import CS librhsm-0.0.3-9.el9

This commit is contained in:
eabdullin 2024-09-30 15:55:06 +00:00
parent cbc4f29cee
commit c7d0ebed76
3 changed files with 161 additions and 2 deletions

View File

@ -0,0 +1,113 @@
From 09f9b923f04a8276252fcfbc4f502be49df483c6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Fri, 27 Oct 2023 15:34:16 +0200
Subject: [PATCH] Fix relocating certificate paths to /etc/rhsm-host
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If /etc/rhsm-host directory exists, librhsm corrects CA certificate
location (rhsm_context_get_ca_cert_dir()) and YUM repository CA
certificate location (rhsm_context_get_repo_ca_cert()) from /etc/rhsm
to /etc/rhsm-host prefix.
However, there was a bug in the path relocation and, as a result, the
locations were mangled to a wrong /etc/rhsm-host-host prefix.
This patch fixes the relocation algorithm to consider boundaries
between the path components.
Note that the relocation was and still is applied not only to default
values, but also to values loaded from a configuration file. That's
probably on purpose to ease sharing the configuration among a host and
the containers.
https://github.com/rpm-software-management/librhsm/issues/9
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
rhsm/rhsm-context.c | 61 ++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 58 insertions(+), 3 deletions(-)
diff --git a/rhsm/rhsm-context.c b/rhsm/rhsm-context.c
index 311dcdd..e0302fd 100644
--- a/rhsm/rhsm-context.c
+++ b/rhsm/rhsm-context.c
@@ -482,6 +482,61 @@ rhsm_context_set_property (GObject *object,
}
}
+/*
+ * path_has_prefix:
+ * @path: pointer to a null-terminated path string.
+ * @prefix: pointer to a null-terminated path prefix without a trailing slash.
+ *
+ * Returns: TRUE if the @prefix is a base path of the @path. FALSE otherwise.
+ */
+
+static gboolean
+path_has_prefix (const gchar *path, const gchar *prefix)
+{
+ if (!path || !prefix)
+ {
+ return FALSE;
+ }
+ {
+ const size_t prefix_length = strlen (prefix);
+ return (!strncmp (path, prefix, prefix_length) &&
+ (G_IS_DIR_SEPARATOR (path [prefix_length]) || path [prefix_length] == '\0'));
+ }
+}
+
+/*
+ * relocate_path:
+ * @path: (inout): pointer to a null-terminated string.
+ * @old_prefix: null-terminated path prefix without a trailing slash to relocate from.
+ * @new_prefix: null-terminated path prefix without a trailing slash to relocate to.
+ *
+ * If @path starts with @old_prefix path components, the @old_prefix path
+ * components will be replaced with @new_prefix.
+ *
+ * Returns: (transfer none): null-terminated string with the relocated path.
+ */
+static gchar *
+relocate_path (gchar **path, const gchar *old_prefix, const gchar *new_prefix)
+{
+ if (!path || !*path || !old_prefix || !new_prefix)
+ {
+ return NULL;
+ }
+
+ if (path_has_prefix (*path, old_prefix))
+ {
+ const size_t old_prefix_length = strlen (old_prefix);
+ GString *tmp = g_string_sized_new (strlen (*path) - old_prefix_length + strlen (new_prefix));
+ g_string_append (tmp, new_prefix);
+ g_string_append (tmp, *path + old_prefix_length);
+
+ g_free (*path);
+ *path = g_string_free (tmp, FALSE);
+ }
+
+ return *path;
+}
+
static void
rhsm_context_constructed (GObject *object)
{
@@ -539,10 +594,10 @@ rhsm_context_constructed (GObject *object)
}
/* If we have conf coming from /etc/rhsm-host, most probably we need to replace /etc/rhsm */
- if (g_str_has_prefix (ctx->conf_file, CONFIG_DIR_HOST))
+ if (path_has_prefix (ctx->conf_file, CONFIG_DIR_HOST))
{
- rhsm_utils_str_replace (&ctx->ca_cert_dir, CONFIG_DIR, CONFIG_DIR_HOST);
- rhsm_utils_str_replace (&ctx->repo_ca_cert, CONFIG_DIR, CONFIG_DIR_HOST);
+ relocate_path (&ctx->ca_cert_dir, CONFIG_DIR, CONFIG_DIR_HOST);
+ relocate_path (&ctx->repo_ca_cert, CONFIG_DIR, CONFIG_DIR_HOST);
}
}
--
2.41.0

