RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: jbj@rpm5.org
Module: rpm Date: 29-Dec-2007 00:27:36
Branch: HEAD Handle: 2007122823273500
Modified files:
rpm CHANGES
rpm/lib tpgp.c
rpm/rpmdb pkgio.c
Log:
- fix: remove unused assertion.
- wire up rpmtsFindPubkey() retrieval (no workie yet).
Summary:
Revision Changes Path
1.2034 +1 -0 rpm/CHANGES
2.7 +56 -23 rpm/lib/tpgp.c
1.70 +0 -2 rpm/rpmdb/pkgio.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/CHANGES
============================================================================
$ cvs diff -u -r1.2033 -r1.2034 CHANGES
--- rpm/CHANGES 28 Dec 2007 20:55:14 -0000 1.2033
+++ rpm/CHANGES 28 Dec 2007 23:27:35 -0000 1.2034
@@ -1,4 +1,5 @@
5.0b3 -> 5.0b4:
+ - jbj: fix: remove unused assertion.
- jbj: fix: undo deliberate damage from rpm's RHL8 security audit. ptooey!
- rse: allow assertion of a particular GnuPG signing key via "gnupg(<path>) = <fingerprint>" in dependencies
- rse: fix invocaction of GnuPG's gpg(1) command for gnupg(<path>) dependency assertions
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/tpgp.c
============================================================================
$ cvs diff -u -r2.6 -r2.7 tpgp.c
--- rpm/lib/tpgp.c 28 Dec 2007 22:43:48 -0000 2.6
+++ rpm/lib/tpgp.c 28 Dec 2007 23:27:35 -0000 2.7
@@ -8,7 +8,7 @@
extern int _pgp_print;
#include "system.h"
-#include <rpmio.h>
+#include <rpmio_internal.h> /* XXX rpmioSlurp */
#include <rpmmacro.h>
#define _RPMPGP_INTERNAL
@@ -23,13 +23,20 @@
#include "genpgp.h"
+#include <rpmcli.h>
+
+#include <rpmcb.h>
+#include <rpmdb.h>
+#include <rpmps.h>
+#include <rpmts.h>
+
#include "debug.h"
static
-int rpmCheckPgpSignatureOnFile(const char * fn, const char * sigfn,
+int rpmCheckPgpSignatureOnFile(rpmts ts, const char * fn, const char * sigfn,
const char * pubfn, const char * pubfingerprint)
{
- pgpDig dig = pgpDigNew(0);
+ pgpDig dig = rpmtsDig(ts);
pgpDigParams sigp;
const unsigned char * sigpkt = NULL;
size_t sigpktlen = 0;
@@ -61,6 +68,13 @@
goto exit;
}
+ sigp = pgpGetSignature(dig);
+
+ if (sigp->version != 3 && sigp->version != 4) {
+fprintf(stderr, "==> unverifiable V%d\n", sigp->version);
+ goto exit;
+ }
+
/* Load the pubkey. Use pubfn if specified, otherwise rpmdb keyring. */
if (pubfn != NULL) {
const char * _pubfn = rpmExpand(pubfn, NULL);
@@ -71,27 +85,25 @@
goto exit;
}
_pubfn = _free(_pubfn);
- } else {
- }
- xx = pgpPrtPkts((uint8_t *)pubpkt, pubpktlen, dig, printing);
- if (xx) {
+ xx = pgpPrtPkts((uint8_t *)pubpkt, pubpktlen, dig, printing);
+ if (xx) {
fprintf(stderr, "==> pgpPrtPkts PUB %p[%u] ret %d\n", pubpkt, pubpktlen, xx);
- goto exit;
- }
-
- sigp = pgpGetSignature(dig);
-
- if (sigp->version != 3 && sigp->version != 4) {
