1 /* $OpenBSD: pgp_sign.c,v 1.1 1999/10/04 21:46:29 espie Exp $ */
3 * Copyright (c) 1999 Marc Espie.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by Marc Espie for the OpenBSD
18 * THIS SOFTWARE IS PROVIDED BY THE OPENBSD PROJECT AND CONTRIBUTORS
19 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OPENBSD
22 * PROJECT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 * $FreeBSD: src/usr.sbin/pkg_install/sign/pgp_sign.c,v 1.1.2.3 2002/08/20 06:35:08 obrien Exp $
31 * $DragonFly: src/usr.sbin/pkg_install/sign/Attic/pgp_sign.c,v 1.2 2003/06/17 04:29:59 dillon Exp $
34 #include <sys/types.h>
48 pgpsign(fdin, fdout, userid, envp)
57 argv[argc++] = "+batchmode";
58 argv[argc++] = "+compress=off";
61 argv[argc++] = "-zAthlon";
65 argv[argc++] = (char *)userid;
68 assert(argc <= sizeof argv / sizeof(pchar));
70 if (dup2(fdin, fileno(stdin)) == -1 ||
71 dup2(fdout, fileno(stdout)) == -1 ||
72 execve(PGP, argv, envp) == -1)
76 static struct signature *
78 struct signature *old;
82 n = malloc(sizeof(*n));
84 n->data = malloc(MAXPGPSIGNSIZE);
85 if (n->data == NULL) {
92 memcpy(n->tag, pgptag, sizeof pgptag);
98 retrieve_pgp_signature(filename, sign, userid, envp)
100 struct signature **sign;
104 int topgp[2], frompgp[2];
106 struct mygzip_header h;
109 FILE *orig, *dest, *signin;
110 struct signature *old;
112 orig = fopen(filename, "r");
115 if (gzip_read_header(orig, &h, &old) == GZIP_NOT_GZIP) {
116 warnx("File %s is not a gzip file\n", filename);
121 if (pipe(topgp) == -1) {
125 if (pipe(frompgp) == -1) {
127 (void)close(topgp[0]);
128 (void)close(topgp[1]);
131 switch(pgpid = fork()) {
133 (void)close(topgp[1]);
134 (void)close(frompgp[0]);
135 pgpsign(topgp[0], frompgp[1], userid, envp);
138 (void)close(topgp[0]);
139 (void)close(topgp[1]);
140 (void)close(frompgp[0]);
141 (void)close(frompgp[1]);
145 (void)close(topgp[0]);
146 (void)close(frompgp[1]);
149 dest = fdopen(topgp[1], "w");
151 (void)close(topgp[1]);
152 (void)close(frompgp[0]);
158 if (gzip_write_header(dest, &h, old) == 0)
163 while ((c = fgetc(orig)) != EOF && fputc(c, dest) != EOF)
168 if (fclose(dest) != 0)
171 if (fclose(orig) != 0)
174 signin = fdopen(frompgp[0], "r");
175 if (signin == NULL) {
176 (void)close(frompgp[0]);
178 enum { NONE, FIRST, DONE, COPY} magic = NONE;
181 FILE *out = fopen("dump", "w");
184 if ((*sign = new_pgpsignature(old)) == NULL)
187 while ((c = fgetc(signin)) != EOF && magic != DONE &&
188 (*sign)->length < MAXPGPSIGNSIZE) {
191 (*sign)->data[(*sign)->length++] = c;
192 if ((unsigned char)c == (unsigned char)GZIP_MAGIC0)
196 (*sign)->data[(*sign)->length++] = c;
197 if ((unsigned char)c == (unsigned char)GZIP_MAGIC1)
203 else if ((unsigned char)c != (unsigned char)GZIP_MAGIC0)
214 if ((*sign)->length == MAXPGPSIGNSIZE)
216 (*sign)->length -= 2;
217 sign_fill_tag(*sign);
229 handle_pgp_passphrase()
235 printf("Short-circuiting %s\n", __func__);
238 /* Retrieve the pgp passphrase */
239 p = getpass("Enter passphrase:");
242 * Somewhat kludgy code to get the passphrase to pgp, see
243 * pgp documentation for the gore
249 switch(pid = fork()) {
257 * The child fills the pipe with copies of the passphrase.
258 * Expect violent death when father exits.
260 printf("Child process %d stuffing passphrase in pipe:\n", getpid());
263 (void)write(fd[1], p, strlen(p));
264 (void)write(fd[1], &c, 1);
265 putchar('.'); fflush(stdout);
274 (void)sprintf(buf, "%d", fd[0]);
275 (void)setenv("PGPPASSFD", buf, 1);
276 printf("Parent process PGPPASSFD=%d.\n", fd[0]);