#ifndef CONTRIB_GPGV_H
#define CONTRIB_GPGV_H
+#include <apt-pkg/macros.h>
+
#include <string>
#include <vector>
+#ifndef APT_10_CLEANER_HEADERS
#include <apt-pkg/fileutl.h>
-
-#if __GNUC__ >= 4
- #define APT_noreturn __attribute__ ((noreturn))
-#else
- #define APT_noreturn /* no support */
#endif
+class FileFd;
+
/** \brief generates and run the command to verify a file with gpgv
*
* If File and FileSig specify the same file it is assumed that we
- * deal with a clear-signed message. In that case the file will be
- * rewritten to be in a good-known format without uneeded whitespaces
- * and additional messages (unsigned or signed).
+ * deal with a clear-signed message. Note that the method will accept
+ * and validate files which include additional (unsigned) messages
+ * without complaining. Do NOT open files accepted by this method
+ * for reading. Use #OpenMaybeClearSignedFile to access the message
+ * instead to ensure you are only reading signed data.
+ *
+ * The method does not return, but has some notable exit-codes:
+ * 111 signals an internal error like the inability to execute gpgv,
+ * 112 indicates a clear-signed file which doesn't include a message,
+ * which can happen if APT is run while on a network requiring
+ * authentication before usage (e.g. in hotels)
+ * All other exit-codes are passed-through from gpgv.
*
* @param File is the message (unsigned or clear-signed)
* @param FileSig is the signature (detached or clear-signed)
+ * @param statusfd is the fd given to gpgv as --status-fd
+ * @param fd is used as a pipe for the standard output of gpgv
+ * @param key is the specific one to be used instead of using all
*/
void ExecGPGV(std::string const &File, std::string const &FileSig,
- int const &statusfd, int fd[2]) APT_noreturn;
-inline void ExecGPGV(std::string const &File, std::string const &FileSig,
+ int const &statusfd, int fd[2], std::string const &Key = "") APT_NORETURN;
+inline APT_NORETURN void ExecGPGV(std::string const &File, std::string const &FileSig,
int const &statusfd = -1) {
int fd[2];
ExecGPGV(File, FileSig, statusfd, fd);
-};
-
-#undef APT_noreturn
+}
/** \brief Split an inline signature into message and signature
*
* whitespaces are discarded. The resulting files are suitable to
* be checked with gpgv.
*
- * If one or all Fds are -1 they will not be used and the content
- * which would have been written to them is discarded.
- *
- * The code doesn't support dash-encoded lines as these are not
- * expected to be present in files we have to deal with.
+ * If a FileFd pointers is NULL it will not be used and the content
+ * which would have been written to it is silently discarded.
*
* The content of the split files is undefined if the splitting was
* unsuccessful.
* not generate an error message.
*
* @param InFile is the clear-signed file
- * @param ContentFile is the Fd the message will be written to
+ * @param ContentFile is the FileFd the message will be written to
* @param ContentHeader is a list of all required Amored Headers for the message
- * @param SignatureFile is the Fd all signatures will be written to
+ * @param SignatureFile is the FileFd all signatures will be written to
* @return true if the splitting was successful, false otherwise
*/
-bool SplitClearSignedFile(std::string const &InFile, int const ContentFile,
- std::vector<std::string> * const ContentHeader, int const SignatureFile);
+bool SplitClearSignedFile(std::string const &InFile, FileFd * const ContentFile,
+ std::vector<std::string> * const ContentHeader, FileFd * const SignatureFile);
/** \brief open a file which might be clear-signed
*
projects / apt.git / blobdiff