Compare commits

...

No commits in common. "c8" and "c9-beta" have entirely different histories.
c8 ... c9-beta

7 changed files with 258 additions and 36 deletions

View File

@ -0,0 +1,35 @@
From e8ea9f09f4ec718c42b1909e21369a9487ed5f4b Mon Sep 17 00:00:00 2001
From: Jaroslav Mracek <jmracek@redhat.com>
Date: Tue, 13 Nov 2018 18:31:57 +0100
Subject: [PATCH 1/4] Replace bool option with int to generate repo files
During the testing of subscription manager it was discovered that
subscription manager detects disabled repository by test if key
"enabled == 0". It means that enabled=false was detected as enabled
repository. I know that the issue is in subscription manager, but
keeping the patch is not harmful because the 0/1 is also valid
combination like false/true.
---
rhsm/rhsm-utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rhsm/rhsm-utils.c b/rhsm/rhsm-utils.c
index 7b6a26b305515c53e10b9cecb9f95b2e9d84ad02..06b12fca7fe366f42f0daa1e77c275c3a8e9375c 100644
--- a/rhsm/rhsm-utils.c
+++ b/rhsm/rhsm-utils.c
@@ -260,11 +260,11 @@ rhsm_utils_yum_repo_from_context (RHSMContext *ctx)
}
g_autofree gchar *baseurl = g_strconcat (ctx_baseurl, path, NULL);
g_key_file_set_string (repofile, id, "name", name);
g_key_file_set_string (repofile, id, "baseurl", baseurl);
- g_key_file_set_boolean (repofile, id, "enabled", enabled);
+ g_key_file_set_integer (repofile, id, "enabled", enabled ? 1 : 0);
if (json_object_has_member (repo, "gpg_url"))
{
const gchar *gpg_url = json_object_get_string_member (repo, "gpg_url");
g_key_file_set_string (repofile, id, "gpgkey", gpg_url);
--
2.26.2

View File

@ -1,8 +1,8 @@
From 3d7519f2ac9e9f6e0978bc0cfebee6fa56190480 Mon Sep 17 00:00:00 2001 From e215c12da9b74dbe85e2ca6555fd10b5b02778d5 Mon Sep 17 00:00:00 2001
From: Pavla Kratochvilova <pkratoch@redhat.com> From: Pavla Kratochvilova <pkratoch@redhat.com>
Date: Wed, 20 Mar 2019 18:45:16 +0100 Date: Wed, 20 Mar 2019 18:45:16 +0100
Subject: [PATCH] Generate repofile for any architecture if "ALL" is specified Subject: [PATCH 2/4] Generate repofile for any architecture if "ALL" is
(RhBug:1645318) specified (RhBug:1645318)
The "arches" array can contain special value "ALL" and in that case any The "arches" array can contain special value "ALL" and in that case any
architecture should be accepted. architecture should be accepted.
@ -13,10 +13,12 @@ https://bugzilla.redhat.com/show_bug.cgi?id=1645318
1 file changed, 2 insertions(+), 1 deletion(-) 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/rhsm/rhsm-utils.c b/rhsm/rhsm-utils.c diff --git a/rhsm/rhsm-utils.c b/rhsm/rhsm-utils.c
index 7b6a26b..0c8df57 100644 index 06b12fca7fe366f42f0daa1e77c275c3a8e9375c..b52a2b81f3c2ba2f881d7f1746d9e0c0b15ab189 100644
--- a/rhsm/rhsm-utils.c --- a/rhsm/rhsm-utils.c
+++ b/rhsm/rhsm-utils.c +++ b/rhsm/rhsm-utils.c
@@ -230,7 +230,8 @@ rhsm_utils_yum_repo_from_context (RHSMContext *ctx) @@ -228,11 +228,12 @@ rhsm_utils_yum_repo_from_context (RHSMContext *ctx)
/* Filter by arches vs context one */
if (json_object_has_member (repo, "arches")) if (json_object_has_member (repo, "arches"))
{ {
JsonArray *arr = json_object_get_array_member (repo, "arches"); JsonArray *arr = json_object_get_array_member (repo, "arches");
@ -26,3 +28,8 @@ index 7b6a26b..0c8df57 100644
continue; continue;
} }
/* Filter by required tags vs available tags */
if (json_object_has_member (repo, "required_tags"))
--
2.26.2

