diff options
author | David Kalnischkies <david@kalnischkies.de> | 2018-09-12 01:44:18 +0200 |
---|---|---|
committer | David Kalnischkies <david@kalnischkies.de> | 2019-01-22 12:24:22 +0100 |
commit | 7bf533967fb385b9625a1ee4dd7c6542a84b489c (patch) | |
tree | b9a7a746417583c35baf33cfd08d6d0866243430 /apt-pkg | |
parent | 6b01cd087e6f92c5511fe6eea73699e075aa699a (diff) |
Communicate back which key(s) were used for signing
Telling the acquire system which keys caused the gpgv method to
succeed allows us for now just a casual check if the gpgv method
really executed catching bugs like CVE-2018-0501, but we will make use
of the information for better features in the following commits.
Diffstat (limited to 'apt-pkg')
-rw-r--r-- | apt-pkg/acquire-item.cc | 18 | ||||
-rw-r--r-- | apt-pkg/acquire-item.h | 3 |
2 files changed, 17 insertions, 4 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 83c793093..755e1fb59 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1464,8 +1464,20 @@ bool pkgAcqMetaBase::CheckDownloadDone(pkgAcqTransactionItem * const I, const st return true; } /*}}}*/ -bool pkgAcqMetaBase::CheckAuthDone(string const &Message) /*{{{*/ +bool pkgAcqMetaBase::CheckAuthDone(string const &Message, pkgAcquire::MethodConfig const *const Cnf) /*{{{*/ { + /* If we work with a recent version of our gpgv method, we expect that it tells us + which key(s) have signed the file so stuff like CVE-2018-0501 is harder in the future */ + if (Cnf->Version != "1.0" && LookupTag(Message, "Signed-By").empty()) + { + std::string errmsg; + strprintf(errmsg, "Internal Error: Signature on %s seems good, but expected details are missing! (%s)", Target.URI.c_str(), "Signed-By"); + if (ErrorText.empty()) + ErrorText = errmsg; + Status = StatAuthError; + return _error->Error("%s", errmsg.c_str()); + } + // At this point, the gpgv method has succeeded, so there is a // valid signature from a key in the trusted keyring. We // perform additional verification of its contents, and use them @@ -1946,7 +1958,7 @@ void pkgAcqMetaClearSig::Done(std::string const &Message, QueueForSignatureVerify(this, DestFile, DestFile); return; } - else if(CheckAuthDone(Message) == true) + else if (CheckAuthDone(Message, Cnf) == true) { if (TransactionManager->IMSHit == false) TransactionManager->TransactionStageCopy(this, DestFile, GetFinalFilename()); @@ -2190,7 +2202,7 @@ void pkgAcqMetaSig::Done(string const &Message, HashStringList const &Hashes, } return; } - else if(MetaIndex->CheckAuthDone(Message) == true) + else if (MetaIndex->CheckAuthDone(Message, Cfg) == true) { auto const Releasegpg = GetFinalFilename(); auto const Release = MetaIndex->GetFinalFilename(); diff --git a/apt-pkg/acquire-item.h b/apt-pkg/acquire-item.h index 4a1378922..70651d9e3 100644 --- a/apt-pkg/acquire-item.h +++ b/apt-pkg/acquire-item.h @@ -451,8 +451,9 @@ class APT_HIDDEN pkgAcqMetaBase : public pkgAcqTransactionItem /*{{{*/ * * \param Message The message block received from the fetch * subprocess. + * \param Cnf The method and its configuration which handled the request */ - bool CheckAuthDone(std::string const &Message); + bool CheckAuthDone(std::string const &Message, pkgAcquire::MethodConfig const *const Cnf); /** Check if the current item should fail at this point */ bool CheckStopAuthentication(pkgAcquire::Item * const I, const std::string &Message); |