]>
git.saurik.com Git - apt.git/blob - apt-pkg/contrib/gpgv.cc
c236a7289a6068117c7129dfbb09df261a768ee2
1 // -*- mode: cpp; mode: fold -*-
2 // Include Files /*{{{*/
11 #include <sys/types.h>
14 #include<apt-pkg/configuration.h>
15 #include<apt-pkg/error.h>
16 #include<apt-pkg/strutl.h>
17 #include<apt-pkg/fileutl.h>
18 #include<apt-pkg/gpgv.h>
22 char * GenerateTemporaryFileTemplate(const char *basename
) /*{{{*/
24 const char *tmpdir
= getenv("TMPDIR");
33 strprintf(out
, "%s/%s.XXXXXX", tmpdir
, basename
);
34 return strdup(out
.c_str());
37 // ExecGPGV - returns the command needed for verify /*{{{*/
38 // ---------------------------------------------------------------------
39 /* Generating the commandline for calling gpgv is somehow complicated as
40 we need to add multiple keyrings and user supplied options.
41 Also, as gpgv has no options to enforce a certain reduced style of
42 clear-signed files (=the complete content of the file is signed and
43 the content isn't encoded) we do a divide and conquer approach here
45 void ExecGPGV(std::string
const &File
, std::string
const &FileGPG
,
46 int const &statusfd
, int fd
[2])
49 std::string
const gpgvpath
= _config
->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
50 // FIXME: remove support for deprecated APT::GPGV setting
51 std::string
const trustedFile
= _config
->Find("APT::GPGV::TrustedKeyring", _config
->FindFile("Dir::Etc::Trusted"));
52 std::string
const trustedPath
= _config
->FindDir("Dir::Etc::TrustedParts");
54 bool const Debug
= _config
->FindB("Debug::Acquire::gpgv", false);
58 std::clog
<< "gpgv path: " << gpgvpath
<< std::endl
;
59 std::clog
<< "Keyring file: " << trustedFile
<< std::endl
;
60 std::clog
<< "Keyring path: " << trustedPath
<< std::endl
;
63 std::vector
<std::string
> keyrings
;
64 if (DirectoryExists(trustedPath
))
65 keyrings
= GetListOfFilesInDir(trustedPath
, "gpg", false, true);
66 if (RealFileExists(trustedFile
) == true)
67 keyrings
.push_back(trustedFile
);
69 std::vector
<const char *> Args
;
72 if (keyrings
.empty() == true)
74 // TRANSLATOR: %s is the trusted keyring parts directory
75 ioprintf(std::cerr
, _("No keyring installed in %s."),
76 _config
->FindDir("Dir::Etc::TrustedParts").c_str());
80 Args
.push_back(gpgvpath
.c_str());
81 Args
.push_back("--ignore-time-conflict");
86 Args
.push_back("--status-fd");
87 snprintf(statusfdstr
, sizeof(statusfdstr
), "%i", statusfd
);
88 Args
.push_back(statusfdstr
);
91 for (std::vector
<std::string
>::const_iterator K
= keyrings
.begin();
92 K
!= keyrings
.end(); ++K
)
94 Args
.push_back("--keyring");
95 Args
.push_back(K
->c_str());
98 Configuration::Item
const *Opts
;
99 Opts
= _config
->Tree("Acquire::gpgv::Options");
103 for (; Opts
!= 0; Opts
= Opts
->Next
)
105 if (Opts
->Value
.empty() == true)
107 Args
.push_back(Opts
->Value
.c_str());
113 std::vector
<std::string
> dataHeader
;
117 // file with detached signature
120 Args
.push_back(FileGPG
.c_str());
121 Args
.push_back(File
.c_str());
123 else // clear-signed file
125 sig
= GenerateTemporaryFileTemplate("apt.sig");
126 data
= GenerateTemporaryFileTemplate("apt.data");
