diff options
Diffstat (limited to 'apt-pkg')
-rw-r--r-- | apt-pkg/acquire-item.cc | 13 | ||||
-rw-r--r-- | apt-pkg/contrib/configuration.cc | 12 | ||||
-rw-r--r-- | apt-pkg/contrib/configuration.h | 1 | ||||
-rw-r--r-- | apt-pkg/contrib/fileutl.cc | 51 | ||||
-rw-r--r-- | apt-pkg/contrib/fileutl.h | 6 | ||||
-rw-r--r-- | apt-pkg/contrib/netrc.cc | 12 | ||||
-rw-r--r-- | apt-pkg/contrib/netrc.h | 4 | ||||
-rw-r--r-- | apt-pkg/contrib/strutl.cc | 5 | ||||
-rw-r--r-- | apt-pkg/deb/dpkgpm.cc | 2 | ||||
-rw-r--r-- | apt-pkg/indexcopy.cc | 6 |
10 files changed, 87 insertions, 25 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index a30e98858..665dd427e 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1235,9 +1235,20 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,string Hash, / } else { + // FIXME: move this into pkgAcqMetaClearSig::Done on the next + // ABI break + + // if we expect a ClearTextSignature (InRelase), ensure that + // this is what we get and if not fail to queue a + // Release/Release.gpg, see #346386 + if (SigFile == DestFile && !StartsWithGPGClearTextSignature(DestFile)) + { + Failed(Message, Cfg); + return; + } + // There was a signature file, so pass it to gpgv for // verification - if (_config->FindB("Debug::pkgAcquire::Auth", false)) std::cerr << "Metaindex acquired, queueing gpg verification (" << SigFile << "," << DestFile << ")\n"; diff --git a/apt-pkg/contrib/configuration.cc b/apt-pkg/contrib/configuration.cc index 4de17e3e1..d5334ae72 100644 --- a/apt-pkg/contrib/configuration.cc +++ b/apt-pkg/contrib/configuration.cc @@ -422,6 +422,18 @@ void Configuration::Clear(string const &Name, string const &Value) } /*}}}*/ +// Configuration::Clear - Clear everything /*{{{*/ +// --------------------------------------------------------------------- +void Configuration::Clear() +{ + const Configuration::Item *Top = Tree(0); + while( Top != 0 ) + { + Clear(Top->FullTag()); + Top = Top->Next; + } +} + /*}}}*/ // Configuration::Clear - Clear an entire tree /*{{{*/ // --------------------------------------------------------------------- /* */ diff --git a/apt-pkg/contrib/configuration.h b/apt-pkg/contrib/configuration.h index ea94c2fe6..8e09ea0a6 100644 --- a/apt-pkg/contrib/configuration.h +++ b/apt-pkg/contrib/configuration.h @@ -94,6 +94,7 @@ class Configuration // clear a whole tree void Clear(const std::string &Name); + void Clear(); // remove a certain value from a list (e.g. the list of "APT::Keep-Fds") void Clear(std::string const &List, std::string const &Value); diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 90e49cbfa..a31a8a141 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -41,6 +41,8 @@ #include <dirent.h> #include <signal.h> #include <errno.h> +#include <glob.h> + #include <set> #include <algorithm> @@ -852,6 +854,26 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap) } /*}}}*/ +// StartsWithGPGClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/ +// --------------------------------------------------------------------- +/* */ +bool StartsWithGPGClearTextSignature(string const &FileName) +{ + static const char* SIGMSG = "-----BEGIN PGP SIGNED MESSAGE-----\n"; + char buffer[strlen(SIGMSG)+1]; + FILE* gpg = fopen(FileName.c_str(), "r"); + if (gpg == NULL) + return false; + + char const * const test = fgets(buffer, sizeof(buffer), gpg); + fclose(gpg); + if (test == NULL || strcmp(buffer, SIGMSG) != 0) + return false; + + return true; +} + + // FileFd::Open - Open a file /*{{{*/ // --------------------------------------------------------------------- /* The most commonly used open mode combinations are given with Mode */ @@ -1758,3 +1780,32 @@ bool FileFd::Sync() /*}}}*/ gzFile FileFd::gzFd() { return (gzFile) d->gz; } + + +// Glob - wrapper around "glob()" /*{{{*/ +// --------------------------------------------------------------------- +/* */ +std::vector<std::string> Glob(std::string const &pattern, int flags) +{ + std::vector<std::string> result; + glob_t globbuf; + int glob_res, i; + + glob_res = glob(pattern.c_str(), flags, NULL, &globbuf); + + if (glob_res != 0) + { + if(glob_res != GLOB_NOMATCH) { + _error->Errno("glob", "Problem with glob"); + return