RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: jbj@rpm5.org
Module: rpm Date: 28-Aug-2007 21:22:34
Branch: HEAD Handle: 2007082820223400
Modified files:
rpm CHANGES
rpm/lib rpmts.c
Log:
- use keyutils for pubkey cache.
Summary:
Revision Changes Path
1.1605 +1 -0 rpm/CHANGES
2.88 +48 -0 rpm/lib/rpmts.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/CHANGES
============================================================================
$ cvs diff -u -r1.1604 -r1.1605 CHANGES
--- rpm/CHANGES 28 Aug 2007 00:36:52 -0000 1.1604
+++ rpm/CHANGES 28 Aug 2007 19:22:34 -0000 1.1605
@@ -1,4 +1,5 @@
4.5 -> 5.0:
+ - jbj: use keyutils for pubkey cache.
- jbj: update id.po (Translation Project).
- jbj: teach --querytags to chain through headerCompoundFormats.
- rse: apply upstream vendor Lua 5.1.2 patches 1-7
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/rpmts.c
============================================================================
$ cvs diff -u -r2.87 -r2.88 rpmts.c
--- rpm/lib/rpmts.c 21 Aug 2007 03:41:52 -0000 2.87
+++ rpm/lib/rpmts.c 28 Aug 2007 19:22:34 -0000 2.88
@@ -3,6 +3,9 @@
* Routine(s) to handle a "rpmts" transaction sets.
*/
#include "system.h"
+#if defined(HAVE_KEYUTILS_H)
+#include <keyutils.h>
+#endif
#include "rpmio_internal.h" /* XXX for pgp and beecrypt */
#include <rpmlib.h>
@@ -266,6 +269,36 @@
memset(ts->pksignid, 0, sizeof(ts->pksignid));
}
+#if defined(HAVE_KEYUTILS_H)
+ /* Try keyutils keyring lookup. */
+ if (ts->pkpkt == NULL) {
+ key_serial_t keyring = KEY_SPEC_PROCESS_KEYRING;
+ const char * krprefix = "rpm:gpg:pubkey:";
+ char krfp[32];
+ char * krn = alloca(strlen(krprefix) + sizeof("12345678"));
+ long key;
+
+ snprintf(krfp, sizeof(krfp), "%08X", pgpGrab(sigp->signid+4, 4));
+ krfp[sizeof(krfp)-1] = '\0';
+ *krn = '\0';
+ (void) stpcpy( stpcpy(krn, krprefix), krfp);
+
+ key = keyctl_search(keyring, "user", krn, 0);
+ xx = keyctl_read(key, NULL, 0);
+ if (xx > 0) {
+ ts->pkpktlen = xx;
+ ts->pkpkt = NULL;
+ xx = keyctl_read_alloc(key, (void **)&ts->pkpkt);
+ if (xx > 0) {
+ pubkeysource = xstrdup(krn);
+ } else {
+ ts->pkpkt = _free(ts->pkpkt);
+ ts->pkpktlen = 0;
+ }
+ }
+ }
+#endif
+
/* Try rpmdb keyring lookup. */
if (ts->pkpkt == NULL) {
int hx = -1;
@@ -361,6 +394,21 @@
/* XXX Verify any pubkey signatures. */
+#if defined(HAVE_KEYUTILS_H)
+ /* Save the pubkey in the keyutils keyring. */
+ { key_serial_t keyring = KEY_SPEC_PROCESS_KEYRING;
+ const char * krprefix = "rpm:gpg:pubkey:";
+ char krfp[32];
+ char * krn = alloca(strlen(krprefix) + sizeof("12345678"));
+
+ snprintf(krfp, sizeof(krfp), "%08X", pgpGrab(sigp->signid+4, 4));
+ krfp[sizeof(krfp)-1] = '\0';
+ *krn = '\0';
+ (void) stpcpy( stpcpy(krn, krprefix), krfp);
+ (void) add_key("user", krn, ts->pkpkt, ts->pkpktlen, keyring);
+ }
+#endif
+
/* Pubkey packet looks good, save the signer id. */
/*@-boundsread@*/
memcpy(ts->pksignid, pubp->signid, sizeof(ts->pksignid));
@@ .
Received on Tue Aug 28 21:22:34 2007