From 99ed26d32226f0dffe5a37fb78c5588f9d9ecfd5 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 15 Mar 2013 14:29:46 +0100 Subject: [PATCH] * apt-pkg/contrib/gpgv.cc: - ExecGPGV is a method which should never return, so mark it as such and fix the inconsistency of returning in error cases --- apt-pkg/contrib/gpgv.cc | 22 ++++++++++++++++------ apt-pkg/contrib/gpgv.h | 26 ++++++++++++++++++++------ apt-pkg/indexcopy.h | 6 ++++-- debian/changelog | 3 +++ methods/gpgv.cc | 14 +------------- 5 files changed, 44 insertions(+), 27 deletions(-) diff --git a/apt-pkg/contrib/gpgv.cc b/apt-pkg/contrib/gpgv.cc index 9b008dd4f..9760bd21f 100644 --- a/apt-pkg/contrib/gpgv.cc +++ b/apt-pkg/contrib/gpgv.cc @@ -25,20 +25,28 @@ using namespace std; // --------------------------------------------------------------------- /* Generating the commandline for calling gpgv is somehow complicated as we need to add multiple keyrings and user supplied options. */ -bool ExecGPGV(std::string const &File, std::string const &FileGPG, +void ExecGPGV(std::string const &File, std::string const &FileGPG, int const &statusfd, int fd[2]) { + #define EINTERNAL 111 + if (File == FileGPG) { #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n" char buffer[sizeof(SIGMSG)]; FILE* gpg = fopen(File.c_str(), "r"); if (gpg == NULL) - return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str()); + { + ioprintf(std::cerr, _("Could not open file %s"), File.c_str()); + exit(EINTERNAL); + } char const * const test = fgets(buffer, sizeof(buffer), gpg); fclose(gpg); if (test == NULL || strcmp(buffer, SIGMSG) != 0) - return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str()); + { + ioprintf(std::cerr, _("File %s doesn't start with a clearsigned message"), File.c_str()); + exit(EINTERNAL); + } #undef SIGMSG } @@ -69,8 +77,9 @@ bool ExecGPGV(std::string const &File, std::string const &FileGPG, if (keyrings.empty() == true) { // TRANSLATOR: %s is the trusted keyring parts directory - return _error->Error(_("No keyring installed in %s."), - _config->FindDir("Dir::Etc::TrustedParts").c_str()); + ioprintf(std::cerr, _("No keyring installed in %s."), + _config->FindDir("Dir::Etc::TrustedParts").c_str()); + exit(EINTERNAL); } Args.push_back(gpgvpath.c_str()); @@ -133,6 +142,7 @@ bool ExecGPGV(std::string const &File, std::string const &FileGPG, } execvp(gpgvpath.c_str(), (char **) &Args[0]); - return true; + ioprintf(std::cerr, "Couldn't execute %s to check %s", Args[0], File.c_str()); + exit(EINTERNAL); } /*}}}*/ diff --git a/apt-pkg/contrib/gpgv.h b/apt-pkg/contrib/gpgv.h index c15166c94..8aeea2fb3 100644 --- a/apt-pkg/contrib/gpgv.h +++ b/apt-pkg/contrib/gpgv.h @@ -11,14 +11,28 @@ #include -/** \brief generates and run the command to verify a file with gpgv */ -bool ExecGPGV(std::string const &File, std::string const &FileOut, - int const &statusfd, int fd[2]); +#if __GNUC__ >= 4 + #define APT_noreturn __attribute__ ((noreturn)) +#else + #define APT_noreturn /* no support */ +#endif -inline bool ExecGPGV(std::string const &File, std::string const &FileOut, +/** \brief generates and run the command to verify a file with gpgv + * + * If File and FileSig specify the same file it is assumed that we + * deal with a clear-signed message. + * + * @param File is the message (unsigned or clear-signed) + * @param FileSig is the signature (detached or clear-signed) + */ +void ExecGPGV(std::string const &File, std::string const &FileSig, + int const &statusfd, int fd[2]) APT_noreturn; +inline void ExecGPGV(std::string const &File, std::string const &FileSig, int const &statusfd = -1) { int fd[2]; - return ExecGPGV(File, FileOut, statusfd, fd); -} + ExecGPGV(File, FileSig, statusfd, fd); +}; + +#undef APT_noreturn #endif diff --git a/apt-pkg/indexcopy.h b/apt-pkg/indexcopy.h index 49e724f2f..aa221158e 100644 --- a/apt-pkg/indexcopy.h +++ b/apt-pkg/indexcopy.h @@ -101,11 +101,13 @@ class SigVerify /*{{{*/ __deprecated static bool RunGPGV(std::string const &File, std::string const &FileOut, int const &statusfd, int fd[2]) { - return ExecGPGV(File, FileOut, statusfd, fd); + ExecGPGV(File, FileOut, statusfd, fd); + return false; }; __deprecated static bool RunGPGV(std::string const &File, std::string const &FileOut, int const &statusfd = -1) { - return ExecGPGV(File, FileOut, statusfd); + ExecGPGV(File, FileOut, statusfd); + return false; }; }; /*}}}*/ diff --git a/debian/changelog b/debian/changelog index ac630ad7e..bd4116406 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,6 +3,9 @@ apt (0.9.7.9) UNRELEASED; urgency=low [ David Kalnischkies ] * apt-pkg/indexcopy.cc: - rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc + * apt-pkg/contrib/gpgv.cc: + - ExecGPGV is a method which should never return, so mark it as such + and fix the inconsistency of returning in error cases -- David Kalnischkies Fri, 15 Mar 2013 14:15:43 +0100 diff --git a/methods/gpgv.cc b/methods/gpgv.cc index 98381b845..3f814b9f0 100644 --- a/methods/gpgv.cc +++ b/methods/gpgv.cc @@ -71,19 +71,7 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile, if (pid < 0) return string("Couldn't spawn new process") + strerror(errno); else if (pid == 0) - { - _error->PushToStack(); - bool const success = ExecGPGV(outfile, file, 3, fd); - if (success == false) - { - string errmsg; - _error->PopMessage(errmsg); - _error->RevertToStack(); - return errmsg; - } - _error->RevertToStack(); - exit(111); - } + ExecGPGV(outfile, file, 3, fd); close(fd[1]); FILE *pipein = fdopen(fd[0], "r"); -- 2.45.2