From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id EE96515813A for ; Fri, 10 Jan 2025 13:15:10 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 45DBAE07D8; Fri, 10 Jan 2025 13:15:10 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 28C0FE07D7 for ; Fri, 10 Jan 2025 13:15:10 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 2D90B335D72 for ; Fri, 10 Jan 2025 13:15:09 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 7A4EAAED for ; Fri, 10 Jan 2025 13:15:07 +0000 (UTC) From: "Michał Górny" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Michał Górny" Message-ID: <1736514902.c80dc591e4803f5f2feacde4a79d339c0cc2e3b5.mgorny@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: eclass/ X-VCS-Repository: repo/gentoo X-VCS-Files: eclass/verify-sig.eclass X-VCS-Directories: eclass/ X-VCS-Committer: mgorny X-VCS-Committer-Name: Michał Górny X-VCS-Revision: c80dc591e4803f5f2feacde4a79d339c0cc2e3b5 X-VCS-Branch: master Date: Fri, 10 Jan 2025 13:15:07 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 0ed48e73-50be-42eb-876f-e8687de2132c X-Archives-Hash: 62ff6b6c71403fdcbee439d2fa73cdd1 commit: c80dc591e4803f5f2feacde4a79d339c0cc2e3b5 Author: Michał Górny gentoo org> AuthorDate: Mon Dec 23 14:28:36 2024 +0000 Commit: Michał Górny gentoo org> CommitDate: Fri Jan 10 13:15:02 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c80dc591 verify-sig.eclass: Add verify-sig_uncompress_verify_unpack Add a function that carries out the surprisingly common pattern of uncompress-verify-unpack found in kernel.org distfiles, where the signature is created against the uncompressed archive rather than the actual distfile. Just like the code currently copied across ebuilds, the function uses a pipeline to simultaneously decompress, unpack and verify the signature, except with correct error handling this time. Note that the code technically implies that the archive will be unpacked even if the signature does not match -- the ebuild will abort afterwards. Thanks to Ulrich Müller for the suggestion! Signed-off-by: Michał Górny gentoo.org> eclass/verify-sig.eclass | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass index 0e6b9b43e557..12b689f0f4b2 100644 --- a/eclass/verify-sig.eclass +++ b/eclass/verify-sig.eclass @@ -1,4 +1,4 @@ -# Copyright 2020-2024 Gentoo Authors +# Copyright 2020-2025 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 # @ECLASS: verify-sig.eclass @@ -48,6 +48,8 @@ esac if [[ -z ${_VERIFY_SIG_ECLASS} ]]; then _VERIFY_SIG_ECLASS=1 +inherit eapi9-pipestatus + IUSE="verify-sig" # @ECLASS_VARIABLE: VERIFY_SIG_METHOD @@ -423,6 +425,36 @@ verify-sig_verify_signed_checksums() { esac } +# @FUNCTION: verify-sig_uncompress_verify_unpack +# @USAGE: [] +# @DESCRIPTION: +# Uncompress the tarball, verify the uncompressed +# archive against the signature in and unpack it. This is +# useful for kernel.org packages that sign the uncompressed tarball +# instead of the compressed archive. can either be passed +# directly, or it defaults to VERIFY_SIG_OPENPGP_KEY_PATH. The function +# dies if verification or any of the unpacking steps fail. +verify-sig_uncompress_verify_unpack() { + local file=${1} + local unpacker + + # TODO: integrate with unpacker.eclass somehow? + case ${file} in + *.tar.xz) + unpacker=( xz -cd ) + ;; + *) + die "${FUNCNAME}: only .tar.xz archives are supported at the moment" + ;; + esac + + einfo "Unpacking ${file} ..." + verify-sig_verify_detached - "${@:2}" < <( + "${unpacker[@]}" "${file}" | tee >(tar -xf - || die) + pipestatus || die + ) +} + # @FUNCTION: verify-sig_src_unpack # @DESCRIPTION: # Default src_unpack override that verifies signatures for all