My previous patch contained a missing instance of DEBSIG_KEYRINGS_FMT,
I'm sorry for that. Attached is a updated version.
>From f2e7429cbc583d878f369498984729c7dc67126b Mon Sep 17 00:00:00 2001
From: Michael Vogt <m...@ubuntu.com>
Date: Mon, 18 Aug 2014 15:55:41 +0200
Subject: [PATCH] Add a new --rootdir commandline option to allow a different
rootdir
This option allows to verify against a alternative policy location.
Useful for testing or verification as non-root user.
---
debian/changelog | 6 ++++++
debsig-verify.c | 13 ++++++++++---
debsig.h | 5 +++--
gpg-parse.c | 4 ++--
4 files changed, 21 insertions(+), 7 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 8967e8d..2d5aca1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+debsig-verify (0.10.1) UNRELEASED; urgency=low
+
+ * add --rootdir option to use a alternative root directory
+
+ -- Michael Vogt <michael.v...@ubuntu.com> Mon, 18 Aug 2014 15:41:53 +0200
+
debsig-verify (0.10) unstable; urgency=low
* Add exit status codes to the man page.
diff --git a/debsig-verify.c b/debsig-verify.c
index a09f534..4319caf 100644
--- a/debsig-verify.c
+++ b/debsig-verify.c
@@ -34,6 +34,7 @@
#include "debsig.h"
char originID[2048];
+char *rootdir = "";
char *deb = NULL;
FILE *deb_fs = NULL;
@@ -286,7 +287,8 @@ Usage: %s [ options ] <deb>\n\n\
'Selection' block of the policies only.\n\
--use-policy <name> Used in conjunction with the above\n\
option. This allows you to specify the\n\
- short name of the policy you wish to try.\n",
+ short name of the policy you wish to try.\n\
+ --rootdir <dir> Use a alternative root directory for policy lookup\n",
dpkg_get_progname());
exit(1);
}
@@ -347,6 +349,12 @@ int main(int argc, char *argv[]) {
ds_printf(DS_LEV_ERR, "--use-policy requires an argument");
outputUsage();
}
+ } else if (!strcmp(argv[i], "--rootdir")) {
+ rootdir = argv[++i];
+ if (i == argc || rootdir[0] == '-') {
+ ds_printf(DS_LEV_ERR, "--rootdir requires an argument");
+ outputUsage();
+ }
} else
outputUsage();
}
@@ -371,8 +379,7 @@ int main(int argc, char *argv[]) {
strncpy(originID, tmpID, sizeof(originID));
/* Now we have an ID, let's check the policy to use */
-
- snprintf(buf, sizeof(buf) - 1, DEBSIG_POLICIES_DIR_FMT, originID);
+ snprintf(buf, sizeof(buf) - 1, DEBSIG_POLICIES_DIR_FMT, rootdir, originID);
if ((pd = opendir(buf)) == NULL)
ds_fail_printf(DS_FAIL_UNKNOWN_ORIGIN,
"Could not open Origin dir %s: %s\n", buf, strerror(errno));
diff --git a/debsig.h b/debsig.h
index 3c492b0..1b81681 100644
--- a/debsig.h
+++ b/debsig.h
@@ -17,8 +17,8 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
-#define DEBSIG_POLICIES_DIR_FMT DEBSIG_POLICIES_DIR"/%s"
-#define DEBSIG_KEYRINGS_FMT DEBSIG_KEYRINGS_DIR"/%s/%s"
+#define DEBSIG_POLICIES_DIR_FMT "%s"DEBSIG_POLICIES_DIR"/%s"
+#define DEBSIG_KEYRINGS_FMT "%s"DEBSIG_KEYRINGS_DIR"/%s/%s"
#define GPG_PROG "/usr/bin/gpg"
@@ -93,3 +93,4 @@ extern int ds_debug_level;
extern FILE *deb_fs;
extern char *deb;
extern char originID[];
+extern char *rootdir;
diff --git a/gpg-parse.c b/gpg-parse.c
index bae2181..ab450af 100644
--- a/gpg-parse.c
+++ b/gpg-parse.c
@@ -56,7 +56,7 @@ char *getKeyID (const struct match *mtc) {
gpg_init();
snprintf(buf, sizeof(buf) - 1, GPG_PROG" "GPG_ARGS_FMT" --list-packets -q "DEBSIG_KEYRINGS_FMT,
- GPG_ARGS, originID, mtc->file);
+ GPG_ARGS, rootdir, originID, mtc->file);
if ((ds = popen(buf, "r")) == NULL) {
perror("gpg");
@@ -180,7 +180,7 @@ int gpgVerify(const char *data, struct match *mtc, const char *sig) {
gpg_init();
- snprintf(keyring, sizeof(keyring) - 1, DEBSIG_KEYRINGS_FMT, originID, mtc->file);
+ snprintf(keyring, sizeof(keyring) - 1, DEBSIG_KEYRINGS_FMT, rootdir, originID, mtc->file);
if (stat(keyring, &st)) {
ds_printf(DS_LEV_DEBUG, "gpgVerify: could not stat %s", keyring);
return 0;
--
2.0.0.rc0
