diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2007-08-23 16:17:47 +0000 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2007-08-23 16:17:47 +0000 |
commit | 766d41f8bf91a6d209c66e8fd12dbd6688ce2739 (patch) | |
tree | 12552a0788d42ac73e7260b883aa84a8045e957a /src/verify.c | |
parent | c7e791e9563b7805fc7a375bc7e616b4252a9c57 (diff) | |
download | wydawca-766d41f8bf91a6d209c66e8fd12dbd6688ce2739.tar.gz wydawca-766d41f8bf91a6d209c66e8fd12dbd6688ce2739.tar.bz2 |
Improve safety checks; implement symlink/rmsymlink/archive directives; Fix directive signature verification.
git-svn-id: file:///svnroot/wydawca/trunk@286 6bb4bd81-ecc2-4fd4-a2d4-9571d19c0d33
Diffstat (limited to 'src/verify.c')
-rw-r--r-- | src/verify.c | 34 |
1 files changed, 19 insertions, 15 deletions
diff --git a/src/verify.c b/src/verify.c index f64183a..7869618 100644 --- a/src/verify.c +++ b/src/verify.c @@ -1,4 +1,4 @@ -/* wydawca - FTP release synchronisation daemon +/* wydawca - FTP release synchronization daemon Copyright (C) 2007 Sergey Poznyakoff This program is free software; you can redistribute it and/or modify it @@ -38,6 +38,8 @@ trim (char *str) return len; } +/* Quote non-printable characters in INPUT. Point *OUTPUT to the malloc'ed + quoted string. Return its length. */ static size_t quote_string (struct access_method *method, const char *input, char **poutput) { @@ -73,6 +75,10 @@ quote_string (struct access_method *method, const char *input, char **poutput) return size; } +/* Expand PARAM by replacing %u with the quoted value of USER, %p with that + of PROJECT and %% with a single %. Return the malloc'ed result. + FIXME: Should we quote PARAM itself? +*/ char * expand_param (const char *param, const char *user, const char *project, struct access_method *method) @@ -157,7 +163,9 @@ expand_param (const char *param, const char *user, const char *project, } - + +/* Verify if USER has upload rights on the directory (project) requested + by TRP */ int check_access_rights (struct file_triplet *trp, struct directory_pair *dpair, const char *user) @@ -216,15 +224,19 @@ check_access_rights (struct file_triplet *trp, struct directory_pair *dpair, } int -verify_triplet (struct file_triplet *trp, struct directory_pair *dpair) +verify_directive_file (struct file_triplet *trp, struct directory_pair *dpair) { - struct passwd *pw = getpwuid (TRIPLET_UID (trp)); + struct passwd *pw; char *user_name; char *command; struct access_method *method = &dpair->gpg_key_method; const char *pubkey; int rc; + + if (!trp->file[file_directive].name) + return 1; + pw = getpwuid (TRIPLET_UID (trp)); if (!pw) { logmsg (LOG_ERR, "%s: getpwuid failed: %s", @@ -258,6 +270,8 @@ verify_triplet (struct file_triplet *trp, struct directory_pair *dpair) logmsg (LOG_ERR, "invalid signature for %s", trp->name); return 1; } + else if (debug_level) + logmsg (LOG_DEBUG, "%s: directive file signature OK", trp->name); if (debug_level > 1) { @@ -269,16 +283,6 @@ verify_triplet (struct file_triplet *trp, struct directory_pair *dpair) if (verify_directive_format (trp)) return 1; - if (check_access_rights (trp, dpair, user_name)) - return 1; - - if (verify_detached_signature (trp, dpair)) - { - logmsg (LOG_ERR, "invalid detached signature for %s", trp->name); - return 1; - } - - if (debug_level) - logmsg (LOG_DEBUG, "%s: triplet verified successfully", trp->name); return 0; } + |