Rebase to rpm 4.18.2 (https://rpm.org/wiki/Releases/4.18.2)
This commit is contained in:
parent
c608d7cdd7
commit
f42b172033
|
@ -56,3 +56,4 @@
|
||||||
/rpm-4.18.0-rc1.tar.bz2
|
/rpm-4.18.0-rc1.tar.bz2
|
||||||
/rpm-4.18.0.tar.bz2
|
/rpm-4.18.0.tar.bz2
|
||||||
/rpm-4.18.1.tar.bz2
|
/rpm-4.18.1.tar.bz2
|
||||||
|
/rpm-4.18.2.tar.bz2
|
||||||
|
|
|
@ -1,38 +1,6 @@
|
||||||
From e75ae70ef1a152dac9a066506cafd2bbf7b2565e Mon Sep 17 00:00:00 2001
|
diff -up rpm-4.18.2/configure.ac.orig rpm-4.18.2/configure.ac
|
||||||
Message-Id: <e75ae70ef1a152dac9a066506cafd2bbf7b2565e.1681989428.git.pmatilai@redhat.com>
|
--- rpm-4.18.2/configure.ac.orig 2023-11-13 13:18:27.694107699 +0100
|
||||||
From: "Neal H. Walfield" <neal@pep.foundation>
|
+++ rpm-4.18.2/configure.ac 2023-11-13 16:18:59.917784964 +0100
|
||||||
Date: Wed, 12 Apr 2023 17:56:19 +0200
|
|
||||||
Subject: [PATCH] Add pgpVerifySignature2() and pgpPrtParams2()
|
|
||||||
|
|
||||||
Add new functions pgpVerifySignature2() and pgpPrtParams2(), which are
|
|
||||||
like their earlier versions, but optionally return descriptive error
|
|
||||||
messages (in the case of failure) or lints (in the case of success).
|
|
||||||
Adjust tests accordingly.
|
|
||||||
|
|
||||||
This requires rpm-sequoia 1.4 or later.
|
|
||||||
|
|
||||||
See https://github.com/rpm-software-management/rpm-sequoia/issues/39
|
|
||||||
and
|
|
||||||
https://github.com/rpm-software-management/rpm/issues/2127#issuecomment-1482646398
|
|
||||||
|
|
||||||
Fixes #2483.
|
|
||||||
|
|
||||||
This is a backport of commit 87b9e0c28c3df3937f6676ee1b4164d6154dd9d3
|
|
||||||
---
|
|
||||||
configure.ac | 2 +-
|
|
||||||
include/rpm/rpmpgp.h | 23 +++++++++++++++++++++++
|
|
||||||
lib/rpmvs.c | 19 ++++++++++++++++---
|
|
||||||
rpmio/rpmkeyring.c | 7 ++++++-
|
|
||||||
rpmio/rpmpgp_internal.c | 15 +++++++++++++++
|
|
||||||
rpmio/rpmpgp_sequoia.c | 7 +++++++
|
|
||||||
tests/rpmi.at | 10 ++++++++--
|
|
||||||
tests/rpmsigdig.at | 20 +++++++++++++++++---
|
|
||||||
9 files changed, 95 insertions(+), 10 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/configure.ac b/configure.ac
|
|
||||||
index e6676c581..1d173e4e2 100644
|
|
||||||
--- a/configure.ac
|
|
||||||
+++ b/configure.ac
|
|
||||||
@@ -384,7 +384,7 @@ AC_SUBST(WITH_LIBGCRYPT_LIB)
|
@@ -384,7 +384,7 @@ AC_SUBST(WITH_LIBGCRYPT_LIB)
|
||||||
WITH_RPM_SEQUOIA_INCLUDE=
|
WITH_RPM_SEQUOIA_INCLUDE=
|
||||||
WITH_RPM_SEQUOIA_LIB=
|
WITH_RPM_SEQUOIA_LIB=
|
||||||
|
@ -42,15 +10,13 @@ index e6676c581..1d173e4e2 100644
|
||||||
if test "$have_rpm_sequoia" = "yes"; then
|
if test "$have_rpm_sequoia" = "yes"; then
|
||||||
WITH_RPM_SEQUOIA_INCLUDE="$RPM_SEQUOIA_CFLAGS"
|
WITH_RPM_SEQUOIA_INCLUDE="$RPM_SEQUOIA_CFLAGS"
|
||||||
WITH_RPM_SEQUOIA_LIB="$RPM_SEQUOIA_LIBS"
|
WITH_RPM_SEQUOIA_LIB="$RPM_SEQUOIA_LIBS"
|
||||||
diff --git a/include/rpm/rpmpgp.h b/include/rpm/rpmpgp.h
|
diff -up rpm-4.18.2/include/rpm/rpmpgp.h.orig rpm-4.18.2/include/rpm/rpmpgp.h
|
||||||
index a3238a643..3352129b8 100644
|
--- rpm-4.18.2/include/rpm/rpmpgp.h.orig 2023-11-13 13:18:27.697107681 +0100
|
||||||
--- a/include/rpm/rpmpgp.h
|
+++ rpm-4.18.2/include/rpm/rpmpgp.h 2023-11-13 16:18:59.918784958 +0100
|
||||||
+++ b/include/rpm/rpmpgp.h
|
@@ -1014,6 +1014,18 @@ int pgpPrtParams(const uint8_t *pkts, si
|
||||||
@@ -1013,6 +1013,18 @@ int pgpPubkeyKeyID(const uint8_t * pkt, size_t pktlen, pgpKeyID_t keyid);
|
|
||||||
int pgpPrtParams(const uint8_t *pkts, size_t pktlen, unsigned int pkttype,
|
|
||||||
pgpDigParams * ret);
|
pgpDigParams * ret);
|
||||||
|
|
||||||
+/** \ingroup rpmpgp
|
/** \ingroup rpmpgp
|
||||||
+ * Parse a OpenPGP packet(s).
