Browse Source

* apt-pkg/indexcopy.cc:

- rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
debian/1.8.y
David Kalnischkies 10 years ago
parent
commit
2f5b615169
  1. 138
      apt-pkg/contrib/gpgv.cc
  2. 24
      apt-pkg/contrib/gpgv.h
  3. 122
      apt-pkg/indexcopy.cc
  4. 15
      apt-pkg/indexcopy.h
  5. 14
      apt-pkg/makefile
  6. 8
      debian/changelog
  7. 3
      methods/gpgv.cc

138
apt-pkg/contrib/gpgv.cc

@ -0,0 +1,138 @@
// -*- mode: cpp; mode: fold -*-
// Include Files /*{{{*/
#include<config.h>
#include <iostream>
#include <sstream>
#include <unistd.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <apt-pkg/error.h>
#include <apt-pkg/strutl.h>
#include <apt-pkg/fileutl.h>
#include <apt-pkg/configuration.h>
#include <apti18n.h>
/*}}}*/
using namespace std;
// RunGPGV - returns the command needed for verify /*{{{*/
// ---------------------------------------------------------------------
/* Generating the commandline for calling gpgv is somehow complicated as
we need to add multiple keyrings and user supplied options. */
bool ExecGPGV(std::string const &File, std::string const &FileGPG,
int const &statusfd, int fd[2])
{
if (File == FileGPG)
{
#define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n"
char buffer[sizeof(SIGMSG)];
FILE* gpg = fopen(File.c_str(), "r");
if (gpg == NULL)
return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str());
char const * const test = fgets(buffer, sizeof(buffer), gpg);
fclose(gpg);
if (test == NULL || strcmp(buffer, SIGMSG) != 0)
return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str());
#undef SIGMSG
}
string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
// FIXME: remove support for deprecated APT::GPGV setting
string const trustedFile = _config->Find("APT::GPGV::TrustedKeyring", _config->FindFile("Dir::Etc::Trusted"));
string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts");
bool const Debug = _config->FindB("Debug::Acquire::gpgv", false);
if (Debug == true)
{
std::clog << "gpgv path: " << gpgvpath << std::endl;
std::clog << "Keyring file: " << trustedFile << std::endl;
std::clog << "Keyring path: " << trustedPath << std::endl;
}
std::vector<string> keyrings;
if (DirectoryExists(trustedPath))
keyrings = GetListOfFilesInDir(trustedPath, "gpg", false, true);
if (RealFileExists(trustedFile) == true)
keyrings.push_back(trustedFile);
std::vector<const char *> Args;
Args.reserve(30);
if (keyrings.empty() == true)
{
// TRANSLATOR: %s is the trusted keyring parts directory
return _error->Error(_("No keyring installed in %s."),
_config->FindDir("Dir::Etc::TrustedParts").c_str());
}
Args.push_back(gpgvpath.c_str());
Args.push_back("--ignore-time-conflict");
if (statusfd != -1)
{
Args.push_back("--status-fd");
char fd[10];
snprintf(fd, sizeof(fd), "%i", statusfd);
Args.push_back(fd);
}
for (vector<string>::const_iterator K = keyrings.begin();
K != keyrings.end(); ++K)
{
Args.push_back("--keyring");
Args.push_back(K->c_str());
}
Configuration::Item const *Opts;
Opts = _config->Tree("Acquire::gpgv::Options");
if (Opts != 0)
{
Opts = Opts->Child;
for (; Opts != 0; Opts = Opts->Next)
{
if (Opts->Value.empty() == true)
continue;
Args.push_back(Opts->Value.c_str());
}
}
Args.push_back(FileGPG.c_str());
if (FileGPG != File)
Args.push_back(File.c_str());
Args.push_back(NULL);
if (Debug == true)
{
std::clog << "Preparing to exec: " << gpgvpath;
for (std::vector<const char *>::const_iterator a = Args.begin(); *a != NULL; ++a)
std::clog << " " << *a;
std::clog << std::endl;
}
if (statusfd != -1)
{
int const nullfd = open("/dev/null", O_RDONLY);
close(fd[0]);
// Redirect output to /dev/null; we read from the status fd
dup2(nullfd, STDOUT_FILENO);
dup2(nullfd, STDERR_FILENO);
// Redirect the pipe to the status fd (3)
dup2(fd[1], statusfd);
putenv((char *)"LANG=");
putenv((char *)"LC_ALL=");
putenv((char *)"LC_MESSAGES=");
}
execvp(gpgvpath.c_str(), (char **) &Args[0]);
return true;
}
/*}}}*/

