methods/gpgv.cc

   1 #include <config.h>
   2
   3 #include <apt-pkg/error.h>
   4 #include <apt-pkg/acquire-method.h>
   5 #include <apt-pkg/strutl.h>
   6 #include <apt-pkg/fileutl.h>
   7 #include <apt-pkg/indexcopy.h>
   8 #include <apt-pkg/configuration.h>
   9 #include <apt-pkg/gpgv.h>
  10
  11 #include <stdio.h>
  12 #include <fcntl.h>
  13 #include <errno.h>
  14 #include <sys/wait.h>
  15 #include <iostream>
  16 #include <sstream>
  17 #include <vector>
  18
  19 #include <apti18n.h>
  20
  21 using std::string;
  22 using std::vector;
  23
  24 #define GNUPGPREFIX "[GNUPG:]"
  25 #define GNUPGBADSIG "[GNUPG:] BADSIG"
  26 #define GNUPGNOPUBKEY "[GNUPG:] NO_PUBKEY"
  27 #define GNUPGVALIDSIG "[GNUPG:] VALIDSIG"
  28 #define GNUPGGOODSIG "[GNUPG:] GOODSIG"
  29 #define GNUPGKEYEXPIRED "[GNUPG:] KEYEXPIRED"
  30 #define GNUPGREVKEYSIG "[GNUPG:] REVKEYSIG"
  31 #define GNUPGNODATA "[GNUPG:] NODATA"
  32
  33 class GPGVMethod : public pkgAcqMethod
  34 {
  35    private:
  36    string VerifyGetSigners(const char *file, const char *outfile,
  37                                 vector<string> &GoodSigners,
  38                                 vector<string> &BadSigners,
  39                                 vector<string> &WorthlessSigners,
  40                                 vector<string> &NoPubKeySigners);
  41
  42    protected:
  43    virtual bool Fetch(FetchItem *Itm);
  44
  45    public:
  46
  47    GPGVMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig) {};
  48 };
  49
  50 string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
  51                                          vector<string> &GoodSigners,
  52                                          vector<string> &BadSigners,
  53                                          vector<string> &WorthlessSigners,
  54                                          vector<string> &NoPubKeySigners)
  55 {
  56    bool const Debug = _config->FindB("Debug::Acquire::gpgv", false);
  57
  58    if (Debug == true)
  59       std::clog << "inside VerifyGetSigners" << std::endl;
  60
  61    int fd[2];
  62
  63    if (pipe(fd) < 0)
  64       return "Couldn't create pipe";
  65
  66    pid_t pid = fork();
  67    if (pid < 0)
  68       return string("Couldn't spawn new process") + strerror(errno);
  69    else if (pid == 0)
  70       ExecGPGV(outfile, file, 3, fd);
  71    close(fd[1]);
  72
  73    FILE *pipein = fdopen(fd[0], "r");
  74
  75    // Loop over the output of gpgv, and check the signatures.
  76    size_t buffersize = 64;
  77    char *buffer = (char *) malloc(buffersize);
  78    size_t bufferoff = 0;
  79    while (1)
  80    {
  81       int c;
  82
  83       // Read a line.  Sigh.
  84       while ((c = getc(pipein)) != EOF && c != '\n')
  85       {
  86          if (bufferoff == buffersize)
  87          {
  88             char* newBuffer = (char *) realloc(buffer, buffersize *= 2);
  89             if (newBuffer == NULL)
  90             {
  91                free(buffer);
  92                return "Couldn't allocate a buffer big enough for reading";
  93             }
  94             buffer = newBuffer;
  95          }
  96          *(buffer+bufferoff) = c;
  97          bufferoff++;
  98       }
  99       if (bufferoff == 0 && c == EOF)
 100          break;
 101       *(buffer+bufferoff) = '\0';
 102       bufferoff = 0;
 103       if (Debug == true)
 104          std::clog << "Read: " << buffer << std::endl;
 105
 106       // Push the data into three separate vectors, which
 107       // we later concatenate.  They're kept separate so
 108       // if we improve the apt method communication stuff later
 109       // it will be better.
