RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: jbj@rpm5.org
Module: rpm Date: 09-Sep-2007 19:56:44
Branch: HEAD Handle: 2007090918564101
Modified files:
rpm CHANGES
rpm/lib librpm.vers package.c poptQV.c rpmchecksig.c
rpmts.c rpmts.h signature.c
rpm/rpmio librpmio.vers rpmio_internal.h rpmpgp.c rpmpgp.h
Log:
- jbj: add pgpVSFlags for pgpDig control disablers. ugh.
- jbj: re-add rpmtsCleanDig() to preserve opaque rpmts.
- jbj: add pgpStatsAccumulator, not fully wired yet.
Summary:
Revision Changes Path
1.1630 +3 -0 rpm/CHANGES
1.16 +1 -0 rpm/lib/librpm.vers
2.158 +33 -29 rpm/lib/package.c
2.45 +1 -1 rpm/lib/poptQV.c
1.143 +1 -4 rpm/lib/rpmchecksig.c
2.94 +7 -2 rpm/lib/rpmts.c
2.72 +18 -49 rpm/lib/rpmts.h
2.189 +40 -31 rpm/lib/signature.c
2.10 +1 -0 rpm/rpmio/librpmio.vers
2.79 +3 -0 rpm/rpmio/rpmio_internal.h
2.57 +14 -0 rpm/rpmio/rpmpgp.c
2.47 +53 -0 rpm/rpmio/rpmpgp.h
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/CHANGES
============================================================================
$ cvs diff -u -r1.1629 -r1.1630 CHANGES
--- rpm/CHANGES 9 Sep 2007 15:42:50 -0000 1.1629
+++ rpm/CHANGES 9 Sep 2007 17:56:41 -0000 1.1630
@@ -1,4 +1,7 @@
4.5 -> 5.0:
+ - jbj: add pgpVSFlags for pgpDig control disablers. ugh.
+ - jbj: re-add rpmtsCleanDig() to preserve opaque rpmts.
+ - jbj: add pgpStatsAccumulator, not fully wired yet.
- jbj: refactor signature components from ts into dig container.
- jbj: add size_t *lenp to headerUnload().
- jbj: consistent naming in rpmdb/pkgio.c
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/librpm.vers
============================================================================
$ cvs diff -u -r1.15 -r1.16 librpm.vers
--- rpm/lib/librpm.vers 8 Sep 2007 22:42:36 -0000 1.15
+++ rpm/lib/librpm.vers 9 Sep 2007 17:56:41 -0000 1.16
@@ -333,6 +333,7 @@
rpmtsCheckDSIProblems;
rpmtsChrootDone;
rpmtsClean;
+ rpmtsCleanDig;
rpmtsCloseDB;
rpmtsCloseSDB;
rpmtsColor;
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/package.c
============================================================================
$ cvs diff -u -r2.157 -r2.158 package.c
--- rpm/lib/package.c 9 Sep 2007 15:42:50 -0000 2.157
+++ rpm/lib/package.c 9 Sep 2007 17:56:41 -0000 2.158
@@ -9,8 +9,6 @@
#include <rpmio_internal.h>
#include <rpmlib.h>
-#include <rpmte.h> /* XXX rpmtsi */
-#define _RPMTS_INTERNAL /* XXX rpmtsCleanDig() */
#include "rpmts.h"
#include "misc.h" /* XXX stripTrailingChar() */
@@ -274,6 +272,7 @@
const void * sig = NULL;
unsigned char * b;
rpmVSFlags vsflags = rpmtsVSFlags(ts);
+ rpmop op;
int siglen = 0;
int blen;
size_t nb;
@@ -477,8 +476,7 @@
rpmMessage(RPMMESS_ERROR,
_("skipping header with unverifiable V%u signature\n"),
dig->signature.version);
- (void) rpmtsSetSig(ts, 0, 0, NULL, 0); /* XXX headerFreeData */
- ts->dig = pgpFreeDig(ts->dig);
+ rpmtsCleanDig(ts);
rc = RPMRC_FAIL;
goto exit;
}
@@ -487,7 +485,8 @@
