rpms/librepo
5
0
Fork 0
Code Issues Pull Requests Releases Activity

import librepo-1.11.0-2.el8

Browse Source
This commit is contained in:
CentOS Sources 2020-04-28 05:42:33 -04:00 committed by Andrew Lukoshko
parent 0aa8a3d563
commit 1c4e28532d
7 changed files with 133 additions and 204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/librepo-1.10.3.tar.gz
SOURCES/librepo-1.11.0.tar.gz

2
.librepo.metadata
View File

@ -1 +1 @@
0f55637ac71b2f72f9ecd243ee3c220f6402f4af SOURCES/librepo-1.10.3.tar.gz
45b628df3c4a6b6a33674934db0c9b5219becb06 SOURCES/librepo-1.11.0.tar.gz

109
SOURCES/0001-Create-a-directory-for-gpg-sockets-in-run-user-RhBug.patch Normal file
View File

@ -0,0 +1,109 @@
From d474bcad3fdca0e009f24e11d927a3cdc7fd6a55 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Hr=C3=A1zk=C3=BD?= <lhrazky@redhat.com>
Date: Wed, 27 Nov 2019 16:15:20 +0100
Subject: [PATCH] Create a directory for gpg sockets in /run/user/
(RhBug:1769831,1771012)
The solution of sending the "KILLAGENT" message to gpgagent to make it
clean up its sockets in gpg home dir is causing a race condition with
the gpgme_release() function.
Instead of trying to make the agent clean up its sockets (which doesn't
seem to be reliably possible), take advantage of its feature to create
the sockets under '/run/user/$UID' if this directory is present. The
sockets shouldn't be causing any trouble in this directory.
The commit creates the '/run/user/$UID' directory if it's not present on
the system. The sockets are then created there.
https://bugzilla.redhat.com/show_bug.cgi?id=1769831
https://bugzilla.redhat.com/show_bug.cgi?id=1771012
---
librepo/gpg.c | 56 +++++++++++++++++++++++++--------------------------
1 file changed, 28 insertions(+), 28 deletions(-)
diff --git a/librepo/gpg.c b/librepo/gpg.c
index a019015..a134d44 100644
--- a/librepo/gpg.c
+++ b/librepo/gpg.c
@@ -32,28 +32,33 @@
#include "util.h"
#include "gpg.h"
-static void
-kill_gpg_agent(gpgme_ctx_t context, const char *home_dir)
-{
- gpgme_error_t gpgerr;
-
- gpgerr = gpgme_set_protocol(context, GPGME_PROTOCOL_ASSUAN);
- if (gpgerr != GPG_ERR_NO_ERROR) {
- g_warning("%s: gpgme_set_protocol: %s", __func__, gpgme_strerror(gpgerr));
- return;
- }
- if (home_dir) {
- gchar * gpg_agent_sock = g_build_filename(home_dir, "S.gpg-agent", NULL);
- gpgerr = gpgme_ctx_set_engine_info(context, GPGME_PROTOCOL_ASSUAN, gpg_agent_sock, home_dir);
- g_free(gpg_agent_sock);
- if (gpgerr != GPG_ERR_NO_ERROR) {
- g_warning("%s: gpgme_ctx_set_engine_info: %s", __func__, gpgme_strerror(gpgerr));
- return;
- }
+/*
+ * Creates the '/run/user/$UID' directory if it doesn't exist. If this
+ * directory exists, gpgagent will create its sockets under
+ * '/run/user/$UID/gnupg'.
+ *
+ * If this directory doesn't exist, gpgagent will create its sockets in gpg
+ * home directory, which is under '/var/cache/yum/metadata/' and this was
+ * causing trouble with container images, see [1].
+ *
+ * Previous solution was to send the agent a "KILLAGENT" message, but that
+ * would cause a race condition with calling gpgme_release(), see [2], [3].
+ *
+ * Since the agent doesn't clean up its sockets properly, by creating this
+ * directory we make sure they are in a place that is not causing trouble with
+ * container images.
+ *
+ * [1] https://bugzilla.redhat.com/show_bug.cgi?id=1650266
+ * [2] https://bugzilla.redhat.com/show_bug.cgi?id=1769831
+ * [3] https://github.com/rpm-software-management/microdnf/issues/50
+ */
+void ensure_socket_dir_exists() {
+ char dirname[32];
+ snprintf(dirname, sizeof(dirname), "/run/user/%u", getuid());
+ int res = mkdir(dirname, 0700);
+ if (res != 0 && errno != EEXIST) {
+ g_debug("Failed to create \"%s\": %d - %s\n", dirname, errno, strerror(errno));
}
- gpgerr = gpgme_op_assuan_transact_ext(context, "KILLAGENT", NULL, NULL, NULL, NULL, NULL, NULL, NULL);
- if (gpgerr != GPG_ERR_NO_ERROR)
- g_debug("%s: gpgme_op_assuan_transact_ext: %s", __func__, gpgme_strerror(gpgerr));
}
gboolean
@@ -239,6 +244,8 @@ lr_gpg_import_key(const char *key_fn, const char *home_dir, GError **err)
assert(!err || *err == NULL);
+ ensure_socket_dir_exists();
+
// Initialization
gpgme_check_version(NULL);
gpgerr = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
@@ -320,13 +327,6 @@ lr_gpg_import_key(const char *key_fn, const char *home_dir, GError **err)
close(key_fd);
- // Running gpg-agent kept opened sockets on the system.
- // It tries to exit gpg-agent. Path to the communication socket is derived from homedir.
- // The gpg-agent automaticaly removes all its socket before exit.
- // Newer gpg-agent creates sockets under [/var]/run/user/{pid}/... if directory exists.
- // In this case gpg-agent will not be exited.
- kill_gpg_agent(context, home_dir);
-
gpgme_release(context);
return TRUE;
--
2.24.0

