Просмотр исходного кода

* apt-pkg/indexcopy.cc:
- rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc

David Kalnischkies лет назад: 13
Родитель
Сommit
2f5b615169
7 измененных файлов с 189 добавлено и 135 удалено
  1. 138 0
      apt-pkg/contrib/gpgv.cc
  2. 24 0
      apt-pkg/contrib/gpgv.h
  3. 2 120
      apt-pkg/indexcopy.cc
  4. 9 6
      apt-pkg/indexcopy.h
  5. 6 8
      apt-pkg/makefile
  6. 8 0
      debian/changelog
  7. 2 1
      methods/gpgv.cc

+ 138 - 0
apt-pkg/contrib/gpgv.cc

@@ -0,0 +1,138 @@
+// -*- mode: cpp; mode: fold -*-
+// Include Files							/*{{{*/
+#include<config.h>
+
+#include <iostream>
+#include <sstream>
+#include <unistd.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <apt-pkg/error.h>
+#include <apt-pkg/strutl.h>
+#include <apt-pkg/fileutl.h>
+#include <apt-pkg/configuration.h>
+
+#include <apti18n.h>
+									/*}}}*/
+
+using namespace std;
+
+// RunGPGV - returns the command needed for verify			/*{{{*/
+// ---------------------------------------------------------------------
+/* Generating the commandline for calling gpgv is somehow complicated as
+   we need to add multiple keyrings and user supplied options. */
+bool ExecGPGV(std::string const &File, std::string const &FileGPG,
+			int const &statusfd, int fd[2])
+{
+   if (File == FileGPG)
+   {
+      #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n"
+      char buffer[sizeof(SIGMSG)];
+      FILE* gpg = fopen(File.c_str(), "r");
+      if (gpg == NULL)
+	 return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str());
+      char const * const test = fgets(buffer, sizeof(buffer), gpg);
+      fclose(gpg);
+      if (test == NULL || strcmp(buffer, SIGMSG) != 0)
+	 return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str());
+      #undef SIGMSG
+   }
+
+
+   string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
+   // FIXME: remove support for deprecated APT::GPGV setting
+   string const trustedFile = _config->Find("APT::GPGV::TrustedKeyring", _config->FindFile("Dir::Etc::Trusted"));
+   string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts");
+
+   bool const Debug = _config->FindB("Debug::Acquire::gpgv", false);
+
+   if (Debug == true)
+   {
+      std::clog << "gpgv path: " << gpgvpath << std::endl;
+      std::clog << "Keyring file: " << trustedFile << std::endl;
+      std::clog << "Keyring path: " << trustedPath << std::endl;
+   }
+
+   std::vector<string> keyrings;
+   if (DirectoryExists(trustedPath))
+     keyrings = GetListOfFilesInDir(trustedPath, "gpg", false, true);
+   if (RealFileExists(trustedFile) == true)
+     keyrings.push_back(trustedFile);
+
+   std::vector<const char *> Args;
+   Args.reserve(30);
+
+   if (keyrings.empty() == true)
+   {
+      // TRANSLATOR: %s is the trusted keyring parts directory
+      return _error->Error(_("No keyring installed in %s."),
+			   _config->FindDir("Dir::Etc::TrustedParts").c_str());
+   }
+
+   Args.push_back(gpgvpath.c_str());
+   Args.push_back("--ignore-time-conflict");
+
+   if (statusfd != -1)
+   {
+      Args.push_back("--status-fd");
+      char fd[10];
+      snprintf(fd, sizeof(fd), "%i", statusfd);
+      Args.push_back(fd);
+   }
+
+   for (vector<string>::const_iterator K = keyrings.begin();
+	K != keyrings.end(); ++K)
+   {
+      Args.push_back("--keyring");
+      Args.push_back(K->c_str());
+   }
+
+   Configuration::Item const *Opts;
+   Opts = _config->Tree("Acquire::gpgv::Options");
+   if (Opts != 0)
+   {
+      Opts = Opts->Child;
+      for (; Opts != 0; Opts = Opts->Next)
+      {
+	 if (Opts->Value.empty() == true)
+	    continue;
+	 Args.push_back(Opts->Value.c_str());
+      }
+   }
+
+   Args.push_back(FileGPG.c_str());
+   if (FileGPG != File)
+      Args.push_back(File.c_str());
+   Args.push_back(NULL);
+
+   if (Debug == true)
+   {
+      std::clog << "Preparing to exec: " << gpgvpath;
+      for (std::vector<const char *>::const_iterator a = Args.begin(); *a != NULL; ++a)
+	 std::clog << " " << *a;
+      std::clog << std::endl;
+   }
+
+   if (statusfd != -1)
+   {
+      int const nullfd = open("/dev/null", O_RDONLY);
+      close(fd[0]);
+      // Redirect output to /dev/null; we read from the status fd
+      dup2(nullfd, STDOUT_FILENO);
+      dup2(nullfd, STDERR_FILENO);
+      // Redirect the pipe to the status fd (3)
+      dup2(fd[1], statusfd);
+
+      putenv((char *)"LANG=");
+      putenv((char *)"LC_ALL=");
+      putenv((char *)"LC_MESSAGES=");
+   }
+
+   execvp(gpgvpath.c_str(), (char **) &Args[0]);
+   return true;
+}
+									/*}}}*/

