import CS librhsm-0.0.3-9.el9
This commit is contained in:
parent
cbc4f29cee
commit
c7d0ebed76
@ -0,0 +1,113 @@
|
|||||||
|
From 09f9b923f04a8276252fcfbc4f502be49df483c6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
|
||||||
|
Date: Fri, 27 Oct 2023 15:34:16 +0200
|
||||||
|
Subject: [PATCH] Fix relocating certificate paths to /etc/rhsm-host
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
If /etc/rhsm-host directory exists, librhsm corrects CA certificate
|
||||||
|
location (rhsm_context_get_ca_cert_dir()) and YUM repository CA
|
||||||
|
certificate location (rhsm_context_get_repo_ca_cert()) from /etc/rhsm
|
||||||
|
to /etc/rhsm-host prefix.
|
||||||
|
|
||||||
|
However, there was a bug in the path relocation and, as a result, the
|
||||||
|
locations were mangled to a wrong /etc/rhsm-host-host prefix.
|
||||||
|
|
||||||
|
This patch fixes the relocation algorithm to consider boundaries
|
||||||
|
between the path components.
|
||||||
|
|
||||||
|
Note that the relocation was and still is applied not only to default
|
||||||
|
values, but also to values loaded from a configuration file. That's
|
||||||
|
probably on purpose to ease sharing the configuration among a host and
|
||||||
|
the containers.
|
||||||
|
|
||||||
|
https://github.com/rpm-software-management/librhsm/issues/9
|
||||||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||||
|
---
|
||||||
|
rhsm/rhsm-context.c | 61 ++++++++++++++++++++++++++++++++++++++++++---
|
||||||
|
1 file changed, 58 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/rhsm/rhsm-context.c b/rhsm/rhsm-context.c
|
||||||
|
index 311dcdd..e0302fd 100644
|
||||||
|
--- a/rhsm/rhsm-context.c
|
||||||
|
+++ b/rhsm/rhsm-context.c
|
||||||
|
@@ -482,6 +482,61 @@ rhsm_context_set_property (GObject *object,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * path_has_prefix:
|
||||||
|
+ * @path: pointer to a null-terminated path string.
|
||||||
|
+ * @prefix: pointer to a null-terminated path prefix without a trailing slash.
|
||||||
|
+ *
|
||||||
|
+ * Returns: TRUE if the @prefix is a base path of the @path. FALSE otherwise.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+static gboolean
|
||||||
|
+path_has_prefix (const gchar *path, const gchar *prefix)
|
||||||
|
+{
|
||||||
|
+ if (!path || !prefix)
|
||||||
|
+ {
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+ {
|
||||||
|
+ const size_t prefix_length = strlen (prefix);
|
||||||
|
+ return (!strncmp (path, prefix, prefix_length) &&
|
||||||
|
+ (G_IS_DIR_SEPARATOR (path [prefix_length]) || path [prefix_length] == '\0'));
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * relocate_path:
|
||||||
|
+ * @path: (inout): pointer to a null-terminated string.
|
||||||
|
+ * @old_prefix: null-terminated path prefix without a trailing slash to relocate from.
|
||||||
|
+ * @new_prefix: null-terminated path prefix without a trailing slash to relocate to.
|
||||||
|
+ *
|
||||||
|
+ * If @path starts with @old_prefix path components, the @old_prefix path
|
||||||
|
+ * components will be replaced with @new_prefix.
|
||||||
|
+ *
|
||||||
|
+ * Returns: (transfer none): null-terminated string with the relocated path.
|
||||||
|
+ */
|
||||||
|
+static gchar *
|
||||||
|
+relocate_path (gchar **path, const gchar *old_prefix, const gchar *new_prefix)
|
||||||
|
+{
|
||||||
|
+ if (!path || !*path || !old_prefix || !new_prefix)
|
||||||
|
+ {
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (path_has_prefix (*path, old_prefix))
|
||||||
|
+ {
|
||||||
|
+ const size_t old_prefix_length = strlen (old_prefix);
|
||||||
|
+ GString *tmp = g_string_sized_new (strlen (*path) - old_prefix_length + strlen (new_prefix));
|
||||||
|
+ g_string_append (tmp, new_prefix);
|
||||||
|
+ g_string_append (tmp, *path + old_prefix_length);
|
||||||
|
+
|
||||||
|
+ g_free (*path);
|
||||||
|
+ *path = g_string_free (tmp, FALSE);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return *path;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static void
|
||||||
|
rhsm_context_constructed (GObject *object)
|
||||||
|
{
|
||||||
|
@@ -539,10 +594,10 @@ rhsm_context_constructed (GObject *object)
|
||||||
|
}
|
||||||
|
|
||||||
|
/* If we have conf coming from /etc/rhsm-host, most probably we need to replace /etc/rhsm */
|
||||||
|
- if (g_str_has_prefix (ctx->conf_file, CONFIG_DIR_HOST))
|
||||||
|
+ if (path_has_prefix (ctx->conf_file, CONFIG_DIR_HOST))
|
||||||
|
{
|
||||||
|
- rhsm_utils_str_replace (&ctx->ca_cert_dir, CONFIG_DIR, CONFIG_DIR_HOST);
|
||||||
|
- rhsm_utils_str_replace (&ctx->repo_ca_cert, CONFIG_DIR, CONFIG_DIR_HOST);
|
||||||
|
+ relocate_path (&ctx->ca_cert_dir, CONFIG_DIR, CONFIG_DIR_HOST);
|
||||||
|
+ relocate_path (&ctx->repo_ca_cert, CONFIG_DIR, CONFIG_DIR_HOST);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
37
SOURCES/0006-Refactor-parse_entitlement_data.patch
Normal file
37
SOURCES/0006-Refactor-parse_entitlement_data.patch
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
From 5e0674cf389f14174208641ec411ba7be448d5e3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Marek Blaha <mblaha@redhat.com>
|
||||||
|
Date: Fri, 18 Jun 2021 07:48:16 +0200
|
||||||
|
Subject: [PATCH] Refactor parse_entitlement_data()
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
This change is meant to silence alerts from static code analysis. It
|
||||||
|
also makes the *ent variable freeing slightly more clear.