24
apt-pkg/contrib/gpgv.h

@ -0,0 +1,24 @@
// -*- mode: cpp; mode: fold -*-
// Description /*{{{*/
/* ######################################################################
Helpers to deal with gpgv better and more easily
##################################################################### */
/*}}}*/
#ifndef CONTRIB_GPGV_H
#define CONTRIB_GPGV_H
#include <string>
/** \brief generates and run the command to verify a file with gpgv */
bool ExecGPGV(std::string const &File, std::string const &FileOut,
int const &statusfd, int fd[2]);
inline bool ExecGPGV(std::string const &File, std::string const &FileOut,
int const &statusfd = -1) {
int fd[2];
return ExecGPGV(File, FileOut, statusfd, fd);
}
#endif

122
apt-pkg/indexcopy.cc

@ -593,9 +593,9 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector<string> &SigList,
if(pid == 0)
{
if (useInRelease == true)
RunGPGV(inrelease, inrelease);
ExecGPGV(inrelease, inrelease);
else
RunGPGV(release, releasegpg);
ExecGPGV(release, releasegpg);
}
if(!ExecWait(pid, "gpgv")) {
@ -639,124 +639,6 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector<string> &SigList,
}
}
return true;
}
/*}}}*/
// SigVerify::RunGPGV - returns the command needed for verify /*{{{*/
// ---------------------------------------------------------------------
/* Generating the commandline for calling gpgv is somehow complicated as
we need to add multiple keyrings and user supplied options. Also, as
the cdrom code currently can not use the gpgv method we have two places
these need to be done - so the place for this method is wrong but better
than code duplication */
bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG,
int const &statusfd, int fd[2])
{
if (File == FileGPG)
{
#define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n"
char buffer[sizeof(SIGMSG)];
FILE* gpg = fopen(File.c_str(), "r");
if (gpg == NULL)
return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str());
char const * const test = fgets(buffer, sizeof(buffer), gpg);
fclose(gpg);
if (test == NULL || strcmp(buffer, SIGMSG) != 0)
return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str());
#undef SIGMSG
}
string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
// FIXME: remove support for deprecated APT::GPGV setting
string const trustedFile = _config->Find("APT::GPGV::TrustedKeyring", _config->FindFile("Dir::Etc::Trusted"));
string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts");
bool const Debug = _config->FindB("Debug::Acquire::gpgv", false);
if (Debug == true)
{
std::clog << "gpgv path: " << gpgvpath << std::endl;
std::clog << "Keyring file: " << trustedFile << std::endl;
std::clog << "Keyring path: " << trustedPath << std::endl;
}
std::vector<string> keyrings;
if (DirectoryExists(trustedPath))
keyrings = GetListOfFilesInDir(trustedPath, "gpg", false, true);
if (RealFileExists(trustedFile) == true)
keyrings.push_back(trustedFile);
std::vector<const char *> Args;
Args.reserve(30);
if (keyrings.empty() == true)
{
// TRANSLATOR: %s is the trusted keyring parts directory
return _error->Error(_("No keyring installed in %s."),
_config->FindDir("Dir::Etc::TrustedParts").c_str());
}
Args.push_back(gpgvpath.c_str());
Args.push_back("--ignore-time-conflict");
if (statusfd != -1)
{
Args.push_back("--status-fd");
char fd[10];
snprintf(fd, sizeof(fd), "%i", statusfd);
Args.push_back(fd);
}
for (vector<string>::const_iterator K = keyrings.begin();
K != keyrings.end(); ++K)
{
Args.push_back("--keyring");
Args.push_back(K->c_str());
}
Configuration::Item const *Opts;
Opts = _config->Tree("Acquire::gpgv::Options");
if (Opts != 0)
{
Opts = Opts->Child;
for (; Opts != 0; Opts = Opts->Next)
{
if (Opts->Value.empty() == true)
continue;
Args.push_back(Opts->Value.c_str());
}
}
Args.push_back(FileGPG.c_str());
if (FileGPG != File)
Args.push_back(File.c_str());
Args.push_back(NULL);
if (Debug == true)
{
std::clog << "Preparing to exec: " << gpgvpath;
for (std::vector<const char *>::const_iterator a = Args.begin(); *a != NULL; ++a)
std::clog << " " << *a;
std::clog << std::endl;
}
if (statusfd != -1)
{
int const nullfd = open("/dev/null", O_RDONLY);
close(fd[0]);
// Redirect output to /dev/null; we read from the status fd
dup2(nullfd, STDOUT_FILENO);
dup2(nullfd, STDERR_FILENO);
// Redirect the pipe to the status fd (3)
dup2(fd[1], statusfd);
putenv((char *)"LANG=");
putenv((char *)"LC_ALL=");
putenv((char *)"LC_MESSAGES=");
}
execvp(gpgvpath.c_str(), (char **) &Args[0]);
return true;
}
/*}}}*/

