From 5dfe2b009511b15f852b0bc0512140ae1e9371a3 Mon Sep 17 00:00:00 2001 From: Marc Espie Date: Mon, 4 Oct 1999 21:46:31 +0000 Subject: Synch with current development: * signatures no longer deal with zcat. Instead, we sign the gzip file itself (stripped of the signature part of the header, of course). Thanks Angelos. Niels seems to think passing the header itself to sign is not a problem, even though no-one cares about checking it ? * gzip header handling revamped: can write to memory. Will eliminate some pipes later on. Can stack signatures. * taken out specific signature schemes (e.g., pgp and sha1). Code is now signature scheme independent, mostly, and writes with client data from memory, e.g., check.c can invoke several checks in parallel without needing to fork. * need the full set of popen-like functionalities (keep track of opened file descriptors to avoid passing them down to children) * remove simple_check.c, functionality absorbed elsewhere. To do: * re-check message output and what to do with unsigned/unchecked/verified packages, * check pkg_add implementation and remove extra-pipe in asynchronous checking, * control over what to do when several signatures are stacked... Simple way would be to disable that for now (possibility for release) * get the code through a linter again. --- usr.sbin/pkg_install/sign/common.c | 89 +++++++++++++++++++++++++++++++++----- 1 file changed, 77 insertions(+), 12 deletions(-) (limited to 'usr.sbin/pkg_install/sign/common.c') diff --git a/usr.sbin/pkg_install/sign/common.c b/usr.sbin/pkg_install/sign/common.c index adc58b69565..d46629e57ff 100644 --- a/usr.sbin/pkg_install/sign/common.c +++ b/usr.sbin/pkg_install/sign/common.c @@ -1,4 +1,4 @@ -/* $OpenBSD: common.c,v 1.1 1999/09/27 21:40:03 espie Exp $ */ +/* $OpenBSD: common.c,v 1.2 1999/10/04 21:46:27 espie Exp $ */ /*- * Copyright (c) 1999 Marc Espie. * @@ -29,8 +29,11 @@ */ #include +#include #include #include +#include +#include #include "stand.h" #include "gzip.h" #include "pgp.h" @@ -41,7 +44,7 @@ int read_header_and_diagnose(file, h, sign, filename) FILE *file; struct mygzip_header *h; - char sign[]; + struct signature **sign; const char *filename; { switch(gzip_read_header(file, h, sign)) { @@ -69,20 +72,82 @@ read_header_and_diagnose(file, h, sign, filename) } } -/* Check command existence */ -int check_helpers() +struct reg_fd { + int fd; + pid_t pid; + struct reg_fd *next; +}; + +static struct reg_fd *first = NULL; + +void +register_pipe(fd, pid) + int fd; + pid_t pid; { - struct stat sbuf; + struct reg_fd *n; - if (stat(GZCAT, &sbuf) == -1) { - fprintf(stderr, "Tool %s does not exist\n", GZCAT); - return 0; + n = malloc(sizeof *n); + if (n) { + n->fd = fd; + n->pid = pid; + n->next = first; + first = n; } - if (stat(PGP, &sbuf) == -1) { - fprintf(stderr, "Tool %s does not exist\n", PGP); - return 0; +} + +void +close_dangling_pipes() +{ + while (first) { + close(first->fd); + first = first->next; } - return 1; } +static struct reg_fd * +retrieve_reg(fd) + int fd; +{ + struct reg_fd **i, *cur; + + for (i = &first; *i ; i = &((*i)->next)) + if ((*i)->fd == fd) + break; + cur = *i; + *i = cur->next; + return cur; +} + +int +reap(pid) + pid_t pid; +{ + int pstat; + pid_t result; + + do { + result = waitpid(pid, &pstat, 0); + } while (result == -1 && errno == EINTR); + return result == -1 ? -1 : pstat; +} + +/* kill process and reap status + */ +int +terminate_pipe(fd) + int fd; +{ + pid_t result; + int close_result; + struct reg_fd *cur; + + cur = retrieve_reg(fd); + if (!cur) + return -1; + close_result = close(cur->fd); + result = reap(cur->pid); + free(cur); + return close_result == -1 ? -1 : result; +} -- cgit v1.2.3