+ 24 - 0
apt-pkg/contrib/gpgv.h

@@ -0,0 +1,24 @@
+// -*- mode: cpp; mode: fold -*-
+// Description								/*{{{*/
+/* ######################################################################
+
+   Helpers to deal with gpgv better and more easily
+
+   ##################################################################### */
+									/*}}}*/
+#ifndef CONTRIB_GPGV_H
+#define CONTRIB_GPGV_H
+
+#include <string>
+
+/** \brief generates and run the command to verify a file with gpgv */
+bool ExecGPGV(std::string const &File, std::string const &FileOut,
+      int const &statusfd, int fd[2]);
+
+inline bool ExecGPGV(std::string const &File, std::string const &FileOut,
+      int const &statusfd = -1) {
+   int fd[2];
+   return ExecGPGV(File, FileOut, statusfd, fd);
+}
+
+#endif

+ 2 - 120
apt-pkg/indexcopy.cc

@@ -593,9 +593,9 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector<string> &SigList,
       if(pid == 0)
       {
 	 if (useInRelease == true)
-	    RunGPGV(inrelease, inrelease);
+	    ExecGPGV(inrelease, inrelease);
 	 else
-	    RunGPGV(release, releasegpg);
+	    ExecGPGV(release, releasegpg);
       }
 
       if(!ExecWait(pid, "gpgv")) {
@@ -639,124 +639,6 @@ bool SigVerify::CopyAndVerify(string CDROM,string Name,vector<string> &SigList,
       }
    }   
 
