Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/usr.sbin/pkg_install/add Fix signature verification after pk...



details:   https://anonhg.NetBSD.org/src/rev/abae9af06a8a
branches:  trunk
changeset: 565388:abae9af06a8a
user:      agc <agc%NetBSD.org@localhost>
date:      Tue Apr 06 05:56:07 2004 +0000

description:
Fix signature verification after pkg_add and friends were changed to use
fexec() - trying to exec "gpg --verify %s" won't work with fexec, so split
up the command into separate words.

diffstat:

 usr.sbin/pkg_install/add/verify.c |  25 ++++++++++++++-----------
 1 files changed, 14 insertions(+), 11 deletions(-)

diffs (83 lines):

diff -r 9f38333acdfb -r abae9af06a8a usr.sbin/pkg_install/add/verify.c
--- a/usr.sbin/pkg_install/add/verify.c Tue Apr 06 02:25:22 2004 +0000
+++ b/usr.sbin/pkg_install/add/verify.c Tue Apr 06 05:56:07 2004 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: verify.c,v 1.4 2003/09/23 09:36:04 wiz Exp $ */
+/* $NetBSD: verify.c,v 1.5 2004/04/06 05:56:07 agc Exp $ */
 
 /*
  * Copyright (c) 2001 Alistair G. Crooks.  All rights reserved.
@@ -35,7 +35,7 @@
 #ifndef lint
 __COPYRIGHT("@(#) Copyright (c) 1999 \
                The NetBSD Foundation, Inc.  All rights reserved.");
-__RCSID("$NetBSD: verify.c,v 1.4 2003/09/23 09:36:04 wiz Exp $");
+__RCSID("$NetBSD: verify.c,v 1.5 2004/04/06 05:56:07 agc Exp $");
 #endif
 
 #include <sys/types.h>
@@ -57,7 +57,8 @@
 /* this struct defines a verification type */ 
 typedef struct ver_t {
        const char     *name;                           /* name of type */
-       const char     *command;                        /* command to execute to verify */
+       const char     *command1;                       /* command to execute to verify */
+       const char     *command2;                       /* command to execute to verify */
        const char     *extensions[MaxExtensions];      /* signature file extensions */
 } ver_t;
 
@@ -65,22 +66,24 @@
 
 /* called when gpg verification type is selected */
 static int
-do_verify(const char *pkgname, const char *cmd, const char *const *extensions)
+do_verify(const char *pkgname, const char *cmd1, const char *cmd2, const char *const *extensions)
 {
        struct stat     st;
        const char    *const *ep;
        char            buf[BUFSIZ];
        char            f[FILENAME_MAX];
+       int             ret;
        int             i;
 
-       if (cmd == NULL) {
+       if (cmd1 == NULL) {
                return 1;
        }
        for (i = 0, ep = extensions ; i < MaxExtensions && *ep ; ep++, i++) {
                (void) snprintf(f, sizeof(f), "%s%s", pkgname, *ep);
                if (stat(f, &st) == 0) {
                        (void) fprintf(stderr, "pkg_add: Using signature file: %s\n", f);
-                       if (fexec(cmd, f, NULL) != 0) {
+                       ret = (cmd2 == NULL) ? fexec(cmd1, f, NULL) : fexec(cmd1, cmd2, f, NULL);
+                       if (ret != 0) {
                                (void) fprintf(stderr, "*** WARNING ***: `%s' has a bad signature\n", f);
                                return 0;
                        }
@@ -105,9 +108,9 @@
 
 /* table holding possible verifications which can be made */
 static const ver_t     vertab[] = {
-       { "none",       NULL,                   { NULL } },
-       { "gpg",        "gpg --verify %s",      { ".sig", ".asc", NULL } },
-       { "pgp5",       "pgpv %s",              { ".sig", ".asc", ".pgp", NULL } },
+       { "none",       NULL,   NULL,           { NULL } },
+       { "gpg",        "gpg", "--verify",      { ".sig", ".asc", NULL } },
+       { "pgp5",       "pgpv", NULL,           { ".sig", ".asc", ".pgp", NULL } },
        { NULL }
 };
 
@@ -144,11 +147,11 @@
        const ver_t *vp;
 
        if (verification_type == NULL) {
-               return do_verify(pkg, NULL, NULL);
+               return do_verify(pkg, NULL, NULL, NULL);
        }
        for (vp = vertab ; vp->name ; vp++) {
                if (strcasecmp(verification_type, vp->name) == 0) {
-                       return do_verify(pkg, vp->command, vp->extensions);
+                       return do_verify(pkg, vp->command1, vp->command2, vp->extensions);
                }
        }
        (void) fprintf(stderr, "Can't find `%s' verification details\n", verification_type);



Home | Main Index | Thread Index | Old Index