diff options
author | joerg <joerg@pkgsrc.org> | 2008-12-30 15:55:57 +0000 |
---|---|---|
committer | joerg <joerg@pkgsrc.org> | 2008-12-30 15:55:57 +0000 |
commit | 50060a77876b2c9d076e17965cfb8f04c3ade9f3 (patch) | |
tree | bec2a333dd0b2e66ea6e1ffa1da99751dbb7ca0f | |
parent | 31c4dd414810df9a1acb3ff792d8174c3dc0755a (diff) | |
download | pkgsrc-50060a77876b2c9d076e17965cfb8f04c3ade9f3.tar.gz |
pkg_install-20081230:
Add initial support for secure GPG signatures.
-rw-r--r-- | pkgtools/pkg_install/files/admin/main.c | 25 | ||||
-rw-r--r-- | pkgtools/pkg_install/files/admin/pkg_admin.1 | 8 | ||||
-rw-r--r-- | pkgtools/pkg_install/files/lib/Makefile.in | 4 | ||||
-rw-r--r-- | pkgtools/pkg_install/files/lib/gpgsig.c | 252 | ||||
-rw-r--r-- | pkgtools/pkg_install/files/lib/lib.h | 12 | ||||
-rw-r--r-- | pkgtools/pkg_install/files/lib/pkg_signature.c | 130 | ||||
-rw-r--r-- | pkgtools/pkg_install/files/lib/version.h | 4 | ||||
-rw-r--r-- | pkgtools/pkg_install/files/lib/vulnerabilities-file.c | 40 |
8 files changed, 409 insertions, 66 deletions
diff --git a/pkgtools/pkg_install/files/admin/main.c b/pkgtools/pkg_install/files/admin/main.c index ce19fed513a..6a9c3bfde87 100644 --- a/pkgtools/pkg_install/files/admin/main.c +++ b/pkgtools/pkg_install/files/admin/main.c @@ -1,4 +1,4 @@ -/* $NetBSD: main.c,v 1.42.2.8 2008/08/25 18:31:14 joerg Exp $ */ +/* $NetBSD: main.c,v 1.42.2.9 2008/12/30 15:55:57 joerg Exp $ */ #if HAVE_CONFIG_H #include "config.h" @@ -8,7 +8,7 @@ #include <sys/cdefs.h> #endif #ifndef lint -__RCSID("$NetBSD: main.c,v 1.42.2.8 2008/08/25 18:31:14 joerg Exp $"); +__RCSID("$NetBSD: main.c,v 1.42.2.9 2008/12/30 15:55:57 joerg Exp $"); #endif /*- @@ -109,8 +109,9 @@ usage(void) " audit-batch [-es] [-t type] ... - check packages in listed files for vulnerabilities\n" " audit-history [-t type] ... - print all advisories for package names\n" " config-var name - print current value of the configuration variable\n" - " check-signature ... - verify the signature of packages\n" - " sign-package pkg spkg key cert - create signature\n", + " check-signature ... - verify the signature of packages\n" + " x509-sign-package pkg spkg key cert - create X509 signature\n" + " gpg-sign-package pkg spkg - create GPG signature\n", getprogname()); exit(EXIT_FAILURE); } @@ -542,6 +543,10 @@ main(int argc, char *argv[]) rc = 0; for (--argc, ++argv; argc > 0; --argc, ++argv) { pkg = open_archive(*argv, &cookie); + if (pkg == NULL) { + warnx("%s could not be opened", *argv); + continue; + } if (pkg_full_signature_check(pkg)) rc = 1; close_archive(pkg); @@ -550,16 +555,22 @@ main(int argc, char *argv[]) #else errx(EXIT_FAILURE, "OpenSSL support is not included"); #endif - } else if (strcasecmp(argv[0], "sign-package") == 0) { + } else if (strcasecmp(argv[0], "x509-sign-package") == 0) { #ifdef HAVE_SSL --argc; ++argv; if (argc != 4) - errx(EXIT_FAILURE, "sign-package takes exactly four arguments"); - pkg_sign(argv[0], argv[1], argv[2], argv[3]); + errx(EXIT_FAILURE, "x509-sign-package takes exactly four arguments"); + pkg_sign_x509(argv[0], argv[1], argv[2], argv[3]); #else errx(EXIT_FAILURE, "OpenSSL support is not included"); #endif + } else if (strcasecmp(argv[0], "gpg-sign-package") == 0) { + --argc; + ++argv; + if (argc != 2) + errx(EXIT_FAILURE, "gpg-sign-package takes exactly two arguments"); + pkg_sign_gpg(argv[0], argv[1]); } #endif else { diff --git a/pkgtools/pkg_install/files/admin/pkg_admin.1 b/pkgtools/pkg_install/files/admin/pkg_admin.1 index 9f29d169cfb..70f70d5e17b 100644 --- a/pkgtools/pkg_install/files/admin/pkg_admin.1 +++ b/pkgtools/pkg_install/files/admin/pkg_admin.1 @@ -1,4 +1,4 @@ -.