ildl[1] = (regionEnd - dataStart);
ildl[1] = htonl(ildl[1]);
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
+ op = pgpStatsAccumulator(dig, 10); /* RPMTS_OP_DIGEST */
+ (void) rpmswEnter(op, 0);
dig->hdrmd5ctx = rpmDigestInit(dig->signature.hash_algo, RPMDIGEST_NONE);
b = NULL; nb = 0;
@@ -511,7 +510,7 @@
nb = htonl(ildl[1]);
(void) rpmDigestUpdate(dig->hdrmd5ctx, b, nb);
dig->nbytes += nb;
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), dig->nbytes);
+ (void) rpmswExit(op, dig->nbytes);
break;
case RPMTAG_DSAHEADER:
@@ -521,8 +520,7 @@
rpmMessage(RPMMESS_ERROR,
_("skipping header with unverifiable V%u signature\n"),
dig->signature.version);
- (void) rpmtsSetSig(ts, 0, 0, NULL, 0); /* XXX headerFreeData */
- ts->dig = pgpFreeDig(ts->dig);
+ rpmtsCleanDig(ts);
rc = RPMRC_FAIL;
goto exit;
}
@@ -534,7 +532,8 @@
ildl[1] = htonl(ildl[1]);
/*@=boundswrite@*/
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
+ op = pgpStatsAccumulator(dig, 10); /* RPMTS_OP_DIGEST */
+ (void) rpmswEnter(op, 0);
dig->hdrsha1ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
b = NULL; nb = 0;
@@ -558,7 +557,7 @@
nb = htonl(ildl[1]);
(void) rpmDigestUpdate(dig->hdrsha1ctx, b, nb);
dig->nbytes += nb;
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), dig->nbytes);
+ (void) rpmswExit(op, dig->nbytes);
break;
default:
@@ -577,10 +576,8 @@
/*@=boundswrite@*/
/* XXX headerCheck can recurse, free info only at top level. */
- if (hclvl == 1) {
- (void) rpmtsSetSig(ts, 0, 0, NULL, 0); /* XXX headerFreeData */
- ts->dig = pgpFreeDig(ts->dig);
- }
+ if (hclvl == 1)
+ rpmtsCleanDig(ts);
if (info->tag == RPMTAG_SHA1HEADER)
sig = _free(sig);
hclvl--;
@@ -710,6 +707,7 @@
const void * sig;
int_32 siglen;
rpmtsOpX opx;
+ rpmop op = NULL;
size_t nb;
Header h = NULL;
const char * msg = NULL;
@@ -830,15 +828,19 @@
/* XXX stats will include header i/o and setup overhead. */
/* XXX repackaged packages have appended tags, legacy dig/sig check fails */
- if (opx > 0)
- (void) rpmswEnter(rpmtsOp(ts, opx), 0);
+ if (opx > 0) {
+ op = pgpStatsAccumulator(dig, opx);
+ (void) rpmswEnter(op, 0);
+ }
/*@-type@*/ /* XXX arrow access of non-pointer (FDSTAT_t) */
nb = -fd->stats->ops[FDSTAT_READ].bytes;
rc = rpmReadHeader(ts, fd, &h, &msg);
nb += fd->stats->ops[FDSTAT_READ].bytes;
/*@=type@*/
- if (opx > 0)
- (void) rpmswExit(rpmtsOp(ts, opx), nb);
+ if (opx > 0 && op != NULL) {
+ (void) rpmswExit(op, nb);
+ op = NULL;
+ }
if (rc != RPMRC_OK || h == NULL) {
rpmError(RPMERR_FREAD, _("%s: headerRead failed: %s"), fn,
@@ -890,7 +892,8 @@
if (!headerGetEntry(h, RPMTAG_HEADERIMMUTABLE, &uht, &uh, &uhc))
break;
(void) headerGetMagic(NULL, &hmagic, &nmagic);
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
+ op = pgpStatsAccumulator(dig, 10); /* RPMTS_OP_DIGEST */
+ (void) rpmswEnter(op, 0);
dig->hdrmd5ctx = rpmDigestInit(dig->signature.hash_algo, RPMDIGEST_NONE);
if (hmagic && nmagic > 0) {