127 if (sig
== NULL
|| data
== NULL
)
129 ioprintf(std::cerr
, "Couldn't create tempfiles for splitting up %s", File
.c_str());
133 sigFd
= mkstemp(sig
);
134 dataFd
= mkstemp(data
);
135 int const duppedSigFd
= dup(sigFd
);
136 int const duppedDataFd
= dup(dataFd
);
138 if (dataFd
== -1 || sigFd
== -1 || duppedDataFd
== -1 || duppedSigFd
== -1 ||
139 SplitClearSignedFile(File
, duppedDataFd
, &dataHeader
, duppedSigFd
) == false)
145 ioprintf(std::cerr
, "Splitting up %s into data and signature failed", File
.c_str());
148 lseek(dataFd
, 0, SEEK_SET
);
149 lseek(sigFd
, 0, SEEK_SET
);
151 Args
.push_back(data
);
154 Args
.push_back(NULL
);
158 std::clog
<< "Preparing to exec: " << gpgvpath
;
159 for (std::vector
<const char *>::const_iterator a
= Args
.begin(); *a
!= NULL
; ++a
)
160 std::clog
<< " " << *a
;
161 std::clog
<< std::endl
;
166 int const nullfd
= open("/dev/null", O_RDONLY
);
168 // Redirect output to /dev/null; we read from the status fd
169 if (statusfd
!= STDOUT_FILENO
)
170 dup2(nullfd
, STDOUT_FILENO
);
171 if (statusfd
!= STDERR_FILENO
)
172 dup2(nullfd
, STDERR_FILENO
);
173 // Redirect the pipe to the status fd (3)
174 dup2(fd
[1], statusfd
);
176 putenv((char *)"LANG=");
177 putenv((char *)"LC_ALL=");
178 putenv((char *)"LC_MESSAGES=");
183 execvp(gpgvpath
.c_str(), (char **) &Args
[0]);
184 ioprintf(std::cerr
, "Couldn't execute %s to check %s", Args
[0], File
.c_str());
189 //#define UNLINK_EXIT(X) exit(X)
190 #define UNLINK_EXIT(X) unlink(sig);unlink(data);exit(X)
192 // for clear-signed files we have created tempfiles we have to clean up
193 // and we do an additional check, so fork yet another time …
194 pid_t pid
= ExecFork();
196 ioprintf(std::cerr
, "Fork failed for %s to check %s", Args
[0], File
.c_str());
197 UNLINK_EXIT(EINTERNAL
);
202 dup2(fd
[1], statusfd
);
203 execvp(gpgvpath
.c_str(), (char **) &Args
[0]);
204 ioprintf(std::cerr
, "Couldn't execute %s to check %s", Args
[0], File
.c_str());
205 UNLINK_EXIT(EINTERNAL
);
208 // Wait and collect the error code - taken from WaitPid as we need the exact Status
210 while (waitpid(pid
,&Status
,0) != pid
)
214 ioprintf(std::cerr
, _("Waited for %s but it wasn't there"), "gpgv");
215 UNLINK_EXIT(EINTERNAL
);
218 // check if it exit'ed normally …
219 if (WIFEXITED(Status
) == false)
221 ioprintf(std::cerr
, _("Sub-process %s exited unexpectedly"), "gpgv");
222 UNLINK_EXIT(EINTERNAL
);
225 // … and with a good exit code
226 if (WEXITSTATUS(Status
) != 0)
228 ioprintf(std::cerr
, _("Sub-process %s returned an error code (%u)"), "gpgv", WEXITSTATUS(Status
));
229 UNLINK_EXIT(WEXITSTATUS(Status
));
232 /* looks like its fine. Our caller will check the status fd,
233 but we construct a good-known clear-signed file without garbage
234 and other non-sense. In a perfect world, we get the same file,
235 but empty lines, trailing whitespaces and stuff makes it inperfect … */
236 if (RecombineToClearSignedFile(File
, dataFd
, dataHeader
, sigFd
) == false)
238 _error
->DumpErrors(std::cerr
);
239 UNLINK_EXIT(EINTERNAL
);
242 // everything fine, we have a clean file now!
