Bug#674060: Doesn't support reading InRelease files
On 24/05/12 17:57, Mehdi Dogguy wrote:
On 22/05/12 21:36, Mehdi Dogguy wrote:
It seems that src/release.c:di_release_read_file can't read
InRelease files (yet) because it is not strictly an rfc822 file.
Please find attached a tentative patch to add support for InRelease
files to libd-i. It makes src/parser_rfc822.c:di_parser_rfc822_read
skip PGP signature and headers.
My first patch had a minor issue: PGP clearsign signatures may contain
one or more "Hash" fields. The PGP signature header and the signed data
are separated by an empty line (not included in the signed data). So it
seems more reasonable (if pgp_mode) to skip entries until a empty line
is reached. This is fixed in the new patch attached to this message. For
your convenience, I also attach "changes.diff" which gives the
difference between the two patches.
There is one missing check (to be fully RFC 2440 compliant), the data
needs to be dash-unescaped. While this could be mandatory in general, it
seems unnecessary in out specific case (where we read Release, Packages,
Sources, Contents and Translation files) as it means that the read file
doesn't follow its spec.
Comments are welcome.
Regards,
--
Mehdi Dogguy مهدي الدڤي
http://dogguy.org/
--- a/src/parser_rfc822.c
+++ b/src/parser_rfc822.c
@@ -89,12 +89,18 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa
// Let's skip this line
cur += 35;
}
- else if (!strncmp(cur, "-----BEGIN PGP SIGNATURE-----", 29))
+ else if (pgp_mode && !strncmp(cur, "-----BEGIN PGP SIGNATURE-----", 29))
{
// Let's exit, the rest of the file is not interesting
cur += size;
break;
}
+ if (pgp_mode == 1 && *cur == '\n') {
+ // Skip this empty line (last line of PGP headers)
+ cur++;
+ // Do not skip more newlines
+ pgp_mode++;
+ }
field_begin = cur;
readsize = end - field_begin < READSIZE ? end - field_begin : READSIZE;
if (!readsize)
@@ -159,11 +165,9 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa
}
value_size = value_end - value_begin;
- if (pgp_mode == 1 && !strncmp(field_begin, "Hash", field_size)) {
- // Do not skip more "Hash" fields
- pgp_mode++;
- // Skip this entry (4 == ':' + ' ' + '\n' + '\n')
- cur += field_size + value_size + 4;
+ if (pgp_mode == 1) {
+ // Skip this entry (3 == ':' + ' ' + '\n')
+ cur += field_size + value_size + 3;
continue;
}
>From 415831b3aa2a18019c1777698b449c0a8f2aca05 Mon Sep 17 00:00:00 2001
From: Mehdi Dogguy <mehdi@debian.org>
Date: Wed, 23 May 2012 13:18:59 +0200
Subject: [PATCH] Add support for InRelease files (Closes: #674060)
---
src/parser_rfc822.c | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/src/parser_rfc822.c b/src/parser_rfc822.c
index 67aa412..0b0f802 100644
--- a/src/parser_rfc822.c
+++ b/src/parser_rfc822.c
@@ -60,6 +60,7 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa
di_rstring field_modifier_string;
di_rstring value_string;
void *act = NULL;
+ int pgp_mode = 0;
cur = begin;
end = begin + size;
@@ -81,6 +82,25 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa
while (1)
{
+ if (!strncmp(cur, "-----BEGIN PGP SIGNED MESSAGE-----", 34))
+ {
+ // Enable pgp_mode
+ pgp_mode = 1;
+ // Let's skip this line
+ cur += 35;
+ }
+ else if (pgp_mode && !strncmp(cur, "-----BEGIN PGP SIGNATURE-----", 29))
+ {
+ // Let's exit, the rest of the file is not interesting
+ cur += size;
+ break;
+ }
+ if (pgp_mode == 1 && *cur == '\n') {
+ // Skip this empty line (last line of PGP headers)
+ cur++;
+ // Do not skip more newlines
+ pgp_mode++;
+ }
field_begin = cur;
readsize = end - field_begin < READSIZE ? end - field_begin : READSIZE;
if (!readsize)
@@ -145,6 +165,12 @@ int di_parser_rfc822_read (char *begin, size_t size, di_parser_info *info, di_pa
}
value_size = value_end - value_begin;
+ if (pgp_mode == 1) {
+ // Skip this entry (3 == ':' + ' ' + '\n')
+ cur += field_size + value_size + 3;
+ continue;
+ }
+
field_string.string = field_begin;
field_string.size = field_size;
value_string.string = value_begin;
--
1.7.10
Reply to: