rpms/librepo
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import librepo-1.14.0-1.el8

Browse Source
This commit is contained in:
CentOS Sources 2021-06-02 16:11:02 +00:00 committed by Andrew Lukoshko
parent 9cf00893de
commit 454314766e
5 changed files with 20 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/librepo-1.12.0.tar.gz
SOURCES/librepo-1.14.0.tar.gz

2
.librepo.metadata
View File

@ -1 +1 @@
1981d485743337c93d2b098920e5f738bd41fdc9 SOURCES/librepo-1.12.0.tar.gz
b09cf9ac3751e3c513e1c30a527d1a5e460853b7 SOURCES/librepo-1.14.0.tar.gz

47
SOURCES/0001-Validate-path-read-from-repomd.xml-RhBug-1866498.patch
View File

@ -1,47 +0,0 @@
From 699d3ee7b8968b5586ceb53e07d678e702735609 Mon Sep 17 00:00:00 2001
From: Jaroslav Rohel <jrohel@redhat.com>
Date: Wed, 12 Aug 2020 08:35:28 +0200
Subject: [PATCH] Validate path read from repomd.xml
---
librepo/yum.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/librepo/yum.c b/librepo/yum.c
index 3059188..529257b 100644
--- a/librepo/yum.c
+++ b/librepo/yum.c
@@ -23,6 +23,7 @@
#define BITS_IN_BYTE 8
#include <stdio.h>
+#include <libgen.h>
#include <assert.h>
#include <stdlib.h>
#include <errno.h>
@@ -770,6 +771,22 @@ prepare_repo_download_targets(LrHandle *handle,
continue;
char *location_href = record->location_href;
+
+ char *dest_dir = realpath(handle->destdir, NULL);
+ path = lr_pathconcat(handle->destdir, record->location_href, NULL);
+ char *requested_dir = realpath(dirname(path), NULL);
+ lr_free(path);
+ if (!g_str_has_prefix(requested_dir, dest_dir)) {
+ g_debug("%s: Invalid path: %s", __func__, location_href);
+ g_set_error(err, LR_YUM_ERROR, LRE_IO, "Invalid path: %s", location_href);
+ g_slist_free_full(*targets, (GDestroyNotify) lr_downloadtarget_free);
+ free(requested_dir);
+ free(dest_dir);
+ return FALSE;
+ }
+ free(requested_dir);
+ free(dest_dir);
+
gboolean is_zchunk = FALSE;
#ifdef WITH_ZCHUNK
if (handle->cachedir && record->header_checksum)
--
2.28.0

40
SOURCES/0002-Add-support-for-pkcs11-certificate-and-key-for-repos.patch
View File

@ -1,40 +0,0 @@
From 1e7673d07308081f13e7bb1829cfed2ccd865ea0 Mon Sep 17 00:00:00 2001
From: Masahiro Matsuya <mmatsuya@redhat.com>
Date: Fri, 13 Nov 2020 17:37:59 +0100
Subject: [PATCH] Add support for pkcs11 certificate and key for repository
authorization
msg: Add support for pkcs11 certificate and key for repository authorization
type: enhancement
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1859495
---
librepo/handle.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/librepo/handle.c b/librepo/handle.c
index d8728c4..33edf5d 100644
--- a/librepo/handle.c
+++ b/librepo/handle.c
@@ -649,6 +649,9 @@ lr_handle_setopt(LrHandle *handle,
lr_free(handle->sslclientcert);
handle->sslclientcert = g_strdup(va_arg(arg, char *));
c_rc = curl_easy_setopt(c_h, CURLOPT_SSLCERT, handle->sslclientcert);
+ if (c_rc == CURLE_OK && handle->sslclientcert && !strncasecmp(handle->sslclientcert, "pkcs11:", 7)) {
+ c_rc = curl_easy_setopt(c_h, CURLOPT_SSLCERTTYPE, "ENG");
+ }
break;
case LRO_SSLCLIENTKEY:
@@ -656,6 +659,9 @@ lr_handle_setopt(LrHandle *handle,
lr_free(handle->sslclientkey);
handle->sslclientkey = g_strdup(va_arg(arg, char *));
c_rc = curl_easy_setopt(c_h, CURLOPT_SSLKEY, handle->sslclientkey);
+ if (c_rc == CURLE_OK && handle->sslclientkey && !strncasecmp(handle->sslclientkey, "pkcs11:", 7)) {
+ c_rc = curl_easy_setopt(c_h, CURLOPT_SSLKEYTYPE, "ENG");
+ }
break;
case LRO_SSLCACERT:
--
2.26.2

