From 9a3325a56db87cc8c6336225162daefcd190208f Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Wed, 23 Mar 2011 22:56:54 -0500 Subject: Refactor signature loading code into common function We can use this for both standalone package signatures as well as standalone database signatures. Signed-off-by: Dan McGee --- lib/libalpm/be_package.c | 32 +++--------------------- lib/libalpm/db.c | 64 +++++++++++------------------------------------- lib/libalpm/signing.c | 49 ++++++++++++++++++++++++++++++++++-- lib/libalpm/signing.h | 1 + 4 files changed, 65 insertions(+), 81 deletions(-) (limited to 'lib') diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c index e8d26aa7..e86bffe6 100644 --- a/lib/libalpm/be_package.c +++ b/lib/libalpm/be_package.c @@ -254,6 +254,7 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full) /* attempt to stat the package file, ensure it exists */ if(stat(pkgfile, &st) == 0) { char *pgpfile; + int ret; newpkg = _alpm_pkg_new(); if(newpkg == NULL) { @@ -265,35 +266,8 @@ static pmpkg_t *pkg_load(const char *pkgfile, int full) /* look around for a PGP signature file; load if available */ MALLOC(pgpfile, strlen(pkgfile) + 5, RET_ERR(PM_ERR_MEMORY, NULL)); sprintf(pgpfile, "%s.sig", pkgfile); - if(access(pgpfile, R_OK) == 0) { - FILE *f; - long bytes; - size_t bytes_read; - f = fopen(pgpfile, "rb"); - fseek(f, 0L, SEEK_END); - bytes = ftell(f); - fseek(f, 0L, SEEK_SET); - /* don't read the file in if it is obviously not the size of a sig */ - if(bytes == 72) { - CALLOC(newpkg->pgpsig.rawdata, bytes, sizeof(char), - RET_ERR(PM_ERR_MEMORY, NULL)); - bytes_read = fread(newpkg->pgpsig.rawdata, sizeof(char), bytes, f); - if(bytes_read == (size_t)bytes) { - newpkg->pgpsig.rawlen = bytes; - _alpm_log(PM_LOG_DEBUG, - "loaded package .sig file, location %s\n", pgpfile); - } else { - _alpm_log(PM_LOG_WARNING, _("Failed reading PGP signature file for %s"), - pkgfile); - } - } else { - _alpm_log(PM_LOG_WARNING, _("PGP signature file for %s was abnormal" - " (had length %ld), skipping\n"), pkgfile, bytes); - } - fclose(f); - } else { - _alpm_log(PM_LOG_DEBUG, "no package signature file found\n"); - } + /* TODO: do something with ret value */ + ret = _alpm_load_signature(pgpfile, &(newpkg->pgpsig)); FREE(pgpfile); } else { /* couldn't stat the pkgfile, return an error */ diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c index 2c9b25f3..4bb24a6c 100644 --- a/lib/libalpm/db.c +++ b/lib/libalpm/db.c @@ -365,55 +365,6 @@ pmdb_t *_alpm_db_new(const char *treename, int is_local) return db; } -static int load_pgpsig(pmdb_t *db) { - size_t len; - const char *dbfile; - char *sigfile; - - dbfile = _alpm_db_path(db); - len = strlen(dbfile) + 5; - MALLOC(sigfile, len, RET_ERR(PM_ERR_MEMORY, -1)); - sprintf(sigfile, "%s.sig", dbfile); - - if(access(sigfile, R_OK) == 0) { - FILE *f; - long bytes; - size_t bytes_read; - f = fopen(sigfile, "rb"); - fseek(f, 0L, SEEK_END); - bytes = ftell(f); - if(bytes == -1) { - _alpm_log(PM_LOG_WARNING, _("Failed reading PGP signature file for %s"), - dbfile); - goto cleanup; - } - fseek(f, 0L, SEEK_SET); - CALLOC(db->pgpsig.rawdata, bytes, sizeof(char), - goto error); - bytes_read = fread(db->pgpsig.rawdata, sizeof(char), bytes, f); - if(bytes_read == (size_t)bytes) { - db->pgpsig.rawlen = bytes; - _alpm_log(PM_LOG_DEBUG, - "loaded database .sig file, location %s\n", sigfile); - } else { - _alpm_log(PM_LOG_WARNING, _("Failed reading PGP signature file for %s"), - dbfile); - } - -cleanup: - fclose(f); - } else { - _alpm_log(PM_LOG_DEBUG, "no database signature file found\n"); - } - - return(0); - -error: - FREE(db->pgpsig.rawdata); - db->pgpsig.rawlen = 0; - return(1); -} - const pmpgpsig_t *_alpm_db_pgpsig(pmdb_t *db) { ALPM_LOG_FUNC; @@ -422,7 +373,20 @@ const pmpgpsig_t *_alpm_db_pgpsig(pmdb_t *db) ASSERT(db != NULL, return(NULL)); if(db->pgpsig.rawdata == NULL) { - load_pgpsig(db); + size_t len; + const char *dbfile; + char *sigfile; + int ret; + + dbfile = _alpm_db_path(db); + len = strlen(dbfile) + 5; + MALLOC(sigfile, len, RET_ERR(PM_ERR_MEMORY, NULL)); + sprintf(sigfile, "%s.sig", dbfile); + + /* TODO: do something with ret value */ + ret = _alpm_load_signature(sigfile, &(db->pgpsig)); + + FREE(sigfile); } return &(db->pgpsig); diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index ecb81c9c..0434d996 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -203,6 +203,51 @@ error: return ret; } +/** + * Load the signature from the given path into the provided struct. + * @param sigfile the signature to attempt to load + * @param pgpsig the struct to place the data in + * + * @return 0 on success, 1 on file not found, -1 on error + */ +int _alpm_load_signature(const char *sigfile, pmpgpsig_t *pgpsig) { + struct stat st; + + if(access(sigfile, R_OK) == 0 && stat(sigfile, &st) == 0) { + FILE *f; + size_t bytes_read; + + if(st.st_size > 4096) { + return -1; + } + + if((f = fopen(sigfile, "rb")) == NULL) { + return -1; + } + CALLOC(pgpsig->rawdata, st.st_size, sizeof(unsigned char), + RET_ERR(PM_ERR_MEMORY, -1)); + bytes_read = fread(pgpsig->rawdata, sizeof(char), st.st_size, f); + if(bytes_read == (size_t)st.st_size) { + pgpsig->rawlen = bytes_read; + _alpm_log(PM_LOG_DEBUG, "loaded gpg signature file, location %s\n", + sigfile); + } else { + _alpm_log(PM_LOG_WARNING, _("Failed reading PGP signature file %s"), + sigfile); + FREE(pgpsig->rawdata); + return -1; + } + + fclose(f); + } else { + _alpm_log(PM_LOG_DEBUG, "signature file %s not found\n", sigfile); + /* not fatal...we return a different error code here */ + return 1; + } + + return 0; +} + /** * Check the PGP package signature for the given package file. * @param pkg the package to check @@ -227,8 +272,8 @@ int SYMEXPORT alpm_db_check_pgp_signature(pmdb_t *db) ALPM_LOG_FUNC; ASSERT(db != NULL, return(0)); - return(_alpm_gpgme_checksig(_alpm_db_path(db), - _alpm_db_pgpsig(db))); + return _alpm_gpgme_checksig(_alpm_db_path(db), + _alpm_db_pgpsig(db)); } diff --git a/lib/libalpm/signing.h b/lib/libalpm/signing.h index 07773780..b37abf0f 100644 --- a/lib/libalpm/signing.h +++ b/lib/libalpm/signing.h @@ -32,6 +32,7 @@ struct __pmpgpsig_t { }; int _alpm_gpgme_checksig(const char *path, const pmpgpsig_t *sig); +int _alpm_load_signature(const char *sigfile, pmpgpsig_t *pgpsig); #endif /* _ALPM_SIGNING_H */ -- cgit v1.2.3-70-g09d2