diff options
| author | Marc Espie <espie@cvs.openbsd.org> | 2013-12-25 14:38:16 +0000 |
|---|---|---|
| committer | Marc Espie <espie@cvs.openbsd.org> | 2013-12-25 14:38:16 +0000 |
| commit | bf37692f6206da7407b17489c72681e7bd3eb577 (patch) | |
| tree | 5e535324509c21392fe860958a184c973c50f388 /usr.sbin | |
| parent | cc88090d0236126ba0ae03ce9c92ff66fc9ecee9 (diff) | |
move the choice of signature type for checking into one single place
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/pkg_add/OpenBSD/Delete.pm | 5 | ||||
| -rw-r--r-- | usr.sbin/pkg_add/OpenBSD/PackingList.pm | 14 | ||||
| -rw-r--r-- | usr.sbin/pkg_add/OpenBSD/PkgAdd.pm | 9 | ||||
| -rw-r--r-- | usr.sbin/pkg_add/OpenBSD/PkgCheck.pm | 6 | ||||
| -rw-r--r-- | usr.sbin/pkg_add/OpenBSD/x509.pm | 6 |
5 files changed, 21 insertions, 19 deletions
diff --git a/usr.sbin/pkg_add/OpenBSD/Delete.pm b/usr.sbin/pkg_add/OpenBSD/Delete.pm index 43320f0e0b0..162943f1375 100644 --- a/usr.sbin/pkg_add/OpenBSD/Delete.pm +++ b/usr.sbin/pkg_add/OpenBSD/Delete.pm @@ -1,5 +1,5 @@ # ex:ts=8 sw=4: -# $OpenBSD: Delete.pm,v 1.120 2013/09/24 21:00:57 espie Exp $ +# $OpenBSD: Delete.pm,v 1.121 2013/12/25 14:38:15 espie Exp $ # # Copyright (c) 2003-2007 Marc Espie <espie@openbsd.org> # @@ -106,8 +106,7 @@ sub delete_package } if ($plist->is_signed) { if (!$state->{quick}) { - require OpenBSD::x509; - if (!OpenBSD::x509::check_signature($plist, $state)) { + if (!$plist->check_signature($state)) { $state->fatal("package #1 was corrupted: signature check failed", $pkgname); } } diff --git a/usr.sbin/pkg_add/OpenBSD/PackingList.pm b/usr.sbin/pkg_add/OpenBSD/PackingList.pm index 998d065c62c..7a09540e4a7 100644 --- a/usr.sbin/pkg_add/OpenBSD/PackingList.pm +++ b/usr.sbin/pkg_add/OpenBSD/PackingList.pm @@ -1,5 +1,5 @@ # ex:ts=8 sw=4: -# $OpenBSD: PackingList.pm,v 1.121 2012/12/28 15:09:09 espie Exp $ +# $OpenBSD: PackingList.pm,v 1.122 2013/12/25 14:38:15 espie Exp $ # # Copyright (c) 2003-2010 Marc Espie <espie@openbsd.org> # @@ -531,6 +531,18 @@ sub to_installation $self->tofile(OpenBSD::PackageInfo::installed_contents($self->pkgname)); } +sub check_signature +{ + my ($plist, $state) = @_; + my $sig = $plist->get('digital-signature'); + if ($sig->{key} eq 'x509') { + require OpenBSD::x509; + return OpenBSD::x509::check_signature($plist, $state); + } else { + $state->log("Error: unknown signature style $sig->{key}"); + return 0; + } +} sub forget { diff --git a/usr.sbin/pkg_add/OpenBSD/PkgAdd.pm b/usr.sbin/pkg_add/OpenBSD/PkgAdd.pm index 449d486517b..7c9fc61e1aa 100644 --- a/usr.sbin/pkg_add/OpenBSD/PkgAdd.pm +++ b/usr.sbin/pkg_add/OpenBSD/PkgAdd.pm @@ -1,7 +1,7 @@ #! /usr/bin/perl # ex:ts=8 sw=4: -# $OpenBSD: PkgAdd.pm,v 1.39 2013/12/25 14:20:48 espie Exp $ +# $OpenBSD: PkgAdd.pm,v 1.40 2013/12/25 14:38:15 espie Exp $ # # Copyright (c) 2003-2010 Marc Espie <espie@openbsd.org> # @@ -660,12 +660,9 @@ sub check_x509_signature $state->errsay("NOT CHECKING DIGITAL SIGNATURE FOR #1", $plist->pkgname); } else { - require OpenBSD::x509; - - if (!OpenBSD::x509::check_signature($plist, - $state)) { + if (!$plist->check_signature($state)) { $state->fatal("#1 is corrupted", - $set->print); + $plist->pkgname); } $state->{check_digest} = 1; $state->{packages_with_sig}++; diff --git a/usr.sbin/pkg_add/OpenBSD/PkgCheck.pm b/usr.sbin/pkg_add/OpenBSD/PkgCheck.pm index 1837dcdc4cb..7f9bb1937b1 100644 --- a/usr.sbin/pkg_add/OpenBSD/PkgCheck.pm +++ b/usr.sbin/pkg_add/OpenBSD/PkgCheck.pm @@ -1,7 +1,7 @@ #! /usr/bin/perl # ex:ts=8 sw=4: -# $OpenBSD: PkgCheck.pm,v 1.41 2013/09/11 15:36:18 espie Exp $ +# $OpenBSD: PkgCheck.pm,v 1.42 2013/12/25 14:38:15 espie Exp $ # # Copyright (c) 2003-2010 Marc Espie <espie@openbsd.org> # @@ -688,9 +688,7 @@ sub package_files_check my $plist = OpenBSD::PackingList->from_installation($name); $state->log->set_context($name); if ($plist->is_signed && !$state->defines('nosig')) { - require OpenBSD::x509; - - if (!OpenBSD::x509::check_signature($plist, $state)) { + if (!$plist->check_signature($state)) { $state->fatal("#1 is corrupted", $name); } } diff --git a/usr.sbin/pkg_add/OpenBSD/x509.pm b/usr.sbin/pkg_add/OpenBSD/x509.pm index 3ea670755ce..8cc266b727c 100644 --- a/usr.sbin/pkg_add/OpenBSD/x509.pm +++ b/usr.sbin/pkg_add/OpenBSD/x509.pm @@ -1,5 +1,5 @@ # ex:ts=8 sw=4: -# $OpenBSD: x509.pm,v 1.11 2010/12/24 09:04:14 espie Exp $ +# $OpenBSD: x509.pm,v 1.12 2013/12/25 14:38:15 espie Exp $ # # Copyright (c) 2003-2007 Marc Espie <espie@openbsd.org> # @@ -81,10 +81,6 @@ sub check_signature { my ($plist, $state) = @_; my $sig = $plist->get('digital-signature'); - if ($sig->{key} ne 'x509') { - $state->log("Error: unknown signature style"); - return 0; - } my ($fh, $fname) = mkstemp("/tmp/pkgcontent.XXXXXXXXX"); my ($fh2, $fname2) = mkstemp("/tmp/pkgsig.XXXXXXXXX"); $plist->write_no_sig($fh); |