rpms/librepo
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import UBI librepo-1.18.0-3.el10

Browse Source
This commit is contained in:
eabdullin 2025-05-14 19:10:57 +00:00
parent 1f01dada4b
commit 21982437d5
14 changed files with 576 additions and 1621 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/librepo-1.14.2.tar.gz
librepo-1.18.0.tar.gz

1
.librepo.metadata
View File

@ -1 +0,0 @@
c9f39d7497d310ae220df2dfbd8e95f347e2bc8c SOURCES/librepo-1.14.2.tar.gz

31
0001-Use-rpm-sequoia-on-RHEL-10.patch Normal file
View File

@ -0,0 +1,31 @@
From f94e05110f5d670c71624c18cb479083c3ae3e51 Mon Sep 17 00:00:00 2001
From: Yaakov Selkowitz <yselkowi@redhat.com>
Date: Mon, 8 Jul 2024 11:28:30 -0400
Subject: [PATCH] Use rpm-sequoia on RHEL 10+
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RHEL 10 also has a sufficiently new RPM with rpm-sequoia enabled.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
librepo.spec | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/librepo.spec b/librepo.spec
index 25dc741..62035dc 100644
--- a/librepo.spec
+++ b/librepo.spec
@@ -8,7 +8,7 @@
%bcond_without zchunk
%endif
-%if 0%{?fedora} >= 39
+%if 0%{?fedora} >= 39 || 0%{?rhel} >= 10
%bcond_with use_gpgme
%bcond_with use_selinux
%else
--
2.45.2

69
0002-Fix-a-memory-leak-in-select_next_target.patch Normal file
View File

@ -0,0 +1,69 @@
From 3c85711f35b987bd0ce17dd0fbaa0d9f2521c444 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Thu, 11 Jul 2024 15:40:03 +0200
Subject: [PATCH] Fix a memory leak in select_next_target()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If a next target URL was found (non-NULL full_url) and then a transfer was
canceled or an off-line mode was requested, full_url string was not freed and a
memory leaked.
Discovered with Covscan:
16. librepo-1.18.0/librepo/downloader.c:891:13: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
17. librepo-1.18.0/librepo/downloader.c:891:13: var_assign: Assigning: "full_url" = storage returned from "g_strdup_inline(target->target->path)".
22. librepo-1.18.0/librepo/downloader.c:919:9: noescape: Resource "full_url" is not freed or pointed-to in "lr_is_local_path".
24. librepo-1.18.0/librepo/downloader.c:924:13: noescape: Assuming resource "full_url" is not freed or pointed-to as ellipsis argument to "g_debug".
28. librepo-1.18.0/librepo/downloader.c:956:17: leaked_storage: Variable "full_url" going out of scope leaks the storage it points to.
# 954| "and no local URL is available",
# 955| target->target->path);
# 956|-> return FALSE;
# 957| }
# 958| }
16. librepo-1.18.0/librepo/downloader.c:891:13: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
17. librepo-1.18.0/librepo/downloader.c:891:13: var_assign: Assigning: "full_url" = storage returned from "g_strdup_inline(target->target->path)".
22. librepo-1.18.0/librepo/downloader.c:919:9: noescape: Resource "full_url" is not freed or pointed-to in "lr_is_local_path".
24. librepo-1.18.0/librepo/downloader.c:924:13: noescape: Assuming resource "full_url" is not freed or pointed-to as ellipsis argument to "g_debug".
27. librepo-1.18.0/librepo/downloader.c:946:21: leaked_storage: Variable "full_url" going out of scope leaks the storage it points to.
# 944| g_set_error(err, LR_DOWNLOADER_ERROR, LRE_CBINTERRUPTED,
# 945| "Interrupted by LR_CB_ERROR from end callback");
# 946|-> return FALSE;
# 947| }
# 948| }
This patch fixes it.
The bug was introduced in 1.7.14 version
(08e4810fcdd753ce4728bd88b252f7b3d34b2cdb commit).
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
librepo/downloader.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/librepo/downloader.c b/librepo/downloader.c
index 364c0af..40dbeb2 100644
--- a/librepo/downloader.c
+++ b/librepo/downloader.c
@@ -943,6 +943,7 @@ select_next_target(LrDownload *dd,
"from end callback", __func__);
g_set_error(err, LR_DOWNLOADER_ERROR, LRE_CBINTERRUPTED,
"Interrupted by LR_CB_ERROR from end callback");
+ g_free(full_url);
return FALSE;
}
}
@@ -953,6 +954,7 @@ select_next_target(LrDownload *dd,
"Cannot download %s: Offline mode is specified "
"and no local URL is available",
target->target->path);
+ g_free(full_url);
return FALSE;
}
}
--
2.45.2

72
SOURCES/0001-Use-nanosec-precision-for-timestamp-of-checksum-cach.patch
View File

@ -1,72 +0,0 @@
From e6f48ae9bff7b5dc8027d043aa1bffa53d507a42 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
Date: Thu, 5 May 2022 12:44:27 +0200
Subject: [PATCH] Use nanosec precision for timestamp of checksum cache
(RhBug:2077864)
= changelog =
msg: Use nanosec precision for timestamp of checksum cache
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2077864
---
librepo/checksum.c | 7 +++++--
tests/test_checksum.c | 6 +++++-
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/librepo/checksum.c b/librepo/checksum.c
index 6bba53c..d82cb5c 100644
--- a/librepo/checksum.c
+++ b/librepo/checksum.c
@@ -18,6 +18,7 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+#define _POSIX_C_SOURCE 200809L
#include <glib.h>
#include <glib/gprintf.h>
#include <assert.h>
@@ -217,16 +218,18 @@ lr_checksum_fd_compare(LrChecksumType type,
return FALSE;
}
- time_t timestamp = -1;
+ long long timestamp = -1;
if (caching) {
struct stat st;
if (fstat(fd, &st) == 0) {
timestamp = st.st_mtime;
+ timestamp *= 1000000000; //convert sec timestamp to nanosec timestamp
+ timestamp += st.st_mtim.tv_nsec;
}
}
- _cleanup_free_ gchar *timestamp_str = g_strdup_printf("%lli", (long long)timestamp);
+ _cleanup_free_ gchar *timestamp_str = g_strdup_printf("%lli", timestamp);
const char *type_str = lr_checksum_type_to_str(type);
_cleanup_free_ gchar *timestamp_key = g_strconcat(XATTR_CHKSUM_PREFIX, "mtime", NULL);
_cleanup_free_ gchar *checksum_key = g_strconcat(XATTR_CHKSUM_PREFIX, type_str, NULL);
diff --git a/tests/test_checksum.c b/tests/test_checksum.c
index cd28cd1..548f588 100644
--- a/tests/test_checksum.c
+++ b/tests/test_checksum.c
@@ -1,3 +1,4 @@
+#define _POSIX_C_SOURCE 200809L
#define _GNU_SOURCE
#include <errno.h>
#include <stdlib.h>
@@ -150,7 +151,10 @@ START_TEST(test_cached_checksum_matches)
// stored timestamp matches the file mtime
ret = stat(filename, &st);
ck_assert_int_eq(ret, 0);
- mtime_str = g_strdup_printf("%lli", (long long) st.st_mtime);
+ long long timestamp = st.st_mtime;
+ timestamp *= 1000000000; //convert sec timestamp to nanosec timestamp
+ timestamp += st.st_mtim.tv_nsec;
+ mtime_str = g_strdup_printf("%lli", timestamp);
attr_ret = GETXATTR(filename, timestamp_key, &buf, sizeof(buf)-1);
ck_assert(attr_ret != -1);
buf[attr_ret] = 0;
--
2.36.1

