Bug#674060: Doesn't support reading InRelease files
On 31/05/12 12:17, Bastian Blank wrote: On Fri, May 25, 2012 at 11:01:57AM +0200, Mehdi Dogguy wrote: index 67aa412..0b0f802 100644 --- a/src/parser_rfc822.c +++ b/src/parser_rfc822.c @@ -60,6 +60,7 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa di_rstring field_modifier_string; di_rstring value_string; void *act = NULL; + int pgp_mode = 0; cur = begin; end = begin + size; @@ -81,6 +82,25 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa while (1) { + if (!strncmp(cur, "-BEGIN PGP SIGNED MESSAGE-", 34)) Please don't use magic numbers. | const char pgp_begin = "…"; | if (!strncmp(cur, pgp_begin, strlen(pgp_begin)) or something like that. The strlen call should be optimized away. Also this string may only appear at the beginning of the file, not somewhere in between. So this should be done before the large loop. Also the end of the preamble can be searched with \n\n. + else if (pgp_mode&& !strncmp(cur, "-BEGIN PGP SIGNATURE-", 29)) + { +// Let's exit, the rest of the file is not interesting +cur += size; +break; + } Okay. Thanks for the review! Please find attached an updated patch taking into consideration your remarks. Cheers, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ >From c0b6669243e2282e0010d74790373764fe77b5ab Mon Sep 17 00:00:00 2001 From: Mehdi Dogguy Date: Wed, 23 May 2012 13:18:59 +0200 Subject: [PATCH] Add support for InRelease files (Closes: #674060) --- src/parser_rfc822.c | 18 ++ 1 file changed, 18 insertions(+) diff --git a/src/parser_rfc822.c b/src/parser_rfc822.c index 67aa412..eca63c6 100644 --- a/src/parser_rfc822.c +++ b/src/parser_rfc822.c @@ -60,6 +60,9 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa di_rstring field_modifier_string; di_rstring value_string; void *act = NULL; + int pgp_mode = 0; + const char *pgp_begin_msg = "-BEGIN PGP SIGNED MESSAGE-"; + const char *pgp_begin_sig = "-BEGIN PGP SIGNATURE-"; cur = begin; end = begin + size; @@ -72,6 +75,15 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa continue; } +if (!strncmp(cur, pgp_begin_msg, strlen(pgp_begin_msg))) +{ + // Enable pgp_mode + pgp_mode = 1; + // Skip PGP header + cur = strstr (cur, "\n\n"); + cur += 2; +} + nr++; if (entry_new) @@ -81,6 +93,12 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa while (1) { + if (pgp_mode && !strncmp(cur, pgp_begin_sig, strlen(pgp_begin_sig))) + { +// Let's exit, the rest of the file is not interesting +cur += size; +break; + } field_begin = cur; readsize = end - field_begin < READSIZE ? end - field_begin : READSIZE; if (!readsize) -- 1.7.10
Bug#674060: Doesn't support reading InRelease files
On Fri, May 25, 2012 at 11:01:57AM +0200, Mehdi Dogguy wrote: > index 67aa412..0b0f802 100644 > --- a/src/parser_rfc822.c > +++ b/src/parser_rfc822.c > @@ -60,6 +60,7 @@ int di_parser_rfc822_read (char *begin, size_t size, > di_parser_info *info, di_pa >di_rstring field_modifier_string; >di_rstring value_string; >void *act = NULL; > + int pgp_mode = 0; > >cur = begin; >end = begin + size; > @@ -81,6 +82,25 @@ int di_parser_rfc822_read (char *begin, size_t size, > di_parser_info *info, di_pa > > while (1) > { > + if (!strncmp(cur, "-BEGIN PGP SIGNED MESSAGE-", 34)) Please don't use magic numbers. | const char pgp_begin = "…"; | if (!strncmp(cur, pgp_begin, strlen(pgp_begin)) or something like that. The strlen call should be optimized away. Also this string may only appear at the beginning of the file, not somewhere in between. So this should be done before the large loop. Also the end of the preamble can be searched with \n\n. > + else if (pgp_mode && !strncmp(cur, "-BEGIN PGP SIGNATURE-", > 29)) > + { > +// Let's exit, the rest of the file is not interesting > +cur += size; > +break; > + } Okay. Bastian -- The best diplomat I know is a fully activated phaser bank. -- Scotty -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120531101729.ga2...@wavehammer.waldi.eu.org
Bug#674060: Doesn't support reading InRelease files
On 24/05/12 17:57, Mehdi Dogguy wrote: On 22/05/12 21:36, Mehdi Dogguy wrote: It seems that src/release.c:di_release_read_file can't read InRelease files (yet) because it is not strictly an rfc822 file. Please find attached a tentative patch to add support for InRelease files to libd-i. It makes src/parser_rfc822.c:di_parser_rfc822_read skip PGP signature and headers. My first patch had a minor issue: PGP clearsign signatures may contain one or more "Hash" fields. The PGP signature header and the signed data are separated by an empty line (not included in the signed data). So it seems more reasonable (if pgp_mode) to skip entries until a empty line is reached. This is fixed in the new patch attached to this message. For your convenience, I also attach "changes.diff" which gives the difference between the two patches. There is one missing check (to be fully RFC 2440 compliant), the data needs to be dash-unescaped. While this could be mandatory in general, it seems unnecessary in out specific case (where we read Release, Packages, Sources, Contents and Translation files) as it means that the read file doesn't follow its spec. Comments are welcome. Regards, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ --- a/src/parser_rfc822.c +++ b/src/parser_rfc822.c @@ -89,12 +89,18 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa // Let's skip this line cur += 35; } - else if (!strncmp(cur, "-BEGIN