|
+ * Parse a OpenPGP packet(s).
|
||||||
+ * @param pkts OpenPGP packet(s)
|
+ * @param pkts OpenPGP packet(s)
|
||||||
+ * @param pktlen OpenPGP packet(s) length (no. of bytes)
|
+ * @param pktlen OpenPGP packet(s) length (no. of bytes)
|
||||||
|
@ -62,14 +28,14 @@ index a3238a643..3352129b8 100644
|
||||||
+int pgpPrtParams2(const uint8_t *pkts, size_t pktlen, unsigned int pkttype,
|
+int pgpPrtParams2(const uint8_t *pkts, size_t pktlen, unsigned int pkttype,
|
||||||
+ pgpDigParams * ret, char **lints);
|
+ pgpDigParams * ret, char **lints);
|
||||||
+
|
+
|
||||||
/** \ingroup rpmpgp
|
+/** \ingroup rpmpgp
|
||||||
* Parse subkey parameters from OpenPGP packet(s).
|
* Parse subkey parameters from OpenPGP packet(s).
|
||||||
* @param pkts OpenPGP packet(s)
|
* @param pkts OpenPGP packet(s)
|
||||||
@@ -1191,6 +1203,17 @@ const uint8_t *pgpDigParamsSignID(pgpDigParams digp);
|
* @param pktlen OpenPGP packet(s) length (no. of bytes)
|
||||||
*/
|
@@ -1192,6 +1204,17 @@ const uint8_t *pgpDigParamsSignID(pgpDig
|
||||||
const char *pgpDigParamsUserID(pgpDigParams digp);
|
const char *pgpDigParamsUserID(pgpDigParams digp);
|
||||||
|
|
||||||
+/** \ingroup rpmpgp
|
/** \ingroup rpmpgp
|
||||||
+ * Verify a PGP signature and return a error message or lint.
|
+ * Verify a PGP signature and return a error message or lint.
|
||||||
+ * @param key public key
|
+ * @param key public key
|
||||||
+ * @param sig signature
|
+ * @param sig signature
|
||||||
|
@ -80,14 +46,14 @@ index a3238a643..3352129b8 100644
|
||||||
+rpmRC pgpVerifySignature2(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx,
|
+rpmRC pgpVerifySignature2(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx,
|
||||||
+ char **lints);
|
+ char **lints);
|
||||||
+
|
+
|
||||||
/** \ingroup rpmpgp
|
+/** \ingroup rpmpgp
|
||||||
* Retrieve the object's version.
|
* Retrieve the object's version.
|
||||||
*
|
*
|
||||||
diff --git a/lib/rpmvs.c b/lib/rpmvs.c
|
* Returns the object's version.
