methods/gpgv.cc

   1 #include <config.h>
   2
   3 #include <apt-pkg/error.h>
   4 #include <apt-pkg/acquire-method.h>
   5 #include <apt-pkg/strutl.h>
   6 #include <apt-pkg/fileutl.h>
   7 #include <apt-pkg/indexcopy.h>
   8 #include <apt-pkg/configuration.h>
   9 #include <apt-pkg/gpgv.h>
  10
  11 #include <utime.h>
  12 #include <stdio.h>
  13 #include <fcntl.h>
  14 #include <errno.h>
  15 #include <sys/wait.h>
  16 #include <iostream>
  17 #include <sstream>
  18 #include <vector>
  19
  20 #include <apti18n.h>
  21
  22 using std::string;
  23 using std::vector;
  24
  25 #define GNUPGPREFIX "[GNUPG:]"
  26 #define GNUPGBADSIG "[GNUPG:] BADSIG"
  27 #define GNUPGNOPUBKEY "[GNUPG:] NO_PUBKEY"
  28 #define GNUPGVALIDSIG "[GNUPG:] VALIDSIG"
  29 #define GNUPGGOODSIG "[GNUPG:] GOODSIG"
  30 #define GNUPGKEYEXPIRED "[GNUPG:] KEYEXPIRED"
  31 #define GNUPGREVKEYSIG "[GNUPG:] REVKEYSIG"
  32 #define GNUPGNODATA "[GNUPG:] NODATA"
  33
  34 class GPGVMethod : public pkgAcqMethod
  35 {
  36    private:
  37    string VerifyGetSigners(const char *file, const char *outfile,
  38                                 vector<string> &GoodSigners,
  39                                 vector<string> &BadSigners,
  40                                 vector<string> &WorthlessSigners,
  41                                 vector<string> &NoPubKeySigners);
  42
  43    protected:
  44    virtual bool Fetch(FetchItem *Itm);
  45
  46    public:
  47
  48    GPGVMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig) {};
  49 };
  50
  51 string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
  52                                          vector<string> &GoodSigners,
  53                                          vector<string> &BadSigners,
  54                                          vector<string> &WorthlessSigners,
  55                                          vector<string> &NoPubKeySigners)
  56 {
  57    bool const Debug = _config->FindB("Debug::Acquire::gpgv", false);
  58
  59    if (Debug == true)
  60       std::clog << "inside VerifyGetSigners" << std::endl;
  61
  62    int fd[2];
  63
  64    if (pipe(fd) < 0)
  65       return "Couldn't create pipe";
  66
  67    pid_t pid = fork();
  68    if (pid < 0)
  69       return string("Couldn't spawn new process") + strerror(errno);
  70    else if (pid == 0)
  71       ExecGPGV(outfile, file, 3, fd);
  72    close(fd[1]);
  73
  74    FILE *pipein = fdopen(fd[0], "r");
  75
  76    // Loop over the output of gpgv, and check the signatures.
  77    size_t buffersize = 64;
  78    char *buffer = (char *) malloc(buffersize);
  79    size_t bufferoff = 0;
  80    while (1)
  81    {
  82       int c;
  83
  84       // Read a line.  Sigh.
  85       while ((c = getc(pipein)) != EOF && c != '\n')
  86       {
  87          if (bufferoff == buffersize)
  88          {
  89             char* newBuffer = (char *) realloc(buffer, buffersize *= 2);
  90             if (newBuffer == NULL)
  91             {
  92                free(buffer);
  93                return "Couldn't allocate a buffer big enough for reading";
  94             }
  95             buffer = newBuffer;
  96          }
  97          *(buffer+bufferoff) = c;
  98          bufferoff++;
  99       }
 100       if (bufferoff == 0 && c == EOF)
 101          break;
 102       *(buffer+bufferoff) = '\0';
 103       bufferoff = 0;
 104       if (Debug == true)
 105          std::clog << "Read: " << buffer << std::endl;
 106
 107       // Push the data into three separate vectors, which
 108       // we later concatenate.  They're kept separate so
 109       // if we improve the apt method communication stuff later
 110       // it will be better.