296
SOURCES/0002-Fix-alloc-free-mismatches-from-covscan.patch
View File

@ -1,296 +0,0 @@
From 493226f298b3d81e4b01d9f2c64a1cc2eb3049e4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Hr=C3=A1zk=C3=BD?= <lhrazky@redhat.com>
Date: Fri, 15 Jul 2022 17:16:12 +0200
Subject: [PATCH] Fix alloc / free mismatches from covscan
---
librepo/checksum.c | 6 +++---
librepo/downloader.c | 2 +-
librepo/lrmirrorlist.c | 2 +-
librepo/package_downloader.c | 2 +-
librepo/repoconf.c | 2 +-
librepo/repoutil_yum.c | 4 ++--
librepo/util.c | 6 +++---
tests/test_checksum.c | 4 ++--
tests/test_gpg.c | 2 +-
tests/test_main.c | 2 +-
tests/test_util.c | 24 ++++++++++++------------
11 files changed, 28 insertions(+), 28 deletions(-)
diff --git a/librepo/checksum.c b/librepo/checksum.c
index d82cb5c..4831ddc 100644
--- a/librepo/checksum.c
+++ b/librepo/checksum.c
@@ -205,8 +205,6 @@ lr_checksum_fd_compare(LrChecksumType type,
gchar **calculated,
GError **err)
{
- _cleanup_free_ gchar *checksum = NULL;
-
assert(fd >= 0);
assert(!err || *err == NULL);
@@ -262,7 +260,7 @@ lr_checksum_fd_compare(LrChecksumType type,
}
}
- checksum = lr_checksum_fd(type, fd, err);
+ char *checksum = lr_checksum_fd(type, fd, err);
if (!checksum)
return FALSE;
@@ -274,6 +272,7 @@ lr_checksum_fd_compare(LrChecksumType type,
} else {
g_set_error(err, LR_CHECKSUM_ERROR, LRE_FILE,
"fsync failed: %s", strerror(errno));
+ lr_free(checksum);
return FALSE;
}
}
@@ -287,6 +286,7 @@ lr_checksum_fd_compare(LrChecksumType type,
if (calculated)
*calculated = g_strdup(checksum);
+ lr_free(checksum);
return TRUE;
}
diff --git a/librepo/downloader.c b/librepo/downloader.c
index f4e8ba2..84739a9 100644
--- a/librepo/downloader.c
+++ b/librepo/downloader.c
@@ -1974,7 +1974,7 @@ list_of_checksums_to_str(GSList *checksums)
tmp = g_strconcat(expected, chksum->value, "(",
chtype_str ? chtype_str : "UNKNOWN",
") ", NULL);
- free(expected);
+ g_free(expected);
expected = tmp;
}
diff --git a/librepo/lrmirrorlist.c b/librepo/lrmirrorlist.c
index c7e51b3..91cdc4b 100644
--- a/librepo/lrmirrorlist.c
+++ b/librepo/lrmirrorlist.c
@@ -156,7 +156,7 @@ lr_lrmirrorlist_append_metalink(LrInternalMirrorlist *list,
LrInternalMirror *mirror = lr_lrmirror_new(url_copy, urlvars);
mirror->preference = metalinkurl->preference;
mirror->protocol = lr_detect_protocol(mirror->url);
- lr_free(url_copy);
+ g_free(url_copy);
list = g_slist_append(list, mirror);
//g_debug("%s: Appending URL: %s", __func__, mirror->url);
diff --git a/librepo/package_downloader.c b/librepo/package_downloader.c
index adea459..353cac8 100644
--- a/librepo/package_downloader.c
+++ b/librepo/package_downloader.c
@@ -173,7 +173,7 @@ lr_packagetarget_free(LrPackageTarget *target)
if (!target)
return;
g_string_chunk_free(target->chunk);
- g_free(target);
+ lr_free(target);
}
gboolean
diff --git a/librepo/repoconf.c b/librepo/repoconf.c
index 948259e..34dbab4 100644
--- a/librepo/repoconf.c
+++ b/librepo/repoconf.c
@@ -146,7 +146,7 @@ lr_yum_repoconfs_free(LrYumRepoConfs *repos)
return;
g_slist_free_full(repos->repos, (GDestroyNotify) lr_yum_repoconf_free);
g_slist_free_full(repos->files, (GDestroyNotify) lr_yum_repofile_free);
- g_free(repos);
+ lr_free(repos);
}
GSList *
diff --git a/librepo/repoutil_yum.c b/librepo/repoutil_yum.c
index 02e796f..bb09ff5 100644
--- a/librepo/repoutil_yum.c
+++ b/librepo/repoutil_yum.c
@@ -105,11 +105,11 @@ lr_repoutil_yum_parse_repomd(const char *in_path,
if (fd < 0) {
g_set_error(err, LR_REPOUTIL_YUM_ERROR, LRE_IO,
"open(%s, O_RDONLY) error: %s", path, g_strerror(errno));
- lr_free(path);
+ g_free(path);
return FALSE;
}
- lr_free(path);
+ g_free(path);
ret = lr_yum_repomd_parse_file(repomd, fd, NULL, NULL, err);
close(fd);
diff --git a/librepo/util.c b/librepo/util.c
index 8ba7120..204572d 100644
--- a/librepo/util.c
+++ b/librepo/util.c
@@ -170,7 +170,7 @@ lr_gettmpdir(void)
{
char *template = g_build_filename(g_get_tmp_dir(), "librepo-tmpdir-XXXXXX", NULL);
if (!mkdtemp(template)) {
- lr_free(template);
+ g_free(template);
return NULL;
}
return template;
@@ -206,7 +206,7 @@ lr_pathconcat(const char *first, ...)
qmark_section = strchr(first, '?');
- res = lr_malloc(total_len + separator_len + 1);
+ res = g_malloc(total_len + separator_len + 1);
next = first;
va_start(args, first);
@@ -273,7 +273,7 @@ lr_pathconcat(const char *first, ...)
assert(offset <= total_len);
if (offset == 0) {
- lr_free(res);
+ g_free(res);
return g_strdup(first);
}
diff --git a/tests/test_checksum.c b/tests/test_checksum.c
index 548f588..264782c 100644
--- a/tests/test_checksum.c
+++ b/tests/test_checksum.c
@@ -295,8 +295,8 @@ START_TEST(test_cached_checksum_clear)
cleanup:
close(fd);
lr_free(filename);
- lr_free(timestamp_key);
- lr_free(checksum_key);
+ g_free(timestamp_key);
+ g_free(checksum_key);
}
END_TEST
diff --git a/tests/test_gpg.c b/tests/test_gpg.c
index fd322e3..0af423a 100644
--- a/tests/test_gpg.c
+++ b/tests/test_gpg.c
@@ -110,7 +110,7 @@ START_TEST(test_gpg_check_signature)
lr_free(_data_path);
lr_free(signature_path);
lr_free(_signature_path);
- lr_free(tmp_home_path);
+ g_free(tmp_home_path);
}
END_TEST
diff --git a/tests/test_main.c b/tests/test_main.c
index 1076062..b323ce5 100644
--- a/tests/test_main.c
+++ b/tests/test_main.c
@@ -39,7 +39,7 @@ init_test_globals(struct TestGlobals_s *tg, const char *testdata_dir)
static void
free_test_globals(struct TestGlobals_s *tg)
{
- lr_free(tg->tmpdir);
+ g_free(tg->tmpdir);
lr_free(tg->testdata_dir);
}
diff --git a/tests/test_util.c b/tests/test_util.c
index 595b0fe..d082445 100644
--- a/tests/test_util.c
+++ b/tests/test_util.c
@@ -54,7 +54,7 @@ START_TEST(test_gettmpdir)
char *tmp_dir = lr_gettmpdir();
ck_assert_ptr_nonnull(tmp_dir);
ck_assert_int_eq(rmdir(tmp_dir), 0);
- lr_free(tmp_dir);
+ g_free(tmp_dir);
}
END_TEST
@@ -126,7 +126,7 @@ START_TEST(test_remove_dir)
ck_assert_int_eq(rc, 0);
ck_assert_int_ne(unlink(tmp_file), 0);
ck_assert_int_ne(rmdir(tmp_dir), 0);
- lr_free(tmp_dir);
+ g_free(tmp_dir);
lr_free(tmp_file);
}
END_TEST
@@ -141,61 +141,61 @@ START_TEST(test_url_without_path)
new_url = lr_url_without_path("");
ck_assert_ptr_nonnull(new_url);
ck_assert_str_eq(new_url, "");
- lr_free(new_url);
+ g_free(new_url);
new_url = NULL;
new_url = lr_url_without_path("hostname");
ck_assert_ptr_nonnull(new_url);
ck_assert_str_eq(new_url, "hostname");
- lr_free(new_url);
+ g_free(new_url);
new_url = NULL;
new_url = lr_url_without_path("hostname/foo/bar/");
ck_assert_ptr_nonnull(new_url);
ck_assert_str_eq(new_url, "hostname");
- lr_free(new_url);
+ g_free(new_url);
new_url = NULL;
new_url = lr_url_without_path("hostname:80");
ck_assert_ptr_nonnull(new_url);
ck_assert_str_eq(new_url, "hostname:80");
- lr_free(new_url);
+ g_free(new_url);
new_url = NULL;
new_url = lr_url_without_path("hostname:80/foo/bar");
ck_assert_ptr_nonnull(new_url);
ck_assert_str_eq(new_url, "hostname:80");
- lr_free(new_url);
+ g_free(new_url);
new_url = NULL;
new_url = lr_url_without_path("http://hostname:80/");
ck_assert_ptr_nonnull(new_url);
ck_assert_str_eq(new_url, "http://hostname:80");
- lr_free(new_url);
+ g_free(new_url);
new_url = NULL;
new_url = lr_url_without_path("http://hostname:80/foo/bar");
ck_assert_ptr_nonnull(new_url);
ck_assert_str_eq(new_url, "http://hostname:80");
- lr_free(new_url);
+ g_free(new_url);
new_url = NULL;
new_url = lr_url_without_path("ftp://foo.hostname:80/foo/bar");
ck_assert_ptr_nonnull(new_url);
ck_assert_str_eq(new_url, "ftp://foo.hostname:80");
- lr_free(new_url);
+ g_free(new_url);
new_url = NULL;
new_url = lr_url_without_path("file:///home/foobar");
ck_assert_ptr_nonnull(new_url);
ck_assert_str_eq(new_url, "file://");
- lr_free(new_url);
+ g_free(new_url);
new_url = NULL;
new_url = lr_url_without_path("file:/home/foobar");
ck_assert_ptr_nonnull(new_url);
ck_assert_str_eq(new_url, "file://");
- lr_free(new_url);
+ g_free(new_url);
new_url = NULL;
}
END_TEST
--
2.37.1

