************************************************************************
* Do not Cc: me, because I READ THIS LIST, if I write here *
* Keine Cc: am mich, ich LESE DIESE LISTE wenn ich hier schreibe *
************************************************************************
Hello,
on my "Devel" site, someone can upload Debian Sources/Packages but they
must be signed.
OK the first file looks like
---[ command 'tddebdevel --get-changes tdddbidate' ]---------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 31 May 2006 17:11:22 +0200
Source: tddebidate
Binary: tddebidate
Architecture: source all
Version: 0.4.7
Distribution: unstable
Urgency: low
Maintainer: Michelle Konzack <linux4michelle@xxxxxxxxxx>
Changed-By: Michelle Konzack <linux4michelle@xxxxxxxxxx>
Description:
tddebidate - Show Debian packages by install date/time
Changes:
tddebidate (0.4.7) unstable; urgency=low
.
* Correcting weiredbehaviour of translated TEXT strings in Xdialog
Files:
0de5e54938bd20a1d0e2ace0eec55708 513 admin extra tddebidate_0.4.7.dsc
0f6c5b8d180989dac99f0f6fcc3d4a13 6973 admin extra tddebidate_0.4.7.tar.gz
d2a9d9bc0ac86d861613c1e4d27d8920 8456 admin extra tddebidate_0.4.7_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFEfch5C0FPBMSS+BIRAsYUAJsEwzmzWljrQtGmH+tgmScxOLx8jACfYgFO
FVhP6Wpw75B7TD+QRbGxtsg=
=T2pr
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
and the seconed (.dsc file) is similar.
Does anyone know a tool which is able to check this signature IF the
PHP5 script runs on the Web-Server?
Currently I do things like:
----[ '/var/www/debian.devel/htdocs/index.php' ]------------------------
$DIR_BASE=/var/www/customers/konzack
$DIR_HOST=$DIR_BASE/debian.devel
$DIR_TMP=$DIR_BASE/TMP
$DIR_GPG=$DIR_BASE/GNUPG
exec("sed '^/Format:/,/^$/!d' $DIR_TMP/$UPLOAD_ID/$CHANGES |grep '.' >$DIR_TMP/$UPLOAD_ID/$CHANGES.txt");
exec("sed '/^-----BEGIN PHP SIGNATURE/,/^-----END PHP SIGNATURE/p' $DIR_TMP/$UPLOAD_ID/$CHANGES >$DIR_TMP/$UPLOAD_ID/$CHANGES.sig");
exec("gpg --homedir $DIR_GPG/GNUPG --verify $DIR_TMP/$UPLOAD_ID/$CHANGES.sig $DIR_TMP/$UPLOAD_ID/$CHANGES.txt"; FOO; GPGRET);
if ($GPGRET) {
$FLAG = "true";
} else {
echo "I do not like this files...\n";
exec("rm --force $DIR_TMP/$UPLOAD_ID/* ; rmdir --ignore-fail-on-non-empty $DIR_TMP/$ID")
$FLAG = "false";
}
------------------------------------------------------------------------
What I realy dislike are the exec() calls.
Any native PHP5 suggestions which are working faster with less resources?
Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
+49/177/9351947 50, rue de Soultz MSN LinuxMichi
+33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
<<attachment: signature.pgp>>
