139 lines
4.5 KiB
Diff
139 lines
4.5 KiB
Diff
From 966d9e6b0dec88020a5a9d7368fc95825c55d225 Mon Sep 17 00:00:00 2001
|
|
From: Jaroslav Rohel <jrohel@redhat.com>
|
|
Date: Tue, 21 Apr 2020 08:56:01 +0200
|
|
Subject: [PATCH 4/4] Append ctx_baseurl prefix to gpg_url (RhBug:1708628)
|
|
|
|
Sometime the gpg_url contains relative path to context baseurl.
|
|
In that case the code appends baseurl prefix to gpg_url. The resulting
|
|
URI is normalized (solved "//", ".", and "..")
|
|
|
|
The new function rhsm_url_base_join() introduce similar results
|
|
as utils.url_base_join() in subscription manager.
|
|
---
|
|
rhsm/rhsm-utils.c | 94 ++++++++++++++++++++++++++++++++++++++++++++++-
|
|
1 file changed, 93 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/rhsm/rhsm-utils.c b/rhsm/rhsm-utils.c
|
|
index 6708a43a93f850f873a216d6f20aca8b7bd3225e..ee3f296d59c0c4e3c9ed63ccfe460ffdac5bfd3e 100644
|
|
--- a/rhsm/rhsm-utils.c
|
|
+++ b/rhsm/rhsm-utils.c
|
|
@@ -179,10 +179,101 @@ rhsm_json_array_is_subset_of_hash_table (JsonArray *array,
|
|
}
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
+/*
|
|
+ * Join a baseurl (hostname) and url (full or relpath).
|
|
+ *
|
|
+ * If url is a full url, just return it. Otherwise combine
|
|
+ * it with base, skipping redundant seperators if needed.
|
|
+ *
|
|
+ * Simulate the behavior of subscription manager.
|
|
+ */
|
|
+static gchar *
|
|
+rhsm_url_base_join (const gchar *base,
|
|
+ const gchar *url)
|
|
+{
|
|
+ /* handle special cases similar to subscription manager */
|
|
+ if (!url || *url == '\0')
|
|
+ return g_strdup ("");
|
|
+ if (strstr (url, "://"))
|
|
+ return g_strdup (url);
|
|
+ if (!base || *base == '\0')
|
|
+ return g_strdup (url);
|
|
+
|
|
+ /* parse URI, split to schema, host, and path */
|
|
+ g_autofree gchar *schema = NULL;
|
|
+ g_autofree gchar *host = NULL;
|
|
+ g_autofree gchar *path = NULL;
|
|
+ gchar *tmp = strstr (base, ":");
|
|
+ if (tmp)
|
|
+ schema = g_strndup (base, tmp - base);
|
|
+ if (schema)
|
|
+ {
|
|
+ if (tmp[1] == '/' && tmp[2] == '/')
|
|
+ {
|
|
+ gchar *tmp2 = strstr (tmp + 3, "/");
|
|
+ if (tmp2)
|
|
+ {
|
|
+ host = g_strndup (tmp + 3, tmp2 - tmp - 3);
|
|
+ path = g_strdup (tmp2);
|
|
+ }
|
|
+ else
|
|
+ host = g_strdup (tmp + 3);
|
|
+ }
|
|
+ else
|
|
+ path = g_strdup (tmp + 1);
|
|
+ }
|
|
+ else
|
|
+ path = g_strdup (base);
|
|
+
|
|
+ /* full_path is path from base + url */
|
|
+ g_autofree gchar *full_path = NULL;
|
|
+ if (path)
|
|
+ full_path = g_strconcat (path, "/", url, NULL);
|
|
+ else
|
|
+ full_path = g_strconcat ("/", url, NULL);
|
|
+
|
|
+ /* normalize full_path
|
|
+ * split to vector, copy vector but skip empty and "." items,
|
|
+ * for each ".." source item remove last item from destination
|
|
+ */
|
|
+ g_auto(GStrv) src_split_path = g_strsplit (full_path, "/", -1);
|
|
+ guint src_len = g_strv_length (src_split_path);
|
|
+ g_autofree gchar **dest_split_path = g_new0 (gchar *, src_len + 1);
|
|
+ guint dest_len = 0;
|
|
+ for (guint src_idx = 0; src_idx < src_len; ++src_idx)
|
|
+ {
|
|
+ gchar *src = src_split_path[src_idx];
|
|
+ if (*src == '\0' || strcmp (src, ".") == 0)
|
|
+ continue;
|
|
+ if (strcmp (src, "..") == 0)
|
|
+ {
|
|
+ if (dest_len > 0)
|
|
+ --dest_len;
|
|
+ continue;
|
|
+ }
|
|
+ dest_split_path[dest_len++] = src;
|
|
+ }
|
|
+ dest_split_path[dest_len] = NULL;
|
|
+
|
|
+ /* construct destination path */
|
|
+ g_autofree gchar *tmp_path = g_strjoinv ("/", dest_split_path);
|
|
+ g_autofree gchar *dest_path = NULL;
|
|
+ if (g_str_has_suffix (url, "/") || g_str_has_suffix (url, "/.") || g_str_has_suffix (url, "/.."))
|
|
+ dest_path = g_strconcat (tmp_path, "/", NULL);
|
|
+ else
|
|
+ dest_path = g_strdup (tmp_path);
|
|
+
|
|
+ /* construct and return final URI */
|
|
+ if (schema)
|
|
+ return g_strconcat (schema, "://", host ? host : "", "/", dest_path, NULL);
|
|
+ else
|
|
+ return g_strconcat ("/", dest_path, NULL);
|
|
+}
|
|
+
|
|
/**
|
|
* rhsm_utils_yum_repo_from_context:
|
|
* @ctx: an #RHSMContext.
|
|
*
|
|
* Returns: (transfer full): a new #GKeyFile.
|
|
@@ -273,11 +364,12 @@ rhsm_utils_yum_repo_from_context (RHSMContext *ctx)
|
|
g_key_file_set_integer (repofile, id, "enabled", enabled ? 1 : 0);
|
|
|
|
if (json_object_has_member (repo, "gpg_url"))
|
|
{
|
|
const gchar *gpg_url = json_object_get_string_member (repo, "gpg_url");
|
|
- g_key_file_set_string (repofile, id, "gpgkey", gpg_url);
|
|
+ g_autofree gchar *gpgkey = rhsm_url_base_join (ctx_baseurl, gpg_url);
|
|
+ g_key_file_set_string (repofile, id, "gpgkey", gpgkey);
|
|
g_key_file_set_boolean (repofile, id, "gpgcheck", TRUE);
|
|
}
|
|
else
|
|
{
|
|
/* FIXME: Do we want to enforce gpgcheck? It's unsecure repo. */
|
|
--
|
|
2.26.2
|
|
|