My previous patch contained a missing instance of DEBSIG_KEYRINGS_FMT,
I'm sorry for that. Attached is a updated version.
From f2e7429cbc583d878f369498984729c7dc67126b Mon Sep 17 00:00:00 2001
From: Michael Vogt m...@ubuntu.com
Date: Mon, 18 Aug 2014 15:55:41 +0200
Subject: [PATCH] Add a new --rootdir commandline option to allow a different
rootdir
This option allows to verify against a alternative policy location.
Useful for testing or verification as non-root user.
---
debian/changelog | 6 ++
debsig-verify.c | 13 ++---
debsig.h | 5 +++--
gpg-parse.c | 4 ++--
4 files changed, 21 insertions(+), 7 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 8967e8d..2d5aca1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+debsig-verify (0.10.1) UNRELEASED; urgency=low
+
+ * add --rootdir option to use a alternative root directory
+
+ -- Michael Vogt michael.v...@ubuntu.com Mon, 18 Aug 2014 15:41:53 +0200
+
debsig-verify (0.10) unstable; urgency=low
* Add exit status codes to the man page.
diff --git a/debsig-verify.c b/debsig-verify.c
index a09f534..4319caf 100644
--- a/debsig-verify.c
+++ b/debsig-verify.c
@@ -34,6 +34,7 @@
#include debsig.h
char originID[2048];
+char *rootdir = ;
char *deb = NULL;
FILE *deb_fs = NULL;
@@ -286,7 +287,8 @@ Usage: %s [ options ] deb\n\n\
'Selection' block of the policies only.\n\
--use-policy name Used in conjunction with the above\n\
option. This allows you to specify the\n\
- short name of the policy you wish to try.\n,
+ short name of the policy you wish to try.\n\
+ --rootdir dir Use a alternative root directory for policy lookup\n,
dpkg_get_progname());
exit(1);
}
@@ -347,6 +349,12 @@ int main(int argc, char *argv[]) {
ds_printf(DS_LEV_ERR, --use-policy requires an argument);
outputUsage();
}
+ } else if (!strcmp(argv[i], --rootdir)) {
+ rootdir = argv[++i];
+ if (i == argc || rootdir[0] == '-') {
+ ds_printf(DS_LEV_ERR, --rootdir requires an argument);
+ outputUsage();
+ }
} else
outputUsage();
}
@@ -371,8 +379,7 @@ int main(int argc, char *argv[]) {
strncpy(originID, tmpID, sizeof(originID));
/* Now we have an ID, let's check the policy to use */
-
-snprintf(buf, sizeof(buf) - 1, DEBSIG_POLICIES_DIR_FMT, originID);
+snprintf(buf, sizeof(buf) - 1, DEBSIG_POLICIES_DIR_FMT, rootdir, originID);
if ((pd = opendir(buf)) == NULL)
ds_fail_printf(DS_FAIL_UNKNOWN_ORIGIN,
Could not open Origin dir %s: %s\n, buf, strerror(errno));
diff --git a/debsig.h b/debsig.h
index 3c492b0..1b81681 100644
--- a/debsig.h
+++ b/debsig.h
@@ -17,8 +17,8 @@
* along with this program. If not, see https://www.gnu.org/licenses/.
*/
-#define DEBSIG_POLICIES_DIR_FMT DEBSIG_POLICIES_DIR/%s
-#define DEBSIG_KEYRINGS_FMT DEBSIG_KEYRINGS_DIR/%s/%s
+#define DEBSIG_POLICIES_DIR_FMT %sDEBSIG_POLICIES_DIR/%s
+#define DEBSIG_KEYRINGS_FMT %sDEBSIG_KEYRINGS_DIR/%s/%s
#define GPG_PROG /usr/bin/gpg
@@ -93,3 +93,4 @@ extern int ds_debug_level;
extern FILE *deb_fs;
extern char *deb;
extern char originID[];
+extern char *rootdir;
diff --git a/gpg-parse.c b/gpg-parse.c
index bae2181..ab450af 100644
--- a/gpg-parse.c
+++ b/gpg-parse.c
@@ -56,7 +56,7 @@ char *getKeyID (const struct match *mtc) {
gpg_init();
snprintf(buf, sizeof(buf) - 1, GPG_PROG GPG_ARGS_FMT --list-packets -q DEBSIG_KEYRINGS_FMT,
- GPG_ARGS, originID, mtc-file);
+ GPG_ARGS, rootdir, originID, mtc-file);
if ((ds = popen(buf, r)) == NULL) {
perror(gpg);
@@ -180,7 +180,7 @@ int gpgVerify(const char *data, struct match *mtc, const char *sig) {
gpg_init();
-snprintf(keyring, sizeof(keyring) - 1, DEBSIG_KEYRINGS_FMT, originID, mtc-file);
+snprintf(keyring, sizeof(keyring) - 1, DEBSIG_KEYRINGS_FMT, rootdir, originID, mtc-file);
if (stat(keyring, st)) {
ds_printf(DS_LEV_DEBUG, gpgVerify: could not stat %s, keyring);
return 0;
--
2.0.0.rc0