2742b0e272
As per https://fedoraproject.org/wiki/Changes/RPM-4.18 Adding patches for two late discovered regressions
32 lines
1.1 KiB
Diff
32 lines
1.1 KiB
Diff
From 329e2ec47f6cd3bc7ecf85abd9f2ab179c59914f Mon Sep 17 00:00:00 2001
|
|
Message-Id: <329e2ec47f6cd3bc7ecf85abd9f2ab179c59914f.1650871821.git.pmatilai@redhat.com>
|
|
From: Demi Marie Obenour <demi@invisiblethingslab.com>
|
|
Date: Thu, 14 Apr 2022 15:38:11 -0400
|
|
Subject: [PATCH] Fix OpenPGP key ID parsing regression
|
|
|
|
This fixes a regression in 598a771d8b4f4f480d4990ccf59b978d537201dd,
|
|
which caused RPM to parse key flags from a hashed key ID subpacket. As
|
|
a result, RPM would wrongly reject a signature that had both key ID and
|
|
key usage flags subpackets in the hashed section.
|
|
|
|
(backported from commit 7f830132fe717d4b31c035bb3d08379451e3cd81)
|
|
---
|
|
rpmio/rpmpgp.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
|
|
index deea65eae..242b34e19 100644
|
|
--- a/rpmio/rpmpgp.c
|
|
+++ b/rpmio/rpmpgp.c
|
|
@@ -528,6 +528,7 @@ static int pgpPrtSubType(const uint8_t *h, size_t hlen, pgpSigType sigtype,
|
|
_digp->saved |= PGPDIG_SAVED_ID;
|
|
memcpy(_digp->signid, p+1, sizeof(_digp->signid));
|
|
}
|
|
+ break;
|
|
case PGPSUBTYPE_KEY_FLAGS: /* Key usage flags */
|
|
/* Subpackets in the unhashed section cannot be trusted */
|
|
if (!hashed)
|
|
--
|
|
2.35.1
|
|
|