From owner-freebsd-bugs Thu Jan 31 23:40:17 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 39E2837B417 for ; Thu, 31 Jan 2002 23:40:01 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g117e1f49002; Thu, 31 Jan 2002 23:40:01 -0800 (PST) (envelope-from gnats) Received: from ms1.nttdata.co.jp (ms1.nttdata.co.jp [163.135.193.232]) by hub.freebsd.org (Postfix) with ESMTP id ED7BA37B402 for ; Thu, 31 Jan 2002 23:33:58 -0800 (PST) Received: from mail0.nttdata.co.jp ([163.135.10.20]) by ms1.nttdata.co.jp (8.9.3/3.7W-NTTDATA-TOP-11/07/01) with ESMTP id QAA29629 for ; Fri, 1 Feb 2002 16:33:45 +0900 (JST) Received: from norisuke.sc.biz.nttdata.co.jp (localhost [127.0.0.1]) by mail0.nttdata.co.jp (8.9.3/3.7W-NTTDmx/01110714) with ESMTP id QAA03452 for ; Fri, 1 Feb 2002 16:30:51 +0900 (JST) Received: by norisuke.sc.biz.nttdata.co.jp (Postfix, from userid 0) id 2698A15B80; Fri, 1 Feb 2002 16:33:56 +0900 (JST) Received: from taiko.sc.biz.nttdata.co.jp (localhost [127.0.0.1]) by norisuke.sc.biz.nttdata.co.jp (Postfix) with ESMTP id B8AD733EA9; Fri, 1 Feb 2002 16:33:55 +0900 (JST) Received: from namihei.sc.biz.nttdata.co.jp (namihei.sc.biz.nttdata.co.jp [10.41.133.36]) by taiko.sc.biz.nttdata.co.jp (8.12.1/8.12.1/taiko-20011211) with ESMTP id g117Xs0m006213; Fri, 1 Feb 2002 16:33:55 +0900 (JST) Received: from classic.sc.biz.nttdata.co.jp (classic.sc.biz.nttdata.co.jp [10.41.132.81]) by namihei.sc.biz.nttdata.co.jp (Postfix) with ESMTP id AC78E2F8CE; Fri, 1 Feb 2002 16:33:54 +0900 (JST) Received: (from joshua@localhost) by classic.sc.biz.nttdata.co.jp (8.11.6/8.11.6) id g117XrI01476; Fri, 1 Feb 2002 16:33:53 +0900 (JST) (envelope-from joshua) Message-Id: <200202010733.g117XrI01476@classic.sc.biz.nttdata.co.jp> Date: Fri, 1 Feb 2002 16:33:53 +0900 (JST) From: SHIMIZU Yoshiaki Reply-To: SHIMIZU Yoshiaki To: FreeBSD-gnats-submit@freebsd.org Cc: shimizuysa@nttdata.co.jp X-Send-Pr-Version: 3.113 Subject: bin/34519: pkg_check(8) does not return exit code >0 if verifing in case of PKG_UNSIGNED or PKG_SIGUNKNOWN Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 34519 >Category: bin >Synopsis: pkg_check(8) does not return exit code >0 if verifing in case of PKG_UNSIGNED or PKG_SIGUNKNOWN >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Jan 31 23:40:00 PST 2002 >Closed-Date: >Last-Modified: >Originator: SHIMIZU Yoshiaki >Release: FreeBSD 4.5-STABLE i386 >Organization: NTT Data CORPORATION >Environment: System: FreeBSD classic.sc.biz.nttdata.co.jp 4.5-STABLE FreeBSD 4.5-STABLE #0: Thu Jan 31 16:31:05 JST 2002 joshua@classic.sc.biz.nttdata.co.jp:/usr/obj/usr/src/sys/CLASSIC i386 >Description: DIAGNOSTICS of pkg_check(8) manpage says : pkg_sign and pkg_check return with an exit code >0 if anything went wrong for any file. For pkg_check, this usually indicates that the package is not signed, or that the signature is forged. However, when verifying non-signed or non-gziped file (both PKG_UNSIGNED case), pkg_check(8) returns exit code =0 with warnning message. I use only `-t x509' option-type, but Maybe using `-t sha-1' option-type `PKG_UNKNOWN' case is looks same. It's makes problem, when detecting package integrity mismatch in shell-scripts. >How-To-Repeat: # pkg_check -t x509 -k VALID_CRT PKG_UNSIGNED.tar.gz File UNSIGNED.tar.gz is not a signed gzip file # echo $? 0 >Fix: /* $FreeBSD: src/usr.sbin/pkg_install/sign/main.c,v 1.1.2.1 2001/03/05 03:43:53 wes Exp $ */ ====== --- src/usr.sbin/pkg_install/sign/main.c.orig Mon Mar 5 12:43:53 2001 +++ src/usr.sbin/pkg_install/sign/main.c Tue Jan 29 20:30:00 2002 @@ -83,7 +83,7 @@ } result = check_signature(file, userid, envp, filename); if (fclose(file) == 0) { - if (result == PKG_BADSIG || result == PKG_SIGERROR) + if (result == PKG_BADSIG || result == PKG_UNSIGNED || result == PKG_SIGERROR || result == PKG_UNKNOWN) return 0; else return 1; >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message