Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 4 Jan 2002 19:35:21 -0500
From:      Michael Lucas <mwlucas@blackhelicopters.org>
To:        hackers@freebsd.org
Subject:   usr.sbin/pkg_install/sign code error?
Message-ID:  <20020104193521.A8254@blackhelicopters.org>
next in thread | raw e-mail | index | archive | help 
So, I'm poking at pkg_sign, trying to see what it would take to enable
GPG as well as PGP, and came across something that appears odd.  (It
might just be me, mind you.)  Pointers to clue would be appreciated,
if it's me.

First, pkg_sign doesn't seem to work at all with PGP.  I get no chance
to enter a passphrase, as all this stuff scrolls past:

pedicular~;pkg_sign imlib2-1.0.4.tgz
Short-circuiting handle_pgp_passphrase
Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses.
(c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04
International version - not for use in the USA. Does not use RSAREF.
Current time: 2002/01/05 00:19 GMT

You specified no user ID to select your secret key,
so the default user ID and key will be the most recently
added key on your secret keyring.

Error:  Bad pass phrase.
Signature error

For a usage summary, type:  pgp -h
For more detailed help, consult the PGP User's Guide.
Bus error (core dumped)
pedicular~;

So, I start tracing code.  It seems fairly straightforward; at the
point where pkg_sign should be getting a passphrase it calls
handle_pgp_passphrase.

...
void
handle_pgp_passphrase()
{
	pid_t pid;
	int fd[2];
	char *p;

printf("Short-circuiting %s\n", __FUNCTION__);
return;

		/* Retrieve the pgp passphrase */
...

Now, it sure looks to me like the "return" statement on line 233 of
pgp_sign.c unconditionally stops the action before you actually get
the PGP passphrase, tie it to a fd so you can pass it to PGP, or
anything else.  Yet this is fairly new code, and I'd guess it is
supposed to work... folks don't make a habit of committing b0rked
code, after all.

Am I just dumb, or does this really need correction?  (And no, it
doesn't work if you just whack out the printf and the return. :-)

Thanks,
==ml


-- 
Michael Lucas		mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org
my FreeBSD column: http://www.oreillynet.com/pub/q/Big_Scary_Daemons

http://www.blackhelicopters.org/~mwlucas/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020104193521.A8254>