From f42b1720336d891c006a67b006e98b277f1cff2d Mon Sep 17 00:00:00 2001
From: Michal Domonkos <mdomonko@redhat.com>
Date: Mon, 13 Nov 2023 16:17:20 +0100
Subject: [PATCH] Rebase to rpm 4.18.2 (https://rpm.org/wiki/Releases/4.18.2)

---
 .gitignore                                    |   1 +
 ...gpVerifySignature2-and-pgpPrtParams2.patch | 132 ++++++------------
 rpm.spec                                      |   9 +-
 sources                                       |   2 +-
 4 files changed, 53 insertions(+), 91 deletions(-)
 rename 0001-Add-pgpVerifySignature2-and-pgpPrtParams2.patch => rpm-4.18.x-add-pgpVerifySignature2-and-pgpPrtParams2.patch (68%)

diff --git a/.gitignore b/.gitignore
index 41a57b5..87a2062 100644
--- a/.gitignore
+++ b/.gitignore
@@ -56,3 +56,4 @@
 /rpm-4.18.0-rc1.tar.bz2
 /rpm-4.18.0.tar.bz2
 /rpm-4.18.1.tar.bz2
+/rpm-4.18.2.tar.bz2
diff --git a/0001-Add-pgpVerifySignature2-and-pgpPrtParams2.patch b/rpm-4.18.x-add-pgpVerifySignature2-and-pgpPrtParams2.patch
similarity index 68%
rename from 0001-Add-pgpVerifySignature2-and-pgpPrtParams2.patch
rename to rpm-4.18.x-add-pgpVerifySignature2-and-pgpPrtParams2.patch
index b00d377..d69bf52 100644
--- a/0001-Add-pgpVerifySignature2-and-pgpPrtParams2.patch
+++ b/rpm-4.18.x-add-pgpVerifySignature2-and-pgpPrtParams2.patch
@@ -1,38 +1,6 @@
-From e75ae70ef1a152dac9a066506cafd2bbf7b2565e Mon Sep 17 00:00:00 2001
-Message-Id: <e75ae70ef1a152dac9a066506cafd2bbf7b2565e.1681989428.git.pmatilai@redhat.com>
-From: "Neal H. Walfield" <neal@pep.foundation>
-Date: Wed, 12 Apr 2023 17:56:19 +0200
-Subject: [PATCH] Add pgpVerifySignature2() and pgpPrtParams2()
-
-Add new functions pgpVerifySignature2() and pgpPrtParams2(), which are
-like their earlier versions, but optionally return descriptive error
-messages (in the case of failure) or lints (in the case of success).
-Adjust tests accordingly.
-
-This requires rpm-sequoia 1.4 or later.
-
-See https://github.com/rpm-software-management/rpm-sequoia/issues/39
-and
-https://github.com/rpm-software-management/rpm/issues/2127#issuecomment-1482646398
-
-Fixes #2483.
-
-This is a backport of commit 87b9e0c28c3df3937f6676ee1b4164d6154dd9d3
----
- configure.ac            |  2 +-
- include/rpm/rpmpgp.h    | 23 +++++++++++++++++++++++
- lib/rpmvs.c             | 19 ++++++++++++++++---
- rpmio/rpmkeyring.c      |  7 ++++++-
- rpmio/rpmpgp_internal.c | 15 +++++++++++++++
- rpmio/rpmpgp_sequoia.c  |  7 +++++++
- tests/rpmi.at           | 10 ++++++++--
- tests/rpmsigdig.at      | 20 +++++++++++++++++---
- 9 files changed, 95 insertions(+), 10 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index e6676c581..1d173e4e2 100644
---- a/configure.ac
-+++ b/configure.ac
+diff -up rpm-4.18.2/configure.ac.orig rpm-4.18.2/configure.ac
+--- rpm-4.18.2/configure.ac.orig	2023-11-13 13:18:27.694107699 +0100
++++ rpm-4.18.2/configure.ac	2023-11-13 16:18:59.917784964 +0100
 @@ -384,7 +384,7 @@ AC_SUBST(WITH_LIBGCRYPT_LIB)
  WITH_RPM_SEQUOIA_INCLUDE=
  WITH_RPM_SEQUOIA_LIB=
@@ -42,15 +10,13 @@ index e6676c581..1d173e4e2 100644
    if test "$have_rpm_sequoia" = "yes"; then
       WITH_RPM_SEQUOIA_INCLUDE="$RPM_SEQUOIA_CFLAGS"
       WITH_RPM_SEQUOIA_LIB="$RPM_SEQUOIA_LIBS"
-diff --git a/include/rpm/rpmpgp.h b/include/rpm/rpmpgp.h
-index a3238a643..3352129b8 100644
---- a/include/rpm/rpmpgp.h
-+++ b/include/rpm/rpmpgp.h
-@@ -1013,6 +1013,18 @@ int pgpPubkeyKeyID(const uint8_t * pkt, size_t pktlen, pgpKeyID_t keyid);
- int pgpPrtParams(const uint8_t *pkts, size_t pktlen, unsigned int pkttype,
+diff -up rpm-4.18.2/include/rpm/rpmpgp.h.orig rpm-4.18.2/include/rpm/rpmpgp.h
+--- rpm-4.18.2/include/rpm/rpmpgp.h.orig	2023-11-13 13:18:27.697107681 +0100
++++ rpm-4.18.2/include/rpm/rpmpgp.h	2023-11-13 16:18:59.918784958 +0100
+@@ -1014,6 +1014,18 @@ int pgpPrtParams(const uint8_t *pkts, si
  		 pgpDigParams * ret);
  