-fprintf(stderr, "==> unverifiable V%d\n", sigp->version);
- goto exit;
+ goto exit;
+ }
+ } else {
+ rpmRC res = rpmtsFindPubkey(ts, dig);
+ if (res != RPMRC_OK) {
+fprintf(stderr, "==> rpmtsFindPubkey ret %d\n", res);
+ goto exit;
+ }
}
/* Compute the message digest. */
ctx = rpmDigestInit(sigp->hash_algo, RPMDIGEST_NONE);
{ const char * _fn = rpmExpand(fn, NULL);
- const char * b = NULL;
- size_t blen = 0;
+ uint8_t * b = NULL;
+ ssize_t blen = 0;
int _rc = rpmioSlurp(_fn, &b, &blen);
if (!(_rc == 0 && b != NULL && blen > 0)) {
@@ -150,7 +162,7 @@
exit:
pubpkt = _free(pubpkt);
sigpkt = _free(sigpkt);
- dig = pgpDigFree(dig);
+ rpmtsCleanDig(ts);
if (_debug)
fprintf(stderr, "============================ verify: rc %d\n", rc);
@@ -159,35 +171,56 @@
}
static
-int doit(const char * sigtype)
+int doit(rpmts ts, const char * sigtype)
{
int rc = 0;
if (!strcmp("DSA", sigtype)) {
- rc = rpmCheckPgpSignatureOnFile("plaintext", DSAsig, DSApub, NULL);
+ rc = rpmCheckPgpSignatureOnFile(ts, "plaintext", DSAsig, DSApub, NULL);
+ rc = rpmCheckPgpSignatureOnFile(ts, "plaintext", DSAsig, NULL, NULL);
}
if (!strcmp("RSA", sigtype)) {
- rc = rpmCheckPgpSignatureOnFile("plaintext", RSAsig, RSApub, NULL);
+ rc = rpmCheckPgpSignatureOnFile(ts, "plaintext", RSAsig, RSApub, NULL);
+ rc = rpmCheckPgpSignatureOnFile(ts, "plaintext", RSAsig, NULL, NULL);
}
return rc;
}
+static struct poptOption optionsTable[] = {
+
+ { NULL, '\0', POPT_ARG_INCLUDE_TABLE, rpmcliAllPoptTable, 0,
+ N_("Common options:"),
+ NULL },
+ POPT_AUTOALIAS
+ POPT_AUTOHELP
+ POPT_TABLEEND
+};
+
int
main(int argc, char *argv[])
{
+ poptContext optCon = rpmcliInit(argc, argv, optionsTable);
+ rpmts ts = NULL;
int rc;
pgpImplVecs = &rpmnssImplVecs;
_pgp_debug = 1;
_pgp_print = 1;
- rc = doit("DSA");
+ ts = rpmtsCreate();
+ (void) rpmtsOpenDB(ts, O_RDONLY);
- rc = doit("RSA");
+ rc = doit(ts, "DSA");
+
+ rc = doit(ts, "RSA");
+
+ ts = rpmtsFree(ts);
if (pgpImplVecs == &rpmnssImplVecs)
NSS_Shutdown();
+ optCon = rpmcliFini(optCon);
+
return rc;
}
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmdb/pkgio.c
============================================================================
$ cvs diff -u -r1.69 -r1.70 pkgio.c
--- rpm/rpmdb/pkgio.c 16 Dec 2007 17:45:58 -0000 1.69
+++ rpm/rpmdb/pkgio.c 28 Dec 2007 23:27:35 -0000 1.70
@@ -156,7 +156,6 @@
{
HE_t he = memset(alloca(sizeof(*he)), 0, sizeof(*he));
pgpDig dig = (_dig ? _dig : rpmtsDig(ts));
- const void * sig = pgpGetSig(dig);
pgpDigParams sigp = pgpGetSignature(dig);
pgpDigParams pubp = pgpGetPubkey(dig);
rpmRC res = RPMRC_NOKEY;
@@ -166,7 +165,6 @@
#endif
int xx;
-assert(sig != NULL);
assert(dig != NULL);
assert(sigp != NULL);
assert(pubp != NULL);
@@ .
Received on Sat Dec 29 00:27:36 2007