Merge branch 'rust-lang:master' into issue-2848

chansuke · web-flow · commit 89a16354e335 · 2022-02-08T02:56:07.000+09:00
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -43,7 +43,6 @@ opener = "0.5.0"
 # Used by `curl` or `reqwest` backend although it isn't imported
 # by our rustup.
 openssl = {version = "0.10", optional = true}
-pgp = {version = "0.7", default-features = false}
 pulldown-cmark = {version = "0.8", default-features = false}
 rand = "0.8"
 regex = "1"
@@ -52,6 +51,7 @@ same-file = "1"
 scopeguard = "1"
 semver = "0.11"
 serde = {version = "1.0", features = ["derive"]}
+sequoia-openpgp = { version = "1.5", default-features = false, features = ["crypto-rust", "allow-experimental-crypto", "allow-variable-time-crypto"] }
 sha2 = "0.9"
 sharded-slab = "0.1.1"
 strsim = "0.10"
diff --git a/src/cli/rustup_mode.rs b/src/cli/rustup_mode.rs
@@ -1026,6 +1026,11 @@ fn update(cfg: &mut Cfg, m: &ArgMatches<'_>) -> Result<utils::ExitCode> {
         check_rustup_update()?;
     }
 
+    if self_update::NEVER_SELF_UPDATE {
+        info!("self-update is disabled for this build of rustup");
+        info!("any updates to rustup will need to be fetched with your system package manager")
+    }
+
     Ok(utils::ExitCode(0))
 }
 
@@ -1046,8 +1051,7 @@ fn which(cfg: &Cfg, m: &ArgMatches<'_>) -> Result<utils::ExitCode> {
         cfg.which_binary_by_toolchain(toolchain, binary)?
     } else {
         cfg.which_binary(&utils::current_dir()?, binary)?
-    }
-    .expect("binary not found");
+    };
 
     utils::assert_is_file(&binary_path)?;
 
diff --git a/src/cli/self_update.rs b/src/cli/self_update.rs
@@ -153,7 +153,7 @@ home directory, located at:
 
 This can be modified with the RUSTUP_HOME environment variable.
 
-The Cargo home directory located at:
+The Cargo home directory is located at:
 
     {cargo_home}
 
@@ -209,15 +209,15 @@ but will not be added automatically."
 #[cfg(not(windows))]
 macro_rules! post_install_msg_unix {
     () => {
-        r"# Rust is installed now. Great!
+        r#"# Rust is installed now. Great!
 
 To get started you may need to restart your current shell.
 This would reload your `PATH` environment variable to include
 Cargo's bin directory ({cargo_home}/bin).
 
 To configure your current shell, run:
-    source {cargo_home}/env
-"
+    source "{cargo_home}/env"
+"#
     };
 }
 
@@ -237,14 +237,14 @@ Cargo's bin directory ({cargo_home}\\bin).
 #[cfg(not(windows))]
 macro_rules! post_install_msg_unix_no_modify_path {
     () => {
-        r"# Rust is installed now. Great!
+        r#"# Rust is installed now. Great!
 
 To get started you need Cargo's bin directory ({cargo_home}/bin) in your `PATH`
 environment variable. This has not been done automatically.
 
 To configure your current shell, run:
-    source {cargo_home}/env
-"
+    source "{cargo_home}/env"
+"#
     };
 }
 
diff --git a/src/config.rs b/src/config.rs
@@ -7,7 +7,7 @@ use std::str::FromStr;
 use std::sync::Arc;
 
 use anyhow::{anyhow, bail, Context, Result};
-use pgp::{Deserializable, SignedPublicKey};
+use sequoia_openpgp::{parse::Parse, policy, Cert};
 use serde::Deserialize;
 use thiserror::Error as ThisError;
 
@@ -155,22 +155,21 @@ impl<'a> OverrideCfg<'a> {
 }
 
 lazy_static::lazy_static! {
-    static ref BUILTIN_PGP_KEY: SignedPublicKey = pgp::SignedPublicKey::from_armor_single(
-        io::Cursor::new(&include_bytes!("rust-key.pgp.ascii")[..])
-    ).unwrap().0;
+    static ref BUILTIN_PGP_KEY: Cert =
+        Cert::from_bytes(&include_bytes!("rust-key.pgp.ascii")[..]).unwrap();
 }
 
 #[allow(clippy::large_enum_variant)] // Builtin is tiny, the rest are sane
 #[derive(Debug)]
 pub enum PgpPublicKey {
     Builtin,
-    FromEnvironment(PathBuf, SignedPublicKey),
-    FromConfiguration(PathBuf, SignedPublicKey),
+    FromEnvironment(PathBuf, Cert),
+    FromConfiguration(PathBuf, Cert),
 }
 
 impl PgpPublicKey {
     /// Retrieve the key.
-    pub(crate) fn key(&self) -> &SignedPublicKey {
+    pub(crate) fn cert(&self) -> &Cert {
         match self {
             Self::Builtin => &*BUILTIN_PGP_KEY,
             Self::FromEnvironment(_, k) => k,
@@ -194,18 +193,17 @@ impl PgpPublicKey {
             }
             Ok(ret)
         }
-        use pgp::types::KeyTrait;
         let mut ret = vec![format!("from {}", self)];
-        let key = self.key();
-        let keyid = format_hex(&key.key_id().to_vec(), "-", 4)?;
-        let algo = key.algorithm();
-        let fpr = format_hex(&key.fingerprint(), " ", 2)?;
-        let uid0 = key
-            .details
-            .users
-            .get(0)
-            .map(|u| u.id.id())
-            .unwrap_or("<No User ID>");
+        let cert = self.cert();
+        let keyid = format_hex(cert.keyid().as_bytes(), "-", 4)?;
+        let algo = cert.primary_key().pk_algo();
+        let fpr = format_hex(cert.fingerprint().as_bytes(), " ", 2)?;
+        let p = policy::StandardPolicy::new();
+        let uid0 = cert
+            .with_policy(&p, None)?
+            .primary_userid()
+            .map(|u| u.userid().to_string())
+            .unwrap_or("<No User ID>".into());
         ret.push(format!("  {:?}/{} - {}", algo, keyid, uid0));
         ret.push(format!("  Fingerprint: {}", fpr));
         Ok(ret)
@@ -277,11 +275,9 @@ impl Cfg {
         if let Some(ref s_path) = process().var_os("RUSTUP_PGP_KEY") {
             let path = PathBuf::from(s_path);
             let file = utils::open_file("RUSTUP_PGP_KEY", &path)?;
-            let (key, _) = SignedPublicKey::from_armor_single(file).map_err(|error| {
-                RustupError::InvalidPgpKey {
-                    path: s_path.into(),
-                    source: error,
-                }
+            let key = Cert::from_reader(file).map_err(|error| RustupError::InvalidPgpKey {
+                path: s_path.into(),
+                source: error,
             })?;
 
             pgp_keys.push(PgpPublicKey::FromEnvironment(path, key));
@@ -290,7 +286,7 @@ impl Cfg {
             if let Some(s) = &s.pgp_keys {
                 let path = PathBuf::from(s);
                 let file = utils::open_file("PGP Key from config", &path)?;
-                let (key, _) = SignedPublicKey::from_armor_single(file).map_err(|error| {
+                let key = Cert::from_reader(file).map_err(|error| {
                     anyhow!(RustupError::InvalidPgpKey {
                         path: s.into(),
                         source: error,
@@ -478,20 +474,20 @@ impl Cfg {
 
     pub(crate) fn which_binary_by_toolchain(
         &self,
-        toolchain: &str,
+        toolchain_name: &str,
         binary: &str,
-    ) -> Result<Option<PathBuf>> {
-        let toolchain = self.get_toolchain(toolchain, false)?;
+    ) -> Result<PathBuf> {
+        let toolchain = self.get_toolchain(toolchain_name, false)?;
         if toolchain.exists() {
-            Ok(Some(toolchain.binary_file(binary)))
+            Ok(toolchain.binary_file(binary))
         } else {
-            Ok(None)
+            Err(RustupError::ToolchainNotInstalled(toolchain_name.to_string()).into())
         }
     }
 
-    pub(crate) fn which_binary(&self, path: &Path, binary: &str) -> Result<Option<PathBuf>> {
+    pub(crate) fn which_binary(&self, path: &Path, binary: &str) -> Result<PathBuf> {
         let (toolchain, _) = self.find_or_install_override_toolchain_or_default(path)?;
-        Ok(Some(toolchain.binary_file(binary)))
+        Ok(toolchain.binary_file(binary))
     }
 
     pub(crate) fn upgrade_data(&self) -> Result<()> {
@@ -1003,11 +999,13 @@ impl Cfg {
     }
 
     pub(crate) fn resolve_toolchain(&self, name: &str) -> Result<String> {
-        if let Ok(desc) = dist::PartialToolchainDesc::from_str(name) {
+        // remove trailing slashes in toolchain name
+        let normalized_name = name.trim_end_matches('/');
+        if let Ok(desc) = dist::PartialToolchainDesc::from_str(normalized_name) {
             let host = self.get_default_host_triple()?;
             Ok(desc.resolve(&host)?.to_string())
         } else {
-            Ok(name.to_owned())
+            Ok(normalized_name.to_owned())
         }
     }
 }
diff --git a/src/dist/signatures.rs b/src/dist/signatures.rs
@@ -4,38 +4,83 @@
 
 use std::io::Read;
 
-use anyhow::{Context, Result};
-use pgp::types::KeyTrait;
-use pgp::{Deserializable, StandaloneSignature};
+use anyhow::Result;
+
+use sequoia_openpgp::{
+    parse::{stream::*, Parse},
+    policy, Cert, KeyHandle,
+};
 
 use crate::config::PgpPublicKey;
 
