diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-01-21 03:46:01 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-01-21 04:03:54 +0100 |
commit | 98c3800184cfc961b19d605f69d555d0cea8bb7a (patch) | |
tree | e651ba6248c4b2f52b504acdd13403ee773a2639 /src/import/import-raw.c | |
parent | 5a3b1abd0ef47de9984d921463c2aaccc630fad6 (diff) |
import: make verification code generic, in preparation for using it pull-tar
Diffstat (limited to 'src/import/import-raw.c')
-rw-r--r-- | src/import/import-raw.c | 221 |
1 files changed, 14 insertions, 207 deletions
diff --git a/src/import/import-raw.c b/src/import/import-raw.c index 67c805ed47..d2cb053b5d 100644 --- a/src/import/import-raw.c +++ b/src/import/import-raw.c @@ -21,9 +21,7 @@ #include <sys/xattr.h> #include <linux/fs.h> -#include <sys/prctl.h> #include <curl/curl.h> -#include <gcrypt.h> #include "utf8.h" #include "strv.h" @@ -47,7 +45,7 @@ struct RawImport { char *image_root; ImportJob *raw_job; - ImportJob *sha256sums_job; + ImportJob *checksum_job; ImportJob *signature_job; RawImportFinished on_finished; @@ -67,7 +65,7 @@ RawImport* raw_import_unref(RawImport *i) { return NULL; import_job_unref(i->raw_job); - import_job_unref(i->sha256sums_job); + import_job_unref(i->checksum_job); import_job_unref(i->signature_job); curl_glue_unref(i->glue); @@ -251,170 +249,6 @@ static int raw_import_make_local_copy(RawImport *i) { return 0; } -static int raw_import_verify_sha256sum(RawImport *i) { - _cleanup_close_pair_ int gpg_pipe[2] = { -1, -1 }; - _cleanup_free_ char *fn = NULL; - _cleanup_close_ int sig_file = -1; - const char *p, *line; - char sig_file_path[] = "/tmp/sigXXXXXX"; - _cleanup_sigkill_wait_ pid_t pid = 0; - int r; - - assert(i); - - assert(i->raw_job); - - if (!i->sha256sums_job) - return 0; - - assert(i->raw_job->state == IMPORT_JOB_DONE); - assert(i->raw_job->sha256); - - assert(i->sha256sums_job->state == IMPORT_JOB_DONE); - assert(i->sha256sums_job->payload); - assert(i->sha256sums_job->payload_size > 0); - - r = import_url_last_component(i->raw_job->url, &fn); - if (r < 0) - return log_oom(); - - if (!filename_is_valid(fn)) { - log_error("Cannot verify checksum, could not determine valid server-side file name."); - return -EBADMSG; - } - - line = strappenda(i->raw_job->sha256, " *", fn, "\n"); - - p = memmem(i->sha256sums_job->payload, - i->sha256sums_job->payload_size, - line, - strlen(line)); - - if (!p || (p != (char*) i->sha256sums_job->payload && p[-1] != '\n')) { - log_error("Checksum did not check out, payload has been tempered with."); - return -EBADMSG; - } - - log_info("SHA256 checksum of %s is valid.", i->raw_job->url); - - if (!i->signature_job) - return 0; - - assert(i->signature_job->state == IMPORT_JOB_DONE); - assert(i->signature_job->payload); - assert(i->signature_job->payload_size > 0); - - r = pipe2(gpg_pipe, O_CLOEXEC); - if (r < 0) - return log_error_errno(errno, "Failed to create pipe: %m"); - - sig_file = mkostemp(sig_file_path, O_RDWR); - if (sig_file < 0) - return log_error_errno(errno, "Failed to create temporary file: %m"); - - r = loop_write(sig_file, i->signature_job->payload, i->signature_job->payload_size, false); - if (r < 0) { - log_error_errno(r, "Failed to write to temporary file: %m"); - goto finish; - } - - pid = fork(); - if (pid < 0) - return log_error_errno(errno, "Failed to fork off gpg: %m"); - if (pid == 0) { - const char *cmd[] = { - "gpg", - "--no-options", - "--no-default-keyring", - "--no-auto-key-locate", - "--no-auto-check-trustdb", - "--batch", - "--trust-model=always", - "--keyring=" VENDOR_KEYRING_PATH, - NULL, /* maybe user keyring */ - NULL, /* --verify */ - NULL, /* signature file */ - NULL, /* dash */ - NULL /* trailing NULL */ - }; - unsigned k = ELEMENTSOF(cmd) - 5; - int null_fd; - - /* Child */ - - reset_all_signal_handlers(); - reset_signal_mask(); - assert_se(prctl(PR_SET_PDEATHSIG, SIGTERM) == 0); - - gpg_pipe[1] = safe_close(gpg_pipe[1]); - - if (dup2(gpg_pipe[0], STDIN_FILENO) != STDIN_FILENO) { - log_error_errno(errno, "Failed to dup2() fd: %m"); - _exit(EXIT_FAILURE); - } - - if (gpg_pipe[0] != STDIN_FILENO) - gpg_pipe[0] = safe_close(gpg_pipe[0]); - - null_fd = open("/dev/null", O_WRONLY|O_NOCTTY); - if (null_fd < 0) { - log_error_errno(errno, "Failed to open /dev/null: %m"); - _exit(EXIT_FAILURE); - } - - if (dup2(null_fd, STDOUT_FILENO) != STDOUT_FILENO) { - log_error_errno(errno, "Failed to dup2() fd: %m"); - _exit(EXIT_FAILURE); - } - - if (null_fd != STDOUT_FILENO) - null_fd = safe_close(null_fd); - - /* We add the user keyring only to the command line - * arguments, if it's around since gpg fails - * otherwise. */ - if (access(USER_KEYRING_PATH, F_OK) >= 0) - cmd[k++] = "--keyring=" USER_KEYRING_PATH; - - cmd[k++] = "--verify"; - cmd[k++] = sig_file_path; - cmd[k++] = "-"; - cmd[k++] = NULL; - - execvp("gpg", (char * const *) cmd); - log_error_errno(errno, "Failed to execute gpg: %m"); - _exit(EXIT_FAILURE); - } - - gpg_pipe[0] = safe_close(gpg_pipe[0]); - - r = loop_write(gpg_pipe[1], i->sha256sums_job->payload, i->sha256sums_job->payload_size, false); - if (r < 0) { - log_error_errno(r, "Failed to write to pipe: %m"); - goto finish; - } - - gpg_pipe[1] = safe_close(gpg_pipe[1]); - - r = wait_for_terminate_and_warn("gpg", pid, true); - pid = 0; - if (r < 0) - goto finish; - if (r > 0) { - log_error("Signature verification failed."); - r = -EBADMSG; - } else { - log_info("Signature verification succeeded."); - r = 0; - } - -finish: - if (sig_file >= 0) - unlink(sig_file_path); - - return r; -} - static void raw_import_job_on_finished(ImportJob *j) { RawImport *i; int r; @@ -424,7 +258,7 @@ static void raw_import_job_on_finished(ImportJob *j) { i = j->userdata; if (j->error != 0) { - if (j == i->sha256sums_job) + if (j == i->checksum_job) log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)"); else if (j == i->signature_job) log_error_errno(j->error, "Failed to retrieve signature file, cannot verify. (Try --verify=no?)"); @@ -442,17 +276,18 @@ static void raw_import_job_on_finished(ImportJob *j) { * * We only do something when we got all three files */ - if (!IMPORT_JOB_STATE_IS_COMPLETE(i->raw_job)) + if (i->raw_job->state != IMPORT_JOB_DONE) return; - if (i->sha256sums_job && !IMPORT_JOB_STATE_IS_COMPLETE(i->sha256sums_job)) + if (i->checksum_job && i->checksum_job->state != IMPORT_JOB_DONE) return; - if (i->signature_job && !IMPORT_JOB_STATE_IS_COMPLETE(i->signature_job)) + if (i->signature_job && i->signature_job->state != IMPORT_JOB_DONE) return; if (!i->raw_job->etag_exists) { + /* This is a new download, verify it, and move it into place */ assert(i->raw_job->disk_fd >= 0); - r = raw_import_verify_sha256sum(i); + r = import_verify(i->raw_job, i->checksum_job, i->signature_job); if (r < 0) goto finish; @@ -546,50 +381,22 @@ int raw_import_pull(RawImport *i, const char *url, const char *local, bool force i->raw_job->on_finished = raw_import_job_on_finished; i->raw_job->on_open_disk = raw_import_job_on_open_disk; - i->raw_job->calc_hash = true; + i->raw_job->calc_checksum = verify != IMPORT_VERIFY_NO; r = import_find_old_etags(url, i->image_root, DT_REG, ".raw-", ".raw", &i->raw_job->old_etags); if (r < 0) return r; - if (verify != IMPORT_VERIFY_NO) { - _cleanup_free_ char *sha256sums_url = NULL; - - /* Queue job for the SHA256SUMS file for the image */ - r = import_url_change_last_component(url, "SHA256SUMS", &sha256sums_url); - if (r < 0) - return r; - - r = import_job_new(&i->sha256sums_job, sha256sums_url, i->glue, i); - if (r < 0) - return r; - - i->sha256sums_job->on_finished = raw_import_job_on_finished; - i->sha256sums_job->uncompressed_max = i->sha256sums_job->compressed_max = 1ULL * 1024ULL * 1024ULL; - } - - if (verify == IMPORT_VERIFY_SIGNATURE) { - _cleanup_free_ char *sha256sums_sig_url = NULL; - - /* Queue job for the SHA256SUMS.gpg file for the image. */ - r = import_url_change_last_component(url, "SHA256SUMS.gpg", &sha256sums_sig_url); - if (r < 0) - return r; - - r = import_job_new(&i->signature_job, sha256sums_sig_url, i->glue, i); - if (r < 0) - return r; - - i->signature_job->on_finished = raw_import_job_on_finished; - i->signature_job->uncompressed_max = i->signature_job->compressed_max = 1ULL * 1024ULL * 1024ULL; - } + r = import_make_verification_jobs(&i->checksum_job, &i->signature_job, verify, url, i->glue, raw_import_job_on_finished, i); + if (r < 0) + return r; r = import_job_begin(i->raw_job); if (r < 0) return r; - if (i->sha256sums_job) { - r = import_job_begin(i->sha256sums_job); + if (i->checksum_job) { + r = import_job_begin(i->checksum_job); if (r < 0) return r; } |