Allow to specify - as APT_CONFIG for stdin
If - is specified as a config file, we will use stdin instead, after seeking to 0. This will be used to implement configuration passing for apt-key.

If - is specified as a config file, we will use stdin instead, after seeking to 0. This will be used to implement configuration passing for apt-key.
gpgv: Pass current config to apt-key on a file-based stdin
This allows apt-key to read the current config file. The file is created and directly unlinked, so we do not have to keep track of it and do the same stuff we do for the split gpgv files.
Debian · julian-klode · julian-klode
Unified Split

Showing with 49 additions and 3 deletions.

+7 −2 apt-pkg/contrib/configuration.cc

+41 −0 apt-pkg/contrib/gpgv.cc

+1 −1 apt-pkg/init.cc
diff --git a/apt-pkg/contrib/configuration.cc b/apt-pkg/contrib/configuration.cc
@@ -681,8 +681,13 @@ static void leaveCurrentScope(std::stack<std::string> &Stack, std::string &Paren
 bool ReadConfigFile(Configuration &Conf,const string &FName,bool const &AsSectional,
 		    unsigned const &Depth)
 {
-   // Open the stream for reading
-   ifstream F(FName.c_str(),ios::in);
+   if (FName == "-") {
+      lseek(STDIN_FILENO, 0, SEEK_SET);
+   }
+
+   ifstream FStream(FName.c_str(),ios::in);
+   istream &F = FName == "-" ? cin : FStream;
+
    if (F.fail() == true)
       return _error->Errno("ifstream::ifstream",_("Opening configuration file %s"),FName.c_str());
 
diff --git a/apt-pkg/contrib/gpgv.cc b/apt-pkg/contrib/gpgv.cc
@@ -18,9 +18,11 @@
 #include <stddef.h>
 
 #include <algorithm>
+#include <fstream>
 #include <iostream>
 #include <string>
 #include <vector>
+#include <ext/stdio_filebuf.h>
 
 #include <apti18n.h>
 									/*}}}*/
@@ -32,6 +34,22 @@ static char * GenerateTemporaryFileTemplate(const char *basename)	/*{{{*/
    return strdup(out.c_str());
 }
 									/*}}}*/
+static int OpenAnonymousTemporaryFile(const char *basename)	/*{{{*/
+{
+   char * filename = GenerateTemporaryFileTemplate(basename);
+
+   if (filename == nullptr)
+      return -1;
+
+   int const fd = mkstemp(filename);
+   if (fd == -1)
+      return -1;
+
+   unlink(filename);
+   free(filename);
+   return fd;
+}
+									/*}}}*/
 // ExecGPGV - returns the command needed for verify			/*{{{*/
 // ---------------------------------------------------------------------
 /* Generating the commandline for calling gpg is somehow complicated as
@@ -98,6 +116,29 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG,
    char * sig = NULL;
    char * data = NULL;
 
+   int confFd = OpenAnonymousTemporaryFile("apt.conf");
+
+   if (confFd == -1) {
+      ioprintf(std::cerr, "Couldn't create tempfile names for passing config to apt-key during verification of %s", File.c_str());
+      exit(EINTERNAL);
+   }
+
+   __gnu_cxx::stdio_filebuf<char> filebuf(confFd, std::ios::out);
+   std::ostream configStream(&filebuf);
+   {
+      _config->Dump(configStream);
+      configStream.flush();
+
+      if (configStream.fail() == true) {
+	 ioprintf(std::cerr, "Couldn't write temporary apt config file to pass to apt-key");
+	 exit(EINTERNAL);
+      }
+
+      setenv("APT_CONFIG", "-", 1);
+      // Dup the conf fd to stdin, so we can pass it to apt-key anonymously
+      dup2(confFd, STDIN_FILENO);
+   }
+
    if (releaseSignature == DETACHED)
    {
       Args.push_back(FileGPG.c_str());
diff --git a/apt-pkg/init.cc b/apt-pkg/init.cc
@@ -128,7 +128,7 @@ bool pkgInitConfig(Configuration &Cnf)
    const char *Cfg = getenv("APT_CONFIG");
    if (Cfg != 0 && strlen(Cfg) != 0)
    {
-      if (RealFileExists(Cfg) == true)
+      if (RealFileExists(Cfg) == true || strcmp(Cfg, "-") == 0)
 	 Res &= ReadConfigFile(Cnf,Cfg);
       else
 	 _error->WarningE("RealFileExists",_("Unable to read %s"),Cfg);