import librepo-1.12.0-2.el8

2020-11-03 06:47:28 -05:00 · 2020-11-03 06:47:28 -05:00 · 9e63330847
commit 9e63330847
parent 2faed60297
5 changed files with 23 additions and 118 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/librepo-1.11.0.tar.gz
+SOURCES/librepo-1.12.0.tar.gz
--- a/.librepo.metadata
+++ b/.librepo.metadata
@ -1 +1 @@
-45b628df3c4a6b6a33674934db0c9b5219becb06 SOURCES/librepo-1.11.0.tar.gz
+1981d485743337c93d2b098920e5f738bd41fdc9 SOURCES/librepo-1.12.0.tar.gz
--- a/SOURCES/0001-Create-a-directory-for-gpg-sockets-in-run-user-RhBug.patch
+++ b/SOURCES/0001-Create-a-directory-for-gpg-sockets-in-run-user-RhBug.patch
@ -1,109 +0,0 @@
-From d474bcad3fdca0e009f24e11d927a3cdc7fd6a55 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Hr=C3=A1zk=C3=BD?= <lhrazky@redhat.com>
-Date: Wed, 27 Nov 2019 16:15:20 +0100
-Subject: [PATCH] Create a directory for gpg sockets in /run/user/
- (RhBug:1769831,1771012)
-
-The solution of sending the "KILLAGENT" message to gpgagent to make it
-clean up its sockets in gpg home dir is causing a race condition with
-the gpgme_release() function.
-
-Instead of trying to make the agent clean up its sockets (which doesn't
-seem to be reliably possible), take advantage of its feature to create
-the sockets under '/run/user/$UID' if this directory is present. The
-sockets shouldn't be causing any trouble in this directory.
-
-The commit creates the '/run/user/$UID' directory if it's not present on
-the system. The sockets are then created there.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1769831
-https://bugzilla.redhat.com/show_bug.cgi?id=1771012
---
- librepo/gpg.c | 56 +++++++++++++++++++++++++--------------------------
- 1 file changed, 28 insertions(+), 28 deletions(-)
-
-diff --git a/librepo/gpg.c b/librepo/gpg.c
-index a019015..a134d44 100644
--- a/librepo/gpg.c
-+++ b/librepo/gpg.c
-@@ -32,28 +32,33 @@
- #include "util.h"
- #include "gpg.h"
- 
-static void
-kill_gpg_agent(gpgme_ctx_t context, const char *home_dir)
-{
-    gpgme_error_t gpgerr;
-
-    gpgerr = gpgme_set_protocol(context, GPGME_PROTOCOL_ASSUAN);
-    if (gpgerr != GPG_ERR_NO_ERROR) {
-        g_warning("%s: gpgme_set_protocol: %s", __func__, gpgme_strerror(gpgerr));
-        return;
-    }
-    if (home_dir) {
-        gchar * gpg_agent_sock = g_build_filename(home_dir, "S.gpg-agent", NULL);
-        gpgerr = gpgme_ctx_set_engine_info(context, GPGME_PROTOCOL_ASSUAN, gpg_agent_sock, home_dir);
-        g_free(gpg_agent_sock);
-        if (gpgerr != GPG_ERR_NO_ERROR) {
-            g_warning("%s: gpgme_ctx_set_engine_info: %s", __func__, gpgme_strerror(gpgerr));
-            return;
-        }
-+/*
-+ * Creates the '/run/user/$UID' directory if it doesn't exist. If this
-+ * directory exists, gpgagent will create its sockets under
-+ * '/run/user/$UID/gnupg'.
-+ *
-+ * If this directory doesn't exist, gpgagent will create its sockets in gpg
-+ * home directory, which is under '/var/cache/yum/metadata/' and this was
-+ * causing trouble with container images, see [1].
-+ *
-+ * Previous solution was to send the agent a "KILLAGENT" message, but that
-+ * would cause a race condition with calling gpgme_release(), see [2], [3].
-+ *
-+ * Since the agent doesn't clean up its sockets properly, by creating this
-+ * directory we make sure they are in a place that is not causing trouble with
-+ * container images.
-+ *
-+ * [1] https://bugzilla.redhat.com/show_bug.cgi?id=1650266
-+ * [2] https://bugzilla.redhat.com/show_bug.cgi?id=1769831
-+ * [3] https://github.com/rpm-software-management/microdnf/issues/50
-+ */
-+void ensure_socket_dir_exists() {
-+    char dirname[32];
-+    snprintf(dirname, sizeof(dirname), "/run/user/%u", getuid());
-+    int res = mkdir(dirname, 0700);
-+    if (res != 0 && errno != EEXIST) {
-+        g_debug("Failed to create \"%s\": %d - %s\n", dirname, errno, strerror(errno));
-     }
-    gpgerr = gpgme_op_assuan_transact_ext(context, "KILLAGENT", NULL, NULL, NULL, NULL, NULL, NULL, NULL);
-    if (gpgerr != GPG_ERR_NO_ERROR)
-        g_debug("%s: gpgme_op_assuan_transact_ext: %s", __func__, gpgme_strerror(gpgerr));
- }
- 
- gboolean
-@@ -239,6 +244,8 @@ lr_gpg_import_key(const char *key_fn, const char *home_dir, GError **err)
- 
-     assert(!err || *err == NULL);
- 
-+    ensure_socket_dir_exists();
-+
-     // Initialization
-     gpgme_check_version(NULL);
-     gpgerr = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
-@@ -320,13 +327,6 @@ lr_gpg_import_key(const char *key_fn, const char *home_dir, GError **err)
- 
-     close(key_fd);
- 
-    // Running gpg-agent kept opened sockets on the system.
-    // It tries to exit gpg-agent. Path to the communication socket is derived from homedir.
-    // The gpg-agent automaticaly removes all its socket before exit.
-    // Newer gpg-agent creates sockets under [/var]/run/user/{pid}/... if directory exists.
-    // In this case gpg-agent will not be exited.
-    kill_gpg_agent(context, home_dir);
-
-     gpgme_release(context);
- 
-     return TRUE;
-- 
-2.24.0
-
--- a/SOURCES/0001-Validate-path-read-from-repomd.xml-RhBug-1866498.patch
+++ b/SOURCES/0001-Validate-path-read-from-repomd.xml-RhBug-1866498.patch
--- a/SPECS/librepo.spec
+++ b/SPECS/librepo.spec
@ -26,15 +26,15 @@
 %global dnf_conflict 2.8.8

