]> git.saurik.com Git - apt.git/blob - methods/gpgv.cc
projects / apt.git / blob
? search:


ba7389cbaef5a6188cfff4f48bc32ceee12ec50a
[apt.git] / methods / gpgv.cc
1 #include <apt-pkg/error.h>
2 #include <apt-pkg/acquire-method.h>
3 #include <apt-pkg/strutl.h>
4 #include <apti18n.h>
5
6 #include <sys/stat.h>
7 #include <unistd.h>
8 #include <utime.h>
9 #include <stdio.h>
10 #include <fcntl.h>
11 #include <errno.h>
12 #include <sys/wait.h>
13 #include <iostream>
14 #include <sstream>
15
16 #define GNUPGPREFIX "[GNUPG:]"
17 #define GNUPGBADSIG "[GNUPG:] BADSIG"
18 #define GNUPGNOPUBKEY "[GNUPG:] NO_PUBKEY"
19 #define GNUPGVALIDSIG "[GNUPG:] VALIDSIG"
20
21 class GPGVMethod : public pkgAcqMethod
22 {
23 private:
24 string VerifyGetSigners(const char *file, const char *outfile,
25 vector<string> &GoodSigners, vector<string> &BadSigners,
26 vector<string> &NoPubKeySigners);
27
28 protected:
29 virtual bool Fetch(FetchItem *Itm);
30
31 public:
32
33 GPGVMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig) {};
34 };
35
36 string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
37 vector<string> &GoodSigners,
38 vector<string> &BadSigners,
39 vector<string> &NoPubKeySigners)
40 {
41 // setup a (empty) stringstream for formating the return value
42 std::stringstream ret;
43 ret.str("");
44
45 if (_config->FindB("Debug::Acquire::gpgv", false))
46 {
47 std::cerr << "inside VerifyGetSigners" << std::endl;
48 }
49 pid_t pid;
50 int fd[2];
51 FILE *pipein;
52 int status;
53 struct stat buff;
54 string gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
55 string pubringpath = _config->Find("APT::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg");
56 if (_config->FindB("Debug::Acquire::gpgv", false))
57 {
58 std::cerr << "gpgv path: " << gpgvpath << std::endl;
59 std::cerr << "Keyring path: " << pubringpath << std::endl;
60 }
61
62 if (stat(pubringpath.c_str(), &buff) != 0)
63 {
64 ioprintf(ret, _("Couldn't access keyring: '%s'"), strerror(errno));
65 return ret.str();
66 }
67 if (pipe(fd) < 0)
68 {
69 return "Couldn't create pipe";
70 }
71
72 pid = fork();
73 if (pid < 0)
74 {
75 return string("Couldn't spawn new process") + strerror(errno);
76 }
77 else if (pid == 0)
78 {
79 const char *Args[400];
80 unsigned int i = 0;
81
82 Args[i++] = gpgvpath.c_str();
83 Args[i++] = "--status-fd";
84 Args[i++] = "3";
85 Args[i++] = "--keyring";
86 Args[i++] = pubringpath.c_str();
87
88 Configuration::Item const *Opts;
89 Opts = _config->Tree("Acquire::gpgv::Options");
90 if (Opts != 0)
91 {
92 Opts = Opts->Child;
93 for (; Opts != 0; Opts = Opts->Next)
94 {
95 if (Opts->Value.empty() == true)
96 continue;
97 Args[i++] = Opts->Value.c_str();
98 if(i >= 395) {
99 std::cerr << _("E: Argument list from Acquire::gpgv::Options too long. Exiting.") << std::endl;
100 exit(111);
101 }
102 }
103 }
104 Args[i++] = file;
105 Args[i++] = outfile;
106 Args[i++] = NULL;
107
108 if (_config->FindB("Debug::Acquire::gpgv", false))
109 {
110 std::cerr << "Preparing to exec: " << gpgvpath;
111 for(unsigned int j=0;Args[j] != NULL; j++)
112 std::cerr << " " << Args[j];
113 std::cerr << std::endl;
114 }
115 int nullfd = open("/dev/null", O_RDONLY);
116 close(fd[0]);
117 // Redirect output to /dev/null; we read from the status fd
118 dup2(nullfd, STDOUT_FILENO);
119 dup2(nullfd, STDERR_FILENO);
120 // Redirect the pipe to the status fd (3)
121 dup2(fd[1], 3);
122
123 putenv("LANG=");
124 putenv("LC_ALL=");
125 putenv("LC_MESSAGES=");
126 execvp(gpgvpath.c_str(), (char **)Args);
127
128 exit(111);
129 }
130 close(fd[1]);
131
132 pipein = fdopen(fd[0], "r");
133
134 // Loop over the output of gpgv, and check the signatures.
135 size_t buffersize = 64;
136 char *buffer = (char *) malloc(buffersize);
137 size_t bufferoff = 0;
138 while (1)
139 {
140 int c;
141
142 // Read a line. Sigh.
143 while ((c = getc(pipein)) != EOF && c != '\n')
144 {
145 if (bufferoff == buffersize)
146 buffer = (char *) realloc(buffer, buffersize *= 2);
147 *(buffer+bufferoff) = c;
148 bufferoff++;
149 }
150 if (bufferoff == 0 && c == EOF)
151 break;
152 *(buffer+bufferoff) = '\0';
153 bufferoff = 0;
154 if (_config->FindB("Debug::Acquire::gpgv", false))
155 std::cerr << "Read: " << buffer << std::endl;
156
157 // Push the data into three separate vectors, which
158 // we later concatenate. They're kept separate so
159 // if we improve the apt method communication stuff later
160 // it will be better.
