X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/a319c4eeae62511d1cb58986742491d3e224bf20..bda94cb8432b3905f5757e92573fd16e73cb183f:/apt-pkg/indexcopy.cc?ds=sidebyside diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc index 47eaefc5c..c2ee1c347 100644 --- a/apt-pkg/indexcopy.cc +++ b/apt-pkg/indexcopy.cc @@ -27,6 +27,8 @@ #include #include #include +#include +#include #include /*}}}*/ @@ -130,9 +132,14 @@ bool IndexCopy::CopyPackages(string CDROM,string Name,vector &List, (*I).c_str() + CDROM.length(),GetFileName()); string TargetF = _config->FindDir("Dir::State::lists") + "partial/"; TargetF += URItoFileName(S); + FileFd Target; if (_config->FindB("APT::CDROM::NoAct",false) == true) + { TargetF = "/dev/null"; - FileFd Target(TargetF,FileFd::WriteEmpty); + Target.Open(TargetF,FileFd::WriteExists); + } else { + Target.Open(TargetF,FileFd::WriteAtomic); + } FILE *TargetFl = fdopen(dup(Target.Fd()),"w"); if (_error->PendingError() == true) return false; @@ -563,7 +570,7 @@ bool SigVerify::CopyMetaIndex(string CDROM, string CDName, /*{{{*/ FileFd Target; FileFd Rel; - Target.Open(TargetF,FileFd::WriteEmpty); + Target.Open(TargetF,FileFd::WriteAtomic); Rel.Open(prefix + file,FileFd::ReadOnly); if (_error->PendingError() == true) return false; @@ -605,14 +612,9 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, _error->Error("Fork failed"); return false; } - if(pid == 0) { - string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); - std::vector Args = GetGPGVCommandLine(); - Args.push_back(releasegpg.c_str()); - Args.push_back(release.c_str()); - Args.push_back(NULL); - execvp(gpgvpath.c_str(), (char**) &Args[0]); - } + if(pid == 0) + RunGPGV(release, releasegpg); + if(!ExecWait(pid, "gpgv")) { _error->Warning("Signature verification failed for: %s", releasegpg.c_str()); @@ -652,41 +654,53 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector &SigList, return true; } /*}}}*/ -// SigVerify::GetGPGVCommandLine - returns the command needed for verify/*{{{*/ +// SigVerify::RunGPGV - returns the command needed for verify /*{{{*/ // --------------------------------------------------------------------- /* Generating the commandline for calling gpgv is somehow complicated as we need to add multiple keyrings and user supplied options. Also, as the cdrom code currently can not use the gpgv method we have two places these need to be done - so the place for this method is wrong but better than code duplication… */ -std::vector SigVerify::GetGPGVCommandLine() +bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, + int const &statusfd, int fd[2]) { string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv"); // FIXME: remove support for deprecated APT::GPGV setting - string const trustedFile = _config->FindFile("Dir::Etc::Trusted", - _config->Find("APT::GPGV::TrustedKeyring", "/etc/apt/trusted.gpg").c_str()); - string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts", "/etc/apt/trusted.gpg.d"); + string const trustedFile = _config->Find("APT::GPGV::TrustedKeyring", _config->FindFile("Dir::Etc::Trusted")); + string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts"); - if (_config->FindB("Debug::Acquire::gpgv", false) == true) + bool const Debug = _config->FindB("Debug::Acquire::gpgv", false); + + if (Debug == true) { std::clog << "gpgv path: " << gpgvpath << std::endl; std::clog << "Keyring file: " << trustedFile << std::endl; std::clog << "Keyring path: " << trustedPath << std::endl; } - std::vector keyrings = GetListOfFilesInDir(trustedPath, "gpg", false); + std::vector keyrings; + if (DirectoryExists(trustedPath)) + keyrings = GetListOfFilesInDir(trustedPath, "gpg", false, true); if (FileExists(trustedFile) == true) - keyrings.push_back(trustedFile); + keyrings.push_back(trustedFile); std::vector Args; Args.reserve(30); if (keyrings.empty() == true) - return Args; + return false; Args.push_back(gpgvpath.c_str()); Args.push_back("--ignore-time-conflict"); + if (statusfd != -1) + { + Args.push_back("--status-fd"); + char fd[10]; + snprintf(fd, sizeof(fd), "%i", statusfd); + Args.push_back(fd); + } + for (vector::const_iterator K = keyrings.begin(); K != keyrings.end(); ++K) { @@ -707,7 +721,36 @@ std::vector SigVerify::GetGPGVCommandLine() } } - return Args; + Args.push_back(FileGPG.c_str()); + if (FileGPG != File) + Args.push_back(File.c_str()); + Args.push_back(NULL); + + if (Debug == true) + { + std::clog << "Preparing to exec: " << gpgvpath; + for (std::vector::const_iterator a = Args.begin(); *a != NULL; ++a) + std::clog << " " << *a; + std::clog << std::endl; + } + + if (statusfd != -1) + { + int const nullfd = open("/dev/null", O_RDONLY); + close(fd[0]); + // Redirect output to /dev/null; we read from the status fd + dup2(nullfd, STDOUT_FILENO); + dup2(nullfd, STDERR_FILENO); + // Redirect the pipe to the status fd (3) + dup2(fd[1], statusfd); + + putenv((char *)"LANG="); + putenv((char *)"LC_ALL="); + putenv((char *)"LC_MESSAGES="); + } + + execvp(gpgvpath.c_str(), (char **) &Args[0]); + return true; } /*}}}*/ bool TranslationsCopy::CopyTranslations(string CDROM,string Name, /*{{{*/ @@ -804,7 +847,7 @@ bool TranslationsCopy::CopyTranslations(string CDROM,string Name, /*{{{*/ TargetF += URItoFileName(S); if (_config->FindB("APT::CDROM::NoAct",false) == true) TargetF = "/dev/null"; - FileFd Target(TargetF,FileFd::WriteEmpty); + FileFd Target(TargetF,FileFd::WriteAtomic); FILE *TargetFl = fdopen(dup(Target.Fd()),"w"); if (_error->PendingError() == true) return false;