View File

@ -0,0 +1,37 @@
From 5e0674cf389f14174208641ec411ba7be448d5e3 Mon Sep 17 00:00:00 2001
From: Marek Blaha <mblaha@redhat.com>
Date: Fri, 18 Jun 2021 07:48:16 +0200
Subject: [PATCH] Refactor parse_entitlement_data()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This change is meant to silence alerts from static code analysis. It
also makes the *ent variable freeing slightly more clear.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
rhsm/rhsm-entitlement-certificate.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/rhsm/rhsm-entitlement-certificate.c b/rhsm/rhsm-entitlement-certificate.c
index 5d37732..aa4dd7e 100644
--- a/rhsm/rhsm-entitlement-certificate.c
+++ b/rhsm/rhsm-entitlement-certificate.c
@@ -140,11 +140,11 @@ parse_entitlement_data (const gchar *data,
}
gsize hlen = strlen (ENTITLEMENT_DATA_HEADER);
- gchar *ent = g_strndup (start + hlen, end - start - hlen);
+ g_autofree gchar *ent = g_strndup (start + hlen, end - start - hlen);
gsize zlen = 0;
guchar *zdata = g_base64_decode_inplace (ent, &zlen);
- g_autoptr(GInputStream) zstream = g_memory_input_stream_new_from_data (zdata, zlen, g_free);
+ g_autoptr(GInputStream) zstream = g_memory_input_stream_new_from_data (zdata, zlen, NULL);
g_autoptr(GZlibDecompressor) decompressor = g_zlib_decompressor_new (G_ZLIB_COMPRESSOR_FORMAT_ZLIB);
g_autoptr(GInputStream) cstream = g_converter_input_stream_new (zstream, G_CONVERTER (decompressor));
g_autoptr(JsonParser) parser = json_parser_new_immutable ();
--
2.44.0

View File

@ -1,9 +1,9 @@
Name: librhsm Name: librhsm
Version: 0.0.3 Version: 0.0.3
Release: 7%{?dist} Release: 9%{?dist}
Summary: Red Hat Subscription Manager library Summary: Red Hat Subscription Manager library
License: LGPLv2.1+ License: LGPLv2+
URL: https://github.com/rpm-software-management/librhsm URL: https://github.com/rpm-software-management/librhsm
Source: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz Source: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
@ -12,6 +12,8 @@ Patch0001: 0001-Replace-bool-option-with-int-to-generate-repo-files.patch
Patch0002: 0002-Generate-repofile-for-any-architecture-if-ALL-is-spe.patch Patch0002: 0002-Generate-repofile-for-any-architecture-if-ALL-is-spe.patch
Patch0003: 0003-Enable-repos-when-generating-a-.repo-file-based-on-e.patch Patch0003: 0003-Enable-repos-when-generating-a-.repo-file-based-on-e.patch
Patch0004: 0004-Append-ctx_baseurl-prefix-to-gpg_url-RhBug-1708628.patch Patch0004: 0004-Append-ctx_baseurl-prefix-to-gpg_url-RhBug-1708628.patch
Patch0005: 0005-Fix-relocating-certificate-paths-to-etc-rhsm-host.patch
Patch0006: 0006-Refactor-parse_entitlement_data.patch
BuildRequires: meson >= 0.37.0 BuildRequires: meson >= 0.37.0
BuildRequires: gcc BuildRequires: gcc
@ -52,6 +54,13 @@ Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
%{_libdir}/pkgconfig/%{name}.pc %{_libdir}/pkgconfig/%{name}.pc
%changelog %changelog
* Wed Apr 10 2024 Petr Pisar <ppisar@redhat.com> - 0.0.3-9
- Fix memory leaks in parse_entitlement_data() (RHEL-25499)
* Tue Nov 21 2023 Petr Pisar <ppisar@redhat.com> - 0.0.3-8
- Correct a License tag to LGPLv2+ (RHEL-16103)
- Fix relocating certificate paths to /etc/rhsm-host (RHEL-14224)
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.0.3-7 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.0.3-7
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688 Related: rhbz#1991688