}
}
-=item automake_tests ( $upload_file )
+=item check_automake_vulnerabilities ( $upload_file )
Examine UPLOAD_FILE for known vulnerabilities that certain (now ancient)
versions of GNU Automake can introduce. Returns nothing, but throws an
=cut
-sub automake_tests {
+sub check_automake_vulnerabilities {
my $upload_file = shift;
die "file not found: $upload_file"
throw known_vulnerability => file => $upload_file, issues => \%issues
if %issues;
}
-}
-
-=item check_vulnerabilities ( $upload_file )
-
-Examine UPLOAD_FILE for known vulnerabilities. This is only used for
-issues related to packaging; notably an old issue in GNU Automake.
-
-Returns nothing on success and throws an exception if a known vulnerability
-is found in UPLOAD_FILE.
-
-=cut
-
-sub check_vulnerabilities {
- my $upload_file = shift;
-
- automake_tests($upload_file);
-}
-
-\f
-#
-# - [AZ] Authorization
-#
-
-=item check_files ( $directory, $oplist_header )
-
-Check the file pair in an upload by verifying the detached signature and
-ensuring that the upload, if a tarball, does not show signs of known
-vulnerabilities. This function needs only the operation list header hash
-and the directory in which the files are staged. The allowed keyrings are
-found using information in the operation list header.
-
-The upload file name is taken from the operation list header, where it was
-obtained from the "filename" directive element. The name of the detached
-signature is constructed by appending a ".sig" suffix, per PGP conventions.
-
-An exception is thrown if any of the checks fail.
-
-=cut
-
-# TODO: this is currently invoked during EX phase; should be moved to VL
-sub check_files {
- my $directory = shift;
- my $header = shift;
-
- my $upload_file = File::Spec->catfile($directory, $header->{filename});
-
- check_vulnerabilities($upload_file);
ftp_syslog('debug', "DEBUG: "
- ."tested negative for CVE-2009-4029 and CVE-2012-3386") if DEBUG;
+ ."tested negative for CVE-2009-4029 and CVE-2012-3386")
+ if DEBUG;
}
-
\f
#
# - [EX] Execution
foreach my $step (@{$oplist}[1..$#$oplist]) { # skip the header
if ($step->[0] eq 'install') {
- check_files($Scratch_dir, $header);
install_files($header, $step);
} elsif ($step->[0] eq 'symlink') {
my $target = $step->[1];
if $fsig_info->{exitcode} != 0 || defined $fsig_info->{TILT};
}
+ $Phase = 'VL';
+
+ # If the upload carries a file, check it for known Automake CVE issues.
+ check_automake_vulnerabilities
+ (File::Spec->catfile($Scratch_dir, $op_header->{filename}))
+ if find_directive_elements($directive, 'filename');
+
$Phase = 'EX';
# do the work
execute_commands($oplist);
set A(gpgv,upload-verify-failed,$expect_out(1,string)) 1
exp_continue
}
- -re {^gatekeeper\[[0-9]+\]: \(Test\) \[EX\]\
+ -re {^gatekeeper\[[0-9]+\]: \(Test\) \[(?:VL|EX)\]\
DEBUG: tested negative for CVE-[^\r\n]+} {
# from check_files, when checks for known issues pass
exp_continue
# tests are not sensitive to this message because it
# is likely to be revised as part of other refactoring
}
- # TODO: move check_files to VL phase and factor out signature check
- # to AA phase
- -re {^gatekeeper\[[0-9]+\]: \(Test\) \[EX\]\
+ -re {^gatekeeper\[[0-9]+\]: \(Test\) \[(?:VL|EX)\]\
DEBUG: testing .+ for presence of Makefile.in} {
# from check_vulnerabilities via check_files
set A(exploit-check,check-Makefile.in) 1
exp_continue
}
- -re {^gatekeeper\[[0-9]+\]: \(Test\) \[EX\]\
+ -re {^gatekeeper\[[0-9]+\]: \(Test\) \[(?:VL|EX)\]\
DEBUG: found Makefile.in, testing for [^\r\n]+} {
# from check_vulnerabilities via check_files
set A(exploit-check,found-Makefile.in) 1
exp_continue
}
- -re {^gatekeeper\[[0-9]+\]: \(Test\) \[EX\]\
+ -re {^gatekeeper\[[0-9]+\]: \(Test\) \[(?:VL|EX)\]\
upload found vulnerable to (CVE-[0-9-]+)[^\r\n]*} {
# from check_vulnerabilities via check_files
set A(exploit-check-fail,$expect_out(1,string)) 1
exp_continue
}
- # TODO: move CVE checks to VL phase
-re {^gatekeeper\[[0-9]+\]: \(Test\) \[EX\]\
[^ ]+ exists and 'replace' was not selected} {
projects / gatekeeper.git / commitdiff