no longer needed

3 files changed, 2 insertions, 241 deletions

diff --git a/usr.sbin/pkg_add/Makefile b/usr.sbin/pkg_add/Makefile
index cca6735ac74..ed764159b41 100644
--- a/usr.sbin/pkg_add/Makefile
+++ b/usr.sbin/pkg_add/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.85 2015/01/11 22:34:08 espie Exp $
+# $OpenBSD: Makefile,v 1.86 2016/10/04 14:27:25 espie Exp $
 
 .include <bsd.own.mk>
 
@@ -68,9 +68,7 @@ PACKAGES= \
     OpenBSD/Ustar.pm \
     OpenBSD/Vstat.pm \
     OpenBSD/FwUpdate.pm \
-    OpenBSD/md5.pm \
-    OpenBSD/signify.pm \
-    OpenBSD/x509.pm
+    OpenBSD/md5.pm
 
 PACKAGEDIRS=OpenBSD  OpenBSD/PackageRepository OpenBSD/ProgressMeter \
     OpenBSD/LibSpec
diff --git a/usr.sbin/pkg_add/OpenBSD/signify.pm b/usr.sbin/pkg_add/OpenBSD/signify.pm
deleted file mode 100644
index 20ee2eb2221..00000000000
--- a/usr.sbin/pkg_add/OpenBSD/signify.pm
+++ /dev/null
@@ -1,121 +0,0 @@
-# ex:ts=8 sw=4:
-# $OpenBSD: signify.pm,v 1.13 2014/03/18 16:40:46 espie Exp $
-#
-# Copyright (c) 2013-2014 Marc Espie <espie@openbsd.org>
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-use strict;
-use warnings;
-
-package OpenBSD::signify;
-
-use OpenBSD::PackageInfo;
-use OpenBSD::Paths;
-use File::Temp qw/mkstemp/;
-
-my $header = "untrusted comment: signify -- signature\n";
-my $cmd = OpenBSD::Paths->signify;
-my $suffix = ".sig";
-
-sub do_check
-{
-	my ($plist, $state, $sig, $pubkey) = @_;
-	my ($rdmsg, $wrmsg);
-	pipe($rdmsg, $wrmsg) or $state->fatal("Bad pipe: #1", $!);
-	return $state->system(
-	    sub {
-		    close($wrmsg);
-		    open(STDIN, '<&', $rdmsg);
-		    close($rdmsg);
-	    },
-	    sub {
-	    	close($rdmsg);
-		print $wrmsg $header, $sig, "\n";
-		$plist->write_no_sig($wrmsg);
-		close($wrmsg);
-	    },
-	    $cmd, '-V', '-q', '-p', $pubkey, '-e', '-x', '-', 
-	    '-m', '/dev/null');
-}
-
-sub compute_signature
-{
-	my ($plist, $state, $key, $pub) = @_;
-
-	my ($rdmsg, $wrmsg);
-	my ($rdsig, $wrsig);
-	pipe($rdmsg, $wrmsg) or $state->fatal("Bad pipe: #1", $!);
-	pipe($rdsig, $wrsig) or $state->fatal("Bad pipe: #1", $!);
-	my $sig;
-	$state->system(
-	    sub {
-		close($wrmsg);
-		open(STDIN, '<&', $rdmsg);
-		close($rdmsg);
-		close($rdsig);
-		open(STDOUT, '>&', $wrsig);
-		close($wrsig);
-	    },
-	    sub {
-	    	close($rdmsg);
-		close($wrsig);
-		$plist->write_no_sig($wrmsg);
-		close($wrmsg);
-		my $header = <$rdsig>;
-		$sig = <$rdsig>;
-		chomp $sig;
-		close($rdsig);
-	    },
-	    $cmd, '-S', '-q', '-s', $key, '-m', '-', '-x', '-') == 0 or 
-	    $state->fatal("problem generating signature");
-	if (defined $pub) {
-		do_check($plist, $state, $sig, $pub) == 0 or
-		    $state->fatal("public key and private key don't match");
-	}
-	return $sig;
-}
-
-
-sub check_signature
-{
-	my ($plist, $state) = @_;
-	
-	if (!$plist->has('signer')) {
-		$state->errsay("Invalid signed plist: no \@signer");
-		return 0;
-	}
-	my $signer = $plist->get('signer')->name;
-	my $pubkey = OpenBSD::Paths->signifykey($signer);
-	if (!-f $pubkey) {
-		$state->errsay("Can't find key #1 for signer #1", $pubkey, 
-		    $signer);
-		return 0;
-	}
-
-	my $sig = $plist->get('digital-signature');