\" $NetBSD: pkg_admin.1,v 1.18.2.2 2008/05/30 13:49:07 wiz Exp $ +.\" $NetBSD: pkg_admin.1,v 1.18.2.3 2008/12/30 15:55:57 joerg Exp $ .\" .\" Copyright (c) 1999-2008 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -265,7 +265,11 @@ to remove a variable. Packages that are not installed directly by the user but pulled in as dependencies are marked by setting .Dq automatic=YES . -.It Cm sign-package pkg spkg key cert +.It Cm gpg-sign-package pkg +Sign the binary package +.Ar pkg +using GPG. +.It Cm x509-sign-package pkg spkg key cert Sign the binary package .Ar pkg using the key diff --git a/pkgtools/pkg_install/files/lib/Makefile.in b/pkgtools/pkg_install/files/lib/Makefile.in index 913dbeb95e2..2bacb91f470 100644 --- a/pkgtools/pkg_install/files/lib/Makefile.in +++ b/pkgtools/pkg_install/files/lib/Makefile.in @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.in,v 1.21.2.7 2008/08/05 22:56:24 joerg Exp $ +# $NetBSD: Makefile.in,v 1.21.2.8 2008/12/30 15:55:57 joerg Exp $ srcdir= @srcdir@ @@ -27,7 +27,7 @@ INSTALL= @INSTALL@ LIB= libinstall.a OBJS= automatic.o conflicts.o decompress.o dewey.o fexec.o file.o \ - global.o iterate.o lpkg.o opattern.o \ + gpgsig.o global.o iterate.o lpkg.o opattern.o \ parse-config.o path.o pkgdb.o plist.o remove.o \ str.o var.o version.o vulnerabilities-file.o xwrapper.o diff --git a/pkgtools/pkg_install/files/lib/gpgsig.c b/pkgtools/pkg_install/files/lib/gpgsig.c new file mode 100644 index 00000000000..98296b13886 --- /dev/null +++ b/pkgtools/pkg_install/files/lib/gpgsig.c @@ -0,0 +1,252 @@ +/* $NetBSD: gpgsig.c,v 1.1.2.1 2008/12/30 15:55:57 joerg Exp $ */ +#if HAVE_CONFIG_H +#include "config.h" +#endif +#include <nbcompat.h> +#if HAVE_SYS_CDEFS_H +#include <sys/cdefs.h> +#endif + +__RCSID("$NetBSD: gpgsig.c,v 1.1.2.1 2008/12/30 15:55:57 joerg Exp $"); + +/*- + * Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/wait.h> +#ifndef NETBSD +#include <nbcompat/err.h> +#else +#include <err.h> +#endif +#ifndef NETBSD +#include <nbcompat/stdlib.h> +#else +#include <stdlib.h> +#endif + +#include "lib.h" + +#ifndef __UNCONST +#define __UNCONST(a) ((void *)(unsigned long)(const void *)(a)) +#endif + +static void +verify_signature(const char *input, size_t input_len, const char *keyring, + const char *detached_signature) +{ + const char *argv[8], **argvp; + pid_t child; + int fd[2], status; + + if (pipe(fd) == -1) + err(EXIT_FAILURE, "cannot create input pipes"); + + child = vfork(); + if (child == -1) + err(EXIT_FAILURE, "cannot fork GPG process"); + if (child == 0) { + close(fd[1]); + close(STDIN_FILENO); + if (dup2(fd[0], STDIN_FILENO) == -1) { + static const char err_msg[] = + "cannot redirect stdin of GPG process\n"; + write(STDERR_FILENO, err_msg, sizeof(err_msg) - 1); + _exit(255); + } + close(fd[0]); + argvp = argv; + *argvp++ = gpg_cmd; + *argvp++ = "--verify"; + if (keyring != NULL) { + *argvp++ = "--no-default-keyring"; + *argvp++ = "--keyring"; + *argvp++ = keyring; + } + + if (detached_signature != NULL) + *argvp++ = detached_signature; + *argvp++ = "-"; + + *argvp = NULL; + + execvp(gpg_cmd, __UNCONST(argv)); + _exit(255); + } + close(fd[0]); + if (write(fd[1], input, input_len) != input_len) + errx(EXIT_FAILURE, "Short read from GPG"); + close(fd[1]); + waitpid(child, &status, 0); + if (status) + errx(EXIT_FAILURE, "GPG could not verify the signature"); +} + +int +inline_gpg_verify(const char *content, size_t len) +{ + verify_signature(content, len, NULL, NULL); + + return 0; +} + +int +detached_gpg_verify(const char *content, size_t len, + const char *signature, size_t signature_len, const char *keyring) +{ + int fd; + const char *tmpdir; + char *tempsig; + ssize_t ret; + + if (gpg_cmd == NULL) { + warnx("GPG variable not set, failing signature check"); + return -1; + } + + if ((tmpdir = getenv("TMPDIR")) == NULL) + tmpdir = "/tmp"; + tempsig = xasprintf("%s/pkg_install.XXXXXX", tmpdir); + + fd = mkstemp(tempsig); + if (fd == -1) { + warnx("Creating temporary file for GPG signature failed"); + return -1; + } + + while (signature_len) { + ret = write(fd, signature, signature_len); + if (ret == -1) + err(EXIT_FAILURE, "Write to GPG failed"); + if (ret == 0) + errx(EXIT_FAILURE, "Short write to GPG"); + signature_len -= ret; + signature += ret; + } + + verify_signature(content, len, keyring, tempsig); + + unlink(tempsig); + close(fd); + free(tempsig); + + return 0; +} + +int +detached_gpg_sign(const char *content, size_t len, char **sig, size_t *sig_len, + const char *keyring, const char *user) +{ + const char *argv[12], **argvp; + pid_t child; + int fd_in[2], fd_out[2], status; + size_t allocated; + ssize_t ret; + + if (gpg_cmd == NULL) + errx(EXIT_FAILURE, "GPG variable not set"); + + if (pipe(fd_in) == -1) + err(EXIT_FAILURE, "cannot create input pipes"); + if (pipe(fd_out) == -1) + err(EXIT_FAILURE, "cannot create output pipes"); + + child = fork(); + if (child == -1) + err(EXIT_FAILURE, "cannot fork GPG process"); + if (child == 0) { + close(fd_in[1]); + close(STDIN_FILENO); + if (dup2(fd_in[0], STDIN_FILENO) == -1) { + static const char err_msg[] = + "cannot redirect stdin of GPG process\n"; + write(STDERR_FILENO, err_msg, sizeof(err_msg) - 1); + _exit(255); + } + close(fd_in[0]); + + close(fd_out[0]); + close(STDOUT_FILENO); + if (dup2(fd_out[1], STDOUT_FILENO) == -1) { + static const char err_msg[] = + "cannot redirect stdout of GPG process\n"; + write(STDERR_FILENO, err_msg, sizeof(err_msg) - 1); + _exit(255); + } + close(fd_out[1]); + + argvp = argv; + *argvp++ = gpg_cmd; + *argvp++ = "--detach-sign"; + *argvp++ = "--armor"; + *argvp++ = "--output"; + *argvp++ = "-"; + if (user != NULL) { + *argvp++ = "--local-user"; + *argvp++ = user; + } + if (keyring != NULL) { + *argvp++ = "--no-default-keyring"; + *argvp++ = "--keyring"; + *argvp++ = keyring; + } + + *argvp++ = "-"; + *argvp = NULL; + + execvp(gpg_cmd, __UNCONST(argv)); + _exit(255); + } + close(fd_in[0]); + if (write(fd_in[1], content, len) != len) + errx(EXIT_FAILURE, "Short read from GPG"); + close(fd_in[1]); + + allocated = 1024; + *sig = xmalloc(allocated); + *sig_len = 0; + + close(fd_out[1]); + + while ((ret = read(fd_out[0], *sig + *sig_len, + allocated - *sig_len)) > 0) { + *sig_len += ret; + if (*sig_len == allocated) { + allocated *= 2; + *sig = xrealloc(*sig, allocated); + } + } + + close(fd_out[0]); + + waitpid(child, &status, 0); + if (status) + errx(EXIT_FAILURE, "GPG could not create signature"); + + return 0; +} diff --git a/pkgtools/pkg_install/files/lib/lib.h b/pkgtools/pkg_install/files/lib/lib.h index 9f37837d12c..8320ddf87a3 100644 --- a/pkgtools/pkg_install/files/lib/lib.h +++ b/pkgtools/pkg_install/files/lib/lib.h @@ -1,4 +1,4 @@ -/* $NetBSD: lib.h,v 1.42.2.15 2008/08/21 16:04:39 joerg Exp $ */ +/* $NetBSD: lib.h,v 1.42.2.16 2008/12/30 15:55:57 joerg Exp $ */ /* from FreeBSD Id: lib.h,v 1.25 1997/10/08 07:48:03 charnier Exp */ @@ -380,9 +380,11 @@ int pkg_verify_signature(struct archive **, struct archive_entry **, char **, void **); int pkg_full_signature_check(struct archive *); void pkg_free_signature(void *); -void pkg_sign(const char *, const char *, const char *, const char *); +void pkg_sign_x509(const char *, const char *, const char *, const char *); #endif +void pkg_sign_gpg(const char *, const char *); + #ifdef HAVE_SSL /* PKCS7 signing/verification */ int easy_pkcs7_verify(const char *, size_t, const char *, size_t, @@ -391,6 +393,12 @@ int easy_pkcs7_sign(const char *, size_t, char **, size_t *, const char *, const char *); #endif +int inline_gpg_verify(const char *, size_t); +int detached_gpg_verify(const char *, size_t, const char *, size_t, + const char *); +int detached_gpg_sign(const char *, size_t, char **, size_t *, const char *, + const char *); + char *xstrdup(const char *); void *xrealloc(void *, size_t); void *xcalloc(size_t, size_t); diff --git a/pkgtools/pkg_install/files/lib/pkg_signature.c b/pkgtools/pkg_install/files/lib/pkg_signature.c index d6db90005ad..63ad25c9ef1 100644 --- a/pkgtools/pkg_install/files/lib/pkg_signature.c +++ b/pkgtools/pkg_install/files/lib/pkg_signature.c @@ -1,4 +1,4 @@ -/* $NetBSD: pkg_signature.c,v 1.1.2.6 2008/08/10 22:09:38 joerg Exp $ */ +/* $NetBSD: pkg_signature.c,v 1.1.2.7 2008/12/30 15:55:57 joerg Exp $ */ #if HAVE_CONFIG_H #include "config.h" @@ -7,7 +7,7 @@ #if HAVE_SYS_CDEFS_H #include <sys/cdefs.h> #endif -__RCSID("$NetBSD: pkg_signature.c,v 1.1.2.6 2008/08/10 22:09:38 joerg Exp $"); +__RCSID("$NetBSD: pkg_signature.c,v 1.1.2.7 2008/12/30 15:55:57 joerg Exp $"); /*- * Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>. @@ -67,6 +67,7 @@ __RCSID("$NetBSD: pkg_signature.c,v 1.1.2.6 2008/08/10 22:09:38 joerg Exp $"); #define HASH_FNAME "+PKG_HASH" #define SIGNATURE_FNAME "+PKG_SIGNATURE" +#define GPG_SIGNATURE_FNAME "+PKG_GPG_SIGNATURE" struct signature_archive { struct archive *archive; @@ -335,21 +336,31 @@ pkg_verify_signature(struct archive **archive, struct archive_entry **entry, goto no_valid_signature; } - r = read_file_from_archive(*archive, entry, SIGNATURE_FNAME, - &signature_file, &signature_len); - if (r != 0) { - free(hash_file); - free(state); - goto no_valid_signature; - } - if (parse_hash_file(hash_file, pkgname, state)) goto no_valid_signature; - has_sig = !easy_pkcs7_verify(hash_file, hash_len, signature_file, - signature_len, certs_packages, 1); + r = read_file_from_archive(*archive, entry, SIGNATURE_FNAME, + &signature_file, &signature_len); + if (r != 0) { + if (*entry != NULL) + r = read_file_from_archive(*archive, entry, + GPG_SIGNATURE_FNAME, + &signature_file, &signature_len); + if (r != 0) { + free(hash_file); + free(state); + goto no_valid_signature; + } + has_sig = !detached_gpg_verify(hash_file, hash_len, + signature_file, signature_len, NULL); + + free(signature_file); + } else { + has_sig = !easy_pkcs7_verify(hash_file, hash_len, signature_file, + signature_len, certs_packages, 1); - free(signature_file); + free(signature_file); + } r = archive_read_next_header(*archive, &my_entry); if (r != ARCHIVE_OK) { @@ -493,7 +504,7 @@ static const char hash_template[] = static const char hash_trailer[] = "end pkgsrc signature\n"; void -pkg_sign(const char *name, const char *output, const char *key_file, const char *cert_file) +pkg_sign_x509(const char *name, const char *output, const char *key_file, const char *cert_file) { struct archive *pkg; struct archive_entry *entry, *hash_entry, *sign_entry; @@ -582,3 +593,94 @@ pkg_sign(const char *name, const char *output, const char *key_file, const char exit(0); } + +void +pkg_sign_gpg(const char *name, const char *output) +{ + struct archive *pkg; + struct archive_entry *entry, *hash_entry, *sign_entry; + int fd; + struct stat sb; + char *hash_file, *signature_file, *tmp, *pkgname, hash[SHA512_DIGEST_STRING_LENGTH]; + unsigned char block[65536]; + off_t i, size; + size_t block_len, signature_len; + + if ((fd = open(name, O_RDONLY)) == -1) + err(EXIT_FAILURE, "Cannot open binary package %s", name); + if (fstat(fd, &sb) == -1) + err(EXIT_FAILURE, "Cannot stat %s", name); + + entry = archive_entry_new(); + archive_entry_copy_stat(entry, &sb); + + pkgname = extract_pkgname(fd); + hash_file = xasprintf(hash_template, pkgname, + (long long)archive_entry_size(entry)); + free(pkgname); + + for (i = 0; i < archive_entry_size(entry); i += block_len) { + if (i + sizeof(block) < archive_entry_size(entry)) + block_len = sizeof(block); + else + block_len = archive_entry_size(entry) % sizeof(block); + if (read(fd, block, block_len) != block_len) + err(2, "short read"); + hash_block(block, block_len, hash); + tmp = xasprintf("%s%s\n", hash_file, hash); + free(hash_file); + hash_file = tmp; + } + tmp = xasprintf("%s%s", hash_file, hash_trailer); + free(hash_file); + hash_file = tmp; + + if (detached_gpg_sign(hash_file, strlen(hash_file), &signature_file, + &signature_len, NULL, NULL)) + err(EXIT_FAILURE, "Cannot sign hash file"); + + lseek(fd, 0, SEEK_SET); + + sign_entry = archive_entry_clone(entry); + hash_entry = archive_entry_clone(entry); + pkgname = strrchr(name, '/'); + archive_entry_set_pathname(entry, pkgname != NULL ? pkgname + 1 : name); + archive_entry_set_pathname(hash_entry, HASH_FNAME); + archive_entry_set_pathname(sign_entry, GPG_SIGNATURE_FNAME); + archive_entry_set_size(hash_entry, strlen(hash_file)); + archive_entry_set_size(sign_entry, signature_len); + + pkg = archive_write_new(); + archive_write_set_compression_none(pkg); + archive_write_set_format_ar_bsd(pkg); + archive_write_open_filename(pkg, output); + + archive_write_header(pkg, hash_entry); + archive_write_data(pkg, hash_file, strlen(hash_file)); + archive_write_finish_entry(pkg); + archive_entry_free(hash_entry); + + archive_write_header(pkg, sign_entry); + archive_write_data(pkg, signature_file, signature_len); + archive_write_finish_entry(pkg); + archive_entry_free(sign_entry); + + size = archive_entry_size(entry); + archive_write_header(pkg, entry); + + for (i = 0; i < size; i += block_len) { + if (i + sizeof(block) < size) + block_len = sizeof(block); + else + block_len = size % sizeof(block); + if (read(fd, block, block_len) != block_len) + err(2, "short read"); + archive_write_data(pkg, block, block_len); + } + archive_write_finish_entry(pkg); + archive_entry_free(entry); + + archive_write_finish(pkg); + + exit(0); +} diff --git a/pkgtools/pkg_install/files/lib/version.h b/pkgtools/pkg_install/files/lib/version.h index 19469e266d8..15191bcc6a7 100644 --- a/pkgtools/pkg_install/files/lib/version.h +++ b/pkgtools/pkg_install/files/lib/version.h @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.102.2.18 2008/11/27 19:24:13 joerg Exp $ */ +/* $NetBSD: version.h,v 1.102.2.19 2008/12/30 15:55:57 joerg Exp $ */ /* * Copyright (c) 2001 Thomas Klausner. All rights reserved. @@ -27,6 +27,6 @@ #ifndef _INST_LIB_VERSION_H_ #define _INST_LIB_VERSION_H_ -#define PKGTOOLS_VERSION "20081127" +#define PKGTOOLS_VERSION "20081230" #endif /* _INST_LIB_VERSION_H_ */ diff --git a/pkgtools/pkg_install/files/lib/vulnerabilities-file.c b/pkgtools/pkg_install/files/lib/vulnerabilities-file.c index 4ec5f3279b9..ec5b797a130 100644 --- a/pkgtools/pkg_install/files/lib/vulnerabilities-file.c +++ b/pkgtools/pkg_install/files/lib/vulnerabilities-file.c @@ -1,4 +1,4 @@ -/* $NetBSD: vulnerabilities-file.c,v 1.3.4.7 2008/08/05 22:32:12 joerg Exp $ */ +/* $NetBSD: vulnerabilities-file.c,v 1.3.4.8 2008/12/30 15:55:57 joerg Exp $ */ /*- * Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>. @@ -38,7 +38,7 @@ #if HAVE_SYS_CDEFS_H #include <sys/cdefs.h> #endif -__RCSID("$NetBSD: vulnerabilities-file.c,v 1.3.4.7 2008/08/05 22:32:12 joerg Exp $"); +__RCSID("$NetBSD: vulnerabilities-file.c,v 1.3.4.8 2008/12/30 15:55:57 joerg Exp $"); #if HAVE_SYS_STAT_H #include <sys/stat.h> @@ -72,40 +72,6 @@ static const char pkcs7_begin[] = "-----BEGIN PKCS7-----\n"; static const char pkcs7_end[] = "-----END PKCS7-----\n"; static void -verify_signature_gpg(const char *input, size_t input_len) -{ - pid_t child; - int fd[2], status; - - if (pipe(fd) == -1) - err(EXIT_FAILURE, "cannot create input pipes"); - - child = vfork(); - if (child == -1) - err(EXIT_FAILURE, "cannot fork GPG process"); - if (child == 0) { - close(fd[1]); - close(STDIN_FILENO); - if (dup2(fd[0], STDIN_FILENO) == -1) { - static const char err_msg[] = - "cannot redirect stdin of GPG process\n"; - write(STDERR_FILENO, err_msg, sizeof(err_msg) - 1); - _exit(255); - } - close(fd[0]); - execlp(gpg_cmd, gpg_cmd, "--verify", "-", (char *)NULL); - _exit(255); - } - close(fd[0]); - if (write(fd[1], input, input_len) != input_len) - errx(EXIT_FAILURE, "Short read from GPG"); - close(fd[1]); - waitpid(child, &status, 0); - if (status) - errx(EXIT_FAILURE, "GPG could not verify the signature"); -} - -static void verify_signature_pkcs7(const char *input) { #ifdef HAVE_SSL @@ -143,7 +109,7 @@ verify_signature(const char *input, size_t input_len) "At least GPG or CERTIFICATE_ANCHOR_PKGVULN " "must be configured"); if (gpg_cmd != NULL) - verify_signature_gpg(input, input_len); + inline_gpg_verify(input, input_len); if (certs_pkg_vulnerabilities != NULL) verify_signature_pkcs7(input); } |