* methods/gpgv.cc:

- properly check for expired and revoked keys (closes: #433091)
14 years ago · c5d8878d1f
2 changed files with 36 additions and 6 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -46,6 +46,8 @@ apt (0.7.21) UNRELEASED; urgency=low
      state (LP: #322955)
  * methods/https.cc:
    - add Acquire::https::AllowRedirect support
+  * methods/gpgv.cc:
+    - properly check for expired and revoked keys (closes: #433091)

  [ Dereck Wonnacott ]
  * apt-ftparchive might write corrupt Release files (LP: #46439)
--- a/methods/gpgv.cc
+++ b/methods/gpgv.cc
@ -17,13 +17,18 @@
 #define GNUPGBADSIG "[GNUPG:] BADSIG"
 #define GNUPGNOPUBKEY "[GNUPG:] NO_PUBKEY"
 #define GNUPGVALIDSIG "[GNUPG:] VALIDSIG"
+#define GNUPGGOODSIG "[GNUPG:] GOODSIG"
+#define GNUPGKEYEXPIRED "[GNUPG:] KEYEXPIRED"
+#define GNUPGREVKEYSIG "[GNUPG:] REVKEYSIG"
 #define GNUPGNODATA "[GNUPG:] NODATA"

 class GPGVMethod : public pkgAcqMethod
 {
   private:
   string VerifyGetSigners(const char *file, const char *outfile,
-				vector<string> &GoodSigners, vector<string> &BadSigners,
+				vector<string> &GoodSigners, 
+                                vector<string> &BadSigners,
+                                vector<string> &WorthlessSigners,
 				vector<string> &NoPubKeySigners);
   
   protected:
@ -37,6 +42,7 @@ class GPGVMethod : public pkgAcqMethod
 string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
 					 vector<string> &GoodSigners,
 					 vector<string> &BadSigners,
+					 vector<string> &WorthlessSigners,
 					 vector<string> &NoPubKeySigners)
 {
   // setup a (empty) stringstream for formating the return value
@ -179,15 +185,27 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
            std::cerr << "Got NODATA! " << std::endl;
         BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
      }
-      if (strncmp(buffer, GNUPGVALIDSIG, sizeof(GNUPGVALIDSIG)-1) == 0)
+      if (strncmp(buffer, GNUPGKEYEXPIRED, sizeof(GNUPGKEYEXPIRED)-1) == 0)
+      {
+         if (_config->FindB("Debug::Acquire::gpgv", false))
+            std::cerr << "Got KEYEXPIRED! " << std::endl;
+         WorthlessSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
+      }
+      if (strncmp(buffer, GNUPGREVKEYSIG, sizeof(GNUPGREVKEYSIG)-1) == 0)
+      {
+         if (_config->FindB("Debug::Acquire::gpgv", false))
+            std::cerr << "Got REVKEYSIG! " << std::endl;
+         WorthlessSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
+      }
+      if (strncmp(buffer, GNUPGGOODSIG, sizeof(GNUPGGOODSIG)-1) == 0)
      {
         char *sig = buffer + sizeof(GNUPGPREFIX);
-         char *p = sig + sizeof("VALIDSIG");
+         char *p = sig + sizeof("GOODSIG");
         while (*p && isxdigit(*p)) 
            p++;
         *p = 0;
         if (_config->FindB("Debug::Acquire::gpgv", false))
-            std::cerr << "Got VALIDSIG, key ID:" << sig << std::endl;
+            std::cerr << "Got GOODSIG, key ID:" << sig << std::endl;
         GoodSigners.push_back(string(sig));
      }
   }
@ -227,6 +245,8 @@ bool GPGVMethod::Fetch(FetchItem *Itm)
   string keyID;
   vector<string> GoodSigners;
   vector<string> BadSigners;
+   // a worthless signature is a expired or revoked one
+   vector<string> WorthlessSigners;
   vector<string> NoPubKeySigners;
   
   FetchResult Res;
@ -235,13 +255,14 @@ bool GPGVMethod::Fetch(FetchItem *Itm)

   // Run gpgv on file, extract contents and get the key ID of the signer
   string msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(),
-			      GoodSigners, BadSigners, NoPubKeySigners);
+                                 GoodSigners, BadSigners, WorthlessSigners,
+                                 NoPubKeySigners);
   if (GoodSigners.empty() || !BadSigners.empty() || !NoPubKeySigners.empty())
   {
      string errmsg;
      // In this case, something bad probably happened, so we just go
      // with what the other method gave us for an error message.
-      if (BadSigners.empty() && NoPubKeySigners.empty())
+      if (BadSigners.empty() && WorthlessSigners.empty() && NoPubKeySigners.empty())
         errmsg = msg;
      else
      {
@ -252,6 +273,13 @@ bool GPGVMethod::Fetch(FetchItem *Itm)
 		 I != BadSigners.end(); I++)
               errmsg += (*I + "\n");
         }
+         if (!WorthlessSigners.empty())
+         {
+            errmsg += _("The following signatures were invalid:\n");
+            for (vector<string>::iterator I = WorthlessSigners.begin();
+		 I != WorthlessSigners.end(); I++)
+               errmsg += (*I + "\n");
+         }
         if (!NoPubKeySigners.empty())
         {
             errmsg += _("The following signatures couldn't be verified because the public key is not available:\n");