|
||||||
index a1425ea17..9b2106927 100644
|
diff -up rpm-4.18.2/lib/rpmvs.c.orig rpm-4.18.2/lib/rpmvs.c
|
||||||
--- a/lib/rpmvs.c
|
--- rpm-4.18.2/lib/rpmvs.c.orig 2023-11-13 13:18:27.703107645 +0100
|
||||||
+++ b/lib/rpmvs.c
|
+++ rpm-4.18.2/lib/rpmvs.c 2023-11-13 16:18:59.918784958 +0100
|
||||||
@@ -193,10 +193,23 @@ static void rpmsinfoInit(const struct vfyinfo_s *vinfo,
|
@@ -193,10 +193,23 @@ static void rpmsinfoInit(const struct vf
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sinfo->type == RPMSIG_SIGNATURE_TYPE) {
|
if (sinfo->type == RPMSIG_SIGNATURE_TYPE) {
|
||||||
|
@ -114,11 +80,10 @@ index a1425ea17..9b2106927 100644
|
||||||
}
|
}
|
||||||
sinfo->hashalgo = pgpDigParamsAlgo(sinfo->sig, PGPVAL_HASHALGO);
|
sinfo->hashalgo = pgpDigParamsAlgo(sinfo->sig, PGPVAL_HASHALGO);
|
||||||
sinfo->keyid = pgpGrab(pgpDigParamsSignID(sinfo->sig)+4, 4);
|
sinfo->keyid = pgpGrab(pgpDigParamsSignID(sinfo->sig)+4, 4);
|
||||||
diff --git a/rpmio/rpmkeyring.c b/rpmio/rpmkeyring.c
|
diff -up rpm-4.18.2/rpmio/rpmkeyring.c.orig rpm-4.18.2/rpmio/rpmkeyring.c
|
||||||
index db72892d9..712004bc8 100644
|
--- rpm-4.18.2/rpmio/rpmkeyring.c.orig 2023-11-13 13:18:27.719107550 +0100
|
||||||
--- a/rpmio/rpmkeyring.c
|
+++ rpm-4.18.2/rpmio/rpmkeyring.c 2023-11-13 16:18:59.919784952 +0100
|
||||||
+++ b/rpmio/rpmkeyring.c
|
@@ -328,7 +328,12 @@ rpmRC rpmKeyringVerifySig(rpmKeyring key
|
||||||
@@ -328,7 +328,12 @@ rpmRC rpmKeyringVerifySig(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX ctx)
|
|
||||||
pgpkey = key->pgpkey;
|
pgpkey = key->pgpkey;
|
||||||
|
|
||||||
/* We call verify even if key not found for a signature sanity check */
|
/* We call verify even if key not found for a signature sanity check */
|
||||||
|
@ -132,11 +97,10 @@ index db72892d9..712004bc8 100644
|
||||||
}
|
}
|
||||||
|
|
||||||
if (keyring)
|
if (keyring)
|
||||||
diff --git a/rpmio/rpmpgp_internal.c b/rpmio/rpmpgp_internal.c
|
diff -up rpm-4.18.2/rpmio/rpmpgp_internal.c.orig rpm-4.18.2/rpmio/rpmpgp_internal.c
|
||||||
index 0fcd220e4..a049c09b2 100644
|
--- rpm-4.18.2/rpmio/rpmpgp_internal.c.orig 2023-11-13 13:18:27.719107550 +0100
|
||||||
--- a/rpmio/rpmpgp_internal.c
|
+++ rpm-4.18.2/rpmio/rpmpgp_internal.c 2023-11-13 16:18:59.919784952 +0100
|
||||||
+++ b/rpmio/rpmpgp_internal.c
|
@@ -1095,6 +1095,14 @@ int pgpPrtParams(const uint8_t * pkts, s
|
||||||
@@ -1095,6 +1095,14 @@ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
|
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -151,7 +115,7 @@ index 0fcd220e4..a049c09b2 100644
|
||||||
int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen,
|
int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen,
|
||||||
pgpDigParams mainkey, pgpDigParams **subkeys,
|
pgpDigParams mainkey, pgpDigParams **subkeys,
|
||||||
int *subkeysCount)
|
int *subkeysCount)
|
||||||
@@ -1264,6 +1272,13 @@ rpmRC pgpVerifySig(pgpDig dig, DIGEST_CTX hashctx)
|
@@ -1264,6 +1272,13 @@ rpmRC pgpVerifySig(pgpDig dig, DIGEST_CT
|
||||||
pgpDigGetParams(dig, PGPTAG_SIGNATURE), hashctx);
|