578
SOURCES/0003-More-covscan-fixes.patch
View File

@ -1,578 +0,0 @@
From 678803b825fea10e4915a300f0e2fc990b7c99fd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Hr=C3=A1zk=C3=BD?= <lhrazky@redhat.com>
Date: Thu, 21 Jul 2022 10:11:17 +0200
Subject: [PATCH] More covscan fixes
---
librepo/metadata_downloader.c | 18 +++++++++---------
librepo/metalink.c | 2 +-
librepo/repomd.c | 2 +-
librepo/xmlparser.c | 4 ++--
librepo/xmlparser_internal.h | 2 +-
librepo/yum.c | 32 ++++++++++++++++----------------
tests/test_checksum.c | 10 +++++-----
tests/test_downloader.c | 16 ++++++++--------
tests/test_metalink.c | 18 +++++++++---------
tests/test_mirrorlist.c | 6 +++---
tests/test_util.c | 16 ++++++++--------
11 files changed, 63 insertions(+), 63 deletions(-)
diff --git a/librepo/metadata_downloader.c b/librepo/metadata_downloader.c
index be6fe68..9e7d7e5 100644
--- a/librepo/metadata_downloader.c
+++ b/librepo/metadata_downloader.c
@@ -192,7 +192,7 @@ handle_failure(LrMetadataTarget *target,
GSList **paths,
GError *err)
{
- lr_metadatatarget_append_error(target, err->message, NULL);
+ lr_metadatatarget_append_error(target, err->message);
fillInvalidationValues(fd_list, paths);
g_error_free(err);
}
@@ -221,13 +221,13 @@ create_repomd_xml_download_targets(GSList *targets,
handle = target->handle;
if (!handle->urls && !handle->mirrorlisturl && !handle->metalinkurl) {
- lr_metadatatarget_append_error(target, "No LRO_URLS, LRO_MIRRORLISTURL nor LRO_METALINKURL specified", NULL);
+ lr_metadatatarget_append_error(target, "No LRO_URLS, LRO_MIRRORLISTURL nor LRO_METALINKURL specified");
fillInvalidationValues(fd_list, paths);
continue;
}
if (handle->repotype != LR_YUMREPO) {
- lr_metadatatarget_append_error(target, "Bad LRO_REPOTYPE specified", NULL);
+ lr_metadatatarget_append_error(target, "Bad LRO_REPOTYPE specified");
fillInvalidationValues(fd_list, paths);
continue;
}
@@ -242,14 +242,14 @@ create_repomd_xml_download_targets(GSList *targets,
if (!lr_handle_prepare_internal_mirrorlist(handle,
handle->fastestmirror,
&err)) {
- lr_metadatatarget_append_error(target, "Cannot prepare internal mirrorlist: %s", err->message, NULL);
+ lr_metadatatarget_append_error(target, "Cannot prepare internal mirrorlist: %s", err->message);
fillInvalidationValues(fd_list, paths);
g_error_free(err);
continue;
}
if (mkdir(handle->destdir, S_IRWXU) == -1 && errno != EEXIST) {
- lr_metadatatarget_append_error(target, "Cannot create tmpdir: %s %s", handle->destdir, g_strerror(errno), NULL);
+ lr_metadatatarget_append_error(target, "Cannot create tmpdir: %s %s", handle->destdir, g_strerror(errno));
fillInvalidationValues(fd_list, paths);
g_error_free(err);
continue;
@@ -335,12 +335,12 @@ process_repomd_xml(GSList *targets,
handle->gnupghomedir = g_strdup(target->gnupghomedir);
if (target->download_target->rcode != LRE_OK) {
- lr_metadatatarget_append_error(target, (char *) lr_strerror(target->download_target->rcode), NULL);
+ lr_metadatatarget_append_error(target, (char *) lr_strerror(target->download_target->rcode));
goto fail;
}
if (!lr_check_repomd_xml_asc_availability(handle, target->repo, fd_value, path->data, &error)) {
- lr_metadatatarget_append_error(target, error->message, NULL);
+ lr_metadatatarget_append_error(target, error->message);
g_error_free(error);
goto fail;
}
@@ -349,7 +349,7 @@ process_repomd_xml(GSList *targets,
ret = lr_yum_repomd_parse_file(target->repomd, fd_value, lr_xml_parser_warning_logger,
"Repomd xml parser", &error);
if (!ret) {
- lr_metadatatarget_append_error(target, "Parsing unsuccessful: %s", error->message, NULL);
+ lr_metadatatarget_append_error(target, "Parsing unsuccessful: %s", error->message);
g_error_free(error);
goto fail;
}
@@ -377,7 +377,7 @@ lr_metadata_download_cleanup(GSList *download_targets)
LrDownloadTarget *download_target = elem->data;
LrMetadataTarget *target = download_target->userdata;
if (download_target->err)
- lr_metadatatarget_append_error(target, download_target->err, NULL);
+ lr_metadatatarget_append_error(target, download_target->err);
if (target->err != NULL) {
ret = FALSE;
diff --git a/librepo/metalink.c b/librepo/metalink.c
index 0f939de..1f839a9 100644
--- a/librepo/metalink.c
+++ b/librepo/metalink.c
@@ -504,7 +504,7 @@ lr_metalink_parse_file(LrMetalink *metalink,
// Parsing
- ret = lr_xml_parser_generic(parser, pd, fd, &tmp_err);
+ ret = lr_xml_parser_generic(&parser, pd, fd, &tmp_err);
if (tmp_err) {
g_propagate_error(err, tmp_err);
goto err;
diff --git a/librepo/repomd.c b/librepo/repomd.c
index f0fd2ad..2905749 100644
--- a/librepo/repomd.c
+++ b/librepo/repomd.c
@@ -570,7 +570,7 @@ lr_yum_repomd_parse_file(LrYumRepoMd *repomd,
// Parsing
- ret = lr_xml_parser_generic(parser, pd, fd, &tmp_err);
+ ret = lr_xml_parser_generic(&parser, pd, fd, &tmp_err);
if (tmp_err)
g_propagate_error(err, tmp_err);
diff --git a/librepo/xmlparser.c b/librepo/xmlparser.c
index 793c272..88d16aa 100644
--- a/librepo/xmlparser.c
+++ b/librepo/xmlparser.c
@@ -143,7 +143,7 @@ lr_xml_parser_strtoll(LrParserData *pd,
}
gboolean
-lr_xml_parser_generic(XmlParser parser,
+lr_xml_parser_generic(XmlParser *parser,
LrParserData *pd,
int fd,
GError **err)
@@ -151,7 +151,7 @@ lr_xml_parser_generic(XmlParser parser,
/* Note: This function uses .err members of LrParserData! */
gboolean ret = TRUE;
- xmlParserCtxtPtr ctxt = xmlCreatePushParserCtxt(&parser, pd, NULL, 0, NULL);
+ xmlParserCtxtPtr ctxt = xmlCreatePushParserCtxt(parser, pd, NULL, 0, NULL);
ctxt->linenumbers = 1;
assert(ctxt);
diff --git a/librepo/xmlparser_internal.h b/librepo/xmlparser_internal.h
index c9bacac..25a48a5 100644
--- a/librepo/xmlparser_internal.h
+++ b/librepo/xmlparser_internal.h
@@ -159,7 +159,7 @@ lr_xml_parser_strtoll(LrParserData *pd,
/** Generic parser.
*/
gboolean
-lr_xml_parser_generic(XmlParser parser,
+lr_xml_parser_generic(XmlParser *parser,
LrParserData *pd,
int fd,
GError **err);
diff --git a/librepo/yum.c b/librepo/yum.c
index 3b287cd..56bca3e 100644
--- a/librepo/yum.c
+++ b/librepo/yum.c
@@ -335,7 +335,7 @@ lr_prepare_repodata_dir(LrHandle *handle,
return FALSE;
}
}
- lr_free(path_to_repodata);
+ g_free(path_to_repodata);
return TRUE;
}
@@ -356,7 +356,7 @@ lr_store_mirrorlist_files(LrHandle *handle,
g_debug("%s: Cannot create: %s", __func__, ml_file_path);
g_set_error(err, LR_YUM_ERROR, LRE_IO,
"Cannot create %s: %s", ml_file_path, g_strerror(errno));
- lr_free(ml_file_path);
+ g_free(ml_file_path);
return FALSE;
}
rc = lr_copy_content(handle->mirrorlist_fd, fd);
@@ -366,7 +366,7 @@ lr_store_mirrorlist_files(LrHandle *handle,
g_set_error(err, LR_YUM_ERROR, LRE_IO,
"Cannot copy content of mirrorlist file %s: %s",
ml_file_path, g_strerror(errno));
- lr_free(ml_file_path);
+ g_free(ml_file_path);
return FALSE;
}
repo->mirrorlist = ml_file_path;
@@ -391,7 +391,7 @@ lr_copy_metalink_content(LrHandle *handle,
g_debug("%s: Cannot create: %s", __func__, ml_file_path);
g_set_error(err, LR_YUM_ERROR, LRE_IO,
"Cannot create %s: %s", ml_file_path, g_strerror(errno));
- lr_free(ml_file_path);
+ g_free(ml_file_path);
return FALSE;
}
rc = lr_copy_content(handle->metalink_fd, fd);
@@ -401,7 +401,7 @@ lr_copy_metalink_content(LrHandle *handle,
g_set_error(err, LR_YUM_ERROR, LRE_IO,
"Cannot copy content of metalink file %s: %s",
ml_file_path, g_strerror(errno));
- lr_free(ml_file_path);
+ g_free(ml_file_path);
return FALSE;
}
repo->metalink = ml_file_path;
@@ -422,7 +422,7 @@ lr_prepare_repomd_xml_file(LrHandle *handle,
if (fd == -1) {
g_set_error(err, LR_YUM_ERROR, LRE_IO,
"Cannot open %s: %s", *path, g_strerror(errno));
- lr_free(*path);
+ g_free(*path);
return -1;
}
@@ -458,13 +458,13 @@ lr_check_repomd_xml_asc_availability(LrHandle *handle,
g_debug("%s: Cannot open: %s", __func__, signature);
g_set_error(err, LR_YUM_ERROR, LRE_IO,
"Cannot open %s: %s", signature, g_strerror(errno));
- lr_free(signature);
+ g_free(signature);
return FALSE;
}
url = lr_pathconcat(handle->used_mirror, "repodata/repomd.xml.asc", NULL);
ret = lr_download_url(handle, url, fd_sig, &tmp_err);
- lr_free(url);
+ g_free(url);
close(fd_sig);
if (!ret) {
// Error downloading signature
@@ -474,7 +474,7 @@ lr_check_repomd_xml_asc_availability(LrHandle *handle,
"repository does not support GPG verification: %s", tmp_err->message);
g_clear_error(&tmp_err);
unlink(signature);
- lr_free(signature);
+ g_free(signature);
return FALSE;
} else {
// Signature downloaded
@@ -483,7 +483,7 @@ lr_check_repomd_xml_asc_availability(LrHandle *handle,
path,
handle->gnupghomedir,
&tmp_err);
- lr_free(signature);
+ g_free(signature);
if (!ret) {
g_debug("%s: GPG signature verification failed: %s",
__func__, tmp_err->message);
@@ -680,7 +680,7 @@ prepare_repo_download_std_target(LrHandle *handle,
__func__, *path, g_strerror(errno));
g_set_error(err, LR_YUM_ERROR, LRE_IO,