-+/** \ingroup rpmpgp
+ /** \ingroup rpmpgp
 + * Parse a OpenPGP packet(s).
 + * @param pkts		OpenPGP packet(s)
 + * @param pktlen	OpenPGP packet(s) length (no. of bytes)
@@ -62,14 +28,14 @@ index a3238a643..3352129b8 100644
 +int pgpPrtParams2(const uint8_t *pkts, size_t pktlen, unsigned int pkttype,
 +		 pgpDigParams * ret, char **lints);
 +
- /** \ingroup rpmpgp
++/** \ingroup rpmpgp
   * Parse subkey parameters from OpenPGP packet(s).
   * @param pkts		OpenPGP packet(s)
-@@ -1191,6 +1203,17 @@ const uint8_t *pgpDigParamsSignID(pgpDigParams digp);
-  */
+  * @param pktlen	OpenPGP packet(s) length (no. of bytes)
+@@ -1192,6 +1204,17 @@ const uint8_t *pgpDigParamsSignID(pgpDig
  const char *pgpDigParamsUserID(pgpDigParams digp);
  
-+/** \ingroup rpmpgp
+ /** \ingroup rpmpgp
 + * Verify a PGP signature and return a error message or lint.
 + * @param key		public key
 + * @param sig		signature
@@ -80,14 +46,14 @@ index a3238a643..3352129b8 100644
 +rpmRC pgpVerifySignature2(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx,
 +                          char **lints);
 +
- /** \ingroup rpmpgp
++/** \ingroup rpmpgp
   * Retrieve the object's version.
   *
-diff --git a/lib/rpmvs.c b/lib/rpmvs.c
-index a1425ea17..9b2106927 100644
---- a/lib/rpmvs.c
-+++ b/lib/rpmvs.c
-@@ -193,10 +193,23 @@ static void rpmsinfoInit(const struct vfyinfo_s *vinfo,
+  * Returns the object's version.
+diff -up rpm-4.18.2/lib/rpmvs.c.orig rpm-4.18.2/lib/rpmvs.c
+--- rpm-4.18.2/lib/rpmvs.c.orig	2023-11-13 13:18:27.703107645 +0100
++++ rpm-4.18.2/lib/rpmvs.c	2023-11-13 16:18:59.918784958 +0100
+@@ -193,10 +193,23 @@ static void rpmsinfoInit(const struct vf
      }
  
      if (sinfo->type == RPMSIG_SIGNATURE_TYPE) {
@@ -114,11 +80,10 @@ index a1425ea17..9b2106927 100644
  	}
  	sinfo->hashalgo = pgpDigParamsAlgo(sinfo->sig, PGPVAL_HASHALGO);
  	sinfo->keyid = pgpGrab(pgpDigParamsSignID(sinfo->sig)+4, 4);
-diff --git a/rpmio/rpmkeyring.c b/rpmio/rpmkeyring.c
-index db72892d9..712004bc8 100644
---- a/rpmio/rpmkeyring.c
-+++ b/rpmio/rpmkeyring.c
-@@ -328,7 +328,12 @@ rpmRC rpmKeyringVerifySig(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX ctx)
+diff -up rpm-4.18.2/rpmio/rpmkeyring.c.orig rpm-4.18.2/rpmio/rpmkeyring.c
+--- rpm-4.18.2/rpmio/rpmkeyring.c.orig	2023-11-13 13:18:27.719107550 +0100
++++ rpm-4.18.2/rpmio/rpmkeyring.c	2023-11-13 16:18:59.919784952 +0100
+@@ -328,7 +328,12 @@ rpmRC rpmKeyringVerifySig(rpmKeyring key
  	    pgpkey = key->pgpkey;
  