(void) rpmDigestUpdate(dig->hdrmd5ctx, hmagic, nmagic);
@@ -898,8 +901,8 @@
}
(void) rpmDigestUpdate(dig->hdrmd5ctx, uh, uhc);
dig->nbytes += uhc;
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), dig->nbytes);
- rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
+ (void) rpmswExit(op, dig->nbytes);
+ op->count--; /* XXX one too many */
uh = headerFreeData(uh, uht);
} break;
case RPMSIGTAG_DSA:
@@ -923,7 +926,8 @@
if (!headerGetEntry(h, RPMTAG_HEADERIMMUTABLE, &uht, &uh, &uhc))
break;
(void) headerGetMagic(NULL, &hmagic, &nmagic);
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
+ op = pgpStatsAccumulator(dig, 10); /* RPMTS_OP_DIGEST */
+ (void) rpmswEnter(op, 0);
dig->hdrsha1ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
if (hmagic && nmagic > 0) {
(void) rpmDigestUpdate(dig->hdrsha1ctx, hmagic, nmagic);
@@ -931,9 +935,9 @@
}
(void) rpmDigestUpdate(dig->hdrsha1ctx, uh, uhc);
dig->nbytes += uhc;
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), dig->nbytes);
+ (void) rpmswExit(op, dig->nbytes);
if (sigtag == RPMSIGTAG_SHA1)
- rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
+ op->count--; /* XXX one too many */
uh = headerFreeData(uh, uht);
} break;
#if defined(SUPPORT_RPMV3_VERIFY_DSA) || defined(SUPPORT_RPMV3_VERIFY_RSA)
@@ -958,11 +962,12 @@
#endif
case RPMSIGTAG_MD5:
/* Legacy signatures need the compressed payload in the digest too. */
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
+ op = pgpStatsAccumulator(dig, 10); /* RPMTS_OP_DIGEST */
+ (void) rpmswEnter(op, 0);
while ((count = Fread(buf, sizeof(buf[0]), sizeof(buf), fd)) > 0)
dig->nbytes += count;
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), dig->nbytes);
- rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
+ (void) rpmswExit(op, dig->nbytes);
+ op->count--; /* XXX one too many */
dig->nbytes += nb; /* XXX include size of header blob. */
if (count < 0) {
rpmError(RPMERR_FREAD, _("%s: Fread failed: %s\n"),
@@ -1041,8 +1046,7 @@
(void) rpmswSub(rpmtsOp(ts, RPMTS_OP_READHDR),
opsave);
- (void) rpmtsSetSig(ts, 0, 0, NULL, 0); /* XXX headerFreeData */
- ts->dig = pgpFreeDig(ts->dig);
+ rpmtsCleanDig(ts);
sigh = headerFree(sigh);
return rc;
}
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/poptQV.c
============================================================================
$ cvs diff -u -r2.44 -r2.45 poptQV.c
--- rpm/lib/poptQV.c 6 Sep 2007 12:41:12 -0000 2.44
+++ rpm/lib/poptQV.c 9 Sep 2007 17:56:41 -0000 2.45
@@ -7,7 +7,7 @@
#include <rpmio.h>
#include <rpmcli.h>
-#include <rpmgi.h> /* XXX for giFlags */
+#include <rpmgi.h> /* XXX for giFlags */
#include "debug.h"
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/rpmchecksig.c
============================================================================
$ cvs diff -u -r1.142 -r1.143 rpmchecksig.c
--- rpm/lib/rpmchecksig.c 9 Sep 2007 15:42:50 -0000 1.142
+++ rpm/lib/rpmchecksig.c 9 Sep 2007 17:56:41 -0000 1.143
