From 0854ad8b8016d0132741a267492d72cfa0d3bd8e Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 21 Jun 2012 12:32:56 +0200 Subject: check when finished downloading the InRelease file if it has the expected gpg clearsign signature and if not download Release/Release.gpg instead --- apt-pkg/acquire-item.cc | 10 +++++++++- apt-pkg/contrib/fileutl.cc | 20 ++++++++++++++++++++ apt-pkg/contrib/fileutl.h | 4 ++++ apt-pkg/indexcopy.cc | 6 +----- 4 files changed, 34 insertions(+), 6 deletions(-) (limited to 'apt-pkg') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index a30e98858..9723cddac 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1235,9 +1235,17 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,string Hash, / } else { + // if we expect a ClearTextSignature (InRelase), ensure that + // this is what we get and if not fail to queue a + // Release/Release.gpg, see #346386 + if (SigFile == DestFile && !IsPgpClearTextSignature(DestFile)) + { + Failed(Message, Cfg); + return; + } + // There was a signature file, so pass it to gpgv for // verification - if (_config->FindB("Debug::pkgAcquire::Auth", false)) std::cerr << "Metaindex acquired, queueing gpg verification (" << SigFile << "," << DestFile << ")\n"; diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 1808489d7..7af5f5f5e 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -824,6 +824,26 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap) } /*}}}*/ +// IsPgpClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/ +// --------------------------------------------------------------------- +/* */ +bool IsPgpClearTextSignature(string const &FileName) +{ + static const char* SIGMSG = "-----BEGIN PGP SIGNED MESSAGE-----\n"; + char buffer[sizeof(SIGMSG)]; + FILE* gpg = fopen(FileName.c_str(), "r"); + if (gpg == NULL) + return false; + + char const * const test = fgets(buffer, sizeof(buffer), gpg); + fclose(gpg); + if (test == NULL || strcmp(buffer, SIGMSG) != 0) + return false; + + return true; +} + + // FileFd::Open - Open a file /*{{{*/ // --------------------------------------------------------------------- /* The most commonly used open mode combinations are given with Mode */ diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index 1ca41cb7d..c51add66e 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -179,6 +179,8 @@ bool WaitFd(int Fd,bool write = false,unsigned long timeout = 0); pid_t ExecFork(); bool ExecWait(pid_t Pid,const char *Name,bool Reap = false); +bool IsPgpClearTextSignature(std::string const &FileName); + // File string manipulators std::string flNotDir(std::string File); std::string flNotFile(std::string File); @@ -186,4 +188,6 @@ std::string flNoLink(std::string File); std::string flExtension(std::string File); std::string flCombine(std::string Dir,std::string File); + + #endif diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc index e29e2819c..db3d10ecd 100644 --- a/apt-pkg/indexcopy.cc +++ b/apt-pkg/indexcopy.cc @@ -648,16 +648,12 @@ bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, { if (File == FileGPG) { - #define SIGMSG "-----BEGIN PGP SIGNED MESSAGE-----\n" - char buffer[sizeof(SIGMSG)]; FILE* gpg = fopen(File.c_str(), "r"); if (gpg == NULL) return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str()); - char const * const test = fgets(buffer, sizeof(buffer), gpg); fclose(gpg); - if (test == NULL || strcmp(buffer, SIGMSG) != 0) + if (!IsPgpClearTextSignature(File)) return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str()); - #undef SIGMSG } -- cgit v1.2.3 From 479a2beb0f5605652689d74a78dd224b69ba2e8f Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 21 Jun 2012 13:19:04 +0200 Subject: update comments and add one FIXME for the next ABI break --- apt-pkg/acquire-item.cc | 6 +++++- apt-pkg/contrib/fileutl.h | 1 + 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'apt-pkg') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index 9723cddac..ddd3300f9 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1235,10 +1235,14 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,string Hash, / } else { + // FIXME: move this into pkgAcqMetaClearSig::Done on the next + // ABI break + // if we expect a ClearTextSignature (InRelase), ensure that // this is what we get and if not fail to queue a // Release/Release.gpg, see #346386 - if (SigFile == DestFile && !IsPgpClearTextSignature(DestFile)) + if (SigFile == DestFile && + !IsPgpClearTextSignature(DestFile)) { Failed(Message, Cfg); return; diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index c51add66e..a9cb45e9a 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -179,6 +179,7 @@ bool WaitFd(int Fd,bool write = false,unsigned long timeout = 0); pid_t