124
SOURCES/0001-Handle-webservers-that-dont-support-ranges-when-downloading-zck.patch
View File

@ -1,124 +0,0 @@
From 614d7874bfa82cb19b328278590af0f99e1ec682 Mon Sep 17 00:00:00 2001
From: Jonathan Dieter <jdieter@gmail.com>
Date: Fri, 14 Jun 2019 23:13:30 +0100
Subject: [PATCH] Handle webservers that don't support ranges when downloading zck
Make sure we fall back to downloading full zchunk file if a webserver
doesn't support ranges.
Signed-off-by: Jonathan Dieter <jdieter@gmail.com>
---
librepo/downloader.c | 37 ++++++++++++++++++++++++++-----------
librepo/downloadtarget.c | 1 +
librepo/downloadtarget.h | 4 ++++
3 files changed, 31 insertions(+), 11 deletions(-)
diff --git a/librepo/downloader.c b/librepo/downloader.c
index 6189681..53161f7 100644
--- a/librepo/downloader.c
+++ b/librepo/downloader.c
@@ -473,7 +473,7 @@ lr_headercb(void *ptr, size_t size, size_t nmemb, void *userdata)
}
#ifdef WITH_ZCHUNK
- if(lrtarget->target->is_zchunk)
+ if(lrtarget->target->is_zchunk && lrtarget->mirror->max_ranges > 0)
return lr_zckheadercb(ptr, size, nmemb, userdata);
#endif /* WITH_ZCHUNK */
@@ -586,7 +586,7 @@ lr_writecb(char *ptr, size_t size, size_t nmemb, void *userdata)
size_t cur_written;
LrTarget *target = (LrTarget *) userdata;
#ifdef WITH_ZCHUNK
- if(target->target->is_zchunk)
+ if(target->target->is_zchunk && target->mirror->max_ranges > 0)
return lr_zck_writecb(ptr, size, nmemb, userdata);
#endif /* WITH_ZCHUNK */
@@ -1240,6 +1240,12 @@ check_zck(LrTarget *target, GError **err)
assert(!err || *err == NULL);
assert(target && target->f && target->target);
+ if(target->mirror->max_ranges == 0) {
+ target->zck_state = LR_ZCK_DL_BODY;
+ target->target->expectedsize = target->target->origsize;
+ return TRUE;
+ }
+
if(target->target->zck_dl == NULL) {
target->target->zck_dl = zck_dl_init(NULL);
if(target->target->zck_dl == NULL) {
@@ -2166,25 +2172,34 @@ check_transfer_statuses(LrDownload *dd, GError **err)
if (target->target->is_zchunk) {
zckCtx *zck = NULL;
if (target->zck_state == LR_ZCK_DL_HEADER) {
- if(!lr_zck_valid_header(target->target, target->target->path,
+ if(target->mirror->max_ranges > 0 &&
+ !lr_zck_valid_header(target->target, target->target->path,
fd, &transfer_err))
goto transfer_error;
} else if(target->zck_state == LR_ZCK_DL_BODY) {
- zckCtx *zck = zck_dl_get_zck(target->target->zck_dl);
- if(zck == NULL) {
- g_set_error(&transfer_err, LR_DOWNLOADER_ERROR, LRE_ZCK,
- "Unable to get zchunk file from download context");
- goto transfer_error;
+ if(target->mirror->max_ranges > 0) {
+ zckCtx *zck = zck_dl_get_zck(target->target->zck_dl);
+ if(zck == NULL) {
+ g_set_error(&transfer_err, LR_DOWNLOADER_ERROR, LRE_ZCK,