-pub(crate) fn verify_signature<T: Read>(
-    mut content: T,
+/// Returns the index of the cert in `certs` that verifies a
+/// signature.
+///
+/// Ignores any signatures that are bad for any reason.  If no
+/// signature could be verified, returns `None`.
+// XXX: This is a bit of an odd policy.  Shouldn't we fail if we
+// encounter a single bad signature (bad as in checksum doesn't check
+// out, not bad as in we don't have the key)?
+pub(crate) fn verify_signature<T: Read + Send + Sync>(
+    content: T,
     signature: &str,
-    keys: &[PgpPublicKey],
+    certs: &[PgpPublicKey],
 ) -> Result<Option<usize>> {
-    let mut content_buf = Vec::new();
-    content.read_to_end(&mut content_buf)?;
-    let (signatures, _) =
-        StandaloneSignature::from_string_many(signature).context("error verifying signature")?;
-
-    for signature in signatures {
-        let signature = signature.context("error verifying signature")?;
-
-        for (idx, key) in keys.iter().enumerate() {
-            let actual_key = key.key();
-            if actual_key.is_signing_key() && signature.verify(actual_key, &content_buf).is_ok() {
-                return Ok(Some(idx));
-            }
+    let p = policy::StandardPolicy::new();
+    let helper = Helper::new(certs);
+    let mut v = DetachedVerifierBuilder::from_reader(signature.as_bytes())?
+        .with_policy(&p, None, helper)?;
+    v.verify_reader(content)?;
+    Ok(v.into_helper().index)
+}
+
+struct Helper<'a> {
+    certs: &'a [PgpPublicKey],
+    // The index of the cert in certs that successfully verified a
+    // signature.
+    index: Option<usize>,
+}
+
+impl<'a> Helper<'a> {
+    fn new(certs: &'a [PgpPublicKey]) -> Self {
+        Helper { certs, index: None }
+    }
+}
+
+impl VerificationHelper for Helper<'_> {
+    fn get_certs(&mut self, _: &[KeyHandle]) -> anyhow::Result<Vec<Cert>> {
+        Ok(self.certs.iter().map(|c| c.cert().clone()).collect())
+    }
 
-            for sub_key in &actual_key.public_subkeys {
-                if sub_key.is_signing_key() && signature.verify(sub_key, &content_buf).is_ok() {
-                    return Ok(Some(idx));
+    fn check(&mut self, structure: MessageStructure<'_>) -> anyhow::Result<()> {
+        for layer in structure.into_iter() {
+            match layer {
+                MessageLayer::SignatureGroup { results } => {
+                    for result in results {
+                        match result {
+                            Ok(GoodChecksum { ka, .. }) => {
+                                // A good signature!  Find the index
+                                // of the singer key and return
+                                // success.
+                                self.index = self.certs.iter().position(|c| c.cert() == ka.cert());
+                                assert!(self.index.is_some());
+                                return Ok(());
+                            }
+                            _ => {
+                                // We ignore any errors.
+                            }
+                        }
+                    }
+                }
+                MessageLayer::Compression { .. } => {
+                    unreachable!("we're verifying detached signatures")
+                }
+                MessageLayer::Encryption { .. } => {
+                    unreachable!("we're verifying detached signatures")
                 }
             }
         }
-    }
 
-    Ok(None)
+        Ok(())
+    }
 }
diff --git a/src/errors.rs b/src/errors.rs
@@ -38,7 +38,7 @@ pub enum RustupError {
     #[error("unable to read the PGP key '{}'", .path.display())]
     InvalidPgpKey {
         path: PathBuf,
-        source: pgp::errors::Error,
+        source: anyhow::Error,
     },
     #[error("invalid toolchain name: '{0}'")]
     InvalidToolchainName(String),
diff --git a/tests/cli-misc.rs b/tests/cli-misc.rs
@@ -860,6 +860,36 @@ fn which() {
     });
 }
 
+#[test]
+fn which_asking_uninstalled_toolchain() {
+    setup(&|config| {
+        let path_1 = config.customdir.join("custom-1");
+        let path_1 = path_1.to_string_lossy();
+        expect_ok(
+            config,
+            &["rustup", "toolchain", "link", "custom-1", &path_1],
+        );
+        expect_ok(config, &["rustup", "default", "custom-1"]);
+        #[cfg(windows)]
+        expect_stdout_ok(
+            config,
+            &["rustup", "which", "rustc"],
+            "\\toolchains\\custom-1\\bin\\rustc",
+        );
+        #[cfg(not(windows))]
+        expect_stdout_ok(
+            config,
+            &["rustup", "which", "rustc"],
+            "/toolchains/custom-1/bin/rustc",
+        );
+        expect_err(
+            config,
+            &["rustup", "which", "--toolchain=nightly", "rustc"],
+            "toolchain 'nightly' is not installed",
+        );
+    });
+}
+
 #[test]
 fn override_by_toolchain_on_the_command_line() {
     setup(&|config| {
diff --git a/tests/cli-v2.rs b/tests/cli-v2.rs
diff --git a/tests/mock/dist.rs b/tests/mock/dist.rs
