search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Create defaults/uuids and adjust the build to copy the file to /etc/defaults
[dragonfly/vkernel-mp.git] / usr.sbin / pkg_install / sign / pgp_sign.c
blob4bd81ee091d24691adbf079f5995b23762298bb8
1 /*-
2 * Copyright (c) 1999 Marc Espie.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 3. All advertising materials mentioning features or use of this software
13 * must display the following acknowledgement:
14 * This product includes software developed by Marc Espie for the OpenBSD
15 * Project.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE OPENBSD PROJECT AND CONTRIBUTORS
18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
20 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OPENBSD
21 * PROJECT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
22 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
23 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
27 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 *
29 * $OpenBSD: pgp_sign.c,v 1.1 1999/10/04 21:46:29 espie Exp $
30 * $FreeBSD: src/usr.sbin/pkg_install/sign/pgp_sign.c,v 1.5 2004/06/29 19:06:42 eik Exp $
31 * $DragonFly: src/usr.sbin/pkg_install/sign/pgp_sign.c,v 1.4 2004/12/18 23:48:04 swildner Exp $
32 */
33
34 #include <sys/types.h>
35 #include <stdlib.h>
36 #include <string.h>
37 #include <unistd.h>
38 #include <stdio.h>
39 #include <errno.h>
40 #include <signal.h>
41 #include <pwd.h>
42 #include <assert.h>
43 #include "stand.h"
44 #include "pgp.h"
45 #include "gzip.h"
46 #include "extern.h"
47
48 static void
49 pgpsign(fdin, fdout, userid, envp)
50 int fdin, fdout;
51 const char *userid;
52 char *envp[];
53 {
54 pchar argv[10];
55 int argc = 0;
56
57 argv[argc++] = PGP;
58 argv[argc++] = "+batchmode";
59 argv[argc++] = "+compress=off";
60 argv[argc++] = "-f";
61 argv[argc++] = "-s";
62 argv[argc++] = "-zAthlon";
63
64 if (userid) {
65 argv[argc++] = "-u";
66 argv[argc++] = (char *)userid;
67 }
68 argv[argc++] = NULL;
69 assert(argc <= sizeof argv / sizeof(pchar));
70
71 if (dup2(fdin, fileno(stdin)) == -1 ||
72 dup2(fdout, fileno(stdout)) == -1 ||
73 execve(PGP, argv, envp) == -1)
74 exit(errno);
75 }
76
77 static struct signature *
78 new_pgpsignature(old)
79 struct signature *old;
80 {
81 struct signature *n;
82
83 n = malloc(sizeof(*n));
84 if (n != NULL) {
85 n->data = malloc(MAXPGPSIGNSIZE);
86 if (n->data == NULL) {
87 free(n);
88 return NULL;
89 }
90 n->length = 0;
91 n->next = old;
92 n->type = TAG_PGP;
93 memcpy(n->tag, pgptag, sizeof pgptag);
94 }
95 return n;
96 }
97
98 int
99 retrieve_pgp_signature(filename, sign, userid, envp)
100 const char *filename;
101 struct signature **sign;
102 const char *userid;
103 char *envp[];
104 {
105 int topgp[2], frompgp[2];
106 pid_t pgpid;
107 struct mygzip_header h;
108 int success;
109
110 FILE *orig, *dest, *signin;
111 struct signature *old;
112
113 orig = fopen(filename, "r");
114 if (orig == NULL)
115 return 0;
116 if (gzip_read_header(orig, &h, &old) == GZIP_NOT_GZIP) {
117 warnx("File %s is not a gzip file\n", filename);
118 fclose(orig);
119 return 0;
120 }
121
122 if (pipe(topgp) == -1) {
123 fclose(orig);
124 return 0;
125 }
126 if (pipe(frompgp) == -1) {