pgpDigGetParams(dig, PGPTAG_SIGNATURE), hashctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -165,11 +129,10 @@ index 0fcd220e4..a049c09b2 100644
|
||||||
static pgpArmor decodePkts(uint8_t *b, uint8_t **pkt, size_t *pktlen)
|
static pgpArmor decodePkts(uint8_t *b, uint8_t **pkt, size_t *pktlen)
|
||||||
{
|
{
|
||||||
const char * enc = NULL;
|
const char * enc = NULL;
|
||||||
diff --git a/rpmio/rpmpgp_sequoia.c b/rpmio/rpmpgp_sequoia.c
|
diff -up rpm-4.18.2/rpmio/rpmpgp_sequoia.c.orig rpm-4.18.2/rpmio/rpmpgp_sequoia.c
|
||||||
index e01acd0e9..2141bbf30 100644
|
--- rpm-4.18.2/rpmio/rpmpgp_sequoia.c.orig 2023-11-13 13:18:27.719107550 +0100
|
||||||
--- a/rpmio/rpmpgp_sequoia.c
|
+++ rpm-4.18.2/rpmio/rpmpgp_sequoia.c 2023-11-13 16:18:59.919784952 +0100
|
||||||
+++ b/rpmio/rpmpgp_sequoia.c
|
@@ -36,6 +36,9 @@ W(uint32_t, pgpDigParamsCreationTime, (p
|
||||||
@@ -36,6 +36,9 @@ W(uint32_t, pgpDigParamsCreationTime, (pgpDigParams digp), (digp))
|
|
||||||
W(rpmRC, pgpVerifySignature,
|
W(rpmRC, pgpVerifySignature,
|
||||||
(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx),
|
(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx),
|
||||||
(key, sig, hashctx))
|
(key, sig, hashctx))
|
||||||
|
@ -190,20 +153,19 @@ index e01acd0e9..2141bbf30 100644
|
||||||
W(int, pgpPrtParamsSubkeys,
|
W(int, pgpPrtParamsSubkeys,
|
||||||
(const uint8_t *pkts, size_t pktlen,
|
(const uint8_t *pkts, size_t pktlen,
|
||||||
pgpDigParams mainkey, pgpDigParams **subkeys,
|
pgpDigParams mainkey, pgpDigParams **subkeys,
|
||||||
diff --git a/tests/rpmi.at b/tests/rpmi.at
|
diff -up rpm-4.18.2/tests/rpmi.at.orig rpm-4.18.2/tests/rpmi.at
|
||||||
index 7c8f25eff..d67185d5b 100644
|
--- rpm-4.18.2/tests/rpmi.at.orig 2023-11-13 13:18:27.721107538 +0100
|
||||||
--- a/tests/rpmi.at
|
+++ rpm-4.18.2/tests/rpmi.at 2023-11-13 16:21:40.657790792 +0100
|
||||||
+++ b/tests/rpmi.at
|
@@ -254,7 +254,7 @@ RPMTEST_CLEANUP
|
||||||
@@ -254,7 +254,7 @@ AT_CLEANUP
|
|
||||||
|
|
||||||
AT_SETUP([rpm -U <corrupted signed 1>])
|
AT_SETUP([rpm -U <corrupted signed 1>])
|
||||||
AT_KEYWORDS([install])
|
AT_KEYWORDS([install])
|
||||||
-AT_CHECK([
|
-RPMTEST_CHECK([
|
||||||
+AT_CHECK_UNQUOTED([
|
+RPMTEST_CHECK_UNQUOTED([
|
||||||
RPMDB_INIT
|
RPMDB_INIT
|
||||||
|
|
||||||
pkg="hello-2.0-1.x86_64-signed.rpm"
|
pkg="hello-2.0-1.x86_64-signed.rpm"
|
||||||
@@ -267,7 +267,13 @@ runroot rpm -U --ignorearch --ignoreos --nodeps \
|
@@ -267,7 +267,13 @@ runroot rpm -U --ignorearch --ignoreos -
|
||||||
],
|
],
|
||||||
[1],
|
[1],
|
||||||
[],
|
[],
|
||||||
|
@ -217,17 +179,16 @@ index 7c8f25eff..d67185d5b 100644
|
||||||
+fi`
|
+fi`
|
||||||
error: /tmp/hello-2.0-1.x86_64-signed.rpm cannot be installed
|
error: /tmp/hello-2.0-1.x86_64-signed.rpm cannot be installed
|
||||||
])
|
])
|
||||||
AT_CLEANUP
|
RPMTEST_CLEANUP
|
||||||
diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
|
diff -up rpm-4.18.2/tests/rpmsigdig.at.orig rpm-4.18.2/tests/rpmsigdig.at
|
||||||
index 5b1c6c4a6..e5482735a 100644
|
--- rpm-4.18.2/tests/rpmsigdig.at.orig 2023-11-13 13:18:27.722107532 +0100
|
||||||
--- a/tests/rpmsigdig.at
|