"Cannot create/open %s: %s", *path, g_strerror(errno));
- lr_free(*path);
+ g_free(*path);
g_slist_free_full(*targets, (GDestroyNotify) lr_downloadtarget_free);
return FALSE;
}
@@ -713,7 +713,7 @@ prepare_repo_download_zck_target(LrHandle *handle,
__func__, *path, g_strerror(errno));
g_set_error(err, LR_YUM_ERROR, LRE_IO,
"Cannot create/open %s: %s", *path, g_strerror(errno));
- lr_free(*path);
+ g_free(*path);
g_slist_free_full(*targets, (GDestroyNotify) lr_downloadtarget_free);
return FALSE;
}
@@ -778,7 +778,7 @@ prepare_repo_download_targets(LrHandle *handle,
char *dest_dir = realpath(handle->destdir, NULL);
path = lr_pathconcat(handle->destdir, record->location_href, NULL);
char *requested_dir = realpath(dirname(path), NULL);
- lr_free(path);
+ g_free(path);
if (!g_str_has_prefix(requested_dir, dest_dir)) {
g_debug("%s: Invalid path: %s", __func__, location_href);
g_set_error(err, LR_YUM_ERROR, LRE_IO, "Invalid path: %s", location_href);
@@ -850,7 +850,7 @@ prepare_repo_download_targets(LrHandle *handle,
/* Because path may already exists in repo (while update) */
lr_yum_repo_update(repo, record->type, path);
- lr_free(path);
+ g_free(path);
}
return TRUE;
@@ -1130,7 +1130,7 @@ lr_yum_use_local_load_base(LrHandle *handle,
repo->mirrorlist = mrl_fn;
} else {
repo->mirrorlist = NULL;
- lr_free(mrl_fn);
+ g_free(mrl_fn);
}
}
@@ -1142,7 +1142,7 @@ lr_yum_use_local_load_base(LrHandle *handle,
repo->metalink = mtl_fn;
} else {
repo->metalink = NULL;
- lr_free(mtl_fn);
+ g_free(mtl_fn);
}
}
diff --git a/tests/test_checksum.c b/tests/test_checksum.c
index 264782c..efac88b 100644
--- a/tests/test_checksum.c
+++ b/tests/test_checksum.c
@@ -87,7 +87,7 @@ START_TEST(test_checksum_fd)
test_checksum(file, LR_CHECKSUM_SHA512, CHKS_VAL_01_SHA512);
ck_assert_msg(remove(file) == 0, "Cannot delete temporary test file");
- lr_free(file);
+ g_free(file);
}
END_TEST
@@ -235,9 +235,9 @@ START_TEST(test_cached_checksum_value)
ck_assert(attr_ret == -1); // Cached checksum should not exists
lr_free(calculated);
- lr_free(filename);
- lr_free(timestamp_key);
- lr_free(checksum_key);
+ g_free(filename);
+ g_free(timestamp_key);
+ g_free(checksum_key);
lr_free(mtime_str);
}
END_TEST
@@ -294,7 +294,7 @@ START_TEST(test_cached_checksum_clear)
ck_assert(attr_ret != -1);
cleanup:
close(fd);
- lr_free(filename);
+ g_free(filename);
g_free(timestamp_key);
g_free(checksum_key);
}
diff --git a/tests/test_downloader.c b/tests/test_downloader.c
index 34958ab..a3fff20 100644
--- a/tests/test_downloader.c
+++ b/tests/test_downloader.c
@@ -52,7 +52,7 @@ START_TEST(test_downloader_single_file)
tmpfn1 = lr_pathconcat(test_globals.tmpdir, "single_file_XXXXXX", NULL);
fd1 = mkstemp(tmpfn1);
- lr_free(tmpfn1);
+ g_free(tmpfn1);
ck_assert_int_ge(fd1, 0);
t1 = lr_downloadtarget_new(handle, "index.html", NULL, fd1, NULL, NULL,
@@ -97,7 +97,7 @@ START_TEST(test_downloader_single_file_2)
tmpfn1 = lr_pathconcat(test_globals.tmpdir, "single_file_2_XXXXXX", NULL);
fd1 = mkstemp(tmpfn1);
- lr_free(tmpfn1);
+ g_free(tmpfn1);
ck_assert_int_ge(fd1, 0);
t1 = lr_downloadtarget_new(NULL, "http://seznam.cz/index.html", NULL,
@@ -154,8 +154,8 @@ START_TEST(test_downloader_two_files)
fd1 = mkstemp(tmpfn1);
fd2 = mkstemp(tmpfn2);
- lr_free(tmpfn1);
- lr_free(tmpfn2);
+ g_free(tmpfn1);
+ g_free(tmpfn2);
ck_assert_int_ge(fd1, 0);
ck_assert_int_ge(fd2, 0);
@@ -223,9 +223,9 @@ START_TEST(test_downloader_three_files_with_error)
fd1 = mkstemp(tmpfn1);
fd2 = mkstemp(tmpfn2);
fd3 = mkstemp(tmpfn3);
- lr_free(tmpfn1);
- lr_free(tmpfn2);
- lr_free(tmpfn3);
+ g_free(tmpfn1);
+ g_free(tmpfn2);
+ g_free(tmpfn3);
ck_assert_int_ge(fd1, 0);
ck_assert_int_ge(fd2, 0);
ck_assert_int_ge(fd3, 0);
@@ -329,7 +329,7 @@ START_TEST(test_downloader_checksum)
tmpfn1 = lr_pathconcat(test_globals.tmpdir, "single_file_XXXXXX", NULL);
fd1 = mkstemp(tmpfn1);
- lr_free(tmpfn1);
+ g_free(tmpfn1);
ck_assert_int_ge(fd1, 0);
checksum = lr_downloadtargetchecksum_new(LR_CHECKSUM_SHA512,
diff --git a/tests/test_metalink.c b/tests/test_metalink.c
index e425742..1440125 100644
--- a/tests/test_metalink.c
+++ b/tests/test_metalink.c
@@ -48,7 +48,7 @@ START_TEST(test_metalink_good_01)
path = lr_pathconcat(test_globals.testdata_dir, METALINK_DIR,
"metalink_good_01", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_metalink_init();
ck_assert_ptr_nonnull(ml);
@@ -160,7 +160,7 @@ START_TEST(test_metalink_good_02)
path = lr_pathconcat(test_globals.testdata_dir, METALINK_DIR,
"metalink_good_02", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_metalink_init();
ck_assert_ptr_nonnull(ml);
@@ -206,7 +206,7 @@ START_TEST(test_metalink_good_03)
path = lr_pathconcat(test_globals.testdata_dir, METALINK_DIR,
"metalink_good_03", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_metalink_init();
ck_assert_ptr_nonnull(ml);
@@ -250,7 +250,7 @@ START_TEST(test_metalink_bad_01)
path = lr_pathconcat(test_globals.testdata_dir, METALINK_DIR,
"metalink_bad_01", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_metalink_init();
ck_assert_ptr_nonnull(ml);
@@ -371,7 +371,7 @@ START_TEST(test_metalink_bad_02)
path = lr_pathconcat(test_globals.testdata_dir, METALINK_DIR,
"metalink_bad_02", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_metalink_init();
ck_assert_ptr_nonnull(ml);
@@ -395,7 +395,7 @@ START_TEST(test_metalink_really_bad_01)
path = lr_pathconcat(test_globals.testdata_dir, METALINK_DIR,
"metalink_really_bad_01", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_metalink_init();
ck_assert_ptr_nonnull(ml);
@@ -419,7 +419,7 @@ START_TEST(test_metalink_really_bad_02)
path = lr_pathconcat(test_globals.testdata_dir, METALINK_DIR,
"metalink_really_bad_02", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_metalink_init();
ck_assert_ptr_nonnull(ml);
@@ -443,7 +443,7 @@ START_TEST(test_metalink_really_bad_03)
path = lr_pathconcat(test_globals.testdata_dir, METALINK_DIR,
"metalink_really_bad_03", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_metalink_init();
ck_assert_ptr_nonnull(ml);
@@ -470,7 +470,7 @@ START_TEST(test_metalink_with_alternates)
path = lr_pathconcat(test_globals.testdata_dir, METALINK_DIR,
"metalink_with_alternates", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_metalink_init();
ck_assert_ptr_nonnull(ml);
diff --git a/tests/test_mirrorlist.c b/tests/test_mirrorlist.c
index cc00b7f..ec924b6 100644
--- a/tests/test_mirrorlist.c
+++ b/tests/test_mirrorlist.c
@@ -35,7 +35,7 @@ START_TEST(test_mirrorlist_01)
path = lr_pathconcat(test_globals.testdata_dir, MIRRORLIST_DIR,
"mirrorlist_01", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_mirrorlist_init();
ck_assert_ptr_nonnull(ml);
@@ -68,7 +68,7 @@ START_TEST(test_mirrorlist_02)
path = lr_pathconcat(test_globals.testdata_dir, MIRRORLIST_DIR,
"mirrorlist_02", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_mirrorlist_init();
ck_assert_ptr_nonnull(ml);
@@ -92,7 +92,7 @@ START_TEST(test_mirrorlist_03)
path = lr_pathconcat(test_globals.testdata_dir, MIRRORLIST_DIR,
"mirrorlist_03", NULL);
fd = open(path, O_RDONLY);
- lr_free(path);
+ g_free(path);
ck_assert_int_ge(fd, 0);
ml = lr_mirrorlist_init();
ck_assert_ptr_nonnull(ml);
diff --git a/tests/test_util.c b/tests/test_util.c
index d082445..96e82aa 100644
--- a/tests/test_util.c
+++ b/tests/test_util.c
@@ -68,43 +68,43 @@ START_TEST(test_pathconcat)
path = lr_pathconcat("", NULL);
ck_assert_ptr_nonnull(path);
ck_assert_str_eq(path, "");
- lr_free(path);
+ g_free(path);
path = NULL;
path = lr_pathconcat("/tmp", "foo///", "bar", NULL);
ck_assert_ptr_nonnull(path);
ck_assert_str_eq(path, "/tmp/foo/bar");
- lr_free(path);
+ g_free(path);
path = NULL;
path = lr_pathconcat("foo", "bar/", NULL);
ck_assert_ptr_nonnull(path);
ck_assert_str_eq(path, "foo/bar");
- lr_free(path);
+ g_free(path);
path = NULL;
path = lr_pathconcat("foo", "/bar/", NULL);
ck_assert_ptr_nonnull(path);
ck_assert_str_eq(path, "foo/bar");
- lr_free(path);
+ g_free(path);
path = NULL;
path = lr_pathconcat("foo", "bar", "", NULL);
ck_assert_ptr_nonnull(path);
ck_assert_str_eq(path, "foo/bar/");
- lr_free(path);
+ g_free(path);
path = NULL;
path = lr_pathconcat("http://host.net", "path/to/somewhere", NULL);
ck_assert_ptr_nonnull(path);
ck_assert_str_eq(path, "http://host.net/path/to/somewhere");
- lr_free(path);
+ g_free(path);
path = NULL;
path = lr_pathconcat("http://host.net?hello=1", "path/to/", "somewhere", NULL);
ck_assert_ptr_nonnull(path);
ck_assert_str_eq(path, "http://host.net/path/to/somewhere?hello=1");
- lr_free(path);
+ g_free(path);
path = NULL;
}
END_TEST
@@ -127,7 +127,7 @@ START_TEST(test_remove_dir)
ck_assert_int_ne(unlink(tmp_file), 0);
ck_assert_int_ne(rmdir(tmp_dir), 0);
g_free(tmp_dir);
- lr_free(tmp_file);
+ g_free(tmp_file);
}
END_TEST
--
2.37.1

