diff options
| author | Timo Teräs <timo.teras@iki.fi> | 2021-08-23 15:17:11 +0300 |
|---|---|---|
| committer | Timo Teräs <timo.teras@iki.fi> | 2021-08-23 17:02:50 +0300 |
| commit | 99fa1fb797995fb5857f7604f90033b08ebf430c (patch) | |
| tree | 726ae7a26b57ca44a1806c025335a31d8667103d /src | |
| parent | 72d8cb8937c5ffa7016ef3fdfeb17c5abae97b61 (diff) | |
| download | apk-tools-99fa1fb797995fb5857f7604f90033b08ebf430c.tar.gz apk-tools-99fa1fb797995fb5857f7604f90033b08ebf430c.tar.bz2 apk-tools-99fa1fb797995fb5857f7604f90033b08ebf430c.tar.xz apk-tools-99fa1fb797995fb5857f7604f90033b08ebf430c.zip | |
trust: always use have valid struct apk_trust *
Make sure we always have valid struct apk_trust * for code using it.
Load the signing keys directly when being specified to produce
sane error message if loading them fails.
Diffstat (limited to 'src')
| -rw-r--r-- | src/adb.c | 2 | ||||
| -rw-r--r-- | src/apk_context.h | 1 | ||||
| -rw-r--r-- | src/apk_trust.h | 5 | ||||
| -rw-r--r-- | src/context.c | 13 | ||||
| -rw-r--r-- | src/trust.c | 30 |
5 files changed, 26 insertions, 25 deletions
@@ -1103,8 +1103,6 @@ int adb_trust_write_signatures(struct apk_trust *trust, struct adb *db, struct a size_t siglen; int r; - if (IS_ERR(trust)) return PTR_ERR(trust); - if (!vfy) { vfy = alloca(sizeof *vfy); memset(vfy, 0, sizeof *vfy); diff --git a/src/apk_context.h b/src/apk_context.h index 3a6f2f2..1bec2b9 100644 --- a/src/apk_context.h +++ b/src/apk_context.h @@ -66,7 +66,6 @@ struct apk_ctx { const char *repositories_file; const char *uvol; struct apk_string_array *repository_list; - struct apk_string_array *private_keys; struct apk_trust trust; struct apk_id_cache id_cache; diff --git a/src/apk_trust.h b/src/apk_trust.h index 0f612f9..6e6f6b8 100644 --- a/src/apk_trust.h +++ b/src/apk_trust.h @@ -24,11 +24,12 @@ struct apk_trust { struct list_head trusted_key_list; struct list_head private_key_list; int allow_untrusted : 1; - int initialized : 1; + int keys_loaded : 1; }; -int apk_trust_init(struct apk_trust *trust, int keysfd, struct apk_string_array *); +void apk_trust_init(struct apk_trust *trust); void apk_trust_free(struct apk_trust *trust); +int apk_trust_load_keys(struct apk_trust *trust, int keysfd); struct apk_pkey *apk_trust_key_by_name(struct apk_trust *trust, const char *filename); #endif diff --git a/src/context.c b/src/context.c index 7020b25..9298a5a 100644 --- a/src/context.c +++ b/src/context.c @@ -16,7 +16,7 @@ void apk_ctx_init(struct apk_ctx *ac) { memset(ac, 0, sizeof *ac); apk_string_array_init(&ac->repository_list); - apk_string_array_init(&ac->private_keys); + apk_trust_init(&ac->trust); apk_out_reset(&ac->out); ac->out.out = stdout; ac->out.err = stderr; @@ -28,7 +28,6 @@ void apk_ctx_free(struct apk_ctx *ac) apk_id_cache_free(&ac->id_cache); apk_trust_free(&ac->trust); apk_string_array_free(&ac->repository_list); - apk_string_array_free(&ac->private_keys); if (ac->out.log) fclose(ac->out.log); } @@ -75,12 +74,10 @@ int apk_ctx_prepare(struct apk_ctx *ac) struct apk_trust *apk_ctx_get_trust(struct apk_ctx *ac) { - if (!ac->trust.initialized) { - int r = apk_trust_init(&ac->trust, - openat(ac->root_fd, ac->keys_dir, O_RDONLY | O_CLOEXEC), - ac->private_keys); - if (r) return ERR_PTR(r); - ac->trust.allow_untrusted = !!(ac->flags & APK_ALLOW_UNTRUSTED); + if (!ac->trust.keys_loaded) { + int r = apk_trust_load_keys(&ac->trust, + openat(ac->root_fd, ac->keys_dir, O_RDONLY | O_CLOEXEC)); + if (r != 0) apk_err(&ac->out, "Unable to load trust keys: %s", apk_error_str(r)); } return &ac->trust; } diff --git a/src/trust.c b/src/trust.c index 5e2a956..c65377d 100644 --- a/src/trust.c +++ b/src/trust.c @@ -32,21 +32,19 @@ static int __apk_trust_load_pubkey(void *pctx, int dirfd, const char *filename) return 0; } -int apk_trust_init(struct apk_trust *trust, int dirfd, struct apk_string_array *pkey_files) +void apk_trust_init(struct apk_trust *trust) { - char **fn; - *trust = (struct apk_trust){}; apk_digest_ctx_init(&trust->dctx, APK_DIGEST_NONE); list_init(&trust->trusted_key_list); list_init(&trust->private_key_list); - trust->initialized = 1; - apk_dir_foreach_file(dirfd, __apk_trust_load_pubkey, trust); +} - foreach_array_item(fn, pkey_files) { - struct apk_trust_key *key = apk_trust_load_key(AT_FDCWD, *fn); - if (IS_ERR(key)) return PTR_ERR(key); - list_add_tail(&key->key_node, &trust->private_key_list); +int apk_trust_load_keys(struct apk_trust *trust, int dirfd) +{ + if (!trust->keys_loaded) { + trust->keys_loaded = 1; + apk_dir_foreach_file(dirfd, __apk_trust_load_pubkey, trust); } return 0; @@ -66,8 +64,6 @@ static void __apk_trust_free_keys(struct list_head *h) void apk_trust_free(struct apk_trust *trust) { - if (!trust->initialized) return; - trust->initialized = 0; __apk_trust_free_keys(&trust->trusted_key_list); __apk_trust_free_keys(&trust->private_key_list); apk_digest_ctx_free(&trust->dctx); @@ -95,9 +91,19 @@ APK_OPT_GROUP(options_signing, "Signing", SIGNING_OPTIONS); static int option_parse_signing(void *ctx, struct apk_ctx *ac, int optch, const char *optarg) { + struct apk_trust *trust = &ac->trust; + struct apk_out *out = &ac->out; + struct apk_trust_key *key; + switch (optch) { case OPT_SIGN_sign_key: - *apk_string_array_add(&ac->private_keys) = (char*) optarg; + key = apk_trust_load_key(AT_FDCWD, optarg); + if (IS_ERR(key)) { + apk_err(out, "Failed to load signing key: %s: %s", + optarg, apk_error_str(PTR_ERR(key))); + return PTR_ERR(key); + } + list_add_tail(&key->key_node, &trust->private_key_list); break; default: return -ENOTSUP; |