-   return true;
-}
-									/*}}}*/
-// SigVerify::RunGPGV - returns the command needed for verify		/*{{{*/
-// ---------------------------------------------------------------------
-/* Generating the commandline for calling gpgv is somehow complicated as
-   we need to add multiple keyrings and user supplied options. Also, as
-   the cdrom code currently can not use the gpgv method we have two places
-   these need to be done - so the place for this method is wrong but better
-   than code duplication… */
-bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG,
-			int const &statusfd, int fd[2])
-{
-   if (File == FileGPG)
-   {
-      #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n"
-      char buffer[sizeof(SIGMSG)];
-      FILE* gpg = fopen(File.c_str(), "r");
-      if (gpg == NULL)
-	 return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str());
-      char const * const test = fgets(buffer, sizeof(buffer), gpg);
-      fclose(gpg);
-      if (test == NULL || strcmp(buffer, SIGMSG) != 0)
-	 return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str());
-      #undef SIGMSG
-   }
-
-
-   string const gpgvpath = _config->Find("Dir::Bin::gpg", "/usr/bin/gpgv");
-   // FIXME: remove support for deprecated APT::GPGV setting
-   string const trustedFile = _config->Find("APT::GPGV::TrustedKeyring", _config->FindFile("Dir::Etc::Trusted"));
-   string const trustedPath = _config->FindDir("Dir::Etc::TrustedParts");
-
-   bool const Debug = _config->FindB("Debug::Acquire::gpgv", false);
-
-   if (Debug == true)
-   {
-      std::clog << "gpgv path: " << gpgvpath << std::endl;
-      std::clog << "Keyring file: " << trustedFile << std::endl;
-      std::clog << "Keyring path: " << trustedPath << std::endl;
-   }
-
-   std::vector<string> keyrings;
-   if (DirectoryExists(trustedPath))
-     keyrings = GetListOfFilesInDir(trustedPath, "gpg", false, true);
-   if (RealFileExists(trustedFile) == true)
-     keyrings.push_back(trustedFile);
-
-   std::vector<const char *> Args;
-   Args.reserve(30);
-
-   if (keyrings.empty() == true)
-   {
-      // TRANSLATOR: %s is the trusted keyring parts directory
-      return _error->Error(_("No keyring installed in %s."),
-			   _config->FindDir("Dir::Etc::TrustedParts").c_str());
-   }
-
-   Args.push_back(gpgvpath.c_str());
-   Args.push_back("--ignore-time-conflict");
-
-   if (statusfd != -1)
-   {
-      Args.push_back("--status-fd");
-      char fd[10];
-      snprintf(fd, sizeof(fd), "%i", statusfd);
-      Args.push_back(fd);
-   }
-
-   for (vector<string>::const_iterator K = keyrings.begin();
-	K != keyrings.end(); ++K)
-   {
-      Args.push_back("--keyring");
-      Args.push_back(K->c_str());
-   }
-
-   Configuration::Item const *Opts;
-   Opts = _config->Tree("Acquire::gpgv::Options");
-   if (Opts != 0)
-   {
-      Opts = Opts->Child;
-      for (; Opts != 0; Opts = Opts->Next)
-      {
-	 if (Opts->Value.empty() == true)
-	    continue;
-	 Args.push_back(Opts->Value.c_str());
-      }
-   }
-
-   Args.push_back(FileGPG.c_str());
-   if (FileGPG != File)
-      Args.push_back(File.c_str());
-   Args.push_back(NULL);
-
-   if (Debug == true)
-   {
-      std::clog << "Preparing to exec: " << gpgvpath;
-      for (std::vector<const char *>::const_iterator a = Args.begin(); *a != NULL; ++a)
-	 std::clog << " " << *a;
-      std::clog << std::endl;
-   }
-
-   if (statusfd != -1)
-   {
-      int const nullfd = open("/dev/null", O_RDONLY);
-      close(fd[0]);
-      // Redirect output to /dev/null; we read from the status fd
-      dup2(nullfd, STDOUT_FILENO);
-      dup2(nullfd, STDERR_FILENO);
-      // Redirect the pipe to the status fd (3)
-      dup2(fd[1], statusfd);
-
-      putenv((char *)"LANG=");
-      putenv((char *)"LC_ALL=");
-      putenv((char *)"LC_MESSAGES=");
-   }
-
-   execvp(gpgvpath.c_str(), (char **) &Args[0]);
    return true;
 }
 									/*}}}*/

+ 9 - 6
apt-pkg/indexcopy.h

@@ -14,6 +14,9 @@
 #include <string>
 #include <stdio.h>
 
+#include <apt-pkg/gpgv.h>
+#include <apt-pkg/macros.h>
+
 #ifndef APT_8_CLEANER_HEADERS
 using std::string;
 using std::vector;
@@ -96,13 +99,13 @@ class SigVerify								/*{{{*/
    bool CopyAndVerify(std::string CDROM,std::string Name,std::vector<std::string> &SigList,
 		      std::vector<std::string> PkgList,std::vector<std::string> SrcList);
 