161 if (strncmp(buffer, GNUPGBADSIG, sizeof(GNUPGBADSIG)-1) == 0)
162 {
163 if (_config->FindB("Debug::Acquire::gpgv", false))
164 std::cerr << "Got BADSIG! " << std::endl;
165 BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
166 }
167
168 if (strncmp(buffer, GNUPGNOPUBKEY, sizeof(GNUPGNOPUBKEY)-1) == 0)
169 {
170 if (_config->FindB("Debug::Acquire::gpgv", false))
171 std::cerr << "Got NO_PUBKEY " << std::endl;
172 NoPubKeySigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
173 }
174
175 if (strncmp(buffer, GNUPGVALIDSIG, sizeof(GNUPGVALIDSIG)-1) == 0)
176 {
177 char *sig = buffer + sizeof(GNUPGPREFIX);
178 char *p = sig + sizeof("VALIDSIG");
179 while (*p && isxdigit(*p))
180 p++;
181 *p = 0;
182 if (_config->FindB("Debug::Acquire::gpgv", false))
183 std::cerr << "Got VALIDSIG, key ID:" << sig << std::endl;
184 GoodSigners.push_back(string(sig));
185 }
186 }
187 fclose(pipein);
188
189 waitpid(pid, &status, 0);
190 if (_config->FindB("Debug::Acquire::gpgv", false))
191 {
192 std::cerr << "gpgv exited\n";
193 }
194
195 if (WEXITSTATUS(status) == 0)
196 {
197 if (GoodSigners.empty())
198 return _("Internal error: Good signature, but could not determine key fingerprint?!");
199 return "";
200 }
201 else if (WEXITSTATUS(status) == 1)
202 {
203 return _("At least one invalid signature was encountered.");
204 }
205 else if (WEXITSTATUS(status) == 111)
206 {
207 ioprintf(ret, _("Could not execute '%s' to verify signature (is gnupg installed?)"), gpgvpath.c_str());
208 return ret.str();
209 }
210 else
211 {
212 return _("Unknown error executing gpgv");
213 }
214 }
215
216 bool GPGVMethod::Fetch(FetchItem *Itm)
217 {
218 URI Get = Itm->Uri;
219 string Path = Get.Host + Get.Path; // To account for relative paths
220 string keyID;
221 vector<string> GoodSigners;
222 vector<string> BadSigners;
223 vector<string> NoPubKeySigners;
224
225 FetchResult Res;
226 Res.Filename = Itm->DestFile;
227 URIStart(Res);
228
229 // Run gpgv on file, extract contents and get the key ID of the signer
230 string msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(),
231 GoodSigners, BadSigners, NoPubKeySigners);
232 if (GoodSigners.empty() || !BadSigners.empty() || !NoPubKeySigners.empty())
233 {
234 string errmsg;
235 // In this case, something bad probably happened, so we just go
236 // with what the other method gave us for an error message.
237 if (BadSigners.empty() && NoPubKeySigners.empty())
238 errmsg = msg;
239 else
240 {
241 if (!BadSigners.empty())
242 {
243 errmsg += _("The following signatures were invalid:\n");
244 for (vector<string>::iterator I = BadSigners.begin();
245 I != BadSigners.end(); I++)
246 errmsg += (*I + "\n");
247 }
248 if (!NoPubKeySigners.empty())
249 {
250 errmsg += _("The following signatures couldn't be verified because the public key is not available:\n");
251 for (vector<string>::iterator I = NoPubKeySigners.begin();
252 I != NoPubKeySigners.end(); I++)
253 errmsg += (*I + "\n");
254 }
255 }
256 // this is only fatal if we have no good sigs or if we have at
257 // least one bad signature. good signatures and NoPubKey signatures
258 // happen easily when a file is signed with multiple signatures
259 if(GoodSigners.empty() or !BadSigners.empty())
260 return _error->Error(errmsg.c_str());
261 }
262
263 // Transfer the modification times
264 struct stat Buf;
265 if (stat(Path.c_str(),&Buf) != 0)
266 return _error->Errno("stat",_("Failed to stat %s"), Path.c_str());
267
268 struct utimbuf TimeBuf;
269 TimeBuf.actime = Buf.st_atime;
270 TimeBuf.modtime = Buf.st_mtime;
271 if (utime(Itm->DestFile.c_str(),&TimeBuf) != 0)
272 return _error->Errno("utime",_("Failed to set modification time"));
273
274 if (stat(Itm->DestFile.c_str(),&Buf) != 0)
275 return _error->Errno("stat",_("Failed to stat"));
276
277 // Return a Done response
278 Res.LastModified = Buf.st_mtime;
279 Res.Size = Buf.st_size;
280 // Just pass the raw output up, because passing it as a real data
281 // structure is too difficult with the method stuff. We keep it
282 // as three separate vectors for future extensibility.
283 Res.GPGVOutput = GoodSigners;
284 Res.GPGVOutput.insert(Res.GPGVOutput.end(),BadSigners.begin(),BadSigners.end());
285 Res.GPGVOutput.insert(Res.GPGVOutput.end(),NoPubKeySigners.begin(),NoPubKeySigners.end());
286 URIDone(Res);
287
288 if (_config->FindB("Debug::Acquire::gpgv", false))
289 {
290 std::cerr << "gpgv succeeded\n";
291 }
292
293 return true;
294 }
295
296
297 int main()
298 {
299 setlocale(LC_ALL, "");
300
301 GPGVMethod Mth;
302
303 return Mth.Run();
304 }
APT (for Cydia)