From 8c4e95fc2616dc864293e14062995185d02efb86 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Mon, 3 May 2021 12:52:09 +0200 Subject: [PATCH] - merged PLD changes --- poldek-rsa_sig_rpmorg.patch | 12 ++++++++++++ poldek.spec | 11 ++++++++--- verify-signature.patch | 16 ++++++++++++++++ 3 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 poldek-rsa_sig_rpmorg.patch create mode 100644 verify-signature.patch diff --git a/poldek-rsa_sig_rpmorg.patch b/poldek-rsa_sig_rpmorg.patch new file mode 100644 index 0000000..cc1701e --- /dev/null +++ b/poldek-rsa_sig_rpmorg.patch @@ -0,0 +1,12 @@ +--- poldek-0.42.2/pm/rpmorg/signature.c.orig 2021-04-17 12:56:41.167478071 +0200 ++++ poldek-0.42.2/pm/rpmorg/signature.c 2021-04-17 12:56:12.007632757 +0200 +@@ -99,6 +99,9 @@ + + switch (td.tag) { + case RPMSIGTAG_RSA: ++ flags |= PKGVERIFY_PGP; ++ flags |= PKGVERIFY_GPG; ++ break; + case RPMSIGTAG_PGP5: /* XXX legacy */ + case RPMSIGTAG_PGP: + flags |= PKGVERIFY_PGP; diff --git a/poldek.spec b/poldek.spec index b6454f4..ee551c3 100644 --- a/poldek.spec +++ b/poldek.spec @@ -19,7 +19,7 @@ Summary(hu.UTF-8): RPM csomagkezelést segítő eszköz Summary(pl.UTF-8): Pomocnicze narzędzie do zarządzania pakietami RPM Name: poldek Version: 0.42.2 -Release: 6 +Release: 7 License: GPL v2 Group: Applications/System #Source0: http://poldek.pld-linux.org/download/snapshots/%{name}-%{version}-cvs%{snap}.tar.bz2 @@ -49,6 +49,8 @@ Patch12: rpm4-rpmvercmp.patch Patch13: trurlib-shared.patch Patch14: rpm4-script-req-workaround.patch Patch15: skip-buildid-obsoletes.patch +Patch16: verify-signature.patch +Patch17: %{name}-rsa_sig_rpmorg.patch URL: http://poldek.pld-linux.org/ BuildRequires: %{db_pkg}-devel >= %{ver_db} BuildRequires: autoconf >= 2.63 @@ -61,6 +63,7 @@ BuildRequires: gettext-tools >= 0.11.5 BuildRequires: libgomp-devel BuildRequires: libtool BuildRequires: libxml2-devel >= 2 +BuildRequires: lua54-devel BuildRequires: ncurses-devel BuildRequires: openssl-devel >= 0.9.7d BuildRequires: pcre-devel @@ -235,6 +238,8 @@ cd trurlib cd .. %patch14 -p1 %patch15 -p1 +%patch16 -p1 +%patch17 -p1 %{__rm} doc/poldek.info %{__rm} m4/libtool.m4 m4/lt*.m4 @@ -299,7 +304,7 @@ install -p %{SOURCE4} $RPM_BUILD_ROOT%{_bindir}/poldek-config %{?with_static:%{__rm} $RPM_BUILD_ROOT%{_bindir}/rpmvercmp} -%ifarch i686 aarch64 +%ifarch i686 aarch64 %{arm} %define ftp_arch %{_target_cpu} %endif %ifarch %{x8664} @@ -310,7 +315,7 @@ install -p %{SOURCE4} $RPM_BUILD_ROOT%{_bindir}/poldek-config %define tld_conf %{SOURCE1} %ifarch %{x8664} - %define tld_multilib_conf %{SOURCE2} + %define tld_multilib_conf %{SOURCE2} %endif %define tld_debuginfo_conf %{SOURCE3} diff --git a/verify-signature.patch b/verify-signature.patch new file mode 100644 index 0000000..f676de8 --- /dev/null +++ b/verify-signature.patch @@ -0,0 +1,16 @@ +diff -up poldek-0.42.2/pkgfetch.c._orig poldek-0.42.2/pkgfetch.c +diff -up poldek-0.42.2/pm/rpmorg/signature.c._orig poldek-0.42.2/pm/rpmorg/signature.c +--- poldek-0.42.2/pm/rpmorg/signature.c._orig 2021-03-19 15:02:55.589828096 +0100 ++++ poldek-0.42.2/pm/rpmorg/signature.c 2021-03-20 18:02:34.286105414 +0100 +@@ -177,6 +177,11 @@ static int do_verify_signature(const cha + if (fdt != NULL && Ferror(fdt) == 0) { + ts = rpmtsCreate(); + rpmtsSetVfyFlags(ts, vfyflags); ++ if ((flags & (PKGVERIFY_PGP | PKGVERIFY_GPG)) == 0) { ++ int vfylevel = rpmtsVfyLevel(ts); ++ vfylevel &= ~RPMSIG_SIGNATURE_TYPE; ++ rpmtsSetVfyLevel(ts, vfylevel); ++ } + rc = rpmVerifySignatures(&qva, ts, fdt, n_basenam(path)); + rpmtsFree(ts); + -- 2.46.0