1 /* $OpenBSD: pgp_check.c,v 1.2 1999/10/07 16:30:32 espie Exp $ */
3 * Copyright (c) 1999 Marc Espie.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by Marc Espie for the OpenBSD
18 * THIS SOFTWARE IS PROVIDED BY THE OPENBSD PROJECT AND CONTRIBUTORS
19 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OPENBSD
22 * PROJECT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 * $FreeBSD: src/usr.sbin/pkg_install/sign/pgp_check.c,v 1.1.2.2 2002/08/20 06:35:08 obrien Exp $
31 * $DragonFly: src/usr.sbin/pkg_install/sign/Attic/pgp_check.c,v 1.2 2003/06/17 04:29:59 dillon Exp $
48 #define _PATH_DEVNULL "/dev/null"
51 /* transform current process into pgp signature checker -u userid <fd */
53 pgpcheck(fd, userid, envp)
63 argv[argc++] = "+batchmode";
68 argv[argc++] = (char *)userid;
72 assert(argc <= sizeof argv / sizeof(pchar));
74 fdnull = open(_PATH_DEVNULL, O_RDWR);
76 dup2(fd, fileno(stdin)) == -1 ||
77 dup2(fdnull, fileno(stdout)) == -1 ||
78 close(fdnull) == -1 || close(fd) == -1 ||
79 execve(PGP, argv, envp) == -1)
80 perror("launching pgp");
94 new_pgp_checker(h, sign, userid, envp, filename)
95 struct mygzip_header *h;
96 struct signature *sign;
99 /*@observer@*/const char *filename;
101 struct pgp_checker *n;
104 assert(sign->type == TAG_PGP);
105 n = malloc(sizeof *n);
110 if (stat(PGP, &sbuf) == -1) {
111 warnx("%s does not exist", PGP);
116 warnx("Can't allocate pgp_checker");
120 if (pipe(topgpcheck) == -1) {
121 warn("Pgp checker pipe");
125 switch(n->id = fork()) {
127 warn("Pgp checker process");
131 if (close(topgpcheck[1]) == -1)
133 pgpcheck(topgpcheck[0], userid, envp);
137 (void)close(topgpcheck[0]);
140 n->fdout = topgpcheck[1];
141 /* so that subsequent fork() won't duplicate it inadvertently */
142 (void)fcntl(n->fdout, F_SETFD, FD_CLOEXEC);
144 n->out = fopen("compare", "w");
146 n->status = PKG_GOODSIG;
148 pgp_add(n, sign->data, sign->length);
149 if (gzip_copy_header(h, sign->next, pgp_add, n) == 0) {
150 warnx("Unexpected header in %s", filename);
151 n->status = PKG_SIGERROR;
157 pgp_add(arg, buffer, length)
162 struct pgp_checker *n = arg;
164 if (n->status == PKG_GOODSIG) {
166 fwrite(buffer, 1, length, n->out);
169 ssize_t l = write(n->fdout, buffer, length);
171 n->status = PKG_SIGERROR;
184 struct pgp_checker *n = arg;
185 int status = n->status;
190 if (close(n->fdout) != 0)
191 status = PKG_SIGERROR;
192 if (reap(n->id) != 0)