-	my $rc = do_check($plist, $state, $sig->{b64sig}, $pubkey);
-	if ($rc != 0) {
-	    	$state->log("Bad signature");
-		return 0;
-	}
-	if (!grep 
-	    {ref($_) eq 'Regexp' ? $signer =~ $_ : $_ eq $signer} 
-	    @{$state->signer_list}) {
-		$state->errsay("Package signed by untrusted party #1", $signer);
-		return 0;
-	}
-	return 1;
-}
-
-1;
diff --git a/usr.sbin/pkg_add/OpenBSD/x509.pm b/usr.sbin/pkg_add/OpenBSD/x509.pm
deleted file mode 100644
index 8cc266b727c..00000000000
--- a/usr.sbin/pkg_add/OpenBSD/x509.pm
+++ /dev/null
@@ -1,116 +0,0 @@
-# ex:ts=8 sw=4:
-# $OpenBSD: x509.pm,v 1.12 2013/12/25 14:38:15 espie Exp $
-#
-# Copyright (c) 2003-2007 Marc Espie <espie@openbsd.org>
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-use strict;
-use warnings;
-
-package OpenBSD::x509;
-
-use OpenBSD::PackageInfo;
-use OpenBSD::Paths;
-use MIME::Base64;
-use File::Temp qw/mkstemp/;
-
-
-sub compute_signature
-{
-	my ($plist, $cert, $key) = @_;
-
-	open my $fh, ">", $plist->infodir.CONTENTS;
-	$plist->write_no_sig($fh);
-	close $fh;
-	open(my $sighandle, "-|", OpenBSD::Paths->openssl, "smime", "-sign",
-	    "-binary", "-signer", $cert ,"-in", $plist->infodir.CONTENTS,
-	    "-inkey", $key, "-outform", "DEM") or die;
-	my $sig;
-	sysread($sighandle, $sig, 16384);
-	close($sighandle) or die "problem generating signature $!";
-
-	return encode_base64($sig, '');
-}
-
-sub dump_certificate_info
-{
-	my $fname2 = shift;
-
-	open my $fh, "-|", OpenBSD::Paths->openssl, "asn1parse",
-	    "-inform", "DEM", "-in", $fname2;
-	my %want = map {($_, 1)}
-	    qw(countryName localityName organizationName
-	    organizationalUnitName commonName emailAddress);
-	while (<$fh>) {
-		if (m/\sprim\:\s+OBJECT\s*\:(.*)\s*$/) {
-			my $objectname = $1;
-			$_ = <$fh>;
-			if (m/\sprim\:\s+[A-Z0-9]+\s*\:(.*)\s*$/) {
-				if ($want{$objectname}) {
-					print "$objectname=$1\n";
-				}
-			}
-		}
-	}
-	close($fh);
-}
-
-sub print_certificate_info
-{
-	my $plist = shift;
-
-	my ($fh, $fname) = mkstemp("/tmp/pkgsig.XXXXXXXXX");
-	print $fh decode_base64($plist->{'digital-signature'}->{b64sig});
-	close $fh;
-	dump_certificate_info($fname);
-	unlink $fname;
-}
-
-sub check_signature
-{
-	my ($plist, $state) = @_;
-	my $sig = $plist->get('digital-signature');
-	my ($fh, $fname) = mkstemp("/tmp/pkgcontent.XXXXXXXXX");
-	my ($fh2, $fname2) = mkstemp("/tmp/pkgsig.XXXXXXXXX");
-	$plist->write_no_sig($fh);
-	print $fh2 decode_base64($sig->{b64sig});
-	close $fh;
-	close $fh2;
-	my ($fh3, $fname3) = mkstemp("/tmp/commandresult.XXXXXXXXX");
-	if ($state->system(sub { open STDERR ,">&", $fh3},
-	    OpenBSD::Paths->openssl, "smime", "-verify",
-	    "-binary", "-inform", "DEM", "-in", $fname2, "-content", $fname,
-	    "-CAfile", OpenBSD::Paths->pkgca, "-out", "/dev/null") != 0) {
-	    	close($fh3);
-	    	$state->log("Bad signature");
-		open $fh3, '<', $fname3;
-		while (<$fh3>) {
-			chomp;
-			$state->log("#1", $_);
-		}
-		close($fh3);
-		unlink $fname3;
-		return 0;
-	}
-	if ($state->verbose >= 2) {
-		dump_certificate_info($fname2);
-	}
-	close($fh3);
-	unlink $fname;
-	unlink $fname2;
-	unlink $fname3;
-	return 1;
-}
-
-1;