pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkg_install-renovation]: pkgsrc/pkgtools/pkg_install/files pkg_instal...
details: https://anonhg.NetBSD.org/pkgsrc/rev/5484e64e90f6
branches: pkg_install-renovation
changeset: 541610:5484e64e90f6
user: joerg <joerg%pkgsrc.org@localhost>
date: Tue Dec 30 15:55:57 2008 +0000
description:
pkg_install-20081230:
Add initial support for secure GPG signatures.
diffstat:
pkgtools/pkg_install/files/admin/main.c | 25 +-
pkgtools/pkg_install/files/admin/pkg_admin.1 | 8 +-
pkgtools/pkg_install/files/lib/Makefile.in | 4 +-
pkgtools/pkg_install/files/lib/gpgsig.c | 252 ++++++++++++++++++
pkgtools/pkg_install/files/lib/lib.h | 12 +-
pkgtools/pkg_install/files/lib/pkg_signature.c | 128 ++++++++-
pkgtools/pkg_install/files/lib/version.h | 4 +-
pkgtools/pkg_install/files/lib/vulnerabilities-file.c | 40 +--
8 files changed, 408 insertions(+), 65 deletions(-)
diffs (truncated from 655 to 300 lines):
diff -r a8f2256be502 -r 5484e64e90f6 pkgtools/pkg_install/files/admin/main.c
--- a/pkgtools/pkg_install/files/admin/main.c Sun Dec 28 00:55:47 2008 +0000
+++ b/pkgtools/pkg_install/files/admin/main.c Tue Dec 30 15:55:57 2008 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: main.c,v 1.42.2.8 2008/08/25 18:31:14 joerg Exp $ */
+/* $NetBSD: main.c,v 1.42.2.9 2008/12/30 15:55:57 joerg Exp $ */
#if HAVE_CONFIG_H
#include "config.h"
@@ -8,7 +8,7 @@
#include <sys/cdefs.h>
#endif
#ifndef lint
-__RCSID("$NetBSD: main.c,v 1.42.2.8 2008/08/25 18:31:14 joerg Exp $");
+__RCSID("$NetBSD: main.c,v 1.42.2.9 2008/12/30 15:55:57 joerg Exp $");
#endif
/*-
@@ -109,8 +109,9 @@
" audit-batch [-es] [-t type] ... - check packages in listed files for vulnerabilities\n"
" audit-history [-t type] ... - print all advisories for package names\n"
" config-var name - print current value of the configuration variable\n"
- " check-signature ... - verify the signature of packages\n"
- " sign-package pkg spkg key cert - create signature\n",
+ " check-signature ... - verify the signature of packages\n"
+ " x509-sign-package pkg spkg key cert - create X509 signature\n"
+ " gpg-sign-package pkg spkg - create GPG signature\n",
getprogname());
exit(EXIT_FAILURE);
}
@@ -542,6 +543,10 @@
rc = 0;
for (--argc, ++argv; argc > 0; --argc, ++argv) {
pkg = open_archive(*argv, &cookie);
+ if (pkg == NULL) {
+ warnx("%s could not be opened", *argv);
+ continue;
+ }
if (pkg_full_signature_check(pkg))
rc = 1;
close_archive(pkg);
@@ -550,16 +555,22 @@
#else
errx(EXIT_FAILURE, "OpenSSL support is not included");
#endif
- } else if (strcasecmp(argv[0], "sign-package") == 0) {
+ } else if (strcasecmp(argv[0], "x509-sign-package") == 0) {
#ifdef HAVE_SSL
--argc;
++argv;
if (argc != 4)
- errx(EXIT_FAILURE, "sign-package takes exactly four arguments");
- pkg_sign(argv[0], argv[1], argv[2], argv[3]);
+ errx(EXIT_FAILURE, "x509-sign-package takes exactly four arguments");
+ pkg_sign_x509(argv[0], argv[1], argv[2], argv[3]);
#else
errx(EXIT_FAILURE, "OpenSSL support is not included");
#endif
+ } else if (strcasecmp(argv[0], "gpg-sign-package") == 0) {
+ --argc;
+ ++argv;
+ if (argc != 2)
+ errx(EXIT_FAILURE, "gpg-sign-package takes exactly two arguments");
+ pkg_sign_gpg(argv[0], argv[1]);
}
#endif
else {
diff -r a8f2256be502 -r 5484e64e90f6 pkgtools/pkg_install/files/admin/pkg_admin.1
--- a/pkgtools/pkg_install/files/admin/pkg_admin.1 Sun Dec 28 00:55:47 2008 +0000
+++ b/pkgtools/pkg_install/files/admin/pkg_admin.1 Tue Dec 30 15:55:57 2008 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: pkg_admin.1,v 1.18.2.2 2008/05/30 13:49:07 wiz Exp $
+.\" $NetBSD: pkg_admin.1,v 1.18.2.3 2008/12/30 15:55:57 joerg Exp $
.\"
.\" Copyright (c) 1999-2008 The NetBSD Foundation, Inc.
