summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulian Andres Klode <julian.klode@canonical.com>2024-11-29 09:38:00 +0100
committerJulian Andres Klode <julian.klode@canonical.com>2024-11-29 09:38:00 +0100
commit00b4aa9c1d7f50a6e45c72e7a7c417975932cabb (patch)
treeee501bbe7e7a1c722f9ff9e54670e511673c2988
parent7e68eb820ee613e6685cdbf48893e87636b4031a (diff)
Avoid extension check for .gpg
We only ever documented .gpg and .asc and have ensured that only such files exist in the keyring, but people can set the Signed-By option to keys with any random extension, as that was not validated before by apt-key. This doesn't change the behavior for trusted.gpg.d: We filter the directory listing and only look at .gpg and .asc files. Closes: #1088656
-rw-r--r--apt-pkg/contrib/gpgv.cc24
1 files changed, 12 insertions, 12 deletions
diff --git a/apt-pkg/contrib/gpgv.cc b/apt-pkg/contrib/gpgv.cc
index 43c634dde..19e7b9f87 100644
--- a/apt-pkg/contrib/gpgv.cc
+++ b/apt-pkg/contrib/gpgv.cc
@@ -230,18 +230,6 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG,
apt_warning(std::cerr, statusfd, fd, "The key(s) in the keyring %s are ignored as the file is not readable by user executing apt-key.\n", k.c_str());
return "";
}
- if (APT::String::Endswith(k, ".gpg") || APT::String::Endswith(k, ".pub"))
- {
- unsigned char c;
- if (not keyFd.Read(&c, sizeof(c)))
- goto err;
- // Identify the leading byte of an OpenPGP public key packet
- // 0x98 -- old-format OpenPGP public key packet, up to 255 octets
- // 0x99 -- old-format OpenPGP public key packet, 256-65535 octets
- // 0xc6 -- new-format OpenPGP public key packet, any length
- if (c == 0x98 || c == 0x99 || c == 0xc6)
- return k;
- }
else if (APT::String::Endswith(k, ".asc"))
{
std::string b64msg;
@@ -269,6 +257,18 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG,
local_exit.files.push_back(dearmoredFd.Name());
return dearmoredFd.Name();
}
+ else
+ {
+ unsigned char c;
+ if (not keyFd.Read(&c, sizeof(c)))
+ goto err;
+ // Identify the leading byte of an OpenPGP public key packet
+ // 0x98 -- old-format OpenPGP public key packet, up to 255 octets
+ // 0x99 -- old-format OpenPGP public key packet, 256-65535 octets
+ // 0xc6 -- new-format OpenPGP public key packet, any length
+ if (c == 0x98 || c == 0x99 || c == 0xc6)
+ return k;
+ }
err:
apt_warning(std::cerr, statusfd, fd, "The key(s) in the keyring %s are ignored as the file has an unsupported filetype.", k.c_str());
return "";