texlive[48130] Master/tlpkg/TeXLive: more detailed error checking
commits+preining at tug.org
commits+preining at tug.org
Wed Jul 4 00:24:08 CEST 2018
Revision: 48130
http://tug.org/svn/texlive?view=revision&revision=48130
Author: preining
Date: 2018-07-04 00:24:07 +0200 (Wed, 04 Jul 2018)
Log Message:
-----------
more detailed error checking during signature verification
Modified Paths:
--------------
trunk/Master/tlpkg/TeXLive/TLCrypto.pm
trunk/Master/tlpkg/TeXLive/TLPDB.pm
trunk/Master/tlpkg/TeXLive/TLUtils.pm
Modified: trunk/Master/tlpkg/TeXLive/TLCrypto.pm
===================================================================
--- trunk/Master/tlpkg/TeXLive/TLCrypto.pm 2018-07-03 22:15:38 UTC (rev 48129)
+++ trunk/Master/tlpkg/TeXLive/TLCrypto.pm 2018-07-03 22:24:07 UTC (rev 48130)
@@ -252,6 +252,17 @@
debug("verify_checksum: download did not succeed for $checksum_url\n");
return($VS_CONNECTION_ERROR, "download did not succeed: $checksum_url");
}
+
+ # check that we have a non-trivial size for the checksum file
+ # the size should be at least 128 + 1 + length(filename) > 129
+ {
+ my $css = -s $checksum_file;
+ if ($css <= 128) {
+ debug("verify_checksum: size of checksum file suspicious: $css\n");
+ return($VS_CONNECTION_ERROR, "download corrupted: $checksum_url");
+ }
+ }
+
# check the signature
my ($ret, $msg) = verify_signature($checksum_file, $checksum_url);
@@ -418,6 +429,26 @@
my $signature_file
= TeXLive::TLUtils::download_to_temp_or_file($signature_url);
if ($signature_file) {
+ {
+ # we expect a signature to be at least
+ # 30 header line + 30 footer line + 256 > 300
+ my $sigsize = -s $signature_file;
+ if ($sigsize < 300) {
+ debug("cryptographic signature seems to be corrupted (size $sigsize<300): $signature_url, $signature_file\n");
+ return($VS_UNSIGNED, "cryptographic signature download seems to be corrupted (size $sigsize<300)");
+ }
+ }
+ # check also the first line of the signature file for
+ # -----BEGIN PGP SIGNATURE-----
+ {
+ open my $file, '<', $signature_file;
+ chomp(my $firstLine = <$file>);
+ close $file;
+ if ($firstLine !~ m/^-----BEGIN PGP SIGNATURE-----/) {
+ debug("cryptographic signature seems to be corrupted (first line not signature): $signature_url, $signature_file, $firstLine\n");
+ return($VS_UNSIGNED, "cryptographic signature download seems to be corrupted (first line of $signature_url not signature: $firstLine)");
+ }
+ }
my ($ret, $out) = gpg_verify_signature($file, $signature_file);
if ($ret == 1) {
# no need to show the output
Modified: trunk/Master/tlpkg/TeXLive/TLPDB.pm
===================================================================
--- trunk/Master/tlpkg/TeXLive/TLPDB.pm 2018-07-03 22:15:38 UTC (rev 48129)
+++ trunk/Master/tlpkg/TeXLive/TLPDB.pm 2018-07-03 22:24:07 UTC (rev 48130)
@@ -370,7 +370,7 @@
} elsif ($r == $VS_CONNECTION_ERROR) {
tldie("$0: cannot download: $m\n");
} elsif ($r == $VS_UNSIGNED) {
- debug("$0: remote database checksum is not signed, continuing anyway!\n");
+ debug("$0: remote database checksum is not signed, continuing anyway: $m\n");
$self->verification_status($r);
} elsif ($r == $VS_GPG_UNAVAILABLE) {
debug("$0: TLPDB: no gpg available, continuing anyway!\n");
Modified: trunk/Master/tlpkg/TeXLive/TLUtils.pm
===================================================================
--- trunk/Master/tlpkg/TeXLive/TLUtils.pm 2018-07-03 22:15:38 UTC (rev 48129)
+++ trunk/Master/tlpkg/TeXLive/TLUtils.pm 2018-07-03 22:24:07 UTC (rev 48130)
@@ -3908,7 +3908,8 @@
=item C<< download_to_temp_or_file($url) >>
-If C<$url> tries to download the file into a temporary file.
+If C<$url> is a url, tries to download the file into a temporary file.
+Otherwise assume that C<$url> is a local file.
In both cases returns the local file.
Returns the local file name if succeeded, otherwise undef.
More information about the tex-live-commits
mailing list