 110       if (strncmp(buffer, GNUPGBADSIG, sizeof(GNUPGBADSIG)-1) == 0)
 111       {
 112          if (Debug == true)
 113             std::clog << "Got BADSIG! " << std::endl;
 114          BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 115       }
 116
 117       if (strncmp(buffer, GNUPGNOPUBKEY, sizeof(GNUPGNOPUBKEY)-1) == 0)
 118       {
 119          if (Debug == true)
 120             std::clog << "Got NO_PUBKEY " << std::endl;
 121          NoPubKeySigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 122       }
 123       if (strncmp(buffer, GNUPGNODATA, sizeof(GNUPGBADSIG)-1) == 0)
 124       {
 125          if (Debug == true)
 126             std::clog << "Got NODATA! " << std::endl;
 127          BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 128       }
 129       if (strncmp(buffer, GNUPGKEYEXPIRED, sizeof(GNUPGKEYEXPIRED)-1) == 0)
 130       {
 131          if (Debug == true)
 132             std::clog << "Got KEYEXPIRED! " << std::endl;
 133          WorthlessSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 134       }
 135       if (strncmp(buffer, GNUPGREVKEYSIG, sizeof(GNUPGREVKEYSIG)-1) == 0)
 136       {
 137          if (Debug == true)
 138             std::clog << "Got REVKEYSIG! " << std::endl;
 139          WorthlessSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 140       }
 141       if (strncmp(buffer, GNUPGGOODSIG, sizeof(GNUPGGOODSIG)-1) == 0)
 142       {
 143          char *sig = buffer + sizeof(GNUPGPREFIX);
 144          char *p = sig + sizeof("GOODSIG");
 145          while (*p && isxdigit(*p))
 146             p++;
 147          *p = 0;
 148          if (Debug == true)
 149             std::clog << "Got GOODSIG, key ID:" << sig << std::endl;
 150          GoodSigners.push_back(string(sig));
 151       }
 152    }
 153    fclose(pipein);
 154    free(buffer);
 155
 156    int status;
 157    waitpid(pid, &status, 0);
 158    if (Debug == true)
 159    {
 160       std::clog << "gpgv exited\n";
 161    }
 162
 163    if (WEXITSTATUS(status) == 0)
 164    {
 165       if (GoodSigners.empty())
 166          return _("Internal error: Good signature, but could not determine key fingerprint?!");
 167       return "";
 168    }
 169    else if (WEXITSTATUS(status) == 1)
 170       return _("At least one invalid signature was encountered.");
 171    else if (WEXITSTATUS(status) == 111)
 172       return _("Could not execute 'gpgv' to verify signature (is gpgv installed?)");
 173    else if (WEXITSTATUS(status) == 112)
 174    {
 175       // acquire system checks for "NODATA" to generate GPG errors (the others are only warnings)
 176       std::string errmsg;
 177       //TRANSLATORS: %s is a single techy word like 'NODATA'
 178       strprintf(errmsg, _("Clearsigned file isn't valid, got '%s' (does the network require authentication?)"), "NODATA");
 179       return errmsg;
 180    }
 181    else
 182       return _("Unknown error executing gpgv");
 183 }
 184
 185 bool GPGVMethod::Fetch(FetchItem *Itm)
 186 {
 187    URI Get = Itm->Uri;
 188    string Path = Get.Host + Get.Path; // To account for relative paths
 189    string keyID;
 190    vector<string> GoodSigners;
 191    vector<string> BadSigners;
 192    // a worthless signature is a expired or revoked one
 193    vector<string> WorthlessSigners;
 194    vector<string> NoPubKeySigners;
 195
 196    FetchResult Res;
 197    Res.Filename = Itm->DestFile;
 198    URIStart(Res);
 199
 200    // Run gpgv on file, extract contents and get the key ID of the signer
 201    string msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(),
 202                                  GoodSigners, BadSigners, WorthlessSigners,
 203                                  NoPubKeySigners);
 204    if (GoodSigners.empty() || !BadSigners.empty() || !NoPubKeySigners.empty())
 205    {
 206       string errmsg;
 207       // In this case, something bad probably happened, so we just go
 208       // with what the other method gave us for an error message.
 209       if (BadSigners.empty() && WorthlessSigners.empty() && NoPubKeySigners.empty())
 210          errmsg = msg;
 211       else
 212       {
 213          if (!BadSigners.empty())
 214          {
 215             errmsg += _("The following signatures were invalid:\n");
 216             for (vector<string>::iterator I = BadSigners.begin();
 217                  I != BadSigners.end(); ++I)
 218                errmsg += (*I + "\n");
 219          }
 220          if (!WorthlessSigners.empty())
 221          {
 222             errmsg += _("The following signatures were invalid:\n");
 223             for (vector<string>::iterator I = WorthlessSigners.begin();
 224                  I != WorthlessSigners.end(); ++I)
 225                errmsg += (*I + "\n");
 226          }
 227          if (!NoPubKeySigners.empty())
 228          {
 229              errmsg += _("The following signatures couldn't be verified because the public key is not available:\n");
 230             for (vector<string>::iterator I = NoPubKeySigners.begin();
 231                  I != NoPubKeySigners.end(); ++I)
 232                errmsg += (*I + "\n");
 233          }
 234       }
 235       // this is only fatal if we have no good sigs or if we have at
 236       // least one bad signature. good signatures and NoPubKey signatures
 237       // happen easily when a file is signed with multiple signatures
 238       if(GoodSigners.empty() or !BadSigners.empty())
 239          return _error->Error("%s", errmsg.c_str());
 240    }
 241
 242    // Just pass the raw output up, because passing it as a real data
 243    // structure is too difficult with the method stuff.  We keep it
 244    // as three separate vectors for future extensibility.
 245    Res.GPGVOutput = GoodSigners;
 246    Res.GPGVOutput.insert(Res.GPGVOutput.end(),BadSigners.begin(),BadSigners.end());
 247    Res.GPGVOutput.insert(Res.GPGVOutput.end(),NoPubKeySigners.begin(),NoPubKeySigners.end());
 248    URIDone(Res);
 249
 250    if (_config->FindB("Debug::Acquire::gpgv", false))
 251    {
 252       std::clog << "gpgv succeeded\n";
 253    }
 254
 255    return true;
 256 }
 257
 258
 259 int main()
 260 {
 261    setlocale(LC_ALL, "");
 262
 263    GPGVMethod Mth;
 264
 265    return Mth.Run();
 266 }