  	/* We call verify even if key not found for a signature sanity check */
@@ -132,11 +97,10 @@ index db72892d9..712004bc8 100644
      }
  
      if (keyring)
-diff --git a/rpmio/rpmpgp_internal.c b/rpmio/rpmpgp_internal.c
-index 0fcd220e4..a049c09b2 100644
---- a/rpmio/rpmpgp_internal.c
-+++ b/rpmio/rpmpgp_internal.c
-@@ -1095,6 +1095,14 @@ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
+diff -up rpm-4.18.2/rpmio/rpmpgp_internal.c.orig rpm-4.18.2/rpmio/rpmpgp_internal.c
+--- rpm-4.18.2/rpmio/rpmpgp_internal.c.orig	2023-11-13 13:18:27.719107550 +0100
++++ rpm-4.18.2/rpmio/rpmpgp_internal.c	2023-11-13 16:18:59.919784952 +0100
+@@ -1095,6 +1095,14 @@ int pgpPrtParams(const uint8_t * pkts, s
      return rc;
  }
  
@@ -151,7 +115,7 @@ index 0fcd220e4..a049c09b2 100644
  int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen,
  			pgpDigParams mainkey, pgpDigParams **subkeys,
  			int *subkeysCount)
-@@ -1264,6 +1272,13 @@ rpmRC pgpVerifySig(pgpDig dig, DIGEST_CTX hashctx)
+@@ -1264,6 +1272,13 @@ rpmRC pgpVerifySig(pgpDig dig, DIGEST_CT
  			      pgpDigGetParams(dig, PGPTAG_SIGNATURE), hashctx);
  }
  
@@ -165,11 +129,10 @@ index 0fcd220e4..a049c09b2 100644
  static pgpArmor decodePkts(uint8_t *b, uint8_t **pkt, size_t *pktlen)
  {
      const char * enc = NULL;
-diff --git a/rpmio/rpmpgp_sequoia.c b/rpmio/rpmpgp_sequoia.c
-index e01acd0e9..2141bbf30 100644
---- a/rpmio/rpmpgp_sequoia.c
-+++ b/rpmio/rpmpgp_sequoia.c
-@@ -36,6 +36,9 @@ W(uint32_t, pgpDigParamsCreationTime, (pgpDigParams digp), (digp))
+diff -up rpm-4.18.2/rpmio/rpmpgp_sequoia.c.orig rpm-4.18.2/rpmio/rpmpgp_sequoia.c
+--- rpm-4.18.2/rpmio/rpmpgp_sequoia.c.orig	2023-11-13 13:18:27.719107550 +0100
++++ rpm-4.18.2/rpmio/rpmpgp_sequoia.c	2023-11-13 16:18:59.919784952 +0100
+@@ -36,6 +36,9 @@ W(uint32_t, pgpDigParamsCreationTime, (p
  W(rpmRC, pgpVerifySignature,
    (pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx),
    (key, sig, hashctx))
@@ -190,20 +153,19 @@ index e01acd0e9..2141bbf30 100644
  W(int, pgpPrtParamsSubkeys,
    (const uint8_t *pkts, size_t pktlen,
     pgpDigParams mainkey, pgpDigParams **subkeys,
-diff --git a/tests/rpmi.at b/tests/rpmi.at
-index 7c8f25eff..d67185d5b 100644
---- a/tests/rpmi.at
-+++ b/tests/rpmi.at
-@@ -254,7 +254,7 @@ AT_CLEANUP
+diff -up rpm-4.18.2/tests/rpmi.at.orig rpm-4.18.2/tests/rpmi.at
+--- rpm-4.18.2/tests/rpmi.at.orig	2023-11-13 13:18:27.721107538 +0100
++++ rpm-4.18.2/tests/rpmi.at	2023-11-13 16:21:40.657790792 +0100
+@@ -254,7 +254,7 @@ RPMTEST_CLEANUP
  