+ "Unable to get zchunk file from download context");
+ goto transfer_error;
+ }
+ if(zck_failed_chunks(zck) == 0 && zck_missing_chunks(zck) == 0)
+ target->zck_state = LR_ZCK_DL_FINISHED;
+ } else {
+ if(target->range_fail) {
+ target->range_fail = FALSE;
+ } else {
+ target->zck_state = LR_ZCK_DL_FINISHED;
+ }
}
- if(zck_failed_chunks(zck) == 0 && zck_missing_chunks(zck) == 0)
- target->zck_state = LR_ZCK_DL_FINISHED;
}
if(target->zck_state == LR_ZCK_DL_FINISHED) {
zck = lr_zck_init_read(target->target, target->target->path, fd,
&transfer_err);
if(!zck)
goto transfer_error;
- if(!zck_validate_checksums(zck)) {
+ if(zck_validate_checksums(zck) < 1) {
zck_free(&zck);
g_set_error(&transfer_err, LR_DOWNLOADER_ERROR, LRE_BADCHECKSUM,
"At least one of the zchunk checksums doesn't match in %s",
diff --git a/librepo/downloadtarget.c b/librepo/downloadtarget.c
index d20aa44..40c10f3 100644
--- a/librepo/downloadtarget.c
+++ b/librepo/downloadtarget.c
@@ -100,6 +100,7 @@ lr_downloadtarget_new(LrHandle *handle,
target->fn = lr_string_chunk_insert(target->chunk, fn);
target->checksums = possiblechecksums;
target->expectedsize = expectedsize;
+ target->origsize = expectedsize;
target->resume = resume;
target->progresscb = progresscb;
target->cbdata = cbdata;
diff --git a/librepo/downloadtarget.h b/librepo/downloadtarget.h
index f4c1f26..c935219 100644
--- a/librepo/downloadtarget.h
+++ b/librepo/downloadtarget.h
@@ -88,6 +88,10 @@ typedef struct {
gint64 expectedsize; /*!<
Expected size of the target */
+ gint64 origsize; /*!<
+ Original expected size of the target. Sometimes expectedsize will
+ change, especially if zchunk is in use, but this will never change */
+
gboolean resume; /*!<
Resume:
0 - no resume, download whole file,
--
libgit2 0.28.2

28
SOURCES/0002-Define-LRO_SUPPORTS_CACHEDIR-only-with-zchunk-RhBug17261411719830.patch
View File

@ -1,28 +0,0 @@
From ab99b7c51f18eb5e11b4350024f05f9c5b3795e6 Mon Sep 17 00:00:00 2001
From: Jaroslav Mracek <jmracek@redhat.com>
Date: Tue, 2 Jul 2019 18:32:38 +0200
Subject: [PATCH] Define LRO_SUPPORTS_CACHEDIR only with zchunk (RhBug:1726141,1719830)
---
librepo/handle.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/librepo/handle.h b/librepo/handle.h
index 48fdac6..96ac027 100644
--- a/librepo/handle.h
+++ b/librepo/handle.h
@@ -37,9 +37,11 @@ G_BEGIN_DECLS
*/
typedef struct _LrHandle LrHandle;
+#ifdef WITH_ZCHUNK
/** Define LRO_SUPPORTS_CACHEDIR so clients can check for this feature at build
* time */
#define LRO_SUPPORTS_CACHEDIR
+#endif /* WITH_ZCHUNK */
/** LRO_FASTESTMIRRORMAXAGE default value */
#define LRO_FASTESTMIRRORMAXAGE_DEFAULT 2592000L // 30 days
--
libgit2 0.27.8