@@ -10,8 +10,6 @@
#define _RPMEVR_INTERNAL /* XXX RPMSENSE_KEYRING */
#include <rpmevr.h>
-#include <rpmte.h> /* XXX rpmtsi */
-#define _RPMTS_INTERNAL /* XXX rpmtsCleanDig */
#include <rpmts.h>
#include "rpmdb.h"
@@ -1134,8 +1132,7 @@
}
exit:
- (void) rpmtsSetSig(ts, 0, 0, NULL, 0); /* XXX headerFreeData */
- ts->dig = pgpFreeDig(ts->dig);
+ rpmtsCleanDig(ts);
sigh = headerFree(sigh);
return res;
}
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/rpmts.c
============================================================================
$ cvs diff -u -r2.93 -r2.94 rpmts.c
--- rpm/lib/rpmts.c 9 Sep 2007 15:42:50 -0000 2.93
+++ rpm/lib/rpmts.c 9 Sep 2007 17:56:41 -0000 2.94
@@ -713,6 +713,12 @@
return ps;
}
+void rpmtsCleanDig(rpmts ts)
+{
+ (void) rpmtsSetSig(ts, 0, 0, NULL, 0); /* XXX headerFreeData */
+ ts->dig = pgpFreeDig(ts->dig);
+}
+
void rpmtsClean(rpmts ts)
{
rpmtsi pi; rpmte p;
@@ -737,8 +743,7 @@
ts->probs = rpmpsFree(ts->probs);
- (void) rpmtsSetSig(ts, 0, 0, NULL, 0); /* XXX headerFreeData */
- ts->dig = pgpFreeDig(ts->dig);
+ rpmtsCleanDig(ts);
}
void rpmtsEmpty(rpmts ts)
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/rpmts.h
============================================================================
$ cvs diff -u -r2.71 -r2.72 rpmts.h
--- rpm/lib/rpmts.h 9 Sep 2007 15:42:50 -0000 2.71
+++ rpm/lib/rpmts.h 9 Sep 2007 17:56:41 -0000 2.72
@@ -9,6 +9,7 @@
#include "rpmps.h"
#include "rpmsw.h"
#include "rpmsx.h"
+#include <rpmpgp.h> /* XXX pgpVSFlags */
/*@-exportlocal@*/
/*@unchecked@*/
@@ -22,55 +23,7 @@
/** \ingroup rpmts
* Bit(s) to control digest and signature verification.
*/
-typedef enum rpmVSFlags_e {
- RPMVSF_DEFAULT = 0,
- RPMVSF_NOHDRCHK = (1 << 0),
- RPMVSF_NEEDPAYLOAD = (1 << 1),
- /* bit(s) 2-7 unused */
- RPMVSF_NOSHA1HEADER = (1 << 8),
- RPMVSF_NOMD5HEADER = (1 << 9), /* unimplemented */
- RPMVSF_NODSAHEADER = (1 << 10),
- RPMVSF_NORSAHEADER = (1 << 11),
- /* bit(s) 12-15 unused */
- RPMVSF_NOSHA1 = (1 << 16), /* unimplemented */
- RPMVSF_NOMD5 = (1 << 17),
- RPMVSF_NODSA = (1 << 18),
- RPMVSF_NORSA = (1 << 19)
- /* bit(s) 20-31 unused */
-} rpmVSFlags;
-
-/** \ingroup rpmts
- * Transaction Types
- */
-typedef enum rpmTSType_e {
- RPMTRANS_TYPE_NORMAL = 0,
- RPMTRANS_TYPE_ROLLBACK = (1 << 0),
- RPMTRANS_TYPE_AUTOROLLBACK = (1 << 1)
-} rpmTSType;
-
-#define _RPMVSF_NODIGESTS \
- ( RPMVSF_NOSHA1HEADER | \
- RPMVSF_NOMD5HEADER | \
- RPMVSF_NOSHA1 | \
- RPMVSF_NOMD5 )
-
-#define _RPMVSF_NOSIGNATURES \
- ( RPMVSF_NODSAHEADER | \
- RPMVSF_NORSAHEADER | \
- RPMVSF_NODSA | \
- RPMVSF_NORSA )
-
-#define _RPMVSF_NOHEADER \
- ( RPMVSF_NOSHA1HEADER | \
- RPMVSF_NOMD5HEADER | \
- RPMVSF_NODSAHEADER | \
- RPMVSF_NORSAHEADER )
-
-#define _RPMVSF_NOPAYLOAD \
- ( RPMVSF_NOSHA1 | \
- RPMVSF_NOMD5 | \
- RPMVSF_NODSA | \
- RPMVSF_NORSA )
+typedef pgpVSFlags rpmVSFlags;
/** \ingroup rpmts
* Indices for timestamps.