View File

@ -1,7 +1,7 @@
From 1335a0a08399960128192651011c4a3ca6233b32 Mon Sep 17 00:00:00 2001 From 55e2f2d64372043e2fab96461243d808326bc902 Mon Sep 17 00:00:00 2001
From: Daniel Mach <dmach@redhat.com> From: Daniel Mach <dmach@redhat.com>
Date: Tue, 13 Nov 2018 12:17:58 +0100 Date: Tue, 13 Nov 2018 12:17:58 +0100
Subject: [PATCH] Enable repos when generating a .repo file based on Subject: [PATCH 3/4] Enable repos when generating a .repo file based on
entitlement certificate. entitlement certificate.
Resolves: rhbz#1638850 Resolves: rhbz#1638850
@ -10,10 +10,12 @@ Resolves: rhbz#1638850
1 file changed, 8 insertions(+), 1 deletion(-) 1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/rhsm/rhsm-utils.c b/rhsm/rhsm-utils.c diff --git a/rhsm/rhsm-utils.c b/rhsm/rhsm-utils.c
index 7b6a26b..021d0d8 100644 index b52a2b81f3c2ba2f881d7f1746d9e0c0b15ab189..6708a43a93f850f873a216d6f20aca8b7bd3225e 100644
--- a/rhsm/rhsm-utils.c --- a/rhsm/rhsm-utils.c
+++ b/rhsm/rhsm-utils.c +++ b/rhsm/rhsm-utils.c
@@ -246,9 +246,16 @@ rhsm_utils_yum_repo_from_context (RHSMContext *ctx) @@ -245,13 +245,20 @@ rhsm_utils_yum_repo_from_context (RHSMContext *ctx)
/* Now we have only available repos */
const gchar *id = json_object_get_string_member (repo, "label"); const gchar *id = json_object_get_string_member (repo, "label");
const gchar *name = json_object_get_string_member (repo, "name"); const gchar *name = json_object_get_string_member (repo, "name");
const gchar *path = json_object_get_string_member (repo, "path"); const gchar *path = json_object_get_string_member (repo, "path");
@ -31,3 +33,8 @@ index 7b6a26b..021d0d8 100644
if (id == NULL || name == NULL || path == NULL) if (id == NULL || name == NULL || path == NULL)
continue; /* TODO: make some error reporting here */ continue; /* TODO: make some error reporting here */
/* Clashing repositories */
if (g_key_file_has_group (repofile, id))
--
2.26.2

