X-Git-Url: https://git.tld-linux.org/?p=packages%2Fpoldek.git;a=blobdiff_plain;f=rpm-4.15.patch;fp=rpm-4.15.patch;h=d4168ed6162367e2498ef24c5ce757ac76180f3b;hp=0000000000000000000000000000000000000000;hb=3a425a6db5aeb44a75a43e70a3bb22f9cfe2472c;hpb=e67b4b2aba6d20975e5de612b79b6a94e352c4c5 diff --git a/rpm-4.15.patch b/rpm-4.15.patch new file mode 100644 index 0000000..d4168ed --- /dev/null +++ b/rpm-4.15.patch @@ -0,0 +1,126 @@ +--- poldek-0.42.2/pm/rpmorg/signature.c.orig 2020-10-07 23:33:17.051835958 +0200 ++++ poldek-0.42.2/pm/rpmorg/signature.c 2020-10-07 23:34:10.408960665 +0200 +@@ -101,18 +101,18 @@ + case RPMSIGTAG_RSA: + case RPMSIGTAG_PGP5: /* XXX legacy */ + case RPMSIGTAG_PGP: +- flags |= VRFYSIG_SIGNPGP; ++ flags |= PKGVERIFY_PGP; + break; + + case RPMSIGTAG_DSA: + case RPMSIGTAG_GPG: +- flags |= VRFYSIG_SIGNGPG; ++ flags |= PKGVERIFY_GPG; + break; + + case RPMSIGTAG_LEMD5_2: + case RPMSIGTAG_LEMD5_1: + case RPMSIGTAG_MD5: +- flags |= VRFYSIG_DGST; ++ flags |= PKGVERIFY_MD; + break; + + default: +@@ -137,7 +137,7 @@ + int rc; + + +- n_assert(flags & (VRFYSIG_DGST | VRFYSIG_SIGN)); ++ n_assert(flags & (PKGVERIFY_MD | PKGVERIFY_GPG | PKGVERIFY_PGP)); + + if (!rpm_signatures(path, &presented_signs, NULL)) + return 0; +@@ -146,13 +146,13 @@ + char signam[255]; + int n = 0; + +- if (flags & VRFYSIG_DGST) ++ if (flags & PKGVERIFY_MD) + n += n_snprintf(&signam[n], sizeof(signam) - n, "digest/"); + +- if (flags & VRFYSIG_SIGNGPG) ++ if (flags & PKGVERIFY_GPG) + n += n_snprintf(&signam[n], sizeof(signam) - n, "gpg/"); + +- if (flags & VRFYSIG_SIGNPGP) ++ if (flags & PKGVERIFY_PGP) + n += n_snprintf(&signam[n], sizeof(signam) - n, "pgp/"); + + n_assert(n > 0); +@@ -163,29 +163,27 @@ + signam); + return 0; + } +- unsigned qva_flags = RPMVSF_DEFAULT; ++ unsigned vfyflags = RPMVSF_DEFAULT; + +- if ((flags & (VRFYSIG_SIGNPGP | VRFYSIG_SIGNGPG)) == 0) { +- qva_flags |= RPMVSF_MASK_NOSIGNATURES; ++ if ((flags & (PKGVERIFY_PGP | PKGVERIFY_GPG)) == 0) { ++ vfyflags |= RPMVSF_MASK_NOSIGNATURES; + } + + // always check digests - without them rpmVerifySignature returns error +- //if ((flags & VRFYSIG_DGST) == 0) +- // qva_flags |= RPMVSF_MASK_NODIGESTS; +- +- memset(&qva, '\0', sizeof(qva)); +- qva.qva_flags = qva_flags; ++ //if ((flags & PKGVERIFY_MD) == 0) ++ // vfyflags |= RPMVSF_MASK_NODIGESTS; + + rc = -1; + fdt = Fopen(path, "r.ufdio"); + + if (fdt != NULL && Ferror(fdt) == 0) { + ts = rpmtsCreate(); ++ rpmtsSetVfyFlags(ts, vfyflags); + rc = rpmVerifySignatures(&qva, ts, fdt, n_basenam(path)); + rpmtsFree(ts); + + DBGF("rpmVerifySignatures[md=%d, sign=%d] %s %s\n", +- flags & VRFYSIG_DGST ? 1:0, flags & VRFYSIG_SIGN ? 1:0, ++ flags & PKGVERIFY_MD ? 1:0, flags & (PKGVERIFY_GPG | PKGVERIFY_PGP) ? 1:0, + n_basenam(path), rc == 0 ? "OK" : "BAD"); + } + +@@ -196,24 +196,12 @@ + static + int do_pm_rpm_verify_signature(void *pm_rpm, const char *path, unsigned flags) + { +- unsigned rpmflags = 0; +- +- pm_rpm = pm_rpm; + if (access(path, R_OK) != 0) { + logn(LOGERR, "%s: verify signature failed: %m", path); + return 0; + } + +- if (flags & PKGVERIFY_GPG) +- rpmflags |= VRFYSIG_SIGNGPG; +- +- if (flags & PKGVERIFY_PGP) +- rpmflags |= VRFYSIG_SIGNPGP; +- +- if (flags & PKGVERIFY_MD) +- rpmflags |= VRFYSIG_DGST; +- +- return do_verify_signature(path, rpmflags); ++ return do_verify_signature(path, flags); + } + + extern int pm_rpm_verbose; +--- poldek-0.42.2/pm/rpmorg/pm_rpm.h.orig 2020-10-07 23:34:34.276110954 +0200 ++++ poldek-0.42.2/pm/rpmorg/pm_rpm.h 2020-10-07 23:34:40.173648478 +0200 +@@ -69,10 +69,6 @@ + struct poldek_ts *ts); + + #include +-#define VRFYSIG_DGST VERIFY_DIGEST +-#define VRFYSIG_SIGN VERIFY_SIGNATURE +-#define VRFYSIG_SIGNGPG VERIFY_SIGNATURE +-#define VRFYSIG_SIGNPGP VERIFY_SIGNATURE + + int pm_rpm_verify_signature(void *pm_rpm, const char *path, unsigned flags); +