  AT_SETUP([rpm -U <corrupted signed 1>])
  AT_KEYWORDS([install])
--AT_CHECK([
-+AT_CHECK_UNQUOTED([
+-RPMTEST_CHECK([
++RPMTEST_CHECK_UNQUOTED([
  RPMDB_INIT
  
  pkg="hello-2.0-1.x86_64-signed.rpm"
-@@ -267,7 +267,13 @@ runroot rpm -U --ignorearch --ignoreos --nodeps \
+@@ -267,7 +267,13 @@ runroot rpm -U --ignorearch --ignoreos -
  ],
  [1],
  [],
@@ -217,17 +179,16 @@ index 7c8f25eff..d67185d5b 100644
 +fi`
  error: /tmp/hello-2.0-1.x86_64-signed.rpm cannot be installed
  ])
- AT_CLEANUP
-diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
-index 5b1c6c4a6..e5482735a 100644
---- a/tests/rpmsigdig.at
-+++ b/tests/rpmsigdig.at
-@@ -539,7 +539,7 @@ AT_CLEANUP
+ RPMTEST_CLEANUP
+diff -up rpm-4.18.2/tests/rpmsigdig.at.orig rpm-4.18.2/tests/rpmsigdig.at
+--- rpm-4.18.2/tests/rpmsigdig.at.orig	2023-11-13 13:18:27.722107532 +0100
++++ rpm-4.18.2/tests/rpmsigdig.at	2023-11-13 16:21:03.842018500 +0100
+@@ -539,7 +539,7 @@ RPMTEST_CLEANUP
  # Test pre-built corrupted package verification (corrupted signature)
  AT_SETUP([rpmkeys -Kv <corrupted signed> 1])
  AT_KEYWORDS([rpmkeys digest signature])
--AT_CHECK([
-+AT_CHECK_UNQUOTED([
+-RPMTEST_CHECK([
++RPMTEST_CHECK_UNQUOTED([
  RPMDB_INIT
  
  pkg="hello-2.0-1.x86_64-signed.rpm"
@@ -262,6 +223,3 @@ index 5b1c6c4a6..e5482735a 100644
      Header SHA256 digest: OK
      Header SHA1 digest: OK
      Payload SHA256 digest: OK
--- 
-2.40.0
-
diff --git a/rpm.spec b/rpm.spec
index e650700..690e491 100644
--- a/rpm.spec
+++ b/rpm.spec
@@ -30,9 +30,9 @@
 
 %define rpmhome /usr/lib/rpm
 
-%global rpmver 4.18.1
+%global rpmver 4.18.2
 #global snapver rc1
-%global baserelease 3
+%global baserelease 1
 %global sover 9
 
 %global srcver %{rpmver}%{?snapver:-%{snapver}}
@@ -134,7 +134,7 @@ rpm-4.18.x-siteconfig.patch
 rpm-4.9.90-no-man-dirs.patch
 
 # Patches already upstream:
-0001-Add-pgpVerifySignature2-and-pgpPrtParams2.patch
+rpm-4.18.x-add-pgpVerifySignature2-and-pgpPrtParams2.patch
 
 # These are not yet upstream
 rpm-4.7.1-geode-i686.patch
@@ -618,6 +618,9 @@ fi
 %doc docs/librpm/html/*
 
 %changelog
+* Mon Nov 13 2023 Michal Domonkos <mdomonko@redhat.com> - 4.18.2-1
+- Rebase to rpm 4.18.2 (https://rpm.org/wiki/Releases/4.18.2)
+
 * Tue Apr 25 2023 Miro Hrončok <mhroncok@redhat.com> - 4.18.1-3
 - Explicitly require rpm-sequoia >= 1.4.0 on runtime to avoid
   rpm: symbol lookup error: /lib64/librpmio.so.9: undefined symbol: _pgpVerifySignature2
diff --git a/sources b/sources
index fee455b..7992bed 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (rpm-4.18.1.tar.bz2) = 0ede2138b9b4c3b50d7e914cf82655507fcc207ba67804c749ea17560002976cb26b95801e9138a51589b60459494a991213a1131dbef5af2eca9b5050a4f29c
+SHA512 (rpm-4.18.2.tar.bz2) = 1544efef04190299ac988f52c4f6e58ba9ff8943fe1f3e1353fb2bf4d73248935dac65a8a73b32c5d2d96f6875ce25c5196a78ed645d9504465cf1e89e0a268a