From 5b87a29c78fe7b3fce8ac167a1a650449d25f54c Mon Sep 17 00:00:00 2001 From: Dmitriy Popov Date: Wed, 1 May 2024 23:16:47 +0300 Subject: [PATCH] dnf-keyring-support-multiple-keys Since it is known from the bug (and practically proven) that "rpm --import" is capable of supporting multiple containers in one file, unlike the internal implementation, due to the need to globally rewrite the structure of parameters. https://github.com/rpm-software-management/rpm/pull/2242 "This does not affect rpmkeys --import because it explicitly checks for multiple PGPTAG_PUBLIC_KEY packets and imports them separately" The patch implies the logic of the cli rpmcliImportPubkeys in dnf_keyring_add_public_key, except that instead of direct import, it continues to expand the keyring as before, and then imports it, making this change atomic. Signed-off-by: Dmitriy Popov --- libdnf/dnf-keyring.cpp | 167 +++++++++++++++++++++++------------------ 1 file changed, 96 insertions(+), 71 deletions(-) diff --git a/libdnf/dnf-keyring.cpp b/libdnf/dnf-keyring.cpp index 62a6248..f4afd35 100644 --- a/libdnf/dnf-keyring.cpp +++ b/libdnf/dnf-keyring.cpp @@ -62,13 +62,16 @@ dnf_keyring_add_public_key(rpmKeyring keyring, gboolean ret = TRUE; int rc; gsize len; - pgpArmor armor; pgpDig dig = NULL; rpmPubkey pubkey = NULL; rpmPubkey *subkeys = NULL; int nsubkeys = 0; uint8_t *pkt = NULL; g_autofree gchar *data = NULL; + char const * const pgpmark = "-----BEGIN PGP "; + size_t marklen = strlen(pgpmark); + int keyno = 1; + char *start = NULL; /* ignore symlinks and directories */ if (!g_file_test(filename, G_FILE_TEST_IS_REGULAR)) @@ -81,79 +84,99 @@ dnf_keyring_add_public_key(rpmKeyring keyring, if (!ret) goto out; - /* rip off the ASCII armor and parse it */ - armor = pgpParsePkts(data, &pkt, &len); - if (armor < 0) { - ret = FALSE; - g_set_error(error, - DNF_ERROR, - DNF_ERROR_GPG_SIGNATURE_INVALID, - "failed to parse PKI file %s", - filename); - goto out; - } - - /* make sure it's something we can add to rpm */ - if (armor != PGPARMOR_PUBKEY) { - ret = FALSE; - g_set_error(error, - DNF_ERROR, - DNF_ERROR_GPG_SIGNATURE_INVALID, - "PKI file %s is not a public key", - filename); - goto out; - } + start = strstr(data, pgpmark); - /* test each one */ - pubkey = rpmPubkeyNew(pkt, len); - if (pubkey == NULL) { - ret = FALSE; - g_set_error(error, - DNF_ERROR, - DNF_ERROR_GPG_SIGNATURE_INVALID, - "failed to parse public key for %s", - filename); - goto out; - } - - /* does the key exist in the keyring */ - dig = rpmPubkeyDig(pubkey); - rc = rpmKeyringLookup(keyring, dig); - if (rc == RPMRC_OK) { - ret = TRUE; - g_debug("%s is already present", filename); - goto out; - } + do { + uint8_t *pkt = NULL; + uint8_t *pkti = NULL; + size_t pktlen = 0; + size_t certlen; + + /* Read pgp packet. */ + if (pgpParsePkts(start, &pkt, &pktlen) == PGPARMOR_PUBKEY) { + pkti = pkt; + + /* Iterate over certificates in pkt */ + while (pktlen > 0) { + if (pgpPubKeyCertLen(pkti, pktlen, &certlen)) { + g_debug("%s: key %d import failed.\n", filename, keyno); + break; + } + + /* test each one */ + pubkey = rpmPubkeyNew(pkti, certlen); + if (pubkey == NULL) { + ret = FALSE; + g_set_error(error, + DNF_ERROR, + DNF_ERROR_GPG_SIGNATURE_INVALID, + "failed to parse public key for %s", + filename); + goto out; + } + + /* add to in-memory keyring */ + rc = rpmKeyringAddKey(keyring, pubkey); + if (rc == 1) { + ret = TRUE; + g_debug("%s is already added", filename); + goto out; + } else if (rc < 0) { + ret = FALSE; + g_set_error(error, + DNF_ERROR, + DNF_ERROR_GPG_SIGNATURE_INVALID, + "failed to add public key %s to rpmdb", + filename); + goto out; + } + + subkeys = rpmGetSubkeys(pubkey, &nsubkeys); + for (int i = 0; i < nsubkeys; i++) { + rpmPubkey subkey = subkeys[i]; + if (rpmKeyringAddKey(keyring, subkey) < 0) { + ret = FALSE; + g_set_error(error, + DNF_ERROR, + DNF_ERROR_GPG_SIGNATURE_INVALID, + "failed to add subkeys for %s to rpmdb", + filename); + goto out; + } + } + + pkti += certlen; + pktlen -= certlen; + } + } else { + g_debug("%s: key %d not an armored public key.\n", filename, keyno); + } - /* add to rpmdb automatically, without a prompt */ - rc = rpmKeyringAddKey(keyring, pubkey); - if (rc == 1) { - ret = TRUE; - g_debug("%s is already added", filename); - goto out; - } else if (rc < 0) { - ret = FALSE; - g_set_error(error, - DNF_ERROR, - DNF_ERROR_GPG_SIGNATURE_INVALID, - "failed to add public key %s to rpmdb", - filename); - goto out; - } + /* See if there are more keys in the buffer */ + if (start && start + marklen < data + len) { + start = strstr(start + marklen, pgpmark); + } else { + start = NULL; + } - subkeys = rpmGetSubkeys(pubkey, &nsubkeys); - for (int i = 0; i < nsubkeys; i++) { - rpmPubkey subkey = subkeys[i]; - if (rpmKeyringAddKey(keyring, subkey) < 0) { - ret = FALSE; - g_set_error(error, - DNF_ERROR, - DNF_ERROR_GPG_SIGNATURE_INVALID, - "failed to add subkeys for %s to rpmdb", - filename); - goto out; + keyno++; + if (pkt != NULL) + free(pkt); /* yes, free() */ + pkt = NULL; + if (pubkey != NULL) + rpmPubkeyFree(pubkey); + pubkey = NULL; + if (subkeys != NULL) { + for (int i = 0; i < nsubkeys; i++) { + if (subkeys[i] != NULL) { + rpmPubkeyFree (subkeys[i]); + subkeys[i] = NULL; + } + } + free (subkeys); + subkeys = NULL; } - } + } while (start != NULL); /* success */ g_debug("added missing public key %s to rpmdb", filename); @@ -165,7 +188,9 @@ out: rpmPubkeyFree(pubkey); if (subkeys != NULL) { for (int i = 0; i < nsubkeys; i++) { - rpmPubkeyFree(subkeys[i]); + if (subkeys[i] != NULL) { + rpmPubkeyFree (subkeys[i]); + } } free(subkeys); } -- 2.34.1