summaryrefslogtreecommitdiff
path: root/apt-pkg
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2018-09-12 01:44:18 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2019-01-22 12:24:22 +0100
commit7bf533967fb385b9625a1ee4dd7c6542a84b489c (patch)
treeb9a7a746417583c35baf33cfd08d6d0866243430 /apt-pkg
parent6b01cd087e6f92c5511fe6eea73699e075aa699a (diff)
Communicate back which key(s) were used for signing
Telling the acquire system which keys caused the gpgv method to succeed allows us for now just a casual check if the gpgv method really executed catching bugs like CVE-2018-0501, but we will make use of the information for better features in the following commits.
Diffstat (limited to 'apt-pkg')
-rw-r--r--apt-pkg/acquire-item.cc18
-rw-r--r--apt-pkg/acquire-item.h3
2 files changed, 17 insertions, 4 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 83c793093..755e1fb59 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1464,8 +1464,20 @@ bool pkgAcqMetaBase::CheckDownloadDone(pkgAcqTransactionItem * const I, const st
return true;
}
/*}}}*/
-bool pkgAcqMetaBase::CheckAuthDone(string const &Message) /*{{{*/
+bool pkgAcqMetaBase::CheckAuthDone(string const &Message, pkgAcquire::MethodConfig const *const Cnf) /*{{{*/
{
+ /* If we work with a recent version of our gpgv method, we expect that it tells us
+ which key(s) have signed the file so stuff like CVE-2018-0501 is harder in the future */
+ if (Cnf->Version != "1.0" && LookupTag(Message, "Signed-By").empty())
+ {
+ std::string errmsg;
+ strprintf(errmsg, "Internal Error: Signature on %s seems good, but expected details are missing! (%s)", Target.URI.c_str(), "Signed-By");
+ if (ErrorText.empty())
+ ErrorText = errmsg;
+ Status = StatAuthError;
+ return _error->Error("%s", errmsg.c_str());
+ }
+
// At this point, the gpgv method has succeeded, so there is a
// valid signature from a key in the trusted keyring. We
// perform additional verification of its contents, and use them
@@ -1946,7 +1958,7 @@ void pkgAcqMetaClearSig::Done(std::string const &Message,
QueueForSignatureVerify(this, DestFile, DestFile);
return;
}
- else if(CheckAuthDone(Message) == true)
+ else if (CheckAuthDone(Message, Cnf) == true)
{
if (TransactionManager->IMSHit == false)
TransactionManager->TransactionStageCopy(this, DestFile, GetFinalFilename());
@@ -2190,7 +2202,7 @@ void pkgAcqMetaSig::Done(string const &Message, HashStringList const &Hashes,
}
return;
}
- else if(MetaIndex->CheckAuthDone(Message) == true)
+ else if (MetaIndex->CheckAuthDone(Message, Cfg) == true)
{
auto const Releasegpg = GetFinalFilename();
auto const Release = MetaIndex->GetFinalFilename();
diff --git a/apt-pkg/acquire-item.h b/apt-pkg/acquire-item.h
index 4a1378922..70651d9e3 100644
--- a/apt-pkg/acquire-item.h
+++ b/apt-pkg/acquire-item.h
@@ -451,8 +451,9 @@ class APT_HIDDEN pkgAcqMetaBase : public pkgAcqTransactionItem /*{{{*/
*
* \param Message The message block received from the fetch
* subprocess.
+ * \param Cnf The method and its configuration which handled the request
*/
- bool CheckAuthDone(std::string const &Message);
+ bool CheckAuthDone(std::string const &Message, pkgAcquire::MethodConfig const *const Cnf);
/** Check if the current item should fail at this point */
bool CheckStopAuthentication(pkgAcquire::Item * const I, const std::string &Message);