/* wydawca - automatic release submission daemon
Copyright (C) 2007 Sergey Poznyakoff
Wydawca is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 3 of the License, or (at your
option) any later version.
Wydawca is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with wydawca. If not, see . */
/* GPG interface functions */
#include "wydawca.h"
#include "save-cwd.h"
#include
#define fail_if_err(expr) \
do \
{ \
int a = expr; \
if (a) \
{ \
logmsg (LOG_ERR, _("%s: GPGME error: %s"), #expr, \
gpgme_strerror (a)); \
return 1; \
} \
} \
while (0)
static char *homedir;
static int rmdir_r (const char *name);
/* Auxiliary function: change to directory NAME and recursively remove
everything under it. */
static int
recursive_rmdir (const char *name)
{
int rc;
DIR *dir;
struct dirent *ent;
if (chdir (name))
{
logmsg (LOG_ERR, _("cannot change to directory %s: %s"),
name, strerror (errno));
return 1;
}
dir = opendir (".");
if (!dir)
{
logmsg (LOG_ERR, _("cannot open directory %s: %s"),
name, strerror (errno));
return 1;
}
for (rc = 0; rc == 0 && (ent = readdir (dir));)
{
struct stat st;
if (strcmp (ent->d_name, ".") == 0
|| strcmp (ent->d_name, "..") == 0)
continue;
if (stat (ent->d_name, &st) && errno != ENOENT)
{
logmsg (LOG_ERR, _("cannot stat file `%s': %s"),
name, strerror (errno));
rc = 1;
}
else if (S_ISDIR (st.st_mode))
rc = rmdir_r (ent->d_name);
else if ((rc = unlink (ent->d_name)) != 0 && errno != ENOENT)
logmsg (LOG_ERR, _("cannot unlink %s: %s"),
ent->d_name, strerror (errno));
}
closedir (dir);
return rc;
}
/* Recursively remove the contents of the directory NAME and the directory
itself. Do not change CWD. */
static int
rmdir_r (const char *name)
{
int rc;
struct saved_cwd cwd;
if (save_cwd (&cwd))
{
logmsg (LOG_ERR, _("cannot save current directory: %s"),
strerror (errno));
return 1;
}
rc = recursive_rmdir (name);
if (restore_cwd (&cwd))
{
logmsg (LOG_ERR, _("cannot restore current directory: %s"),
strerror (errno));
rc = 1;
}
if (rc == 0 && rmdir (name))
{
logmsg (LOG_ERR, _("cannot remove directory %s: %s"),
name, strerror (errno));
return 1;
}
return rc;
}
/* Remove temporary GPG home directory */
static void
remove_homedir ()
{
if (debug_level > 1)
logmsg (LOG_DEBUG, _("removing GNUPG home directory: %s"), homedir);
if (rmdir_r (homedir))
logmsg (LOG_CRIT, _("failed to remove GPG directory %s"), homedir);
}
/* Create a temporary GPG home directory */
int
wydawca_gpg_homedir ()
{
if (homedir)
return 0;
homedir = xstrdup ("/tmp/wydawca-XXXXXX");
if (!mkdtemp (homedir))
{
logmsg (LOG_CRIT, _("cannot create GPG home directory (%s): %s"),
homedir, strerror (errno));
return 1;
}
atexit (remove_homedir);
if (debug_level > 1)
logmsg (LOG_DEBUG, _("GNUPG home directory: %s"), homedir);
setenv ("GNUPGHOME", homedir, 1);
return 0;
}
static int
gpg_sig_ok_p (gpgme_ctx_t ctx, gpgme_signature_t sig)
{
if (!sig)
return 0;
for (; sig; sig = sig->next)
{
const char *uid;
gpgme_key_t key;
if (gpgme_get_key (ctx, sig->fpr, &key, 0) == GPG_ERR_NO_ERROR)
uid = key->uids->uid;
else
uid = sig->fpr;
switch (gpg_err_code (sig->status))
{
case GPG_ERR_NO_ERROR:
if (debug_level)