15
apt-pkg/indexcopy.h

@ -14,6 +14,9 @@
#include <string>
#include <stdio.h>
#include <apt-pkg/gpgv.h>
#include <apt-pkg/macros.h>
#ifndef APT_8_CLEANER_HEADERS
using std::string;
using std::vector;
@ -96,13 +99,13 @@ class SigVerify /*{{{*/
bool CopyAndVerify(std::string CDROM,std::string Name,std::vector<std::string> &SigList,
std::vector<std::string> PkgList,std::vector<std::string> SrcList);
/** \brief generates and run the command to verify a file with gpgv */
static bool RunGPGV(std::string const &File, std::string const &FileOut,
int const &statusfd, int fd[2]);
inline static bool RunGPGV(std::string const &File, std::string const &FileOut,
__deprecated static bool RunGPGV(std::string const &File, std::string const &FileOut,
int const &statusfd, int fd[2]) {
return ExecGPGV(File, FileOut, statusfd, fd);
};
__deprecated static bool RunGPGV(std::string const &File, std::string const &FileOut,
int const &statusfd = -1) {
int fd[2];
return RunGPGV(File, FileOut, statusfd, fd);
return ExecGPGV(File, FileOut, statusfd);
};
};
/*}}}*/

14
apt-pkg/makefile

@ -27,15 +27,13 @@ APT_DOMAIN:=libapt-pkg$(LIBAPTPKG_MAJOR)
SOURCE = contrib/mmap.cc contrib/error.cc contrib/strutl.cc \
contrib/configuration.cc contrib/progress.cc contrib/cmndline.cc \
contrib/hashsum.cc contrib/md5.cc contrib/sha1.cc \
contrib/sha2_internal.cc\
contrib/hashes.cc \
contrib/sha2_internal.cc contrib/hashes.cc \
contrib/cdromutl.cc contrib/crc-16.cc contrib/netrc.cc \
contrib/fileutl.cc
HEADERS = mmap.h error.h configuration.h fileutl.h cmndline.h netrc.h\
md5.h crc-16.h cdromutl.h strutl.h sptr.h sha1.h sha2.h sha256.h\
sha2_internal.h \
hashes.h hashsum_template.h\
macros.h weakptr.h
contrib/fileutl.cc contrib/gpgv.cc
HEADERS = mmap.h error.h configuration.h fileutl.h cmndline.h netrc.h \
md5.h crc-16.h cdromutl.h strutl.h sptr.h sha1.h sha2.h sha256.h \
sha2_internal.h hashes.h hashsum_template.h \
macros.h weakptr.h gpgv.h
# Source code for the core main library
SOURCE+= pkgcache.cc version.cc depcache.cc \

8
debian/changelog

@ -1,3 +1,11 @@
apt (0.9.7.9) UNRELEASED; urgency=low
[ David Kalnischkies ]
* apt-pkg/indexcopy.cc:
- rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
-- David Kalnischkies <kalnischkies@gmail.com> Fri, 15 Mar 2013 14:15:43 +0100
apt (0.9.7.8) unstable; urgency=criticial
* SECURITY UPDATE: InRelease verification bypass

3
methods/gpgv.cc

@ -6,6 +6,7 @@
#include <apt-pkg/fileutl.h>
#include <apt-pkg/indexcopy.h>
#include <apt-pkg/configuration.h>
#include <apt-pkg/gpgv.h>
#include <utime.h>
#include <stdio.h>
@ -72,7 +73,7 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
else if (pid == 0)
{
_error->PushToStack();
bool const success = SigVerify::RunGPGV(outfile, file, 3, fd);
bool const success = ExecGPGV(outfile, file, 3, fd);
if (success == false)
{
string errmsg;

Loading…
Cancel
Save