rpm  5.4.14
rpmku.c
Go to the documentation of this file.
1 
5 #include "system.h"
6 
7 #define _RPMIOB_INTERNAL
8 #include <rpmiotypes.h>
9 #include <rpmio.h>
10 #if defined(HAVE_KEYUTILS_H)
11 #include <rpmmacro.h>
12 #include <argv.h>
13 
14 #ifdef __cplusplus
15 extern "C" {
16 #endif
17 #include <keyutils.h>
18 #ifdef __cplusplus
19 }
20 #endif
21 
22 #define _RPMPGP_INTERNAL
23 #include <rpmpgp.h>
24 #endif
25 #include <rpmku.h>
26 
27 #include "debug.h"
28 
29 /*@access pgpDigParams@ */
30 /*@access rpmiob @*/
31 
32 #if defined(HAVE_KEYUTILS_H)
33 /*@unchecked@*/
35 
36 /*@unchecked@*/
37 static int _kuCache = 1;
38 
39 typedef struct _kuItem_s {
40 /*@observer@*/
41  const char *name;
42  key_serial_t val;
43 } * _kuItem;
44 
45 /* NB: the following table must be sorted lexically for bsearch(3). */
46 /*@unchecked@*/ /*@observer@*/
47 static struct _kuItem_s kuTable[] = {
48  { "group", KEY_SPEC_GROUP_KEYRING },
49  { "process", KEY_SPEC_PROCESS_KEYRING },
50  { "reqkey_auth", KEY_SPEC_REQKEY_AUTH_KEY },
51  { "session", KEY_SPEC_SESSION_KEYRING },
52  { "thread", KEY_SPEC_THREAD_KEYRING },
53  { "user", KEY_SPEC_USER_KEYRING },
54  { "user_session", KEY_SPEC_USER_SESSION_KEYRING },
55 };
56 
57 /*@unchecked@*/
58 static size_t nkuTable = sizeof(kuTable) / sizeof(kuTable[0]);
59 
60 static int
61 kuCmp(const void * a, const void * b)
62  /*@*/
63 {
64  return strcmp(((_kuItem)a)->name, ((_kuItem)b)->name);
65 }
66 
67 static key_serial_t
68 kuValue(const char * name)
69  /*@*/
70 {
71  _kuItem k = NULL;
72 
73  if (name != NULL && *name != '\0') {
74  _kuItem tmp = (_kuItem) memset(alloca(sizeof(*tmp)), 0, sizeof(*tmp));
75 /*@-temptrans@*/
76  tmp->name = name;
77 /*@=temptrans@*/
78  k = (_kuItem)bsearch(tmp, kuTable, nkuTable, sizeof(kuTable[0]), kuCmp);
79  }
80  return (k != NULL ? k->val : 0);
81 }
82 #endif /* HAVE_KEYUTILS_H */
83 
84 /*@-globs -internalglobs -mods @*/
85 char * _GetPass(const char * prompt)
86 {
87  char * pw;
88 
89 /*@-unrecog@*/
90  pw = getpass( prompt ? prompt : "" );
91 /*@=unrecog@*/
92 
93 #if defined(HAVE_KEYUTILS_H)
94  if (_kuKeyring == 0) {
95  const char * _keyutils_keyring
96  = rpmExpand("%{?_keyutils_keyring}", NULL);
97  _kuKeyring = (rpmuint32_t) kuValue(_keyutils_keyring);
98  if (_kuKeyring == 0)
99  _kuKeyring = KEY_SPEC_PROCESS_KEYRING;
100  _keyutils_keyring = _free(_keyutils_keyring);
101  }
102 
103  if (pw && *pw) {
104  key_serial_t keyring = (key_serial_t) _kuKeyring;
105  size_t npw = strlen(pw);
106  (void) add_key("user", "rpm:passwd", pw, npw, keyring);
107  (void) memset(pw, 0, npw); /* burn the password */
108  pw = (char *) "@u user rpm:passwd";
109  }
110 #endif /* HAVE_KEYUTILS_H */
111 
112 assert(pw != NULL);
113 /*@-observertrans -statictrans@*/
114  return pw;
115 /*@=observertrans =statictrans@*/
116 }
117 /*@=globs =internalglobs =mods @*/
118 
119 char * _RequestPass(/*@unused@*/ const char * prompt)
120 {
121 /*@only@*/ /*@relnull@*/
122  static char * password = NULL;
123 #if defined(HAVE_KEYUTILS_H)
124  const char * foo = "user rpm:yyyy spoon";
125  ARGV_t av = NULL;
126  int xx = argvSplit(&av, foo, NULL);
127  key_serial_t dest = 0;
128  key_serial_t key = 0;
129 
