xbps-rindex(8): added support for XBPS_PASSPHRASE env var.

- XBPS_PASSPHRASE (if set) will be supplied as passphrase when signing repos. - Use the default OpenSSL passphrase cb when loading the private key.
2013-10-12 09:55:03 +02:00 · 2013-10-12 09:55:03 +02:00 · 43b9be6046
commit 43b9be6046
parent c91050fc35
6 changed files with 19 additions and 156 deletions
--- a/3
+++ b/3
@ -1,5 +1,8 @@
 xbps-0.27 (???):
 * xbps-rindex(8): also understands the XBPS_PASSPHRASE environmental variable to
   supply the passphrase when signing repositories.
 * xbps-rindex(8): added -v --verbose option.
 * xbps-rindex(8): -c --clean mode has been removed. Generating a local repository
--- a/bin/xbps-rindex/Makefile
+++ b/bin/xbps-rindex/Makefile
@ -2,8 +2,6 @@ TOPDIR = ../..
 -include $(TOPDIR)/config.mk
 BIN =	xbps-rindex
-OBJS =	main.o index-add.o remove-obsoletes.o repoflush.o
+OBJS =	main.o index-add.o remove-obsoletes.o repoflush.o sign.o
 OBJS += readpassphrase.o sign.o
 EXTRA_CFLAGS = -Wno-unused-result
 include $(TOPDIR)/mk/prog.mk
--- a/bin/xbps-rindex/defs.h
+++ b/bin/xbps-rindex/defs.h
@ -74,9 +74,6 @@ int	remove_obsoletes(struct xbps_handle *, const char *);
 int	sign_repo(struct xbps_handle *, const char *, const char *,
 		const char *);
 /* From readpass.c */
 char	*readpassphrase(const char *, char *, size_t, int);
 /* From repoflush.c */
 bool	repodata_flush(struct xbps_handle *, const char *,
 		xbps_dictionary_t, xbps_dictionary_t, xbps_dictionary_t);
--- a/bin/xbps-rindex/readpassphrase.c
+++ b/bin/xbps-rindex/readpassphrase.c
@ -1,123 +0,0 @@
 /*	$NetBSD: readpassphrase.c,v 1.1 2009/06/07 22:38:47 christos Exp $	*/
 /*
 * Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. The name of the author may not be used to endorse or promote products
 *    derived from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
 * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include <ctype.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <paths.h>
 #include <pwd.h>
 #include <signal.h>
 #include <string.h>
 #include <termios.h>
 #include <unistd.h>
 #include "defs.h"
 #define RPP_ECHO_OFF    0x00            /* Turn off echo (default). */
 #define RPP_ECHO_ON     0x01            /* Leave echo on. */
 #define RPP_REQUIRE_TTY 0x02            /* Fail if there is no tty. */
 #define RPP_FORCELOWER  0x04            /* Force input to lower case. */
 #define RPP_FORCEUPPER  0x08            /* Force input to upper case. */
 #define RPP_SEVENBIT    0x10            /* Strip the high bit from input. */
 char *
 readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
 {
 	struct termios term, oterm;
 	char ch, *p, *end;
 	int input, output;
 	sigset_t oset, nset;
 	/* I suppose we could alloc on demand in this case (XXX). */
 	if (bufsiz == 0) {
 		errno = EINVAL;
 		return(NULL);
 	}
 	/*
 	 * Read and write to /dev/tty if available.  If not, read from
 	 * stdin and write to stderr unless a tty is required.
 	 */
 	if ((input = output = open(_PATH_TTY, O_RDWR)) == -1) {
 		if (flags & RPP_REQUIRE_TTY) {
 			errno = ENOTTY;
 			return(NULL);
 		}
 		input = STDIN_FILENO;
 		output = STDERR_FILENO;
 	}
 	/*
 	 * We block SIGINT and SIGTSTP so the terminal is not left
 	 * in an inconsistent state (ie: no echo).  It would probably
 	 * be better to simply catch these though.