View File

@ -1,7 +1,7 @@
From c3a333256261545ffe1bd7088c6c54dcb9fb759b Mon Sep 17 00:00:00 2001 From 966d9e6b0dec88020a5a9d7368fc95825c55d225 Mon Sep 17 00:00:00 2001
From: Jaroslav Rohel <jrohel@redhat.com> From: Jaroslav Rohel <jrohel@redhat.com>
Date: Tue, 21 Apr 2020 08:56:01 +0200 Date: Tue, 21 Apr 2020 08:56:01 +0200
Subject: [PATCH] Append ctx_baseurl prefix to gpg_url (RhBug:1708628) Subject: [PATCH 4/4] Append ctx_baseurl prefix to gpg_url (RhBug:1708628)
Sometime the gpg_url contains relative path to context baseurl. Sometime the gpg_url contains relative path to context baseurl.
In that case the code appends baseurl prefix to gpg_url. The resulting In that case the code appends baseurl prefix to gpg_url. The resulting
@ -10,14 +10,16 @@ URI is normalized (solved "//", ".", and "..")
The new function rhsm_url_base_join() introduce similar results The new function rhsm_url_base_join() introduce similar results
as utils.url_base_join() in subscription manager. as utils.url_base_join() in subscription manager.
--- ---
rhsm/rhsm-utils.c | 94 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- rhsm/rhsm-utils.c | 94 ++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 93 insertions(+), 1 deletion(-) 1 file changed, 93 insertions(+), 1 deletion(-)
diff --git a/rhsm/rhsm-utils.c b/rhsm/rhsm-utils.c diff --git a/rhsm/rhsm-utils.c b/rhsm/rhsm-utils.c
index 6708a43..ee3f296 100644 index 6708a43a93f850f873a216d6f20aca8b7bd3225e..ee3f296d59c0c4e3c9ed63ccfe460ffdac5bfd3e 100644
--- a/rhsm/rhsm-utils.c --- a/rhsm/rhsm-utils.c
+++ b/rhsm/rhsm-utils.c +++ b/rhsm/rhsm-utils.c
@@ -181,6 +181,97 @@ rhsm_json_array_is_subset_of_hash_table (JsonArray *array, @@ -179,10 +179,101 @@ rhsm_json_array_is_subset_of_hash_table (JsonArray *array,
}
return TRUE; return TRUE;
} }
@ -115,7 +117,11 @@ index 6708a43..ee3f296 100644
/** /**
* rhsm_utils_yum_repo_from_context: * rhsm_utils_yum_repo_from_context:
* @ctx: an #RHSMContext. * @ctx: an #RHSMContext.
@@ -275,7 +366,8 @@ rhsm_utils_yum_repo_from_context (RHSMContext *ctx) *
* Returns: (transfer full): a new #GKeyFile.
@@ -273,11 +364,12 @@ rhsm_utils_yum_repo_from_context (RHSMContext *ctx)
g_key_file_set_integer (repofile, id, "enabled", enabled ? 1 : 0);
if (json_object_has_member (repo, "gpg_url")) if (json_object_has_member (repo, "gpg_url"))
{ {
const gchar *gpg_url = json_object_get_string_member (repo, "gpg_url"); const gchar *gpg_url = json_object_get_string_member (repo, "gpg_url");
@ -125,6 +131,8 @@ index 6708a43..ee3f296 100644
g_key_file_set_boolean (repofile, id, "gpgcheck", TRUE); g_key_file_set_boolean (repofile, id, "gpgcheck", TRUE);
} }
else else
{
/* FIXME: Do we want to enforce gpgcheck? It's unsecure repo. */
-- --
libgit2 0.28.5 2.26.2

