version 1.16, 2019/03/23 07:10:06 |
version 1.17, 2019/12/09 09:41:54 |
|
|
const char *keytype) |
const char *keytype) |
{ |
{ |
struct gzheader h; |
struct gzheader h; |
size_t bufsize; |
size_t bufsize, len; |
char *p, *meta; |
char *p, *meta; |
uint8_t *bufend; |
uint8_t *bufend; |
int fdin, fdout; |
int fdin, fdout; |
|
|
if (!(h.flg & FCOMMENT_FLAG)) |
if (!(h.flg & FCOMMENT_FLAG)) |
errx(1, "unsigned gzip archive"); |
errx(1, "unsigned gzip archive"); |
fake[8] = h.xflg; |
fake[8] = h.xflg; |
|
len = h.endcomment-h.comment; |
|
|
p = verifyzdata(h.comment, h.endcomment-h.comment, sigfile, |
meta = xmalloc(len+1); |
|
memcpy(meta, h.comment, len); |
|
meta[len] = 0; |
|
p = verifyzdata(h.comment, len, sigfile, |
pubkeyfile, keytype); |
pubkeyfile, keytype); |
|
|
bufsize = MYBUFSIZE; |
bufsize = MYBUFSIZE; |
|
|
meta = p; |
|
#define BEGINS_WITH(x, y) memcmp((x), (y), sizeof(y)-1) == 0 |
#define BEGINS_WITH(x, y) memcmp((x), (y), sizeof(y)-1) == 0 |
|
|
while (BEGINS_WITH(p, "algorithm=SHA512/256") || |
while (BEGINS_WITH(p, "algorithm=SHA512/256") || |
|
|
*(p++) = 0; |
*(p++) = 0; |
|
|
fdout = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666); |
fdout = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666); |
/* we don't actually copy the header, but put in a fake one with about |
|
* zero useful information. |
|
*/ |
|
writeall(fdout, fake, sizeof fake, msgfile); |
writeall(fdout, fake, sizeof fake, msgfile); |
writeall(fdout, meta, p - meta, msgfile); |
writeall(fdout, meta, len+1, msgfile); |
|
free(meta); |
copy_blocks(fdout, fdin, p, h.endcomment, bufsize, bufend); |
copy_blocks(fdout, fdin, p, h.endcomment, bufsize, bufend); |
free(h.buffer); |
free(h.buffer); |
close(fdout); |
close(fdout); |