 	 */
 	sigemptyset(&nset);
 	sigaddset(&nset, SIGINT);
 	sigaddset(&nset, SIGTSTP);
 	(void)sigprocmask(SIG_BLOCK, &nset, &oset);
 	/* Turn off echo if possible. */
 	if (tcgetattr(input, &oterm) == 0) {
 		memcpy(&term, &oterm, sizeof(term));
 		if (!(flags & RPP_ECHO_ON) && (term.c_lflag & ECHO))
 			term.c_lflag &= ~ECHO;
 		(void)tcsetattr(input, TCSAFLUSH, &term);
 	} else {
 		memset(&term, 0, sizeof(term));
 		memset(&oterm, 0, sizeof(oterm));
 	}
 	(void)write(output, prompt, strlen(prompt));
 	end = buf + bufsiz - 1;
 	for (p = buf; read(input, &ch, 1) == 1 && ch != '\n' && ch != '\r';) {
 		if (p < end) {
 			if ((flags & RPP_SEVENBIT))
 				ch &= 0x7f;
 			if (isalpha((unsigned char)ch)) {
 				if ((flags & RPP_FORCELOWER))
 					ch = tolower((unsigned char)ch);
 				if ((flags & RPP_FORCEUPPER))
 					ch = toupper((unsigned char)ch);
 			}
 			*p++ = ch;
 		}
 	}
 	*p = '\0';
 	if (!(term.c_lflag & ECHO))
 		(void)write(output, "\n", 1);
 	/* Restore old terminal settings and signal mask. */
 	if (memcmp(&term, &oterm, sizeof(term)) != 0)
 		(void)tcsetattr(input, TCSAFLUSH, &oterm);
 	(void)sigprocmask(SIG_SETMASK, &oset, NULL);
 	if (input != STDIN_FILENO)
 		(void)close(input);
 	return(buf);
 }
--- a/bin/xbps-rindex/sign.c
+++ b/bin/xbps-rindex/sign.c
@ -38,34 +38,13 @@
 #include "defs.h"
 static int
 password_cb(char *buf, int size)
 {
 	int len = 0;
 	char pass[BUFSIZ];
 	if (readpassphrase("Enter passphrase: ", pass, BUFSIZ, 0) == NULL)
 		return 0;
 	len = strlen(pass);
 	if (len <= 0)
 		return 0;
 	if (len > size)
 		len = size;
 	memset(buf, '\0', size);
 	memcpy(buf, pass, len);
 	memset(&pass, 0, BUFSIZ);
 	return len;
 }
 static RSA *
 load_rsa_privkey(const char *path)
 {
 	FILE *fp;
 	RSA *rsa = NULL;
 	const char *p;
 	char *passphrase = NULL;
 	if ((fp = fopen(path, "r")) == 0)
 		return NULL;
@ -75,9 +54,15 @@ load_rsa_privkey(const char *path)
 		return NULL;
 	}
-	rsa = PEM_read_RSAPrivateKey(fp, 0,
+	p = getenv("XBPS_PASSPHRASE");
-			(pem_password_cb *)password_cb,
+	if (p) {
-			__UNCONST(path));
+		passphrase = strdup(p);
 	}
 	rsa = PEM_read_RSAPrivateKey(fp, 0, NULL, passphrase);
 	if (passphrase) {
 		free(passphrase);
 		passphrase = NULL;
 	}
 	fclose(fp);
 	return rsa;
 }
--- a/bin/xbps-rindex/xbps-rindex.8
+++ b/bin/xbps-rindex/xbps-rindex.8
@ -1,4 +1,4 @@
-.Dd October 5, 2013
+.Dd October 12, 2013
 .Os Void Linux
 .Dt xbps-rindex 8
 .Sh NAME
@ -49,6 +49,9 @@ argument not set, it defaults to
 .Sy ~/.ssh/id_rsa .
 .Sh ENVIRONMENT
 .Bl -tag -width XBPS_TARGET_ARCH
 .It Sy XBPS_PASSPHRASE
 If this is set, it will use this passphrase for the RSA private key when signing
 a repository. Otherwise it will ask you to enter the passphrase on the terminal.
 .It Sy XBPS_TARGET_ARCH
 Overrides
 .Xr uname 2