51
SOURCES/0004-Use-g_strdup_vprintf-instead-of-manually-calculating.patch
View File

@ -1,51 +0,0 @@
From dc640e127f4c678c9dfbda776994972600d53e56 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Hr=C3=A1zk=C3=BD?= <lhrazky@redhat.com>
Date: Tue, 16 Aug 2022 13:44:22 +0200
Subject: [PATCH] Use g_strdup_vprintf() instead of manually calculating
allocation space
Fixes an error introduced in d2508e206514bdbf841ee72f4971336766c16fe1 by
removing trailing NULLs, on which the size calculation code was relying.
Instead of this incosistent argument iteration, use g_strdup_vprintf(),
which allocates the new string correctly.
---
librepo/metadata_downloader.c | 19 ++-----------------
1 file changed, 2 insertions(+), 17 deletions(-)
diff --git a/librepo/metadata_downloader.c b/librepo/metadata_downloader.c
index 9e7d7e5..92a462b 100644
--- a/librepo/metadata_downloader.c
+++ b/librepo/metadata_downloader.c
@@ -98,26 +98,11 @@ void
lr_metadatatarget_append_error(LrMetadataTarget *target, char *format, ...)
{
va_list valist;
- size_t length = strlen(format);
- char *error_message = NULL;
-
- va_start(valist, format);
- while (1) {
- char *arg = va_arg(valist, char*);
- if (arg == NULL)
- break;
-
- length += strlen(arg);
- }
- length += RESERVE;
- va_end(valist);
-
va_start(valist, format);
- error_message = malloc(length * sizeof(char));
- vsnprintf(error_message, length, format, valist);
+ gchar *error_message = g_strdup_vprintf(format, valist);
va_end(valist);
- target->err = g_list_append(target->err, (gpointer) error_message);
+ target->err = g_list_append(target->err, error_message);
}
static gboolean
--
2.37.1