 Name:           librepo
-Version:        1.11.0
-Release:        3%{?dist}
+Version:        1.12.0
+Release:        2%{?dist}
 Summary:        Repodata downloading library

 License:        LGPLv2+
 URL:            https://github.com/rpm-software-management/librepo
 Source0:        %{url}/archive/%{version}/%{name}-%{version}.tar.gz
-Patch1:         0001-Create-a-directory-for-gpg-sockets-in-run-user-RhBug.patch
-Patch2:         0002-Validate-path-read-from-repomd.xml-RhBug-1866498.patch
+
+Patch1:         0001-Validate-path-read-from-repomd.xml-RhBug-1866498.patch

 BuildRequires:  cmake
 BuildRequires:  gcc
@ -84,7 +84,8 @@ BuildRequires:  pygpgme
 BuildRequires:  python2-pyxattr
 BuildRequires:  python2-gpg
 %endif
-%endif # with pythontests
+%endif
+# endif with pythontests
 Requires:       %{name}%{?_isa} = %{version}-%{release}
 Conflicts:      python2-dnf < %{dnf_conflict}

@ -191,8 +192,21 @@ popd
 %endif

 %changelog
-* Mon Aug 17 2020 Ales Matej <amatej@redhat.com> - 1.11.0-3
- Validate paths read from repomd.xml (RhBug:1866498)
+* Mon Aug 17 2020 Ales Matej <amatej@redhat.com> - 1.12.0-2
+- Validate paths read from repomd.xml (RhBug:1866505)
+
+* Wed Jun 03 2020 Nicola Sella <nsella@redhat.com> - 1.12.0-1
+- Update to 1.12.0
+- Decode package URL when using for local filename (RhBug:1817130)
+- Fix memory leak in lr_download_metadata() and lr_yum_download_remote()
+- Download sources work when at least one of specified is working (RhBug:1775184)
+- Enable building on OSX
+
+* Fri Apr 03 2020 Ales Matej <amatej@redhat.com> - 1.11.3-1
+ - Update to 1.11.3
+ - Prefer mirrorlist/metalink over baseurl (RhBug:1775184)
+ - Fix calling Python API without holding GIL (RhBug:1788918) 
+ - Do not unref LrErr_Exception on exit (RhBug:1778854) 

 * Fri Dec 06 2019 Lukas Hrazky <lhrazky@redhat.com> - 1.11.0-2
 - Create a directory for gpg sockets in /run/user/ (RhBug:1769831,1771012)