View File

@ -0,0 +1,113 @@
From 09f9b923f04a8276252fcfbc4f502be49df483c6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Fri, 27 Oct 2023 15:34:16 +0200
Subject: [PATCH] Fix relocating certificate paths to /etc/rhsm-host
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If /etc/rhsm-host directory exists, librhsm corrects CA certificate
location (rhsm_context_get_ca_cert_dir()) and YUM repository CA
certificate location (rhsm_context_get_repo_ca_cert()) from /etc/rhsm
to /etc/rhsm-host prefix.
However, there was a bug in the path relocation and, as a result, the
locations were mangled to a wrong /etc/rhsm-host-host prefix.
This patch fixes the relocation algorithm to consider boundaries
between the path components.
Note that the relocation was and still is applied not only to default
values, but also to values loaded from a configuration file. That's
probably on purpose to ease sharing the configuration among a host and
the containers.
https://github.com/rpm-software-management/librhsm/issues/9
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
rhsm/rhsm-context.c | 61 ++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 58 insertions(+), 3 deletions(-)
diff --git a/rhsm/rhsm-context.c b/rhsm/rhsm-context.c
index 311dcdd..e0302fd 100644
--- a/rhsm/rhsm-context.c
+++ b/rhsm/rhsm-context.c
@@ -482,6 +482,61 @@ rhsm_context_set_property (GObject *object,
}
}
+/*
+ * path_has_prefix:
+ * @path: pointer to a null-terminated path string.
+ * @prefix: pointer to a null-terminated path prefix without a trailing slash.
+ *
+ * Returns: TRUE if the @prefix is a base path of the @path. FALSE otherwise.
+ */
+
+static gboolean
+path_has_prefix (const gchar *path, const gchar *prefix)
+{
+ if (!path || !prefix)
+ {
+ return FALSE;
+ }
+ {
+ const size_t prefix_length = strlen (prefix);
+ return (!strncmp (path, prefix, prefix_length) &&
+ (G_IS_DIR_SEPARATOR (path [prefix_length]) || path [prefix_length] == '\0'));
+ }
+}
+
+/*
+ * relocate_path:
+ * @path: (inout): pointer to a null-terminated string.
+ * @old_prefix: null-terminated path prefix without a trailing slash to relocate from.
+ * @new_prefix: null-terminated path prefix without a trailing slash to relocate to.
+ *
+ * If @path starts with @old_prefix path components, the @old_prefix path
+ * components will be replaced with @new_prefix.
+ *
+ * Returns: (transfer none): null-terminated string with the relocated path.
+ */
+static gchar *
+relocate_path (gchar **path, const gchar *old_prefix, const gchar *new_prefix)
+{
+ if (!path || !*path || !old_prefix || !new_prefix)
+ {
+ return NULL;
+ }
+
+ if (path_has_prefix (*path, old_prefix))
+ {
+ const size_t old_prefix_length = strlen (old_prefix);
+ GString *tmp = g_string_sized_new (strlen (*path) - old_prefix_length + strlen (new_prefix));
+ g_string_append (tmp, new_prefix);
+ g_string_append (tmp, *path + old_prefix_length);
+
+ g_free (*path);
+ *path = g_string_free (tmp, FALSE);
+ }
+
+ return *path;
+}
+
static void
rhsm_context_constructed (GObject *object)
{
@@ -539,10 +594,10 @@ rhsm_context_constructed (GObject *object)
}
/* If we have conf coming from /etc/rhsm-host, most probably we need to replace /etc/rhsm */
- if (g_str_has_prefix (ctx->conf_file, CONFIG_DIR_HOST))
+ if (path_has_prefix (ctx->conf_file, CONFIG_DIR_HOST))
{
- rhsm_utils_str_replace (&ctx->ca_cert_dir, CONFIG_DIR, CONFIG_DIR_HOST);
- rhsm_utils_str_replace (&ctx->repo_ca_cert, CONFIG_DIR, CONFIG_DIR_HOST);
+ relocate_path (&ctx->ca_cert_dir, CONFIG_DIR, CONFIG_DIR_HOST);
+ relocate_path (&ctx->repo_ca_cert, CONFIG_DIR, CONFIG_DIR_HOST);
}
}
--
2.41.0

View File

@ -0,0 +1,37 @@
From 5e0674cf389f14174208641ec411ba7be448d5e3 Mon Sep 17 00:00:00 2001
From: Marek Blaha <mblaha@redhat.com>
Date: Fri, 18 Jun 2021 07:48:16 +0200
Subject: [PATCH] Refactor parse_entitlement_data()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This change is meant to silence alerts from static code analysis. It
also makes the *ent variable freeing slightly more clear.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
rhsm/rhsm-entitlement-certificate.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/rhsm/rhsm-entitlement-certificate.c b/rhsm/rhsm-entitlement-certificate.c
index 5d37732..aa4dd7e 100644
--- a/rhsm/rhsm-entitlement-certificate.c
+++ b/rhsm/rhsm-entitlement-certificate.c
@@ -140,11 +140,11 @@ parse_entitlement_data (const gchar *data,
}
gsize hlen = strlen (ENTITLEMENT_DATA_HEADER);
- gchar *ent = g_strndup (start + hlen, end - start - hlen);
+ g_autofree gchar *ent = g_strndup (start + hlen, end - start - hlen);
gsize zlen = 0;
guchar *zdata = g_base64_decode_inplace (ent, &zlen);
- g_autoptr(GInputStream) zstream = g_memory_input_stream_new_from_data (zdata, zlen, g_free);
+ g_autoptr(GInputStream) zstream = g_memory_input_stream_new_from_data (zdata, zlen, NULL);
g_autoptr(GZlibDecompressor) decompressor = g_zlib_decompressor_new (G_ZLIB_COMPRESSOR_FORMAT_ZLIB);
g_autoptr(GInputStream) cstream = g_converter_input_stream_new (zstream, G_CONVERTER (decompressor));
g_autoptr(JsonParser) parser = json_parser_new_immutable ();
--
2.44.0