@@ -101,6 +54,15 @@
} rpmtsOpX;
/** \ingroup rpmts
+ * Transaction Types
+ */
+typedef enum rpmTSType_e {
+ RPMTRANS_TYPE_NORMAL = 0,
+ RPMTRANS_TYPE_ROLLBACK = (1 << 0),
+ RPMTRANS_TYPE_AUTOROLLBACK = (1 << 1)
+} rpmTSType;
+
+/** \ingroup rpmts
*/
typedef enum tsStage_e {
TSM_UNKNOWN = 0,
@@ -561,6 +523,13 @@
/*@modifies ts @*/;
/** \ingroup rpmts
+ * Free signature verification data.
+ * @param ts transaction set
+ */
+void rpmtsCleanDig(rpmts ts)
+ /*@modifies ts @*/;
+
+/** \ingroup rpmts
* Free memory needed only for dependency checks and ordering.
* @param ts transaction set
*/
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/signature.c
============================================================================
$ cvs diff -u -r2.188 -r2.189 signature.c
--- rpm/lib/signature.c 9 Sep 2007 15:42:51 -0000 2.188
+++ rpm/lib/signature.c 9 Sep 2007 17:56:41 -0000 2.189
@@ -227,7 +227,7 @@
dig = pgpNewDig();
(void) pgpPrtPkts(*pktp, *pktlenp, dig, 0);
- sigp = &dig->signature;
+ sigp = pgpGetSignature(dig);
dig = pgpFreeDig(dig);
#endif
@@ -362,7 +362,7 @@
dig = pgpNewDig();
(void) pgpPrtPkts(*pktp, *pktlenp, dig, 0);
- sigp = &dig->signature;
+ sigp = pgpGetSignature(dig);
/* Identify the type of signature being returned. */
switch (*sigTagp) {
@@ -761,10 +761,12 @@
goto exit;
}
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
- (void) rpmDigestFinal(rpmDigestDup(md5ctx), &md5sum, &md5len, 0);
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
- rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
+ { rpmop op = pgpStatsAccumulator(dig, 10); /* RPMTS_OP_DIGEST */
+ (void) rpmswEnter(op, 0);
+ (void) rpmDigestFinal(rpmDigestDup(md5ctx), &md5sum, &md5len, 0);
+ (void) rpmswExit(op, 0);
+ op->count--; /* XXX one too many */
+ }
if (md5len != siglen || memcmp(md5sum, sig, md5len)) {
res = RPMRC_FAIL;
@@ -818,9 +820,11 @@
goto exit;
}
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
- (void) rpmDigestFinal(rpmDigestDup(sha1ctx), &SHA1, NULL, 1);
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
+ { rpmop op = pgpStatsAccumulator(dig, 10); /* RPMTS_OP_DIGEST */
+ (void) rpmswEnter(op, 0);
+ (void) rpmDigestFinal(rpmDigestDup(sha1ctx), &SHA1, NULL, 1);
+ (void) rpmswExit(op, 0);
+ }
if (SHA1 == NULL || strlen(SHA1) != strlen(sig) || strcmp(SHA1, sig)) {
res = RPMRC_FAIL;
@@ -968,11 +972,13 @@
}
assert(md5ctx != NULL); /* XXX can't happen. */
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
- { DIGEST_CTX ctx = rpmDigestDup(md5ctx);
+ { rpmop op = pgpStatsAccumulator(dig, 10); /* RPMTS_OP_DIGEST */
+ DIGEST_CTX ctx;
byte signhash16[2];
const char * s;
+ (void) rpmswEnter(op, 0);
+ ctx = rpmDigestDup(md5ctx);
if (sigp->hash != NULL)
xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
@@ -989,8 +995,8 @@
#endif
xx = rpmDigestFinal(ctx, (void **)&dig->md5, &dig->md5len, 1);
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), sigp->hashlen);
- rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