122
SPECS/librepo.spec
View File

@ -1,21 +1,6 @@
%global libcurl_version 7.28.0
%global libcurl_version 7.52.0
%if 0%{?rhel} && 0%{?rhel} <= 7
# Do not build bindings for python3 for RHEL <= 7
%bcond_with python3
# python-flask is not in RHEL7
%bcond_with pythontests
%else
%bcond_without python3
%bcond_without pythontests
%endif
%if 0%{?rhel} > 7 || 0%{?fedora} > 29
# Do not build bindings for python2 for RHEL > 7 and Fedora > 29
%bcond_with python2
%else
%bcond_without python2
%endif
%undefine __cmake_in_source_build
%if 0%{?rhel}
%bcond_with zchunk
@ -26,17 +11,14 @@
%global dnf_conflict 2.8.8
Name: librepo
Version: 1.12.0
Release: 3%{?dist}
Version: 1.14.0
Release: 1%{?dist}
Summary: Repodata downloading library
License: LGPLv2+
URL: https://github.com/rpm-software-management/librepo
Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
Patch1: 0001-Validate-path-read-from-repomd.xml-RhBug-1866498.patch
Patch2: 0002-Add-support-for-pkcs11-certificate-and-key-for-repos.patch
BuildRequires: cmake
BuildRequires: gcc
BuildRequires: check-devel
@ -64,48 +46,14 @@ Requires: %{name}%{?_isa} = %{version}-%{release}
%description devel
Development files for librepo.
%if %{with python2}
%package -n python2-%{name}
Summary: Python bindings for the librepo library
%{?python_provide:%python_provide python2-%{name}}
%if 0%{?rhel} && 0%{?rhel} <= 7
BuildRequires: python-sphinx
%else
BuildRequires: python2-sphinx
%endif
BuildRequires: python2-devel
%if %{with pythontests}
BuildRequires: python2-flask
BuildRequires: python2-nose
BuildRequires: python2-requests
%if (0%{?rhel} && 0%{?rhel} <= 7)
BuildRequires: pyxattr
BuildRequires: pygpgme
%else
BuildRequires: python2-pyxattr
BuildRequires: python2-gpg
%endif
%endif
# endif with pythontests
Requires: %{name}%{?_isa} = %{version}-%{release}
Conflicts: python2-dnf < %{dnf_conflict}
%description -n python2-%{name}
Python 2 bindings for the librepo library.
%endif
%if %{with python3}
%package -n python3-%{name}
Summary: Python 3 bindings for the librepo library
%{?python_provide:%python_provide python3-%{name}}
BuildRequires: python3-devel
%if %{with pythontests}
BuildRequires: python3-gpg
BuildRequires: python3-flask
BuildRequires: python3-nose
BuildRequires: python3-pyxattr
BuildRequires: python3-requests
%endif
BuildRequires: python3-sphinx
Requires: %{name}%{?_isa} = %{version}-%{release}
# Obsoletes Fedora 27 package
@ -114,56 +62,19 @@ Conflicts: python3-dnf < %{dnf_conflict}
%description -n python3-%{name}
Python 3 bindings for the librepo library.
%endif
%prep
%autosetup -p1
mkdir build-py2
mkdir build-py3
%build
%if %{with python2}
pushd build-py2
%cmake -DPYTHON_DESIRED:FILEPATH=%{__python2} %{!?with_zchunk:-DWITH_ZCHUNK=OFF} -DENABLE_PYTHON_TESTS=%{?with_pythontests:ON}%{!?with_pythontests:OFF} ..
%make_build
popd
%endif
%if %{with python3}
pushd build-py3
%cmake -DPYTHON_DESIRED:FILEPATH=%{__python3} %{!?with_zchunk:-DWITH_ZCHUNK=OFF} -DENABLE_PYTHON_TESTS=%{?with_pythontests:ON}%{!?with_pythontests:OFF} ..
%make_build
popd
%endif
%cmake %{!?with_zchunk:-DWITH_ZCHUNK=OFF}
%cmake_build
%check
%if %{with python2}
pushd build-py2
#ctest -VV
make ARGS="-V" test
popd
%endif
%if %{with python3}
pushd build-py3
#ctest -VV
make ARGS="-V" test
popd
%endif
%ctest
%install
%if %{with python2}
pushd build-py2
%make_install
popd
%endif
%if %{with python3}
pushd build-py3
%make_install
popd
%endif
%cmake_install
%if 0%{?rhel} && 0%{?rhel} <= 7
%post -p /sbin/ldconfig
@ -182,17 +93,20 @@ popd
%{_libdir}/pkgconfig/%{name}.pc
%{_includedir}/%{name}/
%if %{with python2}
%files -n python2-%{name}
%{python2_sitearch}/%{name}/
%endif
%if %{with python3}
%files -n python3-%{name}
%{python3_sitearch}/%{name}/
%endif
%changelog
* Fri Apr 30 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.0-1
- Update to 1.14.0
- Fix the key string parsing in url_substitution
- When zchunk enabled and not using HTTP/S protocol, download the whole file (RhBug:1886706)
- Add an option LRO_SSLVERIFYSTATUS to check TLS certificate revocation status (using OCSP stapling) (RhBug:1814383)
- Fix: lr_perform() - Avoid 100% CPU usage
- Add support for working with certificates used with proxy
- Reposync does not re-download unchanged packages (RhBug:1931904)
- Fix memory leaks
* Tue Dec 15 2020 Marek Blaha <mblaha@redhat.com> - 1.12.0-3
- Add support for pkcs11 certificate and key for repository authorization (RhBug:1859495)