result; + } + } + + // append results + for(i=0;i<globbuf.gl_pathc;i++) + result.push_back(string(globbuf.gl_pathv[i])); + + globfree(&globbuf); + return result; +} + /*}}}*/ diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index 426664d3a..4d933a307 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -180,6 +180,9 @@ bool WaitFd(int Fd,bool write = false,unsigned long timeout = 0); pid_t ExecFork(); bool ExecWait(pid_t Pid,const char *Name,bool Reap = false); +// check if the given file starts with a PGP cleartext signature +bool StartsWithGPGClearTextSignature(std::string const &FileName); + // File string manipulators std::string flNotDir(std::string File); std::string flNotFile(std::string File); @@ -187,4 +190,7 @@ std::string flNoLink(std::string File); std::string flExtension(std::string File); std::string flCombine(std::string Dir,std::string File); +// simple c++ glob +std::vector<std::string> Glob(std::string const &pattern, int flags=0); + #endif diff --git a/apt-pkg/contrib/netrc.cc b/apt-pkg/contrib/netrc.cc index 0a902f126..b3d30fd4a 100644 --- a/apt-pkg/contrib/netrc.cc +++ b/apt-pkg/contrib/netrc.cc @@ -155,18 +155,6 @@ static int parsenetrc_string (char *host, std::string &login, std::string &passw return retcode; } -// for some unknown reason this method is exported so keep a compatible interface for now … -int parsenetrc (char *host, char *login, char *password, char *netrcfile = NULL) -{ - std::string login_string, password_string; - int const ret = parsenetrc_string(host, login_string, password_string, netrcfile); - if (ret < 0) - return ret; - strncpy(login, login_string.c_str(), LOGINSIZE - 1); - strncpy(password, password_string.c_str(), PASSWORDSIZE - 1); - return ret; -} - void maybe_add_auth (URI &Uri, string NetRCFile) { diff --git a/apt-pkg/contrib/netrc.h b/apt-pkg/contrib/netrc.h index 6feb5b726..7349126c4 100644 --- a/apt-pkg/contrib/netrc.h +++ b/apt-pkg/contrib/netrc.h @@ -25,9 +25,5 @@ class URI; -// kill this export on the next ABI break - strongly doubt its in use anyway -// outside of the apt itself, its really a internal interface -__deprecated int parsenetrc (char *host, char *login, char *password, char *filename); - void maybe_add_auth (URI &Uri, std::string NetRCFile); #endif diff --git a/apt-pkg/contrib/strutl.cc b/apt-pkg/contrib/strutl.cc index ca096d736..df11a80ad 100644 --- a/apt-pkg/contrib/strutl.cc +++ b/apt-pkg/contrib/strutl.cc @@ -752,7 +752,8 @@ bool ReadMessages(int Fd, vector<string> &List) // Look for the end of the message for (char *I = Buffer; I + 1 < End; I++) { - if (I[0] != '\n' || I[1] != '\n') + if (I[1] != '\n' || + (strncmp(I, "\n\n", 2) != 0 && strncmp(I, "\r\n\r\n", 4) != 0)) continue; // Pull the message out @@ -760,7 +761,7 @@ bool ReadMessages(int Fd, vector<string> &List) PartialMessage += Message; // Fix up the buffer - for (; I < End && *I == '\n'; I++); + for (; I < End && (*I == '\r' || *I == '\n'); ++I); End -= I-Buffer; memmove(Buffer,I,End-Buffer); I = Buffer; diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc index 6cb8bc6b6..fd1e6e085 100644 --- a/apt-pkg/deb/dpkgpm.cc +++ b/apt-pkg/deb/dpkgpm.cc @@ -1205,7 +1205,7 @@ bool pkgDPkgPM::Go(int OutStatusFd) // if tcgetattr does not return zero there was a error // and we do not do any pty magic - if (tcgetattr(0, &tt) == 0) + if (tcgetattr(STDOUT_FILENO, &tt) == 0) { ioctl(0, TIOCGWINSZ, (char *)&win); if (openpty(&master, &slave, NULL, &tt, &win) < 0) diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc index aa1f01a4a..c0a085316 100644 --- a/apt-pkg/indexcopy.cc +++ b/apt-pkg/indexcopy.cc @@ -654,16 +654,12 @@ bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, { if (File == FileGPG) { - #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n" - char buffer[sizeof(SIGMSG)]; FILE* gpg = fopen(File.c_str(), "r"); if (gpg == NULL) return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str()); - char const * const test = fgets(buffer, sizeof(buffer), gpg); fclose(gpg); - if (test == NULL || strcmp(buffer, SIGMSG) != 0) + if (!StartsWithGPGClearTextSignature(File)) return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str()); - #undef SIGMSG } |