+ (void) rpmswExit(op, sigp->hashlen);
+ op->count--; /* XXX one too many */
/* Compare leading 16 bits of digest for quick check. */
s = dig->md5;
@@ -1029,19 +1035,18 @@
if (res != RPMRC_OK)
goto exit;
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_SIGNATURE), 0);
+ { rpmop op = pgpStatsAccumulator(dig, 11); /* RPMTS_OP_SIGNATURE */
+ (void) rpmswEnter(op, 0);
/*@-type@*/ /* XXX FIX: avoid beecrypt API incompatibility. */
#if defined(HAVE_BEECRYPT_API_H)
- xx = rsavrfy(&dig->rsa_pk.n, &dig->rsa_pk.e, &dig->c, &dig->rsahm);
+ xx = rsavrfy(&dig->rsa_pk.n, &dig->rsa_pk.e, &dig->c, &dig->rsahm);
#else
- xx = rsavrfy(&dig->rsa_pk, &dig->rsahm, &dig->c);
+ xx = rsavrfy(&dig->rsa_pk, &dig->rsahm, &dig->c);
#endif
/*@=type@*/
- if (xx)
- res = RPMRC_OK;
- else
- res = RPMRC_FAIL;
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_SIGNATURE), 0);
+ (void) rpmswExit(op, 0);
+ res = (xx ? RPMRC_OK : RPMRC_FAIL);
+ }
exit:
t = stpcpy(t, rpmSigString(res));
@@ -1108,10 +1113,12 @@
goto exit;
}
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
- { DIGEST_CTX ctx = rpmDigestDup(sha1ctx);
+ { rpmop op = pgpStatsAccumulator(dig, 10); /* RPMTS_OP_DIGEST */
+ DIGEST_CTX ctx;
byte signhash16[2];
+ (void) rpmswEnter(op, 0);
+ ctx = rpmDigestDup(sha1ctx);
if (sigp->hash != NULL)
xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
@@ -1125,8 +1132,8 @@
xx = rpmDigestUpdate(ctx, trailer, sizeof(trailer));
}
xx = rpmDigestFinal(ctx, (void **)&dig->sha1, &dig->sha1len, 1);
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), sigp->hashlen);
- rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
+ (void) rpmswExit(op, sigp->hashlen);
+ op->count--; /* XXX one too many */
mpnzero(&dig->hm); (void) mpnsethex(&dig->hm, dig->sha1);
@@ -1144,13 +1151,15 @@
if (res != RPMRC_OK)
goto exit;
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_SIGNATURE), 0);
- if (dsavrfy(&dig->p, &dig->q, &dig->g,
+ { rpmop op = pgpStatsAccumulator(dig, 11); /* RPMTS_OP_SIGNATURE */
+ (void) rpmswEnter(op, 0);
+ if (dsavrfy(&dig->p, &dig->q, &dig->g,
&dig->hm, &dig->y, &dig->r, &dig->s))
- res = RPMRC_OK;
- else
- res = RPMRC_FAIL;
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_SIGNATURE), 0);
+ res = RPMRC_OK;
+ else
+ res = RPMRC_FAIL;
+ (void) rpmswExit(op, 0);
+ }
exit:
t = stpcpy(t, rpmSigString(res));
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/librpmio.vers
============================================================================
$ cvs diff -u -r2.9 -r2.10 librpmio.vers
--- rpm/rpmio/librpmio.vers 9 Sep 2007 15:42:51 -0000 2.9
+++ rpm/rpmio/librpmio.vers 9 Sep 2007 17:56:42 -0000 2.10
@@ -172,6 +172,7 @@
pgpReadPkts;
pgpSetSig;
pgpSigTypeTbl;
+ pgpStatsAccumulator;
pgpSubTypeTbl;
pgpSymkeyTbl;
pgpTagTbl;
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmio_internal.h
============================================================================
$ cvs diff -u -r2.78 -r2.79 rpmio_internal.h
