From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-apps-return-38953-listarch-cygwin-apps=sources.redhat.com@cygwin.com>
Received: (qmail 61654 invoked by alias); 11 Dec 2017 21:41:50 -0000
Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm
Precedence: bulk
Sender: cygwin-apps-owner@cygwin.com
List-Id: <cygwin-apps.cygwin.com>
List-Subscribe: <mailto:cygwin-apps-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin-apps/>
List-Post: <mailto:cygwin-apps@cygwin.com>
List-Help: <mailto:cygwin-apps-help@cygwin.com>, <http://sourceware.org/lists.html#faqs>
Mail-Followup-To: cygwin-apps@cygwin.com
Received: (qmail 61472 invoked by uid 89); 11 Dec 2017 21:41:50 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-25.8 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,SPF_HELO_PASS,SPF_PASS,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 spammy=Installation
X-HELO: limerock01.mail.cornell.edu
Received: from limerock01.mail.cornell.edu (HELO limerock01.mail.cornell.edu) (128.84.13.241) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 11 Dec 2017 21:41:48 +0000
X-CornellRouted: This message has been Routed already.
Received: from authusersmtp.mail.cornell.edu (granite3.serverfarm.cornell.edu [10.16.197.8])	by limerock01.mail.cornell.edu (8.14.4/8.14.4_cu) with ESMTP id vBBLfkU7016660;	Mon, 11 Dec 2017 16:41:46 -0500
Received: from nothing.nyroc.rr.com (mta-68-175-129-7.twcny.rr.com [68.175.129.7] (may be forged))	(authenticated bits=0)	by authusersmtp.mail.cornell.edu (8.14.4/8.12.10) with ESMTP id vBBLfaAL010525	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);	Mon, 11 Dec 2017 16:41:45 -0500
From: Ken Brown <kbrown@cornell.edu>
To: cygwin-apps@cygwin.com
Subject: [PATCH setup draft 4/4] If signature validation is turned off, check 'release:' tag
Date: Mon, 11 Dec 2017 21:41:00 -0000
Message-Id: <20171211214136.6500-5-kbrown@cornell.edu>
In-Reply-To: <20171211214136.6500-1-kbrown@cornell.edu>
References: <20171211214136.6500-1-kbrown@cornell.edu>
X-PMX-Cornell-Gauge: Gauge=XXXXX
X-PMX-CORNELL-AUTH-RESULTS: dkim-out=none;
X-IsSubscribed: yes
X-SW-Source: 2017-12/txt/msg00064.txt.bz2

If we aren't doing signature validation, look instead for "release:
cygwin" in the setup.ini files.  If this fails for an official mirror,
reject the mirror.  If it fails for a purported private mirror,
silently change the status of the site to "user site" and put a note
in the log file.  This change will take effect on the next setup run
or if the user selects 'Back'.
---
 ini.cc     | 29 ++++++++++++++++++++++++-----
 res.rc     |  1 +
 resource.h |  1 +
 3 files changed, 26 insertions(+), 5 deletions(-)

diff --git a/ini.cc b/ini.cc
index 62b7e83..3cffa82 100644
--- a/ini.cc
+++ b/ini.cc
@@ -271,11 +271,15 @@ do_local_ini (HWND owner)
 }
 
 static void
-mirror_warn (site_list_type site)
+mirror_warn (site_list_type site, bool sig)
 {
-  Log (LOG_BABBLE) << "Signature validation failed for " << site.url
-		   << " using the cygwin key but succeeded using other keys.  "
-		   << endLog;
+  if (sig)
+    Log (LOG_BABBLE) << "Signature validation failed for " << site.url
+		     << " using the cygwin key but succeeded using other keys.  "
+		     << endLog;
+  else
+    Log (LOG_BABBLE) << "setup.ini from " << site.url
+		     << " is not from the cygwin release." << endLog;
   Log (LOG_BABBLE) << "Changing status from 'mirror' to 'user site'." << endLog;
   SiteList::iterator i = find (all_site_list.begin (), all_site_list.end (), site);
   if (i != all_site_list.end ())
@@ -343,7 +347,7 @@ do_remote_ini (HWND owner)
 	  if (ini_file)
 	    {
 	      if (n->is_mirror && !main_key_only)
-		mirror_warn (*n);
+		mirror_warn (*n, true);
 	      break;
 	    }
 	}
@@ -369,6 +373,21 @@ do_remote_ini (HWND owner)
 	    }
 	  else
 	    {
+	      if (NoVerifyOption && n->is_mirror && aBuilder.release != "cygwin")
+		{
+		  if (n->from_mirrors_lst)
+		    {
+		      // Reject setup.ini.
+		      note (owner, IDS_SETUPINI_NOTCYGWIN,
+			    SetupBaseName.c_str (), n->url.c_str ());
+		      delete ini_file;
+		      ini_file = NULL;
+		      continue;
+		    }
+		  else
+		    mirror_warn (*n, false);
+		}
+
 	      /* save known-good setup.ini locally */
 	      const std::string fp = "file://" + local_dir + "/" +
 				      rfc1738_escape_part (n->url) +
diff --git a/res.rc b/res.rc
index 14f1109..cd202e0 100644
--- a/res.rc
+++ b/res.rc
@@ -562,6 +562,7 @@ BEGIN
     IDS_MIRROR_LST          "http://cygwin.com/mirrors.lst"
     IDS_ERR_OPEN_WRITE      "Can't open %s for writing: %s"
     IDS_SETUPINI_MISSING    "Unable to get %s from <%s>"
+    IDS_SETUPINI_NOTCYGWIN  "%s from <%s> is not from cygwin release"
     IDS_OLD_SETUPINI        "This setup.ini is older than the one you used last time you installed cygwin.  Proceed anyway?"
     IDS_NOTHING_INSTALLED   "Nothing needed to be installed"
     IDS_INSTALL_COMPLETE    "Installation Complete"
diff --git a/resource.h b/resource.h
index 79575fb..666e93b 100644
--- a/resource.h
+++ b/resource.h
@@ -39,6 +39,7 @@
 #define IDS_ELEVATED			  139
 #define IDS_INSTALLEDB_VERSION            140
 #define IDS_DOWNLOAD_INCOMPLETE_EXIT      141
+#define IDS_SETUPINI_NOTCYGWIN            142
 
 // Dialogs
 
-- 
2.15.1