|
||||||
|
|
||||||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||||
|
---
|
||||||
|
rhsm/rhsm-entitlement-certificate.c | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/rhsm/rhsm-entitlement-certificate.c b/rhsm/rhsm-entitlement-certificate.c
|
||||||
|
index 5d37732..aa4dd7e 100644
|
||||||
|
--- a/rhsm/rhsm-entitlement-certificate.c
|
||||||
|
+++ b/rhsm/rhsm-entitlement-certificate.c
|
||||||
|
@@ -140,11 +140,11 @@ parse_entitlement_data (const gchar *data,
|
||||||
|
}
|
||||||
|
|
||||||
|
gsize hlen = strlen (ENTITLEMENT_DATA_HEADER);
|
||||||
|
- gchar *ent = g_strndup (start + hlen, end - start - hlen);
|
||||||
|
+ g_autofree gchar *ent = g_strndup (start + hlen, end - start - hlen);
|
||||||
|
|
||||||
|
gsize zlen = 0;
|
||||||
|
guchar *zdata = g_base64_decode_inplace (ent, &zlen);
|
||||||
|
- g_autoptr(GInputStream) zstream = g_memory_input_stream_new_from_data (zdata, zlen, g_free);
|
||||||
|
+ g_autoptr(GInputStream) zstream = g_memory_input_stream_new_from_data (zdata, zlen, NULL);
|
||||||
|
g_autoptr(GZlibDecompressor) decompressor = g_zlib_decompressor_new (G_ZLIB_COMPRESSOR_FORMAT_ZLIB);
|
||||||
|
g_autoptr(GInputStream) cstream = g_converter_input_stream_new (zstream, G_CONVERTER (decompressor));
|
||||||
|
g_autoptr(JsonParser) parser = json_parser_new_immutable ();
|
||||||
|
--
|
||||||
|
2.44.0
|
||||||
|
|
@ -1,9 +1,9 @@
|
|||||||
Name: librhsm
|
Name: librhsm
|
||||||
Version: 0.0.3
|
Version: 0.0.3
|
||||||
Release: 7%{?dist}
|
Release: 9%{?dist}
|
||||||
Summary: Red Hat Subscription Manager library
|
Summary: Red Hat Subscription Manager library
|
||||||
|
|
||||||
License: LGPLv2.1+
|
License: LGPLv2+
|
||||||
URL: https://github.com/rpm-software-management/librhsm
|
URL: https://github.com/rpm-software-management/librhsm
|
||||||
Source: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
|
Source: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
|
||||||
|
|
||||||
@ -12,6 +12,8 @@ Patch0001: 0001-Replace-bool-option-with-int-to-generate-repo-files.patch
|
|||||||
Patch0002: 0002-Generate-repofile-for-any-architecture-if-ALL-is-spe.patch
|
Patch0002: 0002-Generate-repofile-for-any-architecture-if-ALL-is-spe.patch
|
||||||
Patch0003: 0003-Enable-repos-when-generating-a-.repo-file-based-on-e.patch
|
Patch0003: 0003-Enable-repos-when-generating-a-.repo-file-based-on-e.patch
|
||||||
Patch0004: 0004-Append-ctx_baseurl-prefix-to-gpg_url-RhBug-1708628.patch
|
Patch0004: 0004-Append-ctx_baseurl-prefix-to-gpg_url-RhBug-1708628.patch
|
||||||
|
Patch0005: 0005-Fix-relocating-certificate-paths-to-etc-rhsm-host.patch
|
||||||
|
Patch0006: 0006-Refactor-parse_entitlement_data.patch
|
||||||
|
|
||||||
BuildRequires: meson >= 0.37.0
|
BuildRequires: meson >= 0.37.0
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
@ -52,6 +54,13 @@ Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
|||||||
%{_libdir}/pkgconfig/%{name}.pc
|
%{_libdir}/pkgconfig/%{name}.pc
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Apr 10 2024 Petr Pisar <ppisar@redhat.com> - 0.0.3-9
|
||||||
|
- Fix memory leaks in parse_entitlement_data() (RHEL-25499)
|
||||||
|
|
||||||
|
* Tue Nov 21 2023 Petr Pisar <ppisar@redhat.com> - 0.0.3-8
|
||||||
|
- Correct a License tag to LGPLv2+ (RHEL-16103)
|
||||||
|
- Fix relocating certificate paths to /etc/rhsm-host (RHEL-14224)
|
||||||
|
|
||||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.0.3-7
|
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.0.3-7
|
||||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
Related: rhbz#1991688
|
Related: rhbz#1991688
|
||||||
|
Loading…
Reference in New Issue
Block a user