diff options
| -rw-r--r-- | apt-pkg/acquire-item.cc | 14 | ||||
| -rw-r--r-- | apt-pkg/contrib/fileutl.cc | 20 | ||||
| -rw-r--r-- | apt-pkg/contrib/fileutl.h | 5 | ||||
| -rw-r--r-- | apt-pkg/indexcopy.cc | 6 |
4 files changed, 39 insertions, 6 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index a30e98858..ddd3300f9 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1235,9 +1235,21 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,string Hash, / } else { + // FIXME: move this into pkgAcqMetaClearSig::Done on the next + // ABI break + + // if we expect a ClearTextSignature (InRelase), ensure that + // this is what we get and if not fail to queue a + // Release/Release.gpg, see #346386 + if (SigFile == DestFile && + !IsPgpClearTextSignature(DestFile)) + { + Failed(Message, Cfg); + return; + } + // There was a signature file, so pass it to gpgv for // verification - if (_config->FindB("Debug::pkgAcquire::Auth", false)) std::cerr << "Metaindex acquired, queueing gpg verification (" << SigFile << "," << DestFile << ")\n"; diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 119cd1974..20d2a02f5 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -852,6 +852,26 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap) } /*}}}*/ +// IsPgpClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/ +// --------------------------------------------------------------------- +/* */ +bool IsPgpClearTextSignature(string const &FileName) +{ + static const char* SIGMSG = "-----BEGIN PGP SIGNED MESSAGE-----\n"; + char buffer[sizeof(SIGMSG)]; + FILE* gpg = fopen(FileName.c_str(), "r"); + if (gpg == NULL) + return false; + + char const * const test = fgets(buffer, sizeof(buffer), gpg); + fclose(gpg); + if (test == NULL || strcmp(buffer, SIGMSG) != 0) + return false; + + return true; +} + + // FileFd::Open - Open a file /*{{{*/ // --------------------------------------------------------------------- /* The most commonly used open mode combinations are given with Mode */ diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index 426664d3a..1e16540f7 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -180,6 +180,9 @@ bool WaitFd(int Fd,bool write = false,unsigned long timeout = 0); pid_t ExecFork(); bool ExecWait(pid_t Pid,const char *Name,bool Reap = false); +// check if the given file starts with a PGP cleartext signature +bool IsPgpClearTextSignature(std::string const &FileName); + // File string manipulators std::string flNotDir(std::string File); std::string flNotFile(std::string File); @@ -187,4 +190,6 @@ std::string flNoLink(std::string File); std::string flExtension(std::string File); std::string flCombine(std::string Dir,std::string File); + + #endif diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc index e29e2819c..db3d10ecd 100644 --- a/apt-pkg/indexcopy.cc +++ b/apt-pkg/indexcopy.cc @@ -648,16 +648,12 @@ bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, { if (File == FileGPG) { - #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n" - char buffer[sizeof(SIGMSG)]; FILE* gpg = fopen(File.c_str(), "r"); if (gpg == NULL) return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str()); - char const * const test = fgets(buffer, sizeof(buffer), gpg); fclose(gpg); - if (test == NULL || strcmp(buffer, SIGMSG) != 0) + if (!IsPgpClearTextSignature(File)) return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str()); - #undef SIGMSG } |