1 #include <apt-pkg/error.h>
2 #include <apt-pkg/acquire-method.h>
3 #include <apt-pkg/strutl.h>
4 #include <apt-pkg/fileutl.h>
5 #include <apt-pkg/indexcopy.h>
18 #define GNUPGPREFIX "[GNUPG:]"
19 #define GNUPGBADSIG "[GNUPG:] BADSIG"
20 #define GNUPGNOPUBKEY "[GNUPG:] NO_PUBKEY"
21 #define GNUPGVALIDSIG "[GNUPG:] VALIDSIG"
22 #define GNUPGGOODSIG "[GNUPG:] GOODSIG"
23 #define GNUPGKEYEXPIRED "[GNUPG:] KEYEXPIRED"
24 #define GNUPGREVKEYSIG "[GNUPG:] REVKEYSIG"
25 #define GNUPGNODATA "[GNUPG:] NODATA"
27 class GPGVMethod
: public pkgAcqMethod
30 string
VerifyGetSigners(const char *file
, const char *outfile
,
31 vector
<string
> &GoodSigners
,
32 vector
<string
> &BadSigners
,
33 vector
<string
> &WorthlessSigners
,
34 vector
<string
> &NoPubKeySigners
);
37 virtual bool Fetch(FetchItem
*Itm
);
41 GPGVMethod() : pkgAcqMethod("1.0",SingleInstance
| SendConfig
) {};
44 string
GPGVMethod::VerifyGetSigners(const char *file
, const char *outfile
,
45 vector
<string
> &GoodSigners
,
46 vector
<string
> &BadSigners
,
47 vector
<string
> &WorthlessSigners
,
48 vector
<string
> &NoPubKeySigners
)
50 bool const Debug
= _config
->FindB("Debug::Acquire::gpgv", false);
51 // setup a (empty) stringstream for formating the return value
52 std::stringstream ret
;
56 std::clog
<< "inside VerifyGetSigners" << std::endl
;
63 string
const gpgvpath
= _config
->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
64 std::vector
<const char*> Args
= SigVerify::GetGPGVCommandLine();
65 if (Args
.empty() == true)
67 // TRANSLATOR: %s is the trusted keyring parts directory
68 ioprintf(ret
, _("No keyring installed in %s."),
69 _config
->FindDir("Dir::Etc::TrustedParts", "/etc/apt/trusted.gpg.d").c_str());
74 return "Couldn't create pipe";
78 return string("Couldn't spawn new process") + strerror(errno
);
81 Args
.push_back("--status-fd");
84 Args
.push_back(outfile
);
89 std::clog
<< "Preparing to exec: " << gpgvpath
;
90 for(std::vector
<const char *>::const_iterator a
= Args
.begin();*a
!= NULL
; ++a
)
91 std::clog
<< " " << *a
;
92 std::clog
<< std::endl
;
94 int const nullfd
= open("/dev/null", O_RDONLY
);
96 // Redirect output to /dev/null; we read from the status fd
97 dup2(nullfd
, STDOUT_FILENO
);
98 dup2(nullfd
, STDERR_FILENO
);
99 // Redirect the pipe to the status fd (3)
102 putenv((char *)"LANG=");
103 putenv((char *)"LC_ALL=");
104 putenv((char *)"LC_MESSAGES=");
105 execvp(gpgvpath
.c_str(), (char **) &Args
[0]);
111 pipein
= fdopen(fd
[0], "r");
113 // Loop over the output of gpgv, and check the signatures.
114 size_t buffersize
= 64;
115 char *buffer
= (char *) malloc(buffersize
);
116 size_t bufferoff
= 0;
121 // Read a line. Sigh.
122 while ((c
= getc(pipein
)) != EOF
&& c
!= '\n')
124 if (bufferoff
== buffersize
)
125 buffer
= (char *) realloc(buffer
, buffersize
*= 2);
126 *(buffer
+bufferoff
) = c
;
129 if (bufferoff
== 0 && c
== EOF
)
131 *(buffer
+bufferoff
) = '\0';
134 std::clog
<< "Read: " << buffer
<< std::endl
;
136 // Push the data into three separate vectors, which
137 // we later concatenate. They're kept separate so
138 // if we improve the apt method communication stuff later
139 // it will be better.
