trust: always use have valid struct apk_trust *
Make sure we always have valid struct apk_trust * for code using it. Load the signing keys directly when being specified to produce sane error message if loading them fails.cute-signatures
Timo Teräs
parent
72d8cb8937
commit
99fa1fb797
|
|
@ -1103,8 +1103,6 @@ int adb_trust_write_signatures(struct apk_trust *trust, struct adb *db, struct a
|
|||
size_t siglen;
|
||||
int r;
|
||||
|
||||
if (IS_ERR(trust)) return PTR_ERR(trust);
|
||||
|
||||
if (!vfy) {
|
||||
vfy = alloca(sizeof *vfy);
|
||||
memset(vfy, 0, sizeof *vfy);
|
||||
|
|
|
|||
|
|
@ -66,7 +66,6 @@ struct apk_ctx {
|
|||
const char *repositories_file;
|
||||
const char *uvol;
|
||||
struct apk_string_array *repository_list;
|
||||
struct apk_string_array *private_keys;
|
||||
|
||||
struct apk_trust trust;
|
||||
struct apk_id_cache id_cache;
|
||||
|
|
|
|||
|
|
@ -24,11 +24,12 @@ struct apk_trust {
|
|||
struct list_head trusted_key_list;
|
||||
struct list_head private_key_list;
|
||||
int allow_untrusted : 1;
|
||||
int initialized : 1;
|
||||
int keys_loaded : 1;
|
||||
};
|
||||
|
||||
int apk_trust_init(struct apk_trust *trust, int keysfd, struct apk_string_array *);
|
||||
void apk_trust_init(struct apk_trust *trust);
|
||||
void apk_trust_free(struct apk_trust *trust);
|
||||
int apk_trust_load_keys(struct apk_trust *trust, int keysfd);
|
||||
struct apk_pkey *apk_trust_key_by_name(struct apk_trust *trust, const char *filename);
|
||||
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ void apk_ctx_init(struct apk_ctx *ac)
|
|||
{
|
||||
memset(ac, 0, sizeof *ac);
|
||||
apk_string_array_init(&ac->repository_list);
|
||||
apk_string_array_init(&ac->private_keys);
|
||||
apk_trust_init(&ac->trust);
|
||||
apk_out_reset(&ac->out);
|
||||
ac->out.out = stdout;
|
||||
ac->out.err = stderr;
|
||||
|
|
@ -28,7 +28,6 @@ void apk_ctx_free(struct apk_ctx *ac)
|
|||
apk_id_cache_free(&ac->id_cache);
|
||||
apk_trust_free(&ac->trust);
|
||||
apk_string_array_free(&ac->repository_list);
|
||||
apk_string_array_free(&ac->private_keys);
|
||||
if (ac->out.log) fclose(ac->out.log);
|
||||
}
|
||||
|
||||
|
|
@ -75,12 +74,10 @@ int apk_ctx_prepare(struct apk_ctx *ac)
|
|||
|
||||
struct apk_trust *apk_ctx_get_trust(struct apk_ctx *ac)
|
||||
{
|
||||
if (!ac->trust.initialized) {
|
||||
int r = apk_trust_init(&ac->trust,
|
||||
openat(ac->root_fd, ac->keys_dir, O_RDONLY | O_CLOEXEC),
|
||||
ac->private_keys);
|
||||
if (r) return ERR_PTR(r);
|
||||
ac->trust.allow_untrusted = !!(ac->flags & APK_ALLOW_UNTRUSTED);
|
||||
if (!ac->trust.keys_loaded) {
|
||||
int r = apk_trust_load_keys(&ac->trust,
|
||||
openat(ac->root_fd, ac->keys_dir, O_RDONLY | O_CLOEXEC));
|
||||
if (r != 0) apk_err(&ac->out, "Unable to load trust keys: %s", apk_error_str(r));
|
||||
}
|
||||
return &ac->trust;
|
||||
}
|
||||
|
|
|
|||
30
src/trust.c
30
src/trust.c
|
|
@ -32,21 +32,19 @@ static int __apk_trust_load_pubkey(void *pctx, int dirfd, const char *filename)
|
|||
return 0;
|
||||
}
|
||||
|
||||
int apk_trust_init(struct apk_trust *trust, int dirfd, struct apk_string_array *pkey_files)
|
||||
void apk_trust_init(struct apk_trust *trust)
|
||||
{
|
||||
char **fn;
|
||||
|
||||
*trust = (struct apk_trust){};
|
||||
apk_digest_ctx_init(&trust->dctx, APK_DIGEST_NONE);
|
||||
list_init(&trust->trusted_key_list);
|
||||
list_init(&trust->private_key_list);
|
||||
trust->initialized = 1;
|
||||
apk_dir_foreach_file(dirfd, __apk_trust_load_pubkey, trust);
|
||||
}
|
||||
|
||||
foreach_array_item(fn, pkey_files) {
|
||||
struct apk_trust_key *key = apk_trust_load_key(AT_FDCWD, *fn);
|
||||
if (IS_ERR(key)) return PTR_ERR(key);
|
||||
list_add_tail(&key->key_node, &trust->private_key_list);
|
||||
int apk_trust_load_keys(struct apk_trust *trust, int dirfd)
|
||||
{
|
||||
if (!trust->keys_loaded) {
|
||||
trust->keys_loaded = 1;
|
||||
apk_dir_foreach_file(dirfd, __apk_trust_load_pubkey, trust);
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
|
@ -66,8 +64,6 @@ static void __apk_trust_free_keys(struct list_head *h)
|
|||
|
||||
void apk_trust_free(struct apk_trust *trust)
|
||||
{
|
||||
if (!trust->initialized) return;
|
||||
trust->initialized = 0;
|
||||
__apk_trust_free_keys(&trust->trusted_key_list);
|
||||
__apk_trust_free_keys(&trust->private_key_list);
|
||||
apk_digest_ctx_free(&trust->dctx);
|
||||
|
|
@ -95,9 +91,19 @@ APK_OPT_GROUP(options_signing, "Signing", SIGNING_OPTIONS);
|
|||
|
||||
static int option_parse_signing(void *ctx, struct apk_ctx *ac, int optch, const char *optarg)
|
||||
{
|
||||
struct apk_trust *trust = &ac->trust;
|
||||
struct apk_out *out = &ac->out;
|
||||
struct apk_trust_key *key;
|
||||
|
||||
switch (optch) {
|
||||
case OPT_SIGN_sign_key:
|
||||
*apk_string_array_add(&ac->private_keys) = (char*) optarg;
|
||||
key = apk_trust_load_key(AT_FDCWD, optarg);
|
||||
if (IS_ERR(key)) {
|
||||
apk_err(out, "Failed to load signing key: %s: %s",
|
||||
optarg, apk_error_str(PTR_ERR(key)));
|
||||
return PTR_ERR(key);
|
||||
}
|
||||
list_add_tail(&key->key_node, &trust->private_key_list);
|
||||
break;
|
||||
default:
|
||||
return -ENOTSUP;
|
||||
|
|
|
|||
Loading…
Reference in New Issue