diff --git a/NEWS b/NEWS index f927cb0b..770f00c4 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,8 @@ xbps-0.27 (???): + * xbps-rindex(8): also understands the XBPS_PASSPHRASE environmental variable to + supply the passphrase when signing repositories. + * xbps-rindex(8): added -v --verbose option. * xbps-rindex(8): -c --clean mode has been removed. Generating a local repository diff --git a/bin/xbps-rindex/Makefile b/bin/xbps-rindex/Makefile index d99fad29..cf876649 100644 --- a/bin/xbps-rindex/Makefile +++ b/bin/xbps-rindex/Makefile @@ -2,8 +2,6 @@ TOPDIR = ../.. -include $(TOPDIR)/config.mk BIN = xbps-rindex -OBJS = main.o index-add.o remove-obsoletes.o repoflush.o -OBJS += readpassphrase.o sign.o -EXTRA_CFLAGS = -Wno-unused-result +OBJS = main.o index-add.o remove-obsoletes.o repoflush.o sign.o include $(TOPDIR)/mk/prog.mk diff --git a/bin/xbps-rindex/defs.h b/bin/xbps-rindex/defs.h index c8429520..e9eb2c32 100644 --- a/bin/xbps-rindex/defs.h +++ b/bin/xbps-rindex/defs.h @@ -74,9 +74,6 @@ int remove_obsoletes(struct xbps_handle *, const char *); int sign_repo(struct xbps_handle *, const char *, const char *, const char *); -/* From readpass.c */ -char *readpassphrase(const char *, char *, size_t, int); - /* From repoflush.c */ bool repodata_flush(struct xbps_handle *, const char *, xbps_dictionary_t, xbps_dictionary_t, xbps_dictionary_t); diff --git a/bin/xbps-rindex/readpassphrase.c b/bin/xbps-rindex/readpassphrase.c deleted file mode 100644 index edc7bb6a..00000000 --- a/bin/xbps-rindex/readpassphrase.c +++ /dev/null @@ -1,123 +0,0 @@ -/* $NetBSD: readpassphrase.c,v 1.1 2009/06/07 22:38:47 christos Exp $ */ -/* - * Copyright (c) 2000 Todd C. Miller - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL - * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; - * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "defs.h" - -#define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */ -#define RPP_ECHO_ON 0x01 /* Leave echo on. */ -#define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */ -#define RPP_FORCELOWER 0x04 /* Force input to lower case. */ -#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */ -#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */ - -char * -readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags) -{ - struct termios term, oterm; - char ch, *p, *end; - int input, output; - sigset_t oset, nset; - - /* I suppose we could alloc on demand in this case (XXX). */ - if (bufsiz == 0) { - errno = EINVAL; - return(NULL); - } - - /* - * Read and write to /dev/tty if available. If not, read from - * stdin and write to stderr unless a tty is required. - */ - if ((input = output = open(_PATH_TTY, O_RDWR)) == -1) { - if (flags & RPP_REQUIRE_TTY) { - errno = ENOTTY; - return(NULL); - } - input = STDIN_FILENO; - output = STDERR_FILENO; - } - - /* - * We block SIGINT and SIGTSTP so the terminal is not left - * in an inconsistent state (ie: no echo). It would probably - * be better to simply catch these though. - */ - sigemptyset(&nset); - sigaddset(&nset, SIGINT); - sigaddset(&nset, SIGTSTP); - (void)sigprocmask(SIG_BLOCK, &nset, &oset); - - /* Turn off echo if possible. */ - if (tcgetattr(input, &oterm) == 0) { - memcpy(&term, &oterm, sizeof(term)); - if (!(flags & RPP_ECHO_ON) && (term.c_lflag & ECHO)) - term.c_lflag &= ~ECHO; - (void)tcsetattr(input, TCSAFLUSH, &term); - } else { - memset(&term, 0, sizeof(term)); - memset(&oterm, 0, sizeof(oterm)); - } - - (void)write(output, prompt, strlen(prompt)); - end = buf + bufsiz - 1; - for (p = buf; read(input, &ch, 1) == 1 && ch != '\n' && ch != '\r';) { - if (p < end) { - if ((flags & RPP_SEVENBIT)) - ch &= 0x7f; - if (isalpha((unsigned char)ch)) { - if ((flags & RPP_FORCELOWER)) - ch = tolower((unsigned char)ch); - if ((flags & RPP_FORCEUPPER)) - ch = toupper((unsigned char)ch); - } - *p++ = ch; - } - } - *p = '\0'; - if (!(term.c_lflag & ECHO)) - (void)write(output, "\n", 1); - - /* Restore old terminal settings and signal mask. */ - if (memcmp(&term, &oterm, sizeof(term)) != 0) - (void)tcsetattr(input, TCSAFLUSH, &oterm); - (void)sigprocmask(SIG_SETMASK, &oset, NULL); - if (input != STDIN_FILENO) - (void)close(input); - - return(buf); -} diff --git a/bin/xbps-rindex/sign.c b/bin/xbps-rindex/sign.c index 7d39b8a6..1f791e19 100644 --- a/bin/xbps-rindex/sign.c +++ b/bin/xbps-rindex/sign.c @@ -38,34 +38,13 @@ #include "defs.h" -static int -password_cb(char *buf, int size) -{ - int len = 0; - char pass[BUFSIZ]; - - if (readpassphrase("Enter passphrase: ", pass, BUFSIZ, 0) == NULL) - return 0; - - len = strlen(pass); - - if (len <= 0) - return 0; - if (len > size) - len = size; - - memset(buf, '\0', size); - memcpy(buf, pass, len); - memset(&pass, 0, BUFSIZ); - - return len; -} - static RSA * load_rsa_privkey(const char *path) { FILE *fp; RSA *rsa = NULL; + const char *p; + char *passphrase = NULL; if ((fp = fopen(path, "r")) == 0) return NULL; @@ -75,9 +54,15 @@ load_rsa_privkey(const char *path) return NULL; } - rsa = PEM_read_RSAPrivateKey(fp, 0, - (pem_password_cb *)password_cb, - __UNCONST(path)); + p = getenv("XBPS_PASSPHRASE"); + if (p) { + passphrase = strdup(p); + } + rsa = PEM_read_RSAPrivateKey(fp, 0, NULL, passphrase); + if (passphrase) { + free(passphrase); + passphrase = NULL; + } fclose(fp); return rsa; } diff --git a/bin/xbps-rindex/xbps-rindex.8 b/bin/xbps-rindex/xbps-rindex.8 index 2676959d..fedad81a 100644 --- a/bin/xbps-rindex/xbps-rindex.8 +++ b/bin/xbps-rindex/xbps-rindex.8 @@ -1,4 +1,4 @@ -.Dd October 5, 2013 +.Dd October 12, 2013 .Os Void Linux .Dt xbps-rindex 8 .Sh NAME @@ -49,6 +49,9 @@ argument not set, it defaults to .Sy ~/.ssh/id_rsa . .Sh ENVIRONMENT .Bl -tag -width XBPS_TARGET_ARCH +.It Sy XBPS_PASSPHRASE +If this is set, it will use this passphrase for the RSA private key when signing +a repository. Otherwise it will ask you to enter the passphrase on the terminal. .It Sy XBPS_TARGET_ARCH Overrides .Xr uname 2