45
SOURCES/0003-Fix-Verification-of-checksum-from-file-attr.patch
View File

@ -1,45 +0,0 @@
From 54e905450e53ed9b21a4737a41a4550958570067 Mon Sep 17 00:00:00 2001
From: Jaroslav Rohel <jrohel@redhat.com>
Date: Thu, 5 Sep 2019 13:36:41 +0200
Subject: [PATCH] Fix: Verification of checksum from file attr
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1700341
File copy could result in change in file attributes where
null-terminators are stripped out. The new code does not relly on it.
---
librepo/checksum.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/librepo/checksum.c b/librepo/checksum.c
index 006a7fc..5d164eb 100644
--- a/librepo/checksum.c
+++ b/librepo/checksum.c
@@ -221,18 +221,20 @@ lr_checksum_fd_compare(LrChecksumType type,
// Load cached checksum if enabled and used
struct stat st;
if (fstat(fd, &st) == 0) {
- ssize_t attr_ret;
_cleanup_free_ gchar *key = NULL;
char buf[256];
key = g_strdup_printf("user.Zif.MdChecksum[%llu]",
(unsigned long long) st.st_mtime);
- attr_ret = fgetxattr(fd, key, &buf, 256);
- if (attr_ret != -1) {
+ ssize_t attr_size = fgetxattr(fd, key, &buf, sizeof(buf));
+ if (attr_size != -1) {
// Cached checksum found
g_debug("%s: Using checksum cached in xattr: [%s] %s",
__func__, key, buf);
- *matches = strcmp(expected, buf) ? FALSE : TRUE;
+ size_t expected_len = strlen(expected);
+ // xattr may contain null terminator (+1 byte)
+ *matches = (attr_size == expected_len || attr_size == expected_len + 1) &&
+ memcmp(expected, buf, attr_size) == 0;
return TRUE;
}
}
--
2.21.0

27
SPECS/librepo.spec
View File

@ -26,16 +26,14 @@
%global dnf_conflict 2.8.8
Name: librepo
Version: 1.10.3
Release: 3%{?dist}
Version: 1.11.0
Release: 2%{?dist}
Summary: Repodata downloading library
License: LGPLv2+
URL: https://github.com/rpm-software-management/librepo
Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
Patch0: 0001-Handle-webservers-that-dont-support-ranges-when-downloading-zck.patch
Patch1: 0002-Define-LRO_SUPPORTS_CACHEDIR-only-with-zchunk-RhBug17261411719830.patch
Patch2: 0003-Fix-Verification-of-checksum-from-file-attr.patch
Patch0: 0001-Create-a-directory-for-gpg-sockets-in-run-user-RhBug.patch
BuildRequires: cmake
BuildRequires: gcc
@ -192,6 +190,25 @@ popd
%endif
%changelog
* Fri Dec 06 2019 Lukas Hrazky <lhrazky@redhat.com> - 1.11.0-2
- Create a directory for gpg sockets in /run/user/ (RhBug:1769831,1771012)
* Tue Nov 12 2019 Ales Matej <amatej@redhat.com> - 1.11.0-1
- Update to 1.11.0
- Retry mirrorlist/metalink downloads several times (RhBug:1741931)
- Improve variable substitutions in URLs and add ${variable} support
* Tue Oct 22 2019 Ales Matej <amatej@redhat.com> - 1.10.6-1
- Update to 1.10.6
- Imporove handling of xattr to re-download damadged files (RhBug:1690894)
- Rephrase repository GPG check error message (RhBug:1741442)
- Add sleep before next try when all mirrors were tried (RhBug:1741931)
- Raise logging level of error messages (RhBug:1737709)
- Handle webservers that don't support ranges when downloading zck
- Define LRO_SUPPORTS_CACHEDIR only with zchunk (RhBug:1726141)
- Allow to use mirrors multiple times for a target (RhBug:1678588)
- Allow to try baseurl multiple times (RhBug:1678588)
* Fri Sep 06 2019 Marek Blaha <mblaha@redhat.com> - 1.10.3-3
- Backport patch: Fix: Verification of checksum from file attr