140 if (strncmp(buffer
, GNUPGBADSIG
, sizeof(GNUPGBADSIG
)-1) == 0)
143 std::clog
<< "Got BADSIG! " << std::endl
;
144 BadSigners
.push_back(string(buffer
+sizeof(GNUPGPREFIX
)));
147 if (strncmp(buffer
, GNUPGNOPUBKEY
, sizeof(GNUPGNOPUBKEY
)-1) == 0)
150 std::clog
<< "Got NO_PUBKEY " << std::endl
;
151 NoPubKeySigners
.push_back(string(buffer
+sizeof(GNUPGPREFIX
)));
153 if (strncmp(buffer
, GNUPGNODATA
, sizeof(GNUPGBADSIG
)-1) == 0)
156 std::clog
<< "Got NODATA! " << std::endl
;
157 BadSigners
.push_back(string(buffer
+sizeof(GNUPGPREFIX
)));
159 if (strncmp(buffer
, GNUPGKEYEXPIRED
, sizeof(GNUPGKEYEXPIRED
)-1) == 0)
162 std::clog
<< "Got KEYEXPIRED! " << std::endl
;
163 WorthlessSigners
.push_back(string(buffer
+sizeof(GNUPGPREFIX
)));
165 if (strncmp(buffer
, GNUPGREVKEYSIG
, sizeof(GNUPGREVKEYSIG
)-1) == 0)
168 std::clog
<< "Got REVKEYSIG! " << std::endl
;
169 WorthlessSigners
.push_back(string(buffer
+sizeof(GNUPGPREFIX
)));
171 if (strncmp(buffer
, GNUPGGOODSIG
, sizeof(GNUPGGOODSIG
)-1) == 0)
173 char *sig
= buffer
+ sizeof(GNUPGPREFIX
);
174 char *p
= sig
+ sizeof("GOODSIG");
175 while (*p
&& isxdigit(*p
))
179 std::clog
<< "Got GOODSIG, key ID:" << sig
<< std::endl
;
180 GoodSigners
.push_back(string(sig
));
185 waitpid(pid
, &status
, 0);
188 std::clog
<< "gpgv exited\n";
191 if (WEXITSTATUS(status
) == 0)
193 if (GoodSigners
.empty())
194 return _("Internal error: Good signature, but could not determine key fingerprint?!");
197 else if (WEXITSTATUS(status
) == 1)
199 return _("At least one invalid signature was encountered.");
201 else if (WEXITSTATUS(status
) == 111)
203 ioprintf(ret
, _("Could not execute '%s' to verify signature (is gpgv installed?)"), gpgvpath
.c_str());
208 return _("Unknown error executing gpgv");
212 bool GPGVMethod::Fetch(FetchItem
*Itm
)
215 string Path
= Get
.Host
+ Get
.Path
; // To account for relative paths
217 vector
<string
> GoodSigners
;
218 vector
<string
> BadSigners
;
219 // a worthless signature is a expired or revoked one
220 vector
<string
> WorthlessSigners
;
221 vector
<string
> NoPubKeySigners
;
224 Res
.Filename
= Itm
->DestFile
;
227 // Run gpgv on file, extract contents and get the key ID of the signer
228 string msg
= VerifyGetSigners(Path
.c_str(), Itm
->DestFile
.c_str(),
229 GoodSigners
, BadSigners
, WorthlessSigners
,
231 if (GoodSigners
.empty() || !BadSigners
.empty() || !NoPubKeySigners
.empty())
234 // In this case, something bad probably happened, so we just go
235 // with what the other method gave us for an error message.
236 if (BadSigners
.empty() && WorthlessSigners
.empty() && NoPubKeySigners
.empty())
240 if (!BadSigners
.empty())
242 errmsg
+= _("The following signatures were invalid:\n");
243 for (vector
<string
>::iterator I
= BadSigners
.begin();
244 I
!= BadSigners
.end(); I
++)
245 errmsg
+= (*I
+ "\n");
247 if (!WorthlessSigners
.empty())
249 errmsg
+= _("The following signatures were invalid:\n");
250 for (vector
<string
>::iterator I
= WorthlessSigners
.begin();
251 I
!= WorthlessSigners
.end(); I
++)
252 errmsg
+= (*I
+ "\n");
254 if (!NoPubKeySigners
.empty())
256 errmsg
+= _("The following signatures couldn't be verified because the public key is not available:\n");
257 for (vector
<string
>::iterator I
= NoPubKeySigners
.begin();
258 I
!= NoPubKeySigners
.end(); I
++)
259 errmsg
+= (*I
+ "\n");
262 // this is only fatal if we have no good sigs or if we have at
263 // least one bad signature. good signatures and NoPubKey signatures
264 // happen easily when a file is signed with multiple signatures
265 if(GoodSigners
.empty() or !BadSigners
.empty())
266 return _error
->Error("%s", errmsg
.c_str());
269 // Just pass the raw output up, because passing it as a real data
270 // structure is too difficult with the method stuff. We keep it
271 // as three separate vectors for future extensibility.
272 Res
.GPGVOutput
= GoodSigners
;
273 Res
.GPGVOutput
.insert(Res
.GPGVOutput
.end(),BadSigners
.begin(),BadSigners
.end());
274 Res
.GPGVOutput
.insert(Res
.GPGVOutput
.end(),NoPubKeySigners
.begin(),NoPubKeySigners
.end());
277 if (_config
->FindB("Debug::Acquire::gpgv", false))
279 std::clog
<< "gpgv succeeded\n";
288 setlocale(LC_ALL
, "");