PGP SIGNATURE-", 29)) + else if (pgp_mode && !strncmp(cur, "-BEGIN PGP SIGNATURE-", 29)) { // Let's exit, the rest of the file is not interesting cur += size; break; } + if (pgp_mode == 1 && *cur == '\n') { +// Skip this empty line (last line of PGP headers) +cur++; +// Do not skip more newlines +pgp_mode++; + } field_begin = cur; readsize = end - field_begin < READSIZE ? end - field_begin : READSIZE; if (!readsize) @@ -159,11 +165,9 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa } value_size = value_end - value_begin; - if (pgp_mode == 1 && !strncmp(field_begin, "Hash", field_size)) { -// Do not skip more "Hash" fields -pgp_mode++; -// Skip this entry (4 == ':' + ' ' + '\n' + '\n') -cur += field_size + value_size + 4; + if (pgp_mode == 1) { +// Skip this entry (3 == ':' + ' ' + '\n') +cur += field_size + value_size + 3; continue; } >From 415831b3aa2a18019c1777698b449c0a8f2aca05 Mon Sep 17 00:00:00 2001 From: Mehdi Dogguy Date: Wed, 23 May 2012 13:18:59 +0200 Subject: [PATCH] Add support for InRelease files (Closes: #674060) --- src/parser_rfc822.c | 26 ++ 1 file changed, 26 insertions(+) diff --git a/src/parser_rfc822.c b/src/parser_rfc822.c index 67aa412..0b0f802 100644 --- a/src/parser_rfc822.c +++ b/src/parser_rfc822.c @@ -60,6 +60,7 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa di_rstring field_modifier_string; di_rstring value_string; void *act = NULL; + int pgp_mode = 0; cur = begin; end = begin + size; @@ -81,6 +82,25 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa while (1) { + if (!strncmp(cur, "-BEGIN PGP SIGNED MESSAGE-", 34)) + { +// Enable pgp_mode +pgp_mode = 1; +// Let's skip this line +cur += 35; + } + else if (pgp_mode && !strncmp(cur, "-BEGIN PGP SIGNATURE-", 29)) + { +// Let's exit, the rest of the file is not interesting +cur += size; +break; + } + if (pgp_mode == 1 && *cur == '\n') { +// Skip this empty line (last line of PGP headers) +cur++; +// Do not skip more newlines +pgp_mode++; + } field_begin = cur; readsize = end - field_begin < READSIZE ? end - field_begin : READSIZE; if (!readsize) @@ -145,6 +165,12 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa } value_size = value_end - value_begin; + if (pgp_mode == 1) { +// Skip this entry (3 == ':' + ' ' + '\n') +cur += field_size + value_size + 3; +continue; + } + field_string.string = field_begin; field_string.size = field_size; value_string.string = value_begin; -- 1.7.10
Processed: Re: Bug#674060: Doesn't support reading InRelease files
Processing commands for cont...@bugs.debian.org: > tags 674060 + patch Bug #674060 [src:libdebian-installer] Doesn't support reading InRelease files Added tag(s) patch. > thanks Stopping processing here. Please contact me if you need assistance. -- 674060: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674060 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.133787512512872.transcr...@bugs.debian.org
Bug#674060: Doesn't support reading InRelease files
tags 674060 + patch thanks On 22/05/12 21:36, Mehdi Dogguy wrote: It seems that src/release.c:di_release_read_file can't read InRelease files (yet) because it is not strictly an rfc822 file. Please find attached a tentative patch to add support for InRelease files to libd-i. It makes src/parser_rfc822.c:di_parser_rfc822_read skip PGP signature and headers. Regards, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ >From caeda32359b1f3cbff3da9777d646f92f8c6b479 Mon Sep 17 00:00:00 2001 From: Mehdi Dogguy Date: Wed, 23 May 2012 13:18:59 +0200 Subject: [PATCH] Add support for InRelease files (Closes: #674060) --- src/parser_rfc822.c | 22 ++ 1 file changed, 22 insertions(+) diff --git a/src/parser_rfc822.c b/src/parser_rfc822.c index 67aa412..7049223 100644 --- a/src/parser_rfc822.c +++ b/src/parser_rfc822.c @@ -60,6 +60,7 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa di_rstring field_modifier_string; di_rstring value_string; void *act = NULL; + int pgp_mode = 0; cur = begin; end = begin + size; @@ -81,6 +82,19 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa while (1) { + if (!strncmp(cur, "-BEGIN PGP SIGNED MESSAGE-", 34)) + { +// Enable pgp_mode +pgp_mode = 1; +// Let's skip this line +cur += 35; + } + else if (!strncmp(cur, "-BEGIN PGP SIGNATURE-", 29)) + { +// Let's exit, the rest of the file is not interesting +cur += size; +break; + } field_begin = cur; readsize = end - field_begin < READSIZE ? end - field_begin : READSIZE; if (!readsize) @@ -145,6 +159,14 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa } value_size = value_end - value_begin; + if (pgp_mode == 1 && !strncmp(field_begin, "Hash", field_size)) { +// Do not skip more "Hash" fields +pgp_mode++; +// Skip this entry (4 == ':' + ' ' + '\n' + '\n') +cur += field_size + value_size + 4; +continue; + } + field_string.string = field_begin; field_string.size = field_size; value_string.string = value_begin; -- 1.7.10
Bug#674060: Doesn't support reading InRelease files
Source: libdebian-installer Version: 0.80 Severity: important Tags: d-i Hi, It seems that src/release.c:di_release_read_file can't read InRelease files (yet) because it is not strictly an rfc822 file. It would be nice to fix this in time for Wheezy so that we can consider getting rid of Release{,.gpg} files after Wheezy release. This issue blocks #673625. Regards, -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120522193627.12051.79029.reportbug@potassium