.\" All rights reserved.
@@ -265,7 +265,11 @@
Packages that are not installed directly by the user but pulled in as
dependencies are marked by setting
.Dq automatic=YES .
-.It Cm sign-package pkg spkg key cert
+.It Cm gpg-sign-package pkg
+Sign the binary package
+.Ar pkg
+using GPG.
+.It Cm x509-sign-package pkg spkg key cert
Sign the binary package
.Ar pkg
using the key
diff -r a8f2256be502 -r 5484e64e90f6 pkgtools/pkg_install/files/lib/Makefile.in
--- a/pkgtools/pkg_install/files/lib/Makefile.in Sun Dec 28 00:55:47 2008 +0000
+++ b/pkgtools/pkg_install/files/lib/Makefile.in Tue Dec 30 15:55:57 2008 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.in,v 1.21.2.7 2008/08/05 22:56:24 joerg Exp $
+# $NetBSD: Makefile.in,v 1.21.2.8 2008/12/30 15:55:57 joerg Exp $
srcdir= @srcdir@
@@ -27,7 +27,7 @@
LIB= libinstall.a
OBJS= automatic.o conflicts.o decompress.o dewey.o fexec.o file.o \
- global.o iterate.o lpkg.o opattern.o \
+ gpgsig.o global.o iterate.o lpkg.o opattern.o \
parse-config.o path.o pkgdb.o plist.o remove.o \
str.o var.o version.o vulnerabilities-file.o xwrapper.o
diff -r a8f2256be502 -r 5484e64e90f6 pkgtools/pkg_install/files/lib/gpgsig.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/pkgtools/pkg_install/files/lib/gpgsig.c Tue Dec 30 15:55:57 2008 +0000
@@ -0,0 +1,252 @@
+/* $NetBSD: gpgsig.c,v 1.1.2.1 2008/12/30 15:55:57 joerg Exp $ */
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+#include <nbcompat.h>
+#if HAVE_SYS_CDEFS_H
+#include <sys/cdefs.h>
+#endif
+
+__RCSID("$NetBSD: gpgsig.c,v 1.1.2.1 2008/12/30 15:55:57 joerg Exp $");
+
+/*-
+ * Copyright (c) 2008 Joerg Sonnenberger <joerg%NetBSD.org@localhost>.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/wait.h>
+#ifndef NETBSD
+#include <nbcompat/err.h>
+#else
+#include <err.h>
+#endif
+#ifndef NETBSD
+#include <nbcompat/stdlib.h>
+#else
+#include <stdlib.h>
+#endif
+
+#include "lib.h"
+
+#ifndef __UNCONST
+#define __UNCONST(a) ((void *)(unsigned long)(const void *)(a))
+#endif
+
+static void
+verify_signature(const char *input, size_t input_len, const char *keyring,
+ const char *detached_signature)
+{
+ const char *argv[8], **argvp;
+ pid_t child;
+ int fd[2], status;
+
+ if (pipe(fd) == -1)
+ err(EXIT_FAILURE, "cannot create input pipes");
+
+ child = vfork();
+ if (child == -1)
+ err(EXIT_FAILURE, "cannot fork GPG process");
+ if (child == 0) {
+ close(fd[1]);
+ close(STDIN_FILENO);
+ if (dup2(fd[0], STDIN_FILENO) == -1) {
+ static const char err_msg[] =
+ "cannot redirect stdin of GPG process\n";