logmsg (LOG_NOTICE, _("Good signature from %s"), uid);
break;
case GPG_ERR_BAD_SIGNATURE:
logmsg (LOG_ERR, _("BAD signature from %s"), uid);
return 0;
case GPG_ERR_NO_PUBKEY:
logmsg (LOG_ERR, _("No public key"));
return 0;
case GPG_ERR_NO_DATA:
logmsg (LOG_ERR, _("No signature"));
return 0;
case GPG_ERR_SIG_EXPIRED:
logmsg (LOG_ERR, _("Expired signature from %s"), uid);
return 0;
case GPG_ERR_KEY_EXPIRED:
logmsg (LOG_ERR, _("Key expired (%s)"), uid);
return 0;
default:
logmsg (LOG_ERR, _("Unknown signature error"));
return 0;
}
}
return 1;
}
/* Verify the directive file from TRP using public key PUBKEY */
/* FIXME: spool currently unused */
int
verify_directive_signature (struct file_triplet *trp,
const struct spool *spool, const char *pubkey)
{
gpgme_ctx_t ctx;
gpgme_data_t key_data, directive_data, plain;
off_t size;
gpgme_error_t ec;
int rc;
wydawca_gpg_homedir ();
fail_if_err (gpgme_new (&ctx));
fail_if_err (gpgme_data_new_from_mem (&key_data, pubkey, strlen (pubkey),
0));
fail_if_err (gpgme_op_import (ctx, key_data));
fail_if_err (gpgme_data_new_from_file (&directive_data,
trp->file[file_directive].name, 1));
gpgme_data_new (&plain);
ec = gpgme_op_verify (ctx, directive_data, NULL, plain);
if (ec == GPG_ERR_NO_ERROR)
{
gpgme_verify_result_t result;
size = gpgme_data_seek (plain, 0, SEEK_END);
gpgme_data_seek (plain, 0, SEEK_SET);
trp->blurb = xmalloc (size + 1);
gpgme_data_read (plain, trp->blurb, size);
trp->blurb[size] = 0;
gpgme_data_release (plain);
rc = directive_parse (trp);
result = gpgme_op_verify_result (ctx);
if (!gpg_sig_ok_p (ctx, result->signatures))
{
UPDATE_STATS (STAT_BAD_SIGNATURE);
notify (spool->notification, trp, ev_bad_directive_signature);
rc = 1;
}
}
else
{
rc = 1;
UPDATE_STATS (STAT_BAD_SIGNATURE);
logmsg (LOG_ERR, _("%s: directive verification failed: %s"),
trp->name, gpgme_strerror (ec));
}
gpgme_data_release (directive_data);
gpgme_data_release (key_data);
return rc;
}
/* Verify the detached signature of TRP.
NOTE: It is assumed that the public key is already registered (by
a previous call to verify_directive_signature). */
int
verify_detached_signature (struct file_triplet *trp,
const struct spool *spool)
{
gpgme_engine_info_t info;
const char *argv[5];
fail_if_err (gpgme_get_engine_info (&info));
while (info && info->protocol != GPGME_PROTOCOL_OpenPGP)
info = info->next;
if (!info)
{
logmsg (LOG_CRIT,
_("cannot find path to gpg binary (attempting to verify "
"the detached signature for %s"), trp->name);
return 1;
}
wydawca_gpg_homedir ();
argv[0] = info->file_name;
argv[1] = "--verify";
argv[2] = trp->file[file_signature].name;
argv[3] = trp->file[file_dist].name;
argv[4] = NULL;
switch (wydawca_exec (5, argv, NULL))
{
case exec_success:
if (debug_level)
logmsg (LOG_DEBUG, _("good detached signature for %s"), trp->name);
return 0;
case exec_fail:
UPDATE_STATS (STAT_BAD_SIGNATURE);
logmsg (LOG_ERR, _("BAD detached signature for %s"), trp->name);
notify (spool->notification, trp, ev_bad_detached_signature);
break;
case exec_error:
logmsg (LOG_CRIT, _("cannot verify detached signature for %s"),
trp->name);
break;
}
return 1;
}