130  if (password != NULL) {
131  free(password);
132  password = NULL;
133  }
134 assert(av != NULL);
135 assert(av[0] != NULL);
136 assert(av[1] != NULL);
137 assert(av[2] != NULL);
138  key = request_key(av[0], av[1], av[2], dest);
139  av = argvFree(av);
140 
141 /*@-nullstate@*/ /* XXX *password may be null. */
142  xx = keyctl_read_alloc(key, (void **)&password);
143 /*@=nullstate@*/
144  if (password == NULL)
145  password = (char *) "";
146 #endif /* HAVE_KEYUTILS_H */
147 
148 /*@-statictrans@*/
149  return password;
150 /*@=statictrans@*/
151 }
152 
153 /*@-redecl@*/
154 char * (*Getpass) (const char * prompt) = _GetPass;
155 /*@=redecl@*/
156 
158 {
159  if (iobp != NULL)
160  *iobp = NULL;
161 
162 #if defined(HAVE_KEYUTILS_H)
163  if (_kuCache) {
164 /*@observer@*/
165  static const char krprefix[] = "rpm:gpg:pubkey:";
166  key_serial_t keyring = (key_serial_t) _kuKeyring;
167  char krfp[32];
168  char * krn = (char *) alloca(strlen(krprefix) + sizeof("12345678"));
169  long key;
170  int xx;
171 
172  (void) snprintf(krfp, sizeof(krfp), "%08X", pgpGrab(sigp->signid+4, 4));
173  krfp[sizeof(krfp)-1] = '\0';
174  *krn = '\0';
175  (void) stpcpy( stpcpy(krn, krprefix), krfp);
176 
177  key = keyctl_search(keyring, "user", krn, 0);
178  xx = keyctl_read(key, NULL, 0);
179  if (xx > 0) {
180  rpmiob iob = rpmiobNew(xx);
181  xx = keyctl_read(key, (char *)iob->b, iob->blen);
182  if (xx > 0) {
183 #ifdef NOTYET
184  pubkeysource = xstrdup(krn);
185  _kuCache = 0; /* XXX don't bother caching. */
186 #endif
187  } else
188  iob = rpmiobFree(iob);
189 
190  if (iob != NULL && iobp != NULL) {
191  *iobp = iob;
192  return RPMRC_OK;
193  } else {
194  iob = rpmiobFree(iob);
195  return RPMRC_NOTFOUND;
196  }
197  } else
198  return RPMRC_NOTFOUND;
199  } else
200 #endif /* HAVE_KEYUTILS_H */
201  return RPMRC_NOTFOUND;
202 }
203 
205 {
206 #if defined(HAVE_KEYUTILS_H)
207  if (_kuCache) {
208 /*@observer@*/
209  static const char krprefix[] = "rpm:gpg:pubkey:";
210  key_serial_t keyring = (key_serial_t) _kuKeyring;
211  char krfp[32];
212  char * krn = (char *) alloca(strlen(krprefix) + sizeof("12345678"));
213 
214  (void) snprintf(krfp, sizeof(krfp), "%08X", pgpGrab(sigp->signid+4, 4));
215  krfp[sizeof(krfp)-1] = '\0';
216  *krn = '\0';
217  (void) stpcpy( stpcpy(krn, krprefix), krfp);
218 /*@-moduncon -noeffectuncon @*/
219  (void) add_key("user", krn, iob->b, iob->blen, keyring);
220 /*@=moduncon =noeffectuncon @*/
221  }
222 #endif /* HAVE_KEYUTILS_H */
223  iob = rpmiobFree(iob);
224  return RPMRC_OK;
225 }
226 
227 const char * rpmkuPassPhrase(const char * passPhrase)
228 {
229  const char * pw;
230 
231 #if defined(HAVE_KEYUTILS_H)
232  if (passPhrase && !strcmp(passPhrase, "@u user rpm:passwd")) {
233  key_serial_t keyring = (key_serial_t) _kuKeyring;
234  long key;
235  int xx;
236 
237 /*@-moduncon@*/
238  key = keyctl_search(keyring, "user", "rpm:passwd", 0);
239  pw = NULL;
240  xx = keyctl_read_alloc(key, (void **)&pw);
241 /*@=moduncon@*/
242  if (xx < 0)
243  pw = NULL;
244  } else
245 #endif /* HAVE_KEYUTILS_H */
246  pw = xstrdup(passPhrase);
247  return pw;
248 }
int xx
Definition: spec.c:744
OpenPGP constants and structures from RFC-2440.