ExecFork(); bool ExecWait(pid_t Pid,const char *Name,bool Reap = false); +// check if the given file starts with a PGP cleartext signature bool IsPgpClearTextSignature(std::string const &FileName); // File string manipulators -- cgit v1.2.3 From 947878508fbd153766a9ded131a04260ca4c7a83 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Mon, 9 Jul 2012 17:38:06 +0200 Subject: * apt-pkg/contrib/strutl.cc: - support \n and \r\n line endings in ReadMessages --- apt-pkg/contrib/strutl.cc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'apt-pkg') diff --git a/apt-pkg/contrib/strutl.cc b/apt-pkg/contrib/strutl.cc index ca096d736..df11a80ad 100644 --- a/apt-pkg/contrib/strutl.cc +++ b/apt-pkg/contrib/strutl.cc @@ -752,7 +752,8 @@ bool ReadMessages(int Fd, vector &List) // Look for the end of the message for (char *I = Buffer; I + 1 < End; I++) { - if (I[0] != '\n' || I[1] != '\n') + if (I[1] != '\n' || + (strncmp(I, "\n\n", 2) != 0 && strncmp(I, "\r\n\r\n", 4) != 0)) continue; // Pull the message out @@ -760,7 +761,7 @@ bool ReadMessages(int Fd, vector &List) PartialMessage += Message; // Fix up the buffer - for (; I < End && *I == '\n'; I++); + for (; I < End && (*I == '\r' || *I == '\n'); ++I); End -= I-Buffer; memmove(Buffer,I,End-Buffer); I = Buffer; -- cgit v1.2.3 From 1c89c98a56df709b4c4477bbd7b86f4e32cee214 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 10 Jul 2012 15:08:06 +0200 Subject: cherry pick -r1846 from bzr+ssh://bazaar.launchpad.net/~mvo/apt/lp346386/ --- apt-pkg/contrib/fileutl.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'apt-pkg') diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 20d2a02f5..d63195c7d 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -858,7 +858,7 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap) bool IsPgpClearTextSignature(string const &FileName) { static const char* SIGMSG = "-----BEGIN PGP SIGNED MESSAGE-----\n"; - char buffer[sizeof(SIGMSG)]; + char buffer[strlen(SIGMSG)+1]; FILE* gpg = fopen(FileName.c_str(), "r"); if (gpg == NULL) return false; -- cgit v1.2.3 From fe5804fc5010dd8f2e9406187bfc1f6afeb29c5a Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 10 Jul 2012 15:19:09 +0200 Subject: cherry pick -r1847 from bzr+ssh://bazaar.launchpad.net/~mvo/apt/lp346386/ --- apt-pkg/acquire-item.cc | 3 +-- apt-pkg/contrib/fileutl.cc | 4 ++-- apt-pkg/contrib/fileutl.h | 2 +- apt-pkg/indexcopy.cc | 2 +- 4 files changed, 5 insertions(+), 6 deletions(-) (limited to 'apt-pkg') diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index ddd3300f9..665dd427e 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -1241,8 +1241,7 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,string Hash, / // if we expect a ClearTextSignature (InRelase), ensure that // this is what we get and if not fail to queue a // Release/Release.gpg, see #346386 - if (SigFile == DestFile && - !IsPgpClearTextSignature(DestFile)) + if (SigFile == DestFile && !StartsWithGPGClearTextSignature(DestFile)) { Failed(Message, Cfg); return; diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index d63195c7d..960616f33 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -852,10 +852,10 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap) } /*}}}*/ -// IsPgpClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/ +// StartsWithGPGClearTextSignature - Check if a file is Pgp/GPG clearsigned /*{{{*/ // --------------------------------------------------------------------- /* */ -bool IsPgpClearTextSignature(string const &FileName) +bool StartsWithGPGClearTextSignature(string const &FileName) { static const char* SIGMSG = "-----BEGIN PGP SIGNED MESSAGE-----\n"; char buffer[strlen(SIGMSG)+1]; diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index 1e16540f7..510b1c984 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -181,7 +181,7 @@ pid_t ExecFork(); bool ExecWait(pid_t Pid,const char *Name,bool Reap = false); // check if the given file starts with a PGP cleartext signature -bool IsPgpClearTextSignature(std::string const &FileName); +bool StartsWithGPGClearTextSignature(std::string const &FileName); // File string manipulators std::string flNotDir(std::string File); diff --git a/apt-pkg/indexcopy.cc b/apt-pkg/indexcopy.cc index db3d10ecd..ddf1909b7 100644 --- a/apt-pkg/indexcopy.cc +++ b/apt-pkg/indexcopy.cc @@ -652,7 +652,7 @@ bool SigVerify::RunGPGV(std::string const &File, std::string const &FileGPG, if (gpg == NULL) return _error->Errno("RunGPGV", _("Could not open file %s"), File.c_str()); fclose(gpg); - if (!IsPgpClearTextSignature(File)) + if (!StartsWithGPGClearTextSignature(File)) return _error->Error(_("File %s doesn't start with a clearsigned message"), File.c_str()); } -- cgit v1.2.3