55
SOURCES/0005-Use-g_list_free_full-to-free-LRMetadataTarget-err.patch
View File

@ -1,55 +0,0 @@
From a5305e7f957666c92040fa0134d69d9fbeb5db70 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Hr=C3=A1zk=C3=BD?= <lhrazky@redhat.com>
Date: Tue, 16 Aug 2022 15:41:44 +0200
Subject: [PATCH] Use g_list_free_full() to free LRMetadataTarget::err
Fixes a memory leak where the char * items in the list were not freed.
---
CMakeLists.txt | 2 +-
librepo.spec | 2 +-
librepo/metadata_downloader.c | 3 +--
3 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index a45d5c4..b4007e3 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -28,7 +28,7 @@ set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_SOURCE_DIR}/cmake/Modules/")
# Find necessare libraries
FIND_PACKAGE(PkgConfig)
-PKG_CHECK_MODULES(GLIB2 glib-2.0 REQUIRED)
+PKG_CHECK_MODULES(GLIB2 glib-2.0>=2.28 REQUIRED)
PKG_SEARCH_MODULE(LIBCRYPTO REQUIRED libcrypto openssl)
PKG_CHECK_MODULES(LIBXML2 libxml-2.0 REQUIRED)
FIND_PACKAGE(CURL 7.52.0 REQUIRED)
diff --git a/librepo.spec b/librepo.spec
index 5a733b2..88d6d6d 100644
--- a/librepo.spec
+++ b/librepo.spec
@@ -23,7 +23,7 @@ BuildRequires: cmake
BuildRequires: gcc
BuildRequires: check-devel
BuildRequires: doxygen
-BuildRequires: pkgconfig(glib-2.0)
+BuildRequires: pkgconfig(glib-2.0) >= 2.28
BuildRequires: gpgme-devel
BuildRequires: libattr-devel
BuildRequires: libcurl-devel >= %{libcurl_version}
diff --git a/librepo/metadata_downloader.c b/librepo/metadata_downloader.c
index 92a462b..cda1e40 100644
--- a/librepo/metadata_downloader.c
+++ b/librepo/metadata_downloader.c
@@ -89,8 +89,7 @@ lr_metadatatarget_free(LrMetadataTarget *target)
if (!target)
return;
g_string_chunk_free(target->chunk);
- if (target->err != NULL)
- g_list_free(target->err);
+ g_list_free_full(target->err, g_free);
g_free(target);
}
--
2.37.1

29
SOURCES/0006-Detailed-error-message-when-using-non-existing-TMPDI.patch
View File

@ -1,29 +0,0 @@
From a69522533248093c11f11f964a3d42cb08bf7822 Mon Sep 17 00:00:00 2001
From: Jan Kolarik <jkolarik@redhat.com>
Date: Mon, 22 Aug 2022 08:18:04 +0200
Subject: [PATCH] Detailed error message when using non-existing TMPDIR
(RhBug:2019993)
= changelog =
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2019993
---
librepo/util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/librepo/util.c b/librepo/util.c
index 204572d..f4aa512 100644
--- a/librepo/util.c
+++ b/librepo/util.c
@@ -158,7 +158,7 @@ lr_gettmpfile(void)
template = g_build_filename(g_get_tmp_dir(), "librepo-tmp-XXXXXX", NULL);
fd = mkstemp(template);
if (fd < 0) {
- perror("Cannot create temporary file - mkstemp");
+ fprintf(stderr, "Cannot create temporary file - mkstemp '%s': %s\n", template, strerror(errno));
exit(1);
}
unlink(template);
--
2.37.1

226
SOURCES/0007-PGP-Set-a-default-creation-SELinux-labels-on-GnuPG-d.patch
View File

@ -1,226 +0,0 @@
From 08f02ded6de50949fa4ba650fa562643278e5093 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Thu, 12 Oct 2023 15:55:43 +0200
Subject: [PATCH] PGP: Set a default creation SELinux labels on GnuPG
directories
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This is another way how to fix mismatching SELinux context on
/run/user directories without moving the directories to
/run/gnupg/user.
librepo used to precreate the directory in /run/user to make sure
a GnuPG agent executed by GPGME library places its socket there.
The directories there are normally created and removed by systemd
(logind PAM session). librepo created them for a case when a package
manager is invoked out of systemd session, before the super user logs
in. E.g. by a timer job to cache repository metadata.
A problem was when this out-of-session process was a SELinux-confined
process creating files with its own SELinux label different from a DNF
program. Then the directory was created with a SELinux label different
from the one expected by systemd and when logging out a corresponding
user, the mismatching label clashed with systemd.
This patch fixes the issue by choosing a SELinux label of those
directories to the label defined in a default SELinux file context
database.
This patch adds a new -DENABLE_SELINUX=OFF CMake option to disable the
new dependency on libselinux. A default behavior is to support SELinux
only if GPGME backend is selected with -DUSE_GPGME=ON.
https://issues.redhat.com/browse/RHEL-10720
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
CMakeLists.txt | 8 ++++++
librepo.spec | 9 +++++-
librepo/CMakeLists.txt | 4 +++
librepo/gpg.c | 64 ++++++++++++++++++++++++++++++++++++++++++
4 files changed, 84 insertions(+), 1 deletion(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index b4007e3..1a107bc 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -5,6 +5,7 @@ OPTION (ENABLE_TESTS "Build test?" ON)
OPTION (ENABLE_DOCS "Build docs?" ON)
OPTION (WITH_ZCHUNK "Build with zchunk support" ON)
OPTION (ENABLE_PYTHON "Build Python bindings" ON)
+OPTION (ENABLE_SELINUX "Restore SELinux labels on GnuPG directories" ON)
INCLUDE (${CMAKE_SOURCE_DIR}/VERSION.cmake)
SET (VERSION "${LIBREPO_MAJOR}.${LIBREPO_MINOR}.${LIBREPO_PATCH}")
@@ -33,6 +34,9 @@ PKG_SEARCH_MODULE(LIBCRYPTO REQUIRED libcrypto openssl)
PKG_CHECK_MODULES(LIBXML2 libxml-2.0 REQUIRED)
FIND_PACKAGE(CURL 7.52.0 REQUIRED)
FIND_PACKAGE(Gpgme REQUIRED)
+IF (ENABLE_SELINUX)
+ PKG_CHECK_MODULES(SELINUX REQUIRED libselinux)
+ENDIF(ENABLE_SELINUX)
IF (WITH_ZCHUNK)
@@ -63,6 +67,10 @@ ENDIF (NOT CURL_FOUND)
INCLUDE_DIRECTORIES(${LIBXML2_INCLUDE_DIRS})
INCLUDE_DIRECTORIES(${CURL_INCLUDE_DIR})
#INCLUDE_DIRECTORIES(${CHECK_INCLUDE_DIR})
+IF (ENABLE_SELINUX)
+ INCLUDE_DIRECTORIES(${SELINUX_INCLUDE_DIRS})
+ ADD_DEFINITIONS(-DENABLE_SELINUX=1)
+ENDIF (ENABLE_SELINUX)
include (GNUInstallDirs)
# Python stuff
diff --git a/librepo.spec b/librepo.spec
index 88d6d6d..ae87425 100644
--- a/librepo.spec
+++ b/librepo.spec
@@ -8,6 +8,8 @@
%bcond_without zchunk
%endif
+%bcond_without selinux
+
%global dnf_conflict 2.8.8
Name: librepo
@@ -29,6 +31,9 @@ BuildRequires: libattr-devel
BuildRequires: libcurl-devel >= %{libcurl_version}
BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(libcrypto)
+%if %{with selinux}
+BuildRequires: pkgconfig(libselinux)
+%endif
BuildRequires: pkgconfig(openssl)
%if %{with zchunk}
BuildRequires: pkgconfig(zck) >= 0.9.11
@@ -66,7 +71,9 @@ Python 3 bindings for the librepo library.
%autosetup -p1
%build
-%cmake %{!?with_zchunk:-DWITH_ZCHUNK=OFF}
+%cmake \
+ %{!?with_zchunk:-DWITH_ZCHUNK=OFF} \
+ -DENABLE_SELINUX=%{?with_selinux:ON}%{!?with_selinux:OFF}
%cmake_build
%check
diff --git a/librepo/CMakeLists.txt b/librepo/CMakeLists.txt
index 4f00a5e..e759692 100644
--- a/librepo/CMakeLists.txt
+++ b/librepo/CMakeLists.txt
@@ -53,6 +53,10 @@ TARGET_LINK_LIBRARIES(librepo
${GPGME_VANILLA_LIBRARIES}
${GLIB2_LIBRARIES}
)
+IF (ENABLE_SELINUX)
+ TARGET_LINK_LIBRARIES(librepo ${SELINUX_LIBRARIES})
+ENDIF(ENABLE_SELINUX)
+
IF (WITH_ZCHUNK)
TARGET_LINK_LIBRARIES(librepo ${ZCHUNKLIB_LIBRARIES})
ENDIF (WITH_ZCHUNK)
diff --git a/librepo/gpg.c b/librepo/gpg.c
index a134d44..e4b6589 100644
--- a/librepo/gpg.c
+++ b/librepo/gpg.c
@@ -28,6 +28,11 @@
#include <gpgme.h>
#include <unistd.h>
+#if ENABLE_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/label.h>
+#endif
+
#include "rcodes.h"
#include "util.h"
#include "gpg.h"
@@ -44,6 +49,14 @@
* Previous solution was to send the agent a "KILLAGENT" message, but that
* would cause a race condition with calling gpgme_release(), see [2], [3].
*
+ * Current solution with precreating /run/user/$UID showed problematic when
+ * this library was used out of an systemd-logind session. Then
+ * /run/user/$UID, normally maintained by systemd, was assigned a SELinux
+ * label unexpected by systemd causing errors on a user logout [4].
+ *
+ * We remedy it by choosing the label according to a default file context
+ * policy (ENABLE_SELINUX macro).
+ *
* Since the agent doesn't clean up its sockets properly, by creating this
* directory we make sure they are in a place that is not causing trouble with
* container images.
@@ -51,14 +64,65 @@
* [1] https://bugzilla.redhat.com/show_bug.cgi?id=1650266
* [2] https://bugzilla.redhat.com/show_bug.cgi?id=1769831
* [3] https://github.com/rpm-software-management/microdnf/issues/50
+ * [4] https://issues.redhat.com/browse/RHEL-10720
*/
void ensure_socket_dir_exists() {
char dirname[32];
+#if ENABLE_SELINUX
+ char *old_default_context = NULL;
+ int old_default_context_was_retrieved = 0;
+ struct selabel_handle *labeling_handle = NULL;
+
+ /* A purpose of this piece of code is to deal with applications whose
+ * security policy overrides a file context for temporary files but don't
+ * know that librepo executes GnuPG which expects a default file context. */
+ if (0 == getfscreatecon(&old_default_context)) {
+ old_default_context_was_retrieved = 1;
+ } else {
+ g_debug("Failed to retrieve a default SELinux context");
+ }
+ labeling_handle = selabel_open(SELABEL_CTX_FILE, NULL, 0);
+ if (labeling_handle == NULL) {
+ g_debug("Failed to open a SELinux labeling handle: %s", strerror(errno));
+ }
+#endif
+
snprintf(dirname, sizeof(dirname), "/run/user/%u", getuid());
+
+#if ENABLE_SELINUX
+ if (labeling_handle != NULL) {
+ char *new_default_context = NULL;
+ if (selabel_lookup(labeling_handle, &new_default_context, dirname, 0700)) {
+ /* Here we could hard-code "system_u:object_r:user_tmp_t:s0", but
+ * that value should be really defined in default file context
+ * SELinux policy. Only log that the policy is incomplete. */
+ g_debug("Failed to look up a default SELinux label for \"%s\"", dirname);
+ } else {
+ if (setfscreatecon(new_default_context)) {
+ g_debug("Failed to set default SELinux context to \"%s\"",
+ new_default_context);
+ }
+ freecon(new_default_context);
+ }
+ }
+#endif
+
int res = mkdir(dirname, 0700);
if (res != 0 && errno != EEXIST) {
g_debug("Failed to create \"%s\": %d - %s\n", dirname, errno, strerror(errno));
}
+
+#if ENABLE_SELINUX
+ if (labeling_handle != NULL) {
+ selabel_close(labeling_handle);
+ }
+ if (old_default_context_was_retrieved) {
+ if (setfscreatecon(old_default_context)) {
+ g_debug("Failed to restore a default SELinux context");
+ }
+ }
+ freecon(old_default_context);
+#endif
}
gboolean
--
2.41.0