-   /** \brief generates and run the command to verify a file with gpgv */
-   static bool RunGPGV(std::string const &File, std::string const &FileOut,
-		       int const &statusfd, int fd[2]);
-   inline static bool RunGPGV(std::string const &File, std::string const &FileOut,
+   __deprecated static bool RunGPGV(std::string const &File, std::string const &FileOut,
+		       int const &statusfd, int fd[2]) {
+      return ExecGPGV(File, FileOut, statusfd, fd);
+   };
+   __deprecated static bool RunGPGV(std::string const &File, std::string const &FileOut,
 			      int const &statusfd = -1) {
-      int fd[2];
-      return RunGPGV(File, FileOut, statusfd, fd);
+      return ExecGPGV(File, FileOut, statusfd);
    };
 };
 									/*}}}*/

+ 6 - 8
apt-pkg/makefile

@@ -27,15 +27,13 @@ APT_DOMAIN:=libapt-pkg$(LIBAPTPKG_MAJOR)
 SOURCE = contrib/mmap.cc contrib/error.cc contrib/strutl.cc \
          contrib/configuration.cc contrib/progress.cc contrib/cmndline.cc \
 	 contrib/hashsum.cc contrib/md5.cc contrib/sha1.cc \
-	 contrib/sha2_internal.cc\
-         contrib/hashes.cc \
+	 contrib/sha2_internal.cc contrib/hashes.cc \
 	 contrib/cdromutl.cc contrib/crc-16.cc contrib/netrc.cc \
-	 contrib/fileutl.cc 
-HEADERS = mmap.h error.h configuration.h fileutl.h  cmndline.h netrc.h\
-	  md5.h crc-16.h cdromutl.h strutl.h sptr.h sha1.h sha2.h sha256.h\
-	  sha2_internal.h \
-          hashes.h hashsum_template.h\
-	  macros.h weakptr.h
+	 contrib/fileutl.cc contrib/gpgv.cc
+HEADERS = mmap.h error.h configuration.h fileutl.h cmndline.h netrc.h \
+	  md5.h crc-16.h cdromutl.h strutl.h sptr.h sha1.h sha2.h sha256.h \
+	  sha2_internal.h hashes.h hashsum_template.h \
+	  macros.h weakptr.h gpgv.h
 
 # Source code for the core main library
 SOURCE+= pkgcache.cc version.cc depcache.cc \

+ 8 - 0
debian/changelog

@@ -1,3 +1,11 @@
+apt (0.9.7.9) UNRELEASED; urgency=low
+
+  [ David Kalnischkies ]
+  * apt-pkg/indexcopy.cc:
+    - rename RunGPGV to ExecGPGV and move it to apt-pkg/contrib/gpgv.cc
+
+ -- David Kalnischkies <kalnischkies@gmail.com>  Fri, 15 Mar 2013 14:15:43 +0100
+
 apt (0.9.7.8) unstable; urgency=criticial
 
   * SECURITY UPDATE: InRelease verification bypass

+ 2 - 1
methods/gpgv.cc

@@ -6,6 +6,7 @@
 #include <apt-pkg/fileutl.h>
 #include <apt-pkg/indexcopy.h>
 #include <apt-pkg/configuration.h>
+#include <apt-pkg/gpgv.h>
 
 #include <utime.h>
 #include <stdio.h>
@@ -72,7 +73,7 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
    else if (pid == 0)
    {
       _error->PushToStack();
-      bool const success = SigVerify::RunGPGV(outfile, file, 3, fd);
+      bool const success = ExecGPGV(outfile, file, 3, fd);
       if (success == false)
       {
 	 string errmsg;