#include <sstream>
#include <unistd.h>
#include <sys/stat.h>
+#include <sys/types.h>
+#include <fcntl.h>
#include <stdio.h>
/*}}}*/
// Open the package file
FileFd Pkg;
- if (FileExists(*I + GetFileName()) == true)
+ if (RealFileExists(*I + GetFileName()) == true)
{
Pkg.Open(*I + GetFileName(),FileFd::ReadOnly);
FileSize = Pkg.Size();
(*I).c_str() + CDROM.length(),GetFileName());
string TargetF = _config->FindDir("Dir::State::lists") + "partial/";
TargetF += URItoFileName(S);
+ FileFd Target;
if (_config->FindB("APT::CDROM::NoAct",false) == true)
+ {
TargetF = "/dev/null";
- FileFd Target(TargetF,FileFd::WriteEmpty);
+ Target.Open(TargetF,FileFd::WriteExists);
+ } else {
+ Target.Open(TargetF,FileFd::WriteAtomic);
+ }
FILE *TargetFl = fdopen(dup(Target.Fd()),"w");
if (_error->PendingError() == true)
return false;
// we skip non-existing files in the verifcation to support a cdrom
// with no Packages file (just a Package.gz), see LP: #255545
// (non-existing files are not considered a error)
- if(!FileExists(prefix+file))
+ if(!RealFileExists(prefix+file))
{
_error->Warning(_("Skipping nonexistent file %s"), string(prefix+file).c_str());
return true;
FileFd Target;
FileFd Rel;
- Target.Open(TargetF,FileFd::WriteEmpty);
+ Target.Open(TargetF,FileFd::WriteAtomic);
Rel.Open(prefix + file,FileFd::ReadOnly);
if (_error->PendingError() == true)
return false;
string const release = *I+"Release";
// a Release.gpg without a Release should never happen
- if(FileExists(release) == false)
+ if(RealFileExists(release) == false)
{
delete MetaIndex;
continue;
_error->Error("Fork failed");
return false;
}
- if(pid == 0) {
- string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
- std::vector<const char*> Args = GetGPGVCommandLine();
- Args.push_back(releasegpg.c_str());
- Args.push_back(release.c_str());
- Args.push_back(NULL);
- execvp(gpgvpath.c_str(), (char**) &Args[0]);
- }
+ if(pid == 0)
+ RunGPGV(release, releasegpg);
+
if(!ExecWait(pid, "gpgv")) {
_error->Warning("Signature verification failed for: %s",
releasegpg.c_str());
return true;
}
/*}}}*/
-// SigVerify::GetGPGVCommandLine - returns the command needed for verify/*{{{*/
+// SigVerify::RunGPGV - returns the command needed for verify /*{{{*/
// ---------------------------------------------------------------------
/* Generating the commandline for calling gpgv is somehow complicated as
we need to add multiple keyrings and user supplied options. Also, as
the cdrom code currently can not use the gpgv method we have two places
these need to be done - so the place for this method is wrong but better
than code duplication… */
-std::vector<const char *> SigVerify::GetGPGVCommandLine()
+bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG,
+ int const &statusfd, int fd[2])
{
+ if (File == FileGPG)
+ {
+ #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n"
+ char buffer[sizeof(SIGMSG)];
+ FILE* gpg = fopen(File.c_str(), "r");
+ if (gpg == NULL)
+ return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str());
+ char const * const test = fgets(buffer, sizeof(buffer), gpg);
+ fclose(gpg);
+ if (test == NULL || strcmp(buffer, SIGMSG) != 0)
+ return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str());
+ #undef SIGMSG
+ }
+
+
string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
// FIXME: remove support for deprecated APT::GPGV setting
- string const trustedFile = _config->FindFile("Dir::Etc::Trusted",
- _config->Find("APT::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg").c_str());
- string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts", "/etc/apt/trusted.gpg.d");
+ string const trustedFile = _config->Find("APT::GPGV::TrustedKeyring", _config->FindFile("Dir::Etc::Trusted"));
+ string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts");
- if (_config->FindB("Debug::Acquire::gpgv", false) == true)
+ bool const Debug = _config->FindB("Debug::Acquire::gpgv", false);
+
+ if (Debug == true)
{
std::clog << "gpgv path: " << gpgvpath << std::endl;
std::clog << "Keyring file: " << trustedFile << std::endl;
std::clog << "Keyring path: " << trustedPath << std::endl;
}
- std::vector<string> keyrings = GetListOfFilesInDir(trustedPath, "gpg", false);
- if (FileExists(trustedFile) == true)
- keyrings.push_back(trustedFile);
+ std::vector<string> keyrings;
+ if (DirectoryExists(trustedPath))
+ keyrings = GetListOfFilesInDir(trustedPath, "gpg", false, true);
+ if (RealFileExists(trustedFile) == true)
+ keyrings.push_back(trustedFile);
std::vector<const char *> Args;
Args.reserve(30);
if (keyrings.empty() == true)
- return Args;
+ {
+ // TRANSLATOR: %s is the trusted keyring parts directory
+ return _error->Error(_("No keyring installed in %s."),
+ _config->FindDir("Dir::Etc::TrustedParts").c_str());
+ }
Args.push_back(gpgvpath.c_str());
Args.push_back("--ignore-time-conflict");
+ if (statusfd != -1)
+ {
+ Args.push_back("--status-fd");
+ char fd[10];
+ snprintf(fd, sizeof(fd), "%i", statusfd);
+ Args.push_back(fd);
+ }
+
for (vector<string>::const_iterator K = keyrings.begin();
K != keyrings.end(); ++K)
{
}
}
- return Args;
+ Args.push_back(FileGPG.c_str());
+ if (FileGPG != File)
+ Args.push_back(File.c_str());
+ Args.push_back(NULL);
+
+ if (Debug == true)
+ {
+ std::clog << "Preparing to exec: " << gpgvpath;
+ for (std::vector<const char *>::const_iterator a = Args.begin(); *a != NULL; ++a)
+ std::clog << " " << *a;
+ std::clog << std::endl;
+ }
+
+ if (statusfd != -1)
+ {
+ int const nullfd = open("/dev/null", O_RDONLY);
+ close(fd[0]);
+ // Redirect output to /dev/null; we read from the status fd
+ dup2(nullfd, STDOUT_FILENO);
+ dup2(nullfd, STDERR_FILENO);
+ // Redirect the pipe to the status fd (3)
+ dup2(fd[1], statusfd);
+
+ putenv((char *)"LANG=");
+ putenv((char *)"LC_ALL=");
+ putenv((char *)"LC_MESSAGES=");
+ }
+
+ execvp(gpgvpath.c_str(), (char **) &Args[0]);
+ return true;
}
/*}}}*/
bool TranslationsCopy::CopyTranslations(string CDROM,string Name, /*{{{*/
// Open the package file
FileFd Pkg;
- if (FileExists(*I) == true)
+ if (RealFileExists(*I) == true)
{
Pkg.Open(*I,FileFd::ReadOnly);
FileSize = Pkg.Size();
TargetF += URItoFileName(S);
if (_config->FindB("APT::CDROM::NoAct",false) == true)
TargetF = "/dev/null";
- FileFd Target(TargetF,FileFd::WriteEmpty);
+ FileFd Target(TargetF,FileFd::WriteAtomic);
FILE *TargetFl = fdopen(dup(Target.Fd()),"w");
if (_error->PendingError() == true)
return false;
projects / apt.git / blobdiff