diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-11-30 21:35:14 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-11-30 21:35:14 +0200 |
commit | a4b8dfab94b3ca44b6e3aecd7c0281ca2f5b51d5 (patch) | |
tree | 531d41fe7bb4adfba62024e6205cbfa742f7e70e /src/gpg.c | |
parent | 4c68f93c0c664e13a8572b43e33c138ce3bb8d28 (diff) | |
download | wydawca-a4b8dfab94b3ca44b6e3aecd7c0281ca2f5b51d5.tar.gz wydawca-a4b8dfab94b3ca44b6e3aecd7c0281ca2f5b51d5.tar.bz2 |
Do not require uploaders to be present in the system passwd database.
* src/wydawca.h (access_method_id): Remove verify_method,
gpg_key_method and user_data_method. Add project_uploader_method.
(uploader_info): New structure.
(struct file_triplet): Remove gid and user data fields.
Add uploader_count, uploader_list and uploader.
(TRIPLET_GID): Change definition.
(verify_directive_signature): Change signature.
(uploader_find_frp): New proto.
* src/verify.c (extract_plaintext): New function.
(fill_project_name): Rewrite. Parse directive file.
(uploader_find_frp): New function.
(check_access_rights): Remove.
(verify_directive_file): Rewrite.
* src/config.c (string_to_access_method_id): Reflect changes to the
access method system.
* src/builtin.c (default_ncol): Reflect changes to the
access method system.
* src/gpg.c (gpg_sig_ok_p): Remove.
(gpg_verify_signature): New function, based on
gpg_sig_ok_p.
(verify_directive_signature): Remove `pubkey' argument.
Register all public keys from the uploader list.
Do not call directive_parse, as the directive file must
already be parsed by the time the function is called.
* src/mail.c (get_uploader_email): New function.
(do_notify): Use get_uploader_email for notifying
users.
* src/triplet.c (hash_triplet_free): Reflect changes to
the triplet structure.
(format_file_data): Get user name from the system passwd database.
(fill_user_data): Remove.
(expand_user_real_name, expand_user_email): Reflect changes to
struct file_triplet.
* tests/etc/wydawca.rcin: Rewrite to reflect new access method
system.
* tests/mailstats.at, tests/notify-upl.at,
tests/upload-dry.at, tests/upload.at: Update.
Diffstat (limited to 'src/gpg.c')
-rw-r--r-- | src/gpg.c | 50 |
1 files changed, 37 insertions, 13 deletions
@@ -149,7 +149,8 @@ wydawca_gpg_homedir () } static int -gpg_sig_ok_p (gpgme_ctx_t ctx, gpgme_signature_t sig) +gpg_verify_signature (gpgme_ctx_t ctx, gpgme_signature_t sig, + struct file_triplet *trp) { if (!sig) return 0; @@ -169,25 +170,39 @@ gpg_sig_ok_p (gpgme_ctx_t ctx, gpgme_signature_t sig) case GPG_ERR_NO_ERROR: if (debug_level) logmsg (LOG_NOTICE, _("Good signature from %s"), uid); + trp->uploader = uploader_find_frp (trp->uploader_list, sig->fpr); + if (!trp->uploader) + { + logmsg (LOG_ERR, + _("good signature from %s, " + "but the uploader info for %s not found"), + uid, sig->fpr); + return 1; + } break; case GPG_ERR_BAD_SIGNATURE: + UPDATE_STATS (STAT_BAD_SIGNATURE); logmsg (LOG_ERR, _("BAD signature from %s"), uid); return 0; case GPG_ERR_NO_PUBKEY: + UPDATE_STATS (STAT_ACCESS_VIOLATIONS); logmsg (LOG_ERR, _("No public key")); return 0; case GPG_ERR_NO_DATA: + UPDATE_STATS (STAT_BAD_TRIPLETS); logmsg (LOG_ERR, _("No signature")); return 0; case GPG_ERR_SIG_EXPIRED: + UPDATE_STATS (STAT_BAD_SIGNATURE); logmsg (LOG_ERR, _("Expired signature from %s"), uid); return 0; case GPG_ERR_KEY_EXPIRED: + UPDATE_STATS (STAT_BAD_SIGNATURE); logmsg (LOG_ERR, _("Key expired (%s)"), uid); return 0; @@ -203,19 +218,35 @@ gpg_sig_ok_p (gpgme_ctx_t ctx, gpgme_signature_t sig) /* FIXME: spool currently unused */ int verify_directive_signature (struct file_triplet *trp, - const struct spool *spool, const char *pubkey) + const struct spool *spool) { gpgme_ctx_t ctx; gpgme_data_t key_data, directive_data, plain; off_t size; gpgme_error_t ec; int rc; + struct uploader_info *uptr; wydawca_gpg_homedir (); fail_if_err (gpgme_new (&ctx)); - fail_if_err (gpgme_data_new_from_mem (&key_data, pubkey, strlen (pubkey), + + for (uptr = trp->uploader_list; uptr; uptr = uptr->next) + { + gpgme_import_result_t res; + gpgme_import_status_t pstat; + + fail_if_err (gpgme_data_new_from_mem (&key_data, + uptr->gpg_key, + strlen (uptr->gpg_key), 0)); fail_if_err (gpgme_op_import (ctx, key_data)); + res = gpgme_op_import_result (ctx); + pstat = res->imports; + uptr->fpr = xstrdup (pstat->fpr); + if (debug_level > 2) + logmsg (LOG_DEBUG, _("imported key: user = %s, fingerprint = %s"), + uptr->name, uptr->fpr); + } fail_if_err (gpgme_data_new_from_file (&directive_data, trp->file[file_directive].name, 1)); @@ -225,22 +256,15 @@ verify_directive_signature (struct file_triplet *trp, { gpgme_verify_result_t result; - size = gpgme_data_seek (plain, 0, SEEK_END); - gpgme_data_seek (plain, 0, SEEK_SET); - trp->blurb = xmalloc (size + 1); - gpgme_data_read (plain, trp->blurb, size); - trp->blurb[size] = 0; - gpgme_data_release (plain); - - rc = directive_parse (trp); - result = gpgme_op_verify_result (ctx); - if (!gpg_sig_ok_p (ctx, result->signatures)) + if (!gpg_verify_signature (ctx, result->signatures, trp)) { UPDATE_STATS (STAT_BAD_SIGNATURE); notify (spool->notification, trp, ev_bad_directive_signature); rc = 1; } + else + rc = 0; } else { |