246 exit(EINTERNAL
); // unreachable safe-guard
249 // RecombineToClearSignedFile - combine data/signature to message /*{{{*/
250 bool RecombineToClearSignedFile(std::string
const &OutFile
, int const ContentFile
,
251 std::vector
<std::string
> const &ContentHeader
, int const SignatureFile
)
253 FILE *clean_file
= fopen(OutFile
.c_str(), "w");
254 fputs("-----BEGIN PGP SIGNED MESSAGE-----\n", clean_file
);
255 for (std::vector
<std::string
>::const_iterator h
= ContentHeader
.begin(); h
!= ContentHeader
.end(); ++h
)
256 fprintf(clean_file
, "%s\n", h
->c_str());
257 fputs("\n", clean_file
);
259 FILE *data_file
= fdopen(ContentFile
, "r");
260 FILE *sig_file
= fdopen(SignatureFile
, "r");
261 if (data_file
== NULL
|| sig_file
== NULL
)
262 return _error
->Error("Couldn't open splitfiles to recombine them into %s", OutFile
.c_str());
265 while (getline(&buf
, &buf_size
, data_file
) != -1)
266 fputs(buf
, clean_file
);
268 fputs("\n", clean_file
);
269 while (getline(&buf
, &buf_size
, sig_file
) != -1)
270 fputs(buf
, clean_file
);
276 // SplitClearSignedFile - split message into data/signature /*{{{*/
277 bool SplitClearSignedFile(std::string
const &InFile
, int const ContentFile
,
278 std::vector
<std::string
> * const ContentHeader
, int const SignatureFile
)
280 FILE *in
= fopen(InFile
.c_str(), "r");
282 return _error
->Errno("fopen", "can not open %s", InFile
.c_str());
284 FILE *out_content
= NULL
;
285 FILE *out_signature
= NULL
;
286 if (ContentFile
!= -1)
288 out_content
= fdopen(ContentFile
, "w");
289 if (out_content
== NULL
)
290 return _error
->Errno("fdopen", "Failed to open file to write content to from %s", InFile
.c_str());
292 if (SignatureFile
!= -1)
294 out_signature
= fdopen(SignatureFile
, "w");
295 if (out_signature
== NULL
)
296 return _error
->Errno("fdopen", "Failed to open file to write signature to from %s", InFile
.c_str());
299 bool found_message_start
= false;
300 bool found_message_end
= false;
301 bool skip_until_empty_line
= false;
302 bool found_signature
= false;
303 bool first_line
= true;
307 while (getline(&buf
, &buf_size
, in
) != -1)
310 if (found_message_start
== false)
312 if (strcmp(buf
, "-----BEGIN PGP SIGNED MESSAGE-----") == 0)
314 found_message_start
= true;
315 skip_until_empty_line
= true;
318 else if (skip_until_empty_line
== true)
320 if (strlen(buf
) == 0)
321 skip_until_empty_line
= false;
322 // save "Hash" Armor Headers, others aren't allowed
323 else if (ContentHeader
!= NULL
&& strncmp(buf
, "Hash: ", strlen("Hash: ")) == 0)
324 ContentHeader
->push_back(buf
);
326 else if (found_signature
== false)
328 if (strcmp(buf
, "-----BEGIN PGP SIGNATURE-----") == 0)
330 found_signature
= true;
331 found_message_end
= true;
332 if (out_signature
!= NULL
)
333 fprintf(out_signature
, "%s\n", buf
);
335 else if (found_message_end
== false)
337 // we are in the message block
338 if(first_line
== true) // first line does not need a newline
340 if (out_content
!= NULL
)
341 fprintf(out_content
, "%s", buf
);
344 else if (out_content
!= NULL
)
345 fprintf(out_content
, "\n%s", buf
);
348 else if (found_signature
== true)
350 if (out_signature
!= NULL
)
351 fprintf(out_signature
, "%s\n", buf
);
352 if (strcmp(buf
, "-----END PGP SIGNATURE-----") == 0)
353 found_signature
= false; // look for other signatures
355 // all the rest is whitespace, unsigned garbage or additional message blocks we ignore
357 if (out_content
!= NULL
)
359 if (out_signature
!= NULL
)
360 fclose(out_signature
);