312
SPECS/librepo.spec
View File

@ -1,312 +0,0 @@
%global libcurl_version 7.52.0
%undefine __cmake_in_source_build
%if 0%{?rhel}
%bcond_with zchunk
%else
%bcond_without zchunk
%endif
%bcond_without selinux
%global dnf_conflict 2.8.8
Name: librepo
Version: 1.14.2
Release: 5%{?dist}
Summary: Repodata downloading library
License: LGPLv2+
URL: https://github.com/rpm-software-management/librepo
Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
Patch0001: 0001-Use-nanosec-precision-for-timestamp-of-checksum-cach.patch
Patch0002: 0002-Fix-alloc-free-mismatches-from-covscan.patch
Patch0003: 0003-More-covscan-fixes.patch
Patch0004: 0004-Use-g_strdup_vprintf-instead-of-manually-calculating.patch
Patch0005: 0005-Use-g_list_free_full-to-free-LRMetadataTarget-err.patch
Patch0006: 0006-Detailed-error-message-when-using-non-existing-TMPDI.patch
Patch0007: 0007-PGP-Set-a-default-creation-SELinux-labels-on-GnuPG-d.patch
BuildRequires: cmake
BuildRequires: gcc
BuildRequires: check-devel
BuildRequires: doxygen
BuildRequires: pkgconfig(glib-2.0)
BuildRequires: gpgme-devel
BuildRequires: libattr-devel
BuildRequires: libcurl-devel >= %{libcurl_version}
BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(libcrypto)
%if %{with selinux}
BuildRequires: pkgconfig(libselinux)
%endif
BuildRequires: pkgconfig(openssl)
%if %{with zchunk}
BuildRequires: pkgconfig(zck) >= 0.9.11
%endif
Requires: libcurl%{?_isa} >= %{libcurl_version}
%description
A library providing C and Python (libcURL like) API to downloading repository
metadata.
%package devel
Summary: Repodata downloading library
Requires: %{name}%{?_isa} = %{version}-%{release}
%description devel
Development files for librepo.
%package -n python3-%{name}
Summary: Python 3 bindings for the librepo library
%{?python_provide:%python_provide python3-%{name}}
BuildRequires: python3-devel
BuildRequires: python3-gpg
BuildRequires: python3-pyxattr
BuildRequires: python3-requests
BuildRequires: python3-sphinx
Requires: %{name}%{?_isa} = %{version}-%{release}
# Obsoletes Fedora 27 package
Obsoletes: platform-python-%{name} < %{version}-%{release}
Conflicts: python3-dnf < %{dnf_conflict}
%description -n python3-%{name}
Python 3 bindings for the librepo library.
%prep
%autosetup -p1
%build
%cmake \
%{!?with_zchunk:-DWITH_ZCHUNK=OFF} \
-DENABLE_SELINUX=%{?with_selinux:ON}%{!?with_selinux:OFF}
%cmake_build
%check
%ctest
%install
%cmake_install
%if 0%{?rhel} && 0%{?rhel} <= 7
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%else
%ldconfig_scriptlets
%endif
%files
%license COPYING
%doc README.md
%{_libdir}/%{name}.so.*
%files devel
%{_libdir}/%{name}.so
%{_libdir}/pkgconfig/%{name}.pc
%{_includedir}/%{name}/
%files -n python3-%{name}
%{python3_sitearch}/%{name}/
%changelog
* Thu Oct 12 2023 Petr Pisar <ppisar@redhat.com> - 1.14.2-5
- Set default SELinux labels on GnuPG directories (RHEL-10720)
* Mon Sep 12 2022 Lukas Hrazky <lhrazky@redhat.com> - 1.14.2-4
- Fix termination of va_list in lr_metadatatarget_append_error()
- Detailed error message when using non-existing TMPDIR
* Mon Jul 25 2022 Lukas Hrazky <lhrazky@redhat.com> - 1.14.2-3
- Fix covscan issues
* Tue Jul 12 2022 Lukas Hrazky <lhrazky@redhat.com> - 1.14.2-2
- Use nanosec precision for timestamp of checksum cache
* Tue Nov 09 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.2-1
- Update to 1.14.2
- Reduce time to load metadata
- Fix resource leaks and memory leaks
- Remove build dependency on python3-flask
* Fri Jun 25 2021 Marek Blaha <mblaha@redhat.com> - 1.14.0-2
- Recover from fsync fail on read-only filesystem (RhBug:1956361)
* Fri Apr 30 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.0-1
- Update to 1.14.0
- Fix the key string parsing in url_substitution
- When zchunk enabled and not using HTTP/S protocol, download the whole file (RhBug:1886706)
- Add an option LRO_SSLVERIFYSTATUS to check TLS certificate revocation status (using OCSP stapling) (RhBug:1814383)
- Fix: lr_perform() - Avoid 100% CPU usage
- Add support for working with certificates used with proxy
- Reposync does not re-download unchanged packages (RhBug:1931904)
- Fix memory leaks
* Tue Dec 15 2020 Marek Blaha <mblaha@redhat.com> - 1.12.0-3
- Add support for pkcs11 certificate and key for repository authorization (RhBug:1859495)
* Mon Aug 17 2020 Ales Matej <amatej@redhat.com> - 1.12.0-2
- Validate paths read from repomd.xml (RhBug:1866505)
* Wed Jun 03 2020 Nicola Sella <nsella@redhat.com> - 1.12.0-1
- Update to 1.12.0
- Decode package URL when using for local filename (RhBug:1817130)
- Fix memory leak in lr_download_metadata() and lr_yum_download_remote()
- Download sources work when at least one of specified is working (RhBug:1775184)
- Enable building on OSX
* Fri Apr 03 2020 Ales Matej <amatej@redhat.com> - 1.11.3-1
- Update to 1.11.3
- Prefer mirrorlist/metalink over baseurl (RhBug:1775184)
- Fix calling Python API without holding GIL (RhBug:1788918)
- Do not unref LrErr_Exception on exit (RhBug:1778854)
* Fri Dec 06 2019 Lukas Hrazky <lhrazky@redhat.com> - 1.11.0-2
- Create a directory for gpg sockets in /run/user/ (RhBug:1769831,1771012)
* Tue Nov 12 2019 Ales Matej <amatej@redhat.com> - 1.11.0-1
- Update to 1.11.0
- Retry mirrorlist/metalink downloads several times (RhBug:1741931)
- Improve variable substitutions in URLs and add ${variable} support
* Tue Oct 22 2019 Ales Matej <amatej@redhat.com> - 1.10.6-1
- Update to 1.10.6
- Imporove handling of xattr to re-download damadged files (RhBug:1690894)
- Rephrase repository GPG check error message (RhBug:1741442)
- Add sleep before next try when all mirrors were tried (RhBug:1741931)
- Raise logging level of error messages (RhBug:1737709)
- Handle webservers that don't support ranges when downloading zck
- Define LRO_SUPPORTS_CACHEDIR only with zchunk (RhBug:1726141)
- Allow to use mirrors multiple times for a target (RhBug:1678588)
- Allow to try baseurl multiple times (RhBug:1678588)
* Fri Sep 06 2019 Marek Blaha <mblaha@redhat.com> - 1.10.3-3
- Backport patch: Fix: Verification of checksum from file attr
* Wed Jul 31 2019 Pavla Kratochvilova <pkratoch@redhat.com> - 1.10.3-2
- Backport patch: Define LRO_SUPPORTS_CACHEDIR only with zchunk (RhBug:1726141,1719830)
* Tue Jun 11 2019 Pavla Kratochvilova <pkratoch@redhat.com> - 1.10.3-1
- Update to 1.10.3
- Exit gpg-agent after repokey import (RhBug:1650266)
* Mon May 13 2019 Pavla Kratochvilova <pkratoch@redhat.com> - 1.10.1-1
- Update to 1.10.1
- Reduce download delays
- Add an option to preserve timestamps of the downloaded files (RhBug:1688537)
- Append the '?' part of repo URL after the path
- Fix memory leaks
* Tue Sep 25 2018 Jaroslav Mracek <jmracek@redhat.com> - 1.9.2-1
- Update to 1.9.2
- Bug 1626495 - major performance regression with libcurl-7.61.1
* Mon Aug 13 2018 Daniel Mach <dmach@redhat.com> - 1.9.1-1
- Update to 1.9.1
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Jun 29 2018 Jaroslav Mracek <jmracek@redhat.com> - 1.9.0-3
- Rebuilt for Python 3.7
* Tue Jun 26 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.9.0-2
- Fix ldconfig_scriptlets once more
* Tue Jun 26 2018 Jaroslav Mracek <jmracek@redhat.com> - 1.9.0-1
- Update to 1.9.0
* Mon Jun 18 2018 Miro Hrončok <mhroncok@redhat.com> - 1.8.1-9
- Rebuilt for Python 3.7
* Fri Jun 15 2018 Miro Hrončok <mhroncok@redhat.com> - 1.8.1-8
- Bootstrap for Python 3.7
* Thu Feb 08 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.1-7
- Add if conditionals around pyxattr
* Wed Feb 07 2018 Iryna Shcherbina <ishcherb@redhat.com> - 1.8.1-6
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Wed Jan 31 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.1-5
- Switch to %%ldconfig_scriptlets
* Tue Nov 07 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.1-4
- Use better Obsoletes for platform-python
* Sat Nov 04 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.1-3
- Fix typo in Obsoletes
* Fri Nov 03 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.1-2
- Remove platform-python subpackage
* Fri Sep 15 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.8.1-1
- Update to 1.8.1
* Fri Sep 01 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.8.0-2
- Disable platform python on old releases
* Wed Aug 23 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.8.0-1
- Update to 1.8.0
* Fri Aug 18 2017 Tomas Orsava <torsava@redhat.com> - 1.7.20-9
- Added Patch 0 to fix a tearDown failure in the test suite
* Thu Aug 10 2017 Petr Viktorin <pviktori@redhat.com> - 1.7.20-8
- Add subpackage for platform-python (https://fedoraproject.org/wiki/Changes/Platform_Python_Stack)
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.20-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.20-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.20-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Dec 13 2016 Charalampos Stratakis <cstratak@redhat.com> - 1.7.20-4
- Enable tests
* Tue Dec 13 2016 Charalampos Stratakis <cstratak@redhat.com> - 1.7.20-3
- Rebuild for Python 3.6
- Disable tests for now
* Sat Dec 10 2016 Igor Gnatenko <i.gnatenko.brain@gmail.com> - 1.7.20-2
- Rebuild for gpgme 1.18
* Thu Aug 25 2016 Tomas Mlcoch <tmlcoch@redhat.com> - 1.7.20-1
- Tests: Disable test_download_packages_with_resume_02 test
- Update build utils to match new fedora spec schema
* Wed Aug 24 2016 Tomas Mlcoch <tmlcoch@redhat.com> - 1.7.19-1
- Add yumrecord substitution mechanism (mluscon)
- Fix a memory leak in signature verification (cwalters)
* Tue Aug 09 2016 Igor Gnatenko <ignatenko@redhat.com> - 1.7.18-4
- Add %%{?system_python_abi}
- Trim ton of changelog
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7.18-3
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
* Thu Apr 07 2016 Igor Gnatenko <ignatenko@redhat.com> - 1.7.18-2
- Adopt to new packaging guidelines
- Cleanups in spec file
* Fri Mar 4 2016 Tomas Mlcoch <tmlcoch@redhat.com> - 1.7.18-1
- Add new option LRO_FTPUSEEPSV
- Update AUTHORS
- downloader prepare_next_transfer(): simplify long line
- downloader prepare_next_transfer(): add missing error check
- downloader prepare_next_transfer(): cleanup error path
- downloader prepare_next_transfer() - fix memory leak on error path (Alan Jenkins)
- handle: Don't use proxy cache for downloads of metalink/mirrorlist
- handle: Don't set CURLOPT_HTTPHEADER into curl handle immediately when specified
- downloader: Implement logic for no_cache param in LrDownloadTarget (RhBug: 1297762)
- Add no_cache param to LrDownloadTarget and lr_downloadtarget_new()
- New test: always try to download from the fastest mirror (Alexander Todorov)
- Doc: Fixed minor doc typo (Philippe Ombredanne)
- Doc: Other updates
- Doc: Update default values in doc to reflect reality

