff.  We keep it
 257    // as three separate vectors for future extensibility.
 258    Res.GPGVOutput = GoodSigners;
 259    Res.GPGVOutput.insert(Res.GPGVOutput.end(),BadSigners.begin(),BadSigners.end());
 260    Res.GPGVOutput.insert(Res.GPGVOutput.end(),NoPubKeySigners.begin(),NoPubKeySigners.end());
 261    URIDone(Res);
 262
 263    if (_config->FindB("Debug::Acquire::gpgv", false))
 264    {
 265       std::clog << "gpgv succeeded\n";
 266    }
 267
 268    return true;
 269 }
 270
 271
 272 int main()
 273 {
 274    setlocale(LC_ALL, "");
 275
 276    GPGVMethod Mth;
 277
 278    return Mth.Run();
 279 }