char * xstrdup(const char *str)
Definition: rpmmalloc.c:321
rpmiob rpmiobFree(rpmiob iob)
Destroy a I/O buffer instance.
struct rpmiob_s * rpmiob
Definition: rpmiotypes.h:60
char * passPhrase
Definition: rpmts-py.c:1340
char * alloca()
enum rpmRC_e rpmRC
RPM return codes.
Definition: signature.c:616
memset(_r, 0, sizeof(*_r))
unsigned int rpmuint32_t
Definition: rpmiotypes.h:28
assert(key->size==sizeof(hdrNum))
char * _RequestPass(const char *prompt)
Definition: rpmku.c:119
ARGV_t argvFree(ARGV_t argv)
Destroy an argv array.
Definition: argv.c:44
key
Definition: macro.c:383
int rpmint32_t
Definition: rpmiotypes.h:33
return k val
Definition: rpmmtree.c:401
char * rpmExpand(const char *arg,...)
Return (malloc&#39;ed) concatenated macro expansion(s).
Definition: macro.c:3178
rpmiob rpmiobNew(size_t len)
Create an I/O buffer.
Definition: rpmiob.c:44
return strcmp(ame->name, bme->name)
rpmRC rpmkuFindPubkey(pgpDigParams sigp, rpmiob *iobp)
Lookup pubkey in keyutils keyring.
Definition: rpmku.c:157
static int snprintf(char *buf, int nb, const char *fmt,...)
Definition: rpmps.c:220
rpmint32_t _kuKeyring
Keyutils keyring to use.
char * stpcpy(char *dest, const char *src)
struct pgpDigParams_s * pgpDigParams
Definition: rpmiotypes.h:90
int argvSplit(ARGV_t *argvp, const char *str, const char *seps)
Split a string into an argv array.
Definition: argv.c:233
return NULL
Definition: poptALL.c:613
static void
Print copy of spec file, filling in Group/Description/Summary from specspo.
Definition: spec.c:737
k
Definition: rpmmtree.c:394
static const char * name
char * b
Definition: macro.c:746
static unsigned int pgpGrab(const rpmuint8_t *s, size_t nbytes)
Return (native-endian) integer from big-endian representation.
Definition: rpmpgp.h:1076
ARGstr_t * ARGV_t
Definition: argv.h:12
static void * _free(const void *p)
Wrapper to free(3), hides const compilation noise, permit NULL, return NULL.
Definition: rpmiotypes.h:647
pgpDigParams sigp
Definition: signature.c:748
const char * rpmkuPassPhrase(const char *passPhrase)
Return pass phrase from keyutils keyring.
Definition: rpmku.c:227
char * _GetPass(const char *prompt)
Definition: rpmku.c:85
rpmRC rpmkuStorePubkey(pgpDigParams sigp, rpmiob iob)
Store pubkey in keyutils keyring.
Definition: rpmku.c:204
const char ** av
Definition: rpmts-py.c:788