+ write(STDERR_FILENO, err_msg, sizeof(err_msg) - 1);
+ _exit(255);
+ }
+ close(fd[0]);
+ argvp = argv;
+ *argvp++ = gpg_cmd;
+ *argvp++ = "--verify";
+ if (keyring != NULL) {
+ *argvp++ = "--no-default-keyring";
+ *argvp++ = "--keyring";
+ *argvp++ = keyring;
+ }
+
+ if (detached_signature != NULL)
+ *argvp++ = detached_signature;
+ *argvp++ = "-";
+
+ *argvp = NULL;
+
+ execvp(gpg_cmd, __UNCONST(argv));
+ _exit(255);
+ }
+ close(fd[0]);
+ if (write(fd[1], input, input_len) != input_len)
+ errx(EXIT_FAILURE, "Short read from GPG");
+ close(fd[1]);
+ waitpid(child, &status, 0);
+ if (status)
+ errx(EXIT_FAILURE, "GPG could not verify the signature");
+}
+
+int
+inline_gpg_verify(const char *content, size_t len)
+{
+ verify_signature(content, len, NULL, NULL);
+
+ return 0;
+}
+
+int
+detached_gpg_verify(const char *content, size_t len,
+ const char *signature, size_t signature_len, const char *keyring)
+{
+ int fd;
+ const char *tmpdir;
+ char *tempsig;
+ ssize_t ret;
+
+ if (gpg_cmd == NULL) {
+ warnx("GPG variable not set, failing signature check");
+ return -1;
+ }
+
+ if ((tmpdir = getenv("TMPDIR")) == NULL)
+ tmpdir = "/tmp";
+ tempsig = xasprintf("%s/pkg_install.XXXXXX", tmpdir);
+
+ fd = mkstemp(tempsig);
+ if (fd == -1) {
+ warnx("Creating temporary file for GPG signature failed");
+ return -1;
+ }
+
+ while (signature_len) {
+ ret = write(fd, signature, signature_len);
+ if (ret == -1)
+ err(EXIT_FAILURE, "Write to GPG failed");
+ if (ret == 0)
+ errx(EXIT_FAILURE, "Short write to GPG");
+ signature_len -= ret;
+ signature += ret;
+ }
+
+ verify_signature(content, len, keyring, tempsig);
+
+ unlink(tempsig);
+ close(fd);
+ free(tempsig);
+
+ return 0;
+}
+
+int
+detached_gpg_sign(const char *content, size_t len, char **sig, size_t *sig_len,
+ const char *keyring, const char *user)
+{
+ const char *argv[12], **argvp;
+ pid_t child;
+ int fd_in[2], fd_out[2], status;
+ size_t allocated;
+ ssize_t ret;
+
+ if (gpg_cmd == NULL)
+ errx(EXIT_FAILURE, "GPG variable not set");
+
+ if (pipe(fd_in) == -1)
+ err(EXIT_FAILURE, "cannot create input pipes");
+ if (pipe(fd_out) == -1)
+ err(EXIT_FAILURE, "cannot create output pipes");
+
+ child = fork();
+ if (child == -1)
+ err(EXIT_FAILURE, "cannot fork GPG process");
+ if (child == 0) {
+ close(fd_in[1]);
+ close(STDIN_FILENO);
+ if (dup2(fd_in[0], STDIN_FILENO) == -1) {
+ static const char err_msg[] =
+ "cannot redirect stdin of GPG process\n";
+ write(STDERR_FILENO, err_msg, sizeof(err_msg) - 1);
+ _exit(255);
Home |
Main Index |
Thread Index |
Old Index