--- rpm/rpmio/rpmio_internal.h 9 Sep 2007 15:42:51 -0000 2.78
+++ rpm/rpmio/rpmio_internal.h 9 Sep 2007 17:56:42 -0000 2.79
@@ -68,6 +68,9 @@
const void * sig; /*!< Package signature. */
int32_t siglen; /*!< Package signature length. */
+ struct rpmop_s dops; /*!< Digest operation statistics. */
+ struct rpmop_s sops; /*!< Signature operation statistics. */
+
byte ** ppkts;
int npkts;
size_t nbytes; /*!< No. bytes of plain text. */
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmpgp.c
============================================================================
$ cvs diff -u -r2.56 -r2.57 rpmpgp.c
--- rpm/rpmio/rpmpgp.c 9 Sep 2007 15:42:51 -0000 2.56
+++ rpm/rpmio/rpmpgp.c 9 Sep 2007 17:56:42 -0000 2.57
@@ -1176,6 +1176,20 @@
return 0;
}
+void * pgpStatsAccumulator(pgpDig dig, int opx)
+{
+ void * sw = NULL;
+ switch (opx) {
+ case 10: /* RPMTS_OP_DIGEST */
+ sw = &dig->dops;
+ break;
+ case 11: /* RPMTS_OP_SIGNATURE */
+ sw = &dig->sops;
+ break;
+ }
+ return sw;
+}
+
static int pgpGrabPkts(const byte * pkts, unsigned int pktlen,
/*@out@*/ byte *** pppkts, /*@out@*/ int * pnpkts)
/*@modifies *pppkts, *pnpkts @*/
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmpgp.h
============================================================================
$ cvs diff -u -r2.46 -r2.47 rpmpgp.h
--- rpm/rpmio/rpmpgp.h 9 Sep 2007 15:42:51 -0000 2.46
+++ rpm/rpmio/rpmpgp.h 9 Sep 2007 17:56:42 -0000 2.47
@@ -1408,6 +1408,59 @@
/*@modifies dig @*/;
/**
+ * Return pgpDig container accumulator structure.
+ * @param dig container
+ * @param opx per-container accumulator index (aka rpmtsOpX)
+ * @return per-container accumulator pointer
+ */
+void * pgpStatsAccumulator(pgpDig dig, int opx)
+ /*@*/;
+
+/** \ingroup rpmts
+ * Bit(s) to control digest and signature verification.
+ */
+typedef enum pgpVSFlags_e {
+ RPMVSF_DEFAULT = 0,
+ RPMVSF_NOHDRCHK = (1 << 0),
+ RPMVSF_NEEDPAYLOAD = (1 << 1),
+ /* bit(s) 2-7 unused */
+ RPMVSF_NOSHA1HEADER = (1 << 8),
+ RPMVSF_NOMD5HEADER = (1 << 9), /* unimplemented */
+ RPMVSF_NODSAHEADER = (1 << 10),
+ RPMVSF_NORSAHEADER = (1 << 11),
+ /* bit(s) 12-15 unused */
+ RPMVSF_NOSHA1 = (1 << 16), /* unimplemented */
+ RPMVSF_NOMD5 = (1 << 17),
+ RPMVSF_NODSA = (1 << 18),
+ RPMVSF_NORSA = (1 << 19)
+ /* bit(s) 20-31 unused */
+} pgpVSFlags;
+
+#define _RPMVSF_NODIGESTS \
+ ( RPMVSF_NOSHA1HEADER | \
+ RPMVSF_NOMD5HEADER | \
+ RPMVSF_NOSHA1 | \
+ RPMVSF_NOMD5 )
+
+#define _RPMVSF_NOSIGNATURES \
+ ( RPMVSF_NODSAHEADER | \
+ RPMVSF_NORSAHEADER | \
+ RPMVSF_NODSA | \
+ RPMVSF_NORSA )
+
+#define _RPMVSF_NOHEADER \
+ ( RPMVSF_NOSHA1HEADER | \
+ RPMVSF_NOMD5HEADER | \
+ RPMVSF_NODSAHEADER | \
+ RPMVSF_NORSAHEADER )
+
+#define _RPMVSF_NOPAYLOAD \
+ ( RPMVSF_NOSHA1 | \
+ RPMVSF_NOMD5 | \
+ RPMVSF_NODSA | \
+ RPMVSF_NORSA )
+
+/**
* Is buffer at beginning of an OpenPGP packet?
* @param p buffer
* @return 1 if an OpenPGP packet, 0 otherwise
@@ .
Received on Sun Sep 9 19:56:44 2007