RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: jbj@rpm5.org
Module: rpm Date: 28-Dec-2007 21:55:14
Branch: HEAD Handle: 2007122820551400
Modified files:
rpm CHANGES
rpm/lib tpgp.c
rpm/rpmio rpmpgp.c
Log:
- fix: undo deliberate damage from rpm's RHL8 security audit. ptooey!
Summary:
Revision Changes Path
1.2033 +1 -0 rpm/CHANGES
2.4 +0 -2 rpm/lib/tpgp.c
2.83 +4 -6 rpm/rpmio/rpmpgp.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/CHANGES
============================================================================
$ cvs diff -u -r1.2032 -r1.2033 CHANGES
--- rpm/CHANGES 28 Dec 2007 14:00:29 -0000 1.2032
+++ rpm/CHANGES 28 Dec 2007 20:55:14 -0000 1.2033
@@ -1,4 +1,5 @@
5.0b3 -> 5.0b4:
+ - jbj: fix: undo deliberate damage from rpm's RHL8 security audit. ptooey!
- rse: allow assertion of a particular GnuPG signing key via "gnupg(<path>) = <fingerprint>" in dependencies
- rse: fix invocaction of GnuPG's gpg(1) command for gnupg(<path>) dependency assertions
- afb: hide the rpmlib Version/Timestamp/Vendor markers spew unless verbose.
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/tpgp.c
============================================================================
$ cvs diff -u -r2.3 -r2.4 tpgp.c
--- rpm/lib/tpgp.c 28 Dec 2007 19:54:51 -0000 2.3
+++ rpm/lib/tpgp.c 28 Dec 2007 20:55:14 -0000 2.4
@@ -44,14 +44,12 @@
_fn = rpmExpand(fn, NULL);
-#ifdef NOTYET
_sigfn = rpmExpand(sigfn, NULL);
xx = pgpReadPkts(_sigfn, &sigpkt, &sigpktlen);
if (xx != PGPARMOR_SIGNATURE) {
fprintf(stderr, "==> pgpReadPkts(%s) SIG %p[%u] ret %d\n", _sigfn, sigpkt, sigpktlen, xx);
goto exit;
}
-#endif
_pubfn = rpmExpand(pubfn, NULL);
xx = pgpReadPkts(_pubfn, &pubpkt, &pubpktlen);
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmpgp.c
============================================================================
$ cvs diff -u -r2.82 -r2.83 rpmpgp.c
--- rpm/rpmio/rpmpgp.c 26 Dec 2007 10:40:45 -0000 2.82
+++ rpm/rpmio/rpmpgp.c 28 Dec 2007 20:55:14 -0000 2.83
@@ -1284,15 +1284,15 @@
goto exit;
}
+ /* Read unarmored packets. */
if (pgpIsPkt(b)) {
-#ifdef NOTYET /* XXX ASCII Pubkeys only, please. */
- ec = 0; /* XXX fish out pkt type. */
-#endif
+ ec = 0; /* XXX FIXME: fish out pkt type from unarmored item. */
goto exit;
}
#define TOKEQ(_s, _tok) (!strncmp((_s), (_tok), sizeof(_tok)-1))
+ /* Read armored packets, converting to binary. */
for (t = (char *)b; t && *t; t = te) {
if ((te = strchr(t, '\n')) == NULL)
te = t + strlen(t);
@@ -1311,8 +1311,7 @@
ec = PGPARMOR_ERR_UNKNOWN_ARMOR_TYPE;
goto exit;
}
- if (rc != PGPARMOR_PUBKEY) /* XXX ASCII Pubkeys only, please. */
- continue;
+ ec = rc; /* Save the packet type as exit code. */
armortype = t;
t = strchr(t, '\n');
@@ -1396,7 +1395,6 @@
b = _free(b);
b = dec;
blen = declen;
- ec = PGPARMOR_PUBKEY; /* XXX ASCII Pubkeys only, please. */
goto exit;
/*@notreached@*/ /*@switchbreak@*/ break;
}
@@ .
Received on Fri Dec 28 21:55:14 2007