 111       if (strncmp(buffer, GNUPGBADSIG, sizeof(GNUPGBADSIG)-1) == 0)
 112       {
 113          if (Debug == true)
 114             std::clog << "Got BADSIG! " << std::endl;
 115          BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 116       }
 117
 118       if (strncmp(buffer, GNUPGNOPUBKEY, sizeof(GNUPGNOPUBKEY)-1) == 0)
 119       {
 120          if (Debug == true)
 121             std::clog << "Got NO_PUBKEY " << std::endl;
 122          NoPubKeySigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 123       }
 124       if (strncmp(buffer, GNUPGNODATA, sizeof(GNUPGBADSIG)-1) == 0)
 125       {
 126          if (Debug == true)
 127             std::clog << "Got NODATA! " << std::endl;
 128          BadSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 129       }
 130       if (strncmp(buffer, GNUPGKEYEXPIRED, sizeof(GNUPGKEYEXPIRED)-1) == 0)
 131       {
 132          if (Debug == true)
 133             std::clog << "Got KEYEXPIRED! " << std::endl;
 134          WorthlessSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 135       }
 136       if (strncmp(buffer, GNUPGREVKEYSIG, sizeof(GNUPGREVKEYSIG)-1) == 0)
 137       {
 138          if (Debug == true)
 139             std::clog << "Got REVKEYSIG! " << std::endl;
 140          WorthlessSigners.push_back(string(buffer+sizeof(GNUPGPREFIX)));
 141       }
 142       if (strncmp(buffer, GNUPGGOODSIG, sizeof(GNUPGGOODSIG)-1) == 0)
 143       {
 144          char *sig = buffer + sizeof(GNUPGPREFIX);
 145          char *p = sig + sizeof("GOODSIG");
 146          while (*p && isxdigit(*p))
 147             p++;
 148          *p = 0;
 149          if (Debug == true)
 150             std::clog << "Got GOODSIG, key ID:" << sig << std::endl;
 151          GoodSigners.push_back(string(sig));
 152       }
 153    }
 154    fclose(pipein);
 155    free(buffer);
 156
 157    int status;
 158    waitpid(pid, &status, 0);
 159    if (Debug == true)
 160    {
 161       std::clog << "gpgv exited\n";
 162    }
 163
 164    if (WEXITSTATUS(status) == 0)
 165    {
 166       if (GoodSigners.empty())
 167          return _("Internal error: Good signature, but could not determine key fingerprint?!");
 168       return "";
 169    }
 170    else if (WEXITSTATUS(status) == 1)
 171       return _("At least one invalid signature was encountered.");
 172    else if (WEXITSTATUS(status) == 111)
 173       return _("Could not execute 'gpgv' to verify signature (is gpgv installed?)");
 174    else if (WEXITSTATUS(status) == 112)
 175    {
 176       // acquire system checks for "NODATA" to generate GPG errors (the others are only warnings)
 177       std::string errmsg;
 178       //TRANSLATORS: %s is a single techy word like 'NODATA'
 179       strprintf(errmsg, _("Clearsigned file isn't valid, got '%s' (does the network require authentication?)"), "NODATA");
 180       return errmsg;
 181    }
 182    else
 183       return _("Unknown error executing gpgv");
 184 }
 185
 186 bool GPGVMethod::Fetch(FetchItem *Itm)
 187 {
 188    URI Get = Itm->Uri;
 189    string Path = Get.Host + Get.Path; // To account for relative paths
 190    string keyID;
 191    vector<string> GoodSigners;
 192    vector<string> BadSigners;
 193    // a worthless signature is a expired or revoked one
 194    vector<string> WorthlessSigners;
 195    vector<string> NoPubKeySigners;
 196
 197    FetchResult Res;
 198    Res.Filename = Itm->DestFile;
 199    URIStart(Res);
 200
 201    // Run gpgv on file, extract contents and get the key ID of the signer
 202    string msg = VerifyGetSigners(Path.c_str(), Itm->DestFile.c_str(),
 203                                  GoodSigners, BadSigners, WorthlessSigners,
 204                                  NoPubKeySigners);
 205    if (GoodSigners.empty() || !BadSigners.empty() || !NoPubKeySigners.empty())
 206    {
 207       string errmsg;
 208       // In this case, something bad probably happened, so we just go
 209       // with what the other method gave us for an error message.
 210       if (BadSigners.empty() && WorthlessSigners.empty() && NoPubKeySigners.empty())
 211          errmsg = msg;
 212       else
 213       {
 214          if (!BadSigners.empty())
 215          {
 216             errmsg += _("The following signatures were invalid:\n");
 217             for (vector<string>::iterator I = BadSigners.begin();
 218                  I != BadSigners.end(); ++I)
 219                errmsg += (*I + "\n");
 220          }
 221          if (!WorthlessSigners.empty())
 222          {
 223             errmsg += _("The following signatures were invalid:\n");
 224             for (vector<string>::iterator I = WorthlessSigners.begin();
 225                  I != WorthlessSigners.end(); ++I)
 226                errmsg += (*I + "\n");
 227          }
 228          if (!NoPubKeySigners.empty())
 229          {
 230              errmsg += _("The following signatures couldn't be verified because the public key is not available:\n");
 231             for (vector<string>::iterator I = NoPubKeySigners.begin();
 232                  I != NoPubKeySigners.end(); ++I)
 233                errmsg += (*I + "\n");
 234          }
 235       }
 236       // this is only fatal if we have no good sigs or if we have at
 237       // least one bad signature. good signatures and NoPubKey signatures
 238       // happen easily when a file is signed with multiple signatures
 239       if(GoodSigners.empty() or !BadSigners.empty())
 240          return _error->Error("%s", errmsg.c_str());
 241    }
 242
 243    // Just pass the raw output up, because passing it as a real data
 244    // structure is too difficult with the method stuff.  We keep it
 245    // as three separate vectors for future extensibility.
 246    Res.GPGVOutput = GoodSigners;
 247    Res.GPGVOutput.insert(Res.GPGVOutput.end(),BadSigners.begin(),BadSigners.end());
 248    Res.GPGVOutput.insert(Res.GPGVOutput.end(),NoPubKeySigners.begin(),NoPubKeySigners.end());
 249    URIDone(Res);
 250
 251    if (_config->FindB("Debug::Acquire::gpgv", false))
 252    {
 253       std::clog << "gpgv succeeded\n";
 254    }
 255
 256    return true;
 257 }
 258
 259
 260 int main()
 261 {
 262    setlocale(LC_ALL, "");
 263
 264    GPGVMethod Mth;
 265
 266    return Mth.Run();
 267 }