View File

@ -1,16 +1,19 @@
%global libname rhsm Name: librhsm
Name: lib%{libname}
Version: 0.0.3 Version: 0.0.3
Release: 5%{?dist} Release: 9%{?dist}
Summary: Red Hat Subscription Manager library Summary: Red Hat Subscription Manager library
License: LGPLv2+ License: LGPLv2+
URL: https://github.com/rpm-software-management/librhsm URL: https://github.com/rpm-software-management/librhsm
Source: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz Source: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
Patch0: 2.patch
Patch1: 4.patch # Patches backported from upstream
Patch2: 5.patch Patch0001: 0001-Replace-bool-option-with-int-to-generate-repo-files.patch
Patch0002: 0002-Generate-repofile-for-any-architecture-if-ALL-is-spe.patch
Patch0003: 0003-Enable-repos-when-generating-a-.repo-file-based-on-e.patch
Patch0004: 0004-Append-ctx_baseurl-prefix-to-gpg_url-RhBug-1708628.patch
Patch0005: 0005-Fix-relocating-certificate-paths-to-etc-rhsm-host.patch
Patch0006: 0006-Refactor-parse_entitlement_data.patch
BuildRequires: meson >= 0.37.0 BuildRequires: meson >= 0.37.0
BuildRequires: gcc BuildRequires: gcc
@ -47,24 +50,36 @@ Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
%files devel %files devel
%{_libdir}/%{name}.so %{_libdir}/%{name}.so
%{_includedir}/%{libname}/ %{_includedir}/rhsm/
%{_libdir}/pkgconfig/%{name}.pc %{_libdir}/pkgconfig/%{name}.pc
%changelog %changelog
* Thu Jan 5 2023 Nicola Sella <nsella@redhat.com> - 0.0.3-5 * Wed Apr 10 2024 Petr Pisar <ppisar@redhat.com> - 0.0.3-9
- Append ctx_baseurl prefix to gpg_url - Fix memory leaks in parse_entitlement_data() (RHEL-25499)
* Wed Jan 6 2021 Marek Blaha <mblaha@redhat.com> - 0.0.3-4 * Tue Nov 21 2023 Petr Pisar <ppisar@redhat.com> - 0.0.3-8
- Rebuild to ship also librhsm-devel subpackage - Correct a License tag to LGPLv2+ (RHEL-16103)
- Fix relocating certificate paths to /etc/rhsm-host (RHEL-14224)
* Wed Jul 10 2019 Daniel Mach <dmach@redhat.com> - 0.0.3-3 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.0.3-7
- Generate repofile for any architecture if "ALL" is specified - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue Nov 13 2018 Daniel Mach <dmach@redhat.com> - 0.0.3-2 * Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.0.3-6
- Enable repos when generating a .repo file based on entitlement certificate. - Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Mon Jul 09 2018 Igor Gnatenko <ignatenko@redhat.com> - 0.0.3-1 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.0.3-5
- Update to 0.0.3 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Thu Feb 22 2018 Igor Gnatenko <ignatenko@redhat.com> - 0.0.2-1 * Thu Mar 24 2021 Daniel Mach - 0.0.3-4
- Fix License in spec to LGPLv2.1+ (was LGPLv2+)
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.0.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.0.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 08 2020 Stephen Gallagher <sgallagh@redhat.com> - 0.0.3-1
- Initial release - Initial release