127 fclose(orig);
128 close(topgp[0]);
129 close(topgp[1]);
130 return 0;
131 }
132 switch(pgpid = fork()) {
133 case 0:
134 close(topgp[1]);
135 close(frompgp[0]);
136 pgpsign(topgp[0], frompgp[1], userid, envp);
137 /*NOT REACHED */
138 case -1:
139 close(topgp[0]);
140 close(topgp[1]);
141 close(frompgp[0]);
142 close(frompgp[1]);
143 fclose(orig);
144 return 0;
145 default:
146 close(topgp[0]);
147 close(frompgp[1]);
148 }
149
150 dest = fdopen(topgp[1], "w");
151 if (dest == NULL) {
152 close(topgp[1]);
153 close(frompgp[0]);
154 reap(pgpid);
155 return 0;
156 }
157
158 success = 1;
159 if (gzip_write_header(dest, &h, old) == 0)
160 success = 0;
161 else {
162 int c;
163
164 while ((c = fgetc(orig)) != EOF && fputc(c, dest) != EOF)
165 ;
166 if (ferror(dest))
167 success = 0;
168 }
169 if (fclose(dest) != 0)
170 success = 0;
171
172 if (fclose(orig) != 0)
173 success = 0;
174
175 signin = fdopen(frompgp[0], "r");
176 if (signin == NULL) {
177 close(frompgp[0]);
178 } else {
179 enum { NONE, FIRST, DONE, COPY} magic = NONE;
180 int c;
181 #ifdef DEBUG_DUMP
182 FILE *out = fopen("dump", "w");
183 #endif
184
185 if ((*sign = new_pgpsignature(old)) == NULL)
186 success = 0;
187 else {
188 while ((c = fgetc(signin)) != EOF && magic != DONE &&
189 (*sign)->length < MAXPGPSIGNSIZE) {
190 switch(magic) {
191 case NONE:
192 (*sign)->data[(*sign)->length++] = c;
193 if ((unsigned char)c == (unsigned char)GZIP_MAGIC0)
194 magic = FIRST;
195 break;
196 case FIRST:
197 (*sign)->data[(*sign)->length++] = c;
198 if ((unsigned char)c == (unsigned char)GZIP_MAGIC1)
199 #ifdef DEBUG_DUMP
200 magic = COPY;
201 #else
202 magic = DONE;
203 #endif
204 else if ((unsigned char)c != (unsigned char)GZIP_MAGIC0)
205 magic = NONE;
206 break;
207 case DONE:
208 case COPY:
209 break;
210 }
211 #ifdef DEBUG_DUMP
212 fputc(c, out);
213 #endif
214 }
215 if ((*sign)->length == MAXPGPSIGNSIZE)
216 success = 0;
217 (*sign)->length -= 2;
218 sign_fill_tag(*sign);
219 }
220 fclose(signin);
221 #ifdef DEBUG_DUMP
222 fclose(out);
223 #endif
224 reap(pgpid);
225 }
226 return success;
227 }
228
229 void
230 handle_pgp_passphrase()
231 {
232 pid_t pid;
233 int fd[2];
234 char *p;
235
236 printf("Short-circuiting %s\n", __func__);
237 return;
238
239 /* Retrieve the pgp passphrase */
240 p = getpass("Enter passphrase:");
241
242 /*
243 * Somewhat kludgy code to get the passphrase to pgp, see
244 * pgp documentation for the gore
245 */
246 if (pipe(fd) != 0) {
247 perror("pkg_sign");
248 exit(EXIT_FAILURE);
249 }
250 switch(pid = fork()) {
251 case -1:
252 perror("pkg_sign");
253 exit(EXIT_FAILURE);
254 case 0:
255 {
256 close(fd[0]);
257 /*
258 * The child fills the pipe with copies of the passphrase.
259 * Expect violent death when father exits.
260 */
261 printf("Child process %d stuffing passphrase in pipe:\n", getpid());
262 for(;;) {
263 char c = '\n';
264 write(fd[1], p, strlen(p));
265 write(fd[1], &c, 1);
266 putchar('.'); fflush(stdout);
267 }
268 }
269 default:
270 {
271 char buf[10];
272
273 sleep(1);
274 close(fd[1]);
275 sprintf(buf, "%d", fd[0]);
276 setenv("PGPPASSFD", buf, 1);
277 printf("Parent process PGPPASSFD=%d.\n", fd[0]);
278 }
279 }
280 }
281
DragonFly vkernel multiprocessor port