474
librepo.spec Normal file
View File

@ -0,0 +1,474 @@
%global libcurl_version 7.52.0
%undefine __cmake_in_source_build
%if 0%{?rhel}
%bcond_with zchunk
%else
%bcond_without zchunk
%endif
%if 0%{?fedora} >= 39 || 0%{?rhel} >= 10
%bcond_with use_gpgme
%bcond_with use_selinux
%else
%bcond_without use_gpgme
%bcond_without use_selinux
%endif
# Needs to match how gnupg2 is compiled
%bcond_with run_gnupg_user_socket
%if %{with use_gpgme} && %{with use_selinux}
%global need_selinux 1
%else
%global need_selinux 0
%endif
%global dnf_conflict 2.8.8
Name: librepo
Version: 1.18.0
Release: 3%{?dist}
Summary: Repodata downloading library
License: LGPL-2.1-or-later
URL: https://github.com/rpm-software-management/librepo
Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
Patch1: 0001-Use-rpm-sequoia-on-RHEL-10.patch
Patch2: 0002-Fix-a-memory-leak-in-select_next_target.patch
BuildRequires: cmake
BuildRequires: gcc
BuildRequires: check-devel
BuildRequires: doxygen
BuildRequires: pkgconfig(glib-2.0) >= 2.66
%if %{with use_gpgme}
BuildRequires: gpgme-devel
%else
BuildRequires: pkgconfig(rpm) >= 4.18.0
%endif
BuildRequires: libattr-devel
BuildRequires: libcurl-devel >= %{libcurl_version}
BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(libcrypto)
%if %{need_selinux}
BuildRequires: pkgconfig(libselinux)
%endif
BuildRequires: pkgconfig(openssl)
%if %{with zchunk}
BuildRequires: pkgconfig(zck) >= 0.9.11
%endif
Requires: libcurl%{?_isa} >= %{libcurl_version}
%description
A library providing C and Python (libcURL like) API to downloading repository
metadata.
%package devel
Summary: Repodata downloading library
Requires: %{name}%{?_isa} = %{version}-%{release}
%if %{with zchunk}
Requires: zchunk-devel%{?_isa}
%endif
%description devel
Development files for librepo.
%package -n python3-%{name}
Summary: Python 3 bindings for the librepo library
%{?python_provide:%python_provide python3-%{name}}
BuildRequires: python3-devel
BuildRequires: python3-gpg
BuildRequires: python3-pyxattr
BuildRequires: python3-requests
BuildRequires: python3-sphinx
Requires: %{name}%{?_isa} = %{version}-%{release}
# Obsoletes Fedora 27 package
Obsoletes: platform-python-%{name} < %{version}-%{release}
Conflicts: python3-dnf < %{dnf_conflict}
%description -n python3-%{name}
Python 3 bindings for the librepo library.
%prep
%autosetup -p1
%build
%cmake \
-DWITH_ZCHUNK=%{?with_zchunk:ON}%{!?with_zchunk:OFF} \
-DUSE_GPGME=%{?with_use_gpgme:ON}%{!?with_use_gpgme:OFF} \
-DUSE_RUN_GNUPG_USER_SOCKET=%{?with_run_gnupg_user_socket:ON}%{!?with_run_gnupg_user_socket:OFF} \
-DENABLE_SELINUX=%{?need_selinux:ON}%{!?need_selinux:OFF}
%cmake_build
%check
%ctest
%install
%cmake_install
%if 0%{?rhel} && 0%{?rhel} <= 7
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%else
%ldconfig_scriptlets
%endif
%files
%license COPYING
%doc README.md
%{_libdir}/%{name}.so.*
%files devel
%{_libdir}/%{name}.so
%{_libdir}/pkgconfig/%{name}.pc
%{_includedir}/%{name}/
%files -n python3-%{name}
%{python3_sitearch}/%{name}/
%changelog
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.18.0-3
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
* Mon Jul 15 2024 Petr Pisar <ppisar@redhat.com> - 1.18.0-2
- Use librpmio instead of gpgme for handling PGP keys (RHEL-47106)
- Fix a memory leak in select_next_target() (RHEL-35699)
* Tue Jul 02 2024 Evan Goode <egoode@redhat.com> - 1.18.0-1
- Update to 1.18.0 (RHEL-35699)
- API: Add LRO_USERNAME and LRO_PASSWORD options
- Add a private dependency on zck to librepo.pc if zchunk support is enabled
- Hash cache: Improved work with extended file attributes
- Improve performance of large number of package downloads
- Fix error handling, Fix examples and build them
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.17.1-2
- Bump release for June 2024 mass rebuild
* Tue Mar 26 2024 Jan Kolarik <jkolarik@redhat.com> - 1.17.1-1
- Update to 1.17.1 (RHEL-38831)
- gpg_gpgme.c: fix build errors with older gcc
- Change header files to match a configured ABI regarding a zchunk support
- Fix building zchunk code if zchunk is enabled
- Fix compiler warnings
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.17.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.17.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Oct 18 2023 Jan Kolarik <jkolarik@redhat.com> - 1.17.0-1
- Update to 1.17.0
- lr_gpg_check_signature: Forward PGP error messages from RPM
- PGP: fix: Support importing binary public keys in librpm backend
- PGP: Enable creating a UID directory for GnuGP agent socket in /run/gnupg/user
- PGP: Set a default creation SELinux labels on GnuPG directories
* Wed Sep 20 2023 Adam Williamson <awilliam@redhat.com> - 1.16.0-2
- Rebuild with no changes for Bodhi reasons
* Fri Sep 01 2023 Jan Kolarik <jkolarik@redhat.com> - 1.16.0-1
- Update to 1.16.0
- Implement OpenPGP using librpm API
* Tue Aug 01 2023 Jan Kolarik <jkolarik@redhat.com> - 1.15.2-1
- Update to 1.15.2
- Fixes and optimizations in header files
- Fix lr_gpg_list_keys function when keys are empty
- Update PGP test vectors
- Fix CMake warnings
- Bump glib version
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.15.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jun 14 2023 Python Maint <python-maint@redhat.com> - 1.15.1-3
- Rebuilt for Python 3.12
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.15.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Dec 09 2022 Jaroslav Rohel <jrohel@redhat.com> - 1.15.1-1
- Update to 1.15.1
- Adds API support for waiting on network in an event driven manner (new API function lr_handle_network_wait)
- OpenPGP API extension and fixes (new API functions lr_gpg_*)
- Update license format to "LGPL-2.1-or-later"
* Tue Aug 23 2022 Jaroslav Rohel <jrohel@redhat.com> - 1.14.4-1
- Update to 1.14.4
- Use nanosec precision for timestamp of checksum cache (RhBug:2077864)
- Fix alloc/free mismatches and memory leaks
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.14.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jun 15 2022 Python Maint <python-maint@redhat.com> - 1.14.3-2
- Rebuilt for Python 3.11
* Thu May 05 2022 Jaroslav Rohel <jrohel@redhat.com> - 1.14.3-1
- Update to 1.14.3
- Make error messages about repodata and rpm mismatch more user friendly
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.14.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Sep 23 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.2-1
- Update to 1.14.2
- Fix covscan warnings and memory leak
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 1.14.1-3
- Rebuilt with OpenSSL 3.0.0
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.14.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Tue Jun 15 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.1-1
- Update to 1.14.1
- Recover from fsync fail on read-only filesystem (RhBug:1956361)
- Reduce time to load metadata
- Fix resource leaks
* Thu Jun 03 2021 Python Maint <python-maint@redhat.com> - 1.14.0-2
- Rebuilt for Python 3.10
* Thu Apr 15 2021 Nicola Sella <nsella@redhat.com> - 1.14.0-1
- Update to 1.14.0
- Fix: memory leaks
- Support multiple checksums in xattr (RhBz:1931904)
- Use macros to access extended attributes
- Remove problematic language
- CMake: Set minimum version for curl to 7.52.0
* Mon Mar 01 2021 Nicola Sella <nsella@redhat.com> - 1.13.0-1
- Update to 1.13.0
- Add support for working with certificates used with proxy
- Drop Python 2 support
- Fix: lr_perform() - Avoid 100% CPU usage
- Add support for pkcs11 certificate and key for repository authorization
- Fix default value for LRO_SSLVERIFYSTATUS
- Don't use max_ranges to determine if we expect zchunk callback
- Prefer HTTP over FTP mirrors when zchunk is enabled
- Fixed mem leaks and typos
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.12.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Oct 07 2020 Nicola Sella <nsella@redhat.com> - 1.12.1-1
* Update to 1.12.1
- Validate path read from repomd.xml (RhBug:1868639)
* Fri Aug 07 2020 Nicola Sella <nsella@redhat.com> - 1.12.0-4
spec: Fix building with new cmake macros
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.12.0-3
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.12.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jun 02 2020 Nicola Sella <nsella@redhat.com> - 1.12.0-1
- Update to 1.12.0
- Decode package URL when using for local filename (RhBug:1817130)
- Fix memory leak in lr_download_metadata() and lr_yum_download_remote()
- Download sources work when at least one of specified is working (RhBug:1775184)
- Enable building on OSX
* Mon May 25 2020 Miro Hrončok <mhroncok@redhat.com> - 1.11.3-3
- Rebuilt for Python 3.9
* Fri May 22 2020 Miro Hrončok <mhroncok@redhat.com> - 1.11.3-2
- Bootstrap for Python 3.9
* Wed Apr 01 2020 Ales Matej <amatej@fedoraproject.org> - 1.11.3-1
- Update to 1.11.3
- Prefer mirrorlist/metalink over baseurl (RhBug:1775184)
* Mon Feb 10 2020 Ales Matej <amatej@fedoraproject.org> - 1.11.1-4
- Fix calling Python API without holding GIL (RhBug:1788918)
* Wed Feb 05 2020 Lukas Slebodnik <lslebodn@fedoraproject.org> - 1.11.1-3
- Do not unref LrErr_Exception on exit (RhBug:1778854)
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Mon Dec 09 2019 Pavla Kratochvilova <pkratoch@redhat.com> - 1.11.1-1
- Update to 1.11.1
- Create a directory for gpg sockets in /run/user/ (RhBug:1769831,1771012)
* Wed Nov 06 2019 Pavla Kratochvilova <pkratoch@redhat.com> - 1.11.0-1
- Update to 1.11.0
- Retry mirrorlist/metalink downloads several times (RhBug:1741931)
- Improve variable substitutions in URLs and add ${variable} support
* Tue Oct 01 2019 Ales Matej <amatej@redhat.com> - 1.10.6-1
- Update to 1.10.6
- Imporove handling of xattr to re-download damadged files (RhBug:1690894)
- Rephrase repository GPG check error message (RhBug:1741442)
- Add sleep before next try when all mirrors were tried (RhBug:1741931)
- Raise logging level of error messages (RhBug:1737709)
* Sun Aug 18 2019 Miro Hrončok <mhroncok@redhat.com> - 1.10.5-2
- Rebuilt for Python 3.8
* Mon Jul 29 2019 Pavla Kratochvilova <pkratoch@redhat.com> - 1.10.5-1
- Update to 1.10.5
- Exit gpg-agent after repokey import (RhBug:1650266)
- Handle webservers that don't support ranges when downloading zck
- Define LRO_SUPPORTS_CACHEDIR only with zchunk (RhBug:1726141)
- Allow to use mirrors multiple times for a target (RhBug:1678588)
- Allow to try baseurl multiple times (RhBug:1678588)
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu May 23 2019 Jonathan Dieter <jdieter@gmail.com> - 1.10.2-2
- Add upstream patch to make sure to check next transfer if current zck
transfer already exists
* Mon May 20 2019 Pavla Kratochvilova <pkratoch@redhat.com> - 1.10.2-1
- Update to 1.10.2
- Add an option to preserve timestamps of the downloaded files (RhBug:1688537)
- librepo: append the '?' part of repo URL after the path
- Fix librepo isn't able to load zchunk files from next server on failure
* Tue Apr 02 2019 Pavla Kratochvilova <pkratoch@redhat.com> - 1.9.6-2
- Backport patch to fix segfault when using zchunk metadata
* Wed Mar 27 2019 Pavla Kratochvilova <pkratoch@redhat.com> - 1.9.6-1
- Update to 1.9.6
- Fix memory leaks
- Fix CPU usage when downloading packages (RhBug:1691856)
* Mon Mar 11 2019 Pavla Kratochvilova <pkratoch@redhat.com> - 1.9.5-1
- Update to 1.9.5
- Reduce download delays
* Wed Feb 13 2019 Pavla Kratochvilova <pkratoch@redhat.com> - 1.9.4-1
- Update to 1.9.4-1
- Add zchunk support
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 28 2019 Miro Hrončok <mhroncok@redhat.com> - 1.9.2-2
- Subpackage python2-librepo has been removed
See https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
* Tue Sep 25 2018 Jaroslav Mracek <jmracek@redhat.com> - 1.9.2-1
- Update to 1.9.2
- Fix major performance regression with libcurl-7.61.1
* Mon Aug 13 2018 Daniel Mach <dmach@redhat.com> - 1.9.1-1
- Update to 1.9.1
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Jun 29 2018 Jaroslav Mracek <jmracek@redhat.com> - 1.9.0-3
- Rebuilt for Python 3.7
* Tue Jun 26 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.9.0-2
- Fix ldconfig_scriptlets once more
* Tue Jun 26 2018 Jaroslav Mracek <jmracek@redhat.com> - 1.9.0-1
- Update to 1.9.0
* Mon Jun 18 2018 Miro Hrončok <mhroncok@redhat.com> - 1.8.1-9
- Rebuilt for Python 3.7
* Fri Jun 15 2018 Miro Hrončok <mhroncok@redhat.com> - 1.8.1-8
- Bootstrap for Python 3.7
* Thu Feb 08 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.1-7
- Add if conditionals around pyxattr
* Wed Feb 07 2018 Iryna Shcherbina <ishcherb@redhat.com> - 1.8.1-6
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Wed Jan 31 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.1-5
- Switch to %%ldconfig_scriptlets
* Tue Nov 07 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.1-4
- Use better Obsoletes for platform-python
* Sat Nov 04 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.1-3
- Fix typo in Obsoletes
* Fri Nov 03 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.1-2
- Remove platform-python subpackage
* Fri Sep 15 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.8.1-1
- Update to 1.8.1
* Fri Sep 01 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.8.0-2
- Disable platform python on old releases
* Wed Aug 23 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.8.0-1
- Update to 1.8.0
* Fri Aug 18 2017 Tomas Orsava <torsava@redhat.com> - 1.7.20-9
- Added Patch 0 to fix a tearDown failure in the test suite
* Thu Aug 10 2017 Petr Viktorin <pviktori@redhat.com> - 1.7.20-8
- Add subpackage for platform-python (https://fedoraproject.org/wiki/Changes/Platform_Python_Stack)
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.20-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.20-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.20-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Dec 13 2016 Charalampos Stratakis <cstratak@redhat.com> - 1.7.20-4
- Enable tests
* Tue Dec 13 2016 Charalampos Stratakis <cstratak@redhat.com> - 1.7.20-3
- Rebuild for Python 3.6
- Disable tests for now
* Sat Dec 10 2016 Igor Gnatenko <i.gnatenko.brain@gmail.com> - 1.7.20-2
- Rebuild for gpgme 1.18
* Thu Aug 25 2016 Tomas Mlcoch <tmlcoch@redhat.com> - 1.7.20-1
- Tests: Disable test_download_packages_with_resume_02 test
- Update build utils to match new fedora spec schema
* Wed Aug 24 2016 Tomas Mlcoch <tmlcoch@redhat.com> - 1.7.19-1
- Add yumrecord substitution mechanism (mluscon)
- Fix a memory leak in signature verification (cwalters)
* Tue Aug 09 2016 Igor Gnatenko <ignatenko@redhat.com> - 1.7.18-4
- Add %%{?system_python_abi}
- Trim ton of changelog
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7.18-3
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
* Thu Apr 07 2016 Igor Gnatenko <ignatenko@redhat.com> - 1.7.18-2
- Adopt to new packaging guidelines
- Cleanups in spec file
* Fri Mar 4 2016 Tomas Mlcoch <tmlcoch@redhat.com> - 1.7.18-1
- Add new option LRO_FTPUSEEPSV
- Update AUTHORS
- downloader prepare_next_transfer(): simplify long line
- downloader prepare_next_transfer(): add missing error check
- downloader prepare_next_transfer(): cleanup error path
- downloader prepare_next_transfer() - fix memory leak on error path (Alan Jenkins)
- handle: Don't use proxy cache for downloads of metalink/mirrorlist
- handle: Don't set CURLOPT_HTTPHEADER into curl handle immediately when specified
- downloader: Implement logic for no_cache param in LrDownloadTarget (RhBug: 1297762)
- Add no_cache param to LrDownloadTarget and lr_downloadtarget_new()
- New test: always try to download from the fastest mirror (Alexander Todorov)
- Doc: Fixed minor doc typo (Philippe Ombredanne)
- Doc: Other updates
- Doc: Update default values in doc to reflect reality

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (librepo-1.18.0.tar.gz) = 6630b4751163ff6a34c32b94f6d0ecdc34926ade6aa92342c99eef9a514edd25405e051c58f6630615dd9cd04ef5c0404ebc4805708356477b97d351baa19a73