+++ rpm-4.18.2/tests/rpmsigdig.at 2023-11-13 16:21:03.842018500 +0100
|
||||||
+++ b/tests/rpmsigdig.at
|
@@ -539,7 +539,7 @@ RPMTEST_CLEANUP
|
||||||
@@ -539,7 +539,7 @@ AT_CLEANUP
|
|
||||||
# Test pre-built corrupted package verification (corrupted signature)
|
# Test pre-built corrupted package verification (corrupted signature)
|
||||||
AT_SETUP([rpmkeys -Kv <corrupted signed> 1])
|
AT_SETUP([rpmkeys -Kv <corrupted signed> 1])
|
||||||
AT_KEYWORDS([rpmkeys digest signature])
|
AT_KEYWORDS([rpmkeys digest signature])
|
||||||
-AT_CHECK([
|
-RPMTEST_CHECK([
|
||||||
+AT_CHECK_UNQUOTED([
|
+RPMTEST_CHECK_UNQUOTED([
|
||||||
RPMDB_INIT
|
RPMDB_INIT
|
||||||
|
|
||||||
pkg="hello-2.0-1.x86_64-signed.rpm"
|
pkg="hello-2.0-1.x86_64-signed.rpm"
|
||||||
|
@ -262,6 +223,3 @@ index 5b1c6c4a6..e5482735a 100644
|
||||||
Header SHA256 digest: OK
|
Header SHA256 digest: OK
|
||||||
Header SHA1 digest: OK
|
Header SHA1 digest: OK
|
||||||
Payload SHA256 digest: OK
|
Payload SHA256 digest: OK
|
||||||
--
|
|
||||||
2.40.0
|
|
||||||
|
|
9
rpm.spec
9
rpm.spec
|
@ -30,9 +30,9 @@
|
||||||
|
|
||||||
%define rpmhome /usr/lib/rpm
|
%define rpmhome /usr/lib/rpm
|
||||||
|
|
||||||
%global rpmver 4.18.1
|
%global rpmver 4.18.2
|
||||||
#global snapver rc1
|
#global snapver rc1
|
||||||
%global baserelease 3
|
%global baserelease 1
|
||||||
%global sover 9
|
%global sover 9
|
||||||
|
|
||||||
%global srcver %{rpmver}%{?snapver:-%{snapver}}
|
%global srcver %{rpmver}%{?snapver:-%{snapver}}
|
||||||
|
@ -134,7 +134,7 @@ rpm-4.18.x-siteconfig.patch
|
||||||
rpm-4.9.90-no-man-dirs.patch
|
rpm-4.9.90-no-man-dirs.patch
|
||||||
|
|
||||||
# Patches already upstream:
|
# Patches already upstream:
|
||||||
0001-Add-pgpVerifySignature2-and-pgpPrtParams2.patch
|
rpm-4.18.x-add-pgpVerifySignature2-and-pgpPrtParams2.patch
|
||||||
|
|
||||||
# These are not yet upstream
|
# These are not yet upstream
|
||||||
rpm-4.7.1-geode-i686.patch
|
rpm-4.7.1-geode-i686.patch
|
||||||
|
@ -618,6 +618,9 @@ fi
|
||||||
%doc docs/librpm/html/*
|
%doc docs/librpm/html/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Nov 13 2023 Michal Domonkos <mdomonko@redhat.com> - 4.18.2-1
|
||||||
|
- Rebase to rpm 4.18.2 (https://rpm.org/wiki/Releases/4.18.2)
|
||||||
|
|
||||||
* Tue Apr 25 2023 Miro Hrončok <mhroncok@redhat.com> - 4.18.1-3
|
* Tue Apr 25 2023 Miro Hrončok <mhroncok@redhat.com> - 4.18.1-3
|
||||||
- Explicitly require rpm-sequoia >= 1.4.0 on runtime to avoid
|
- Explicitly require rpm-sequoia >= 1.4.0 on runtime to avoid
|
||||||
rpm: symbol lookup error: /lib64/librpmio.so.9: undefined symbol: _pgpVerifySignature2
|
rpm: symbol lookup error: /lib64/librpmio.so.9: undefined symbol: _pgpVerifySignature2
|
||||||
|
|
2
sources
2
sources
|
@ -1 +1 @@
|
||||||
SHA512 (rpm-4.18.1.tar.bz2) = 0ede2138b9b4c3b50d7e914cf82655507fcc207ba67804c749ea17560002976cb26b95801e9138a51589b60459494a991213a1131dbef5af2eca9b5050a4f29c
|
SHA512 (rpm-4.18.2.tar.bz2) = 1544efef04190299ac988f52c4f6e58ba9ff8943fe1f3e1353fb2bf4d73248935dac65a8a73b32c5d2d96f6875ce25c5196a78ed645d9504465cf1e89e0a268a
|
||||||
|
|
Loading…
Reference in New Issue