3913b45078
This uses the new cmake build scripts so several pieces of the package had to be adjusted.
140 lines
4.1 KiB
Diff
140 lines
4.1 KiB
Diff
From 9a9514e665c30554a4d72c7c79475af315b83dc3 Mon Sep 17 00:00:00 2001
|
|
Message-Id: <9a9514e665c30554a4d72c7c79475af315b83dc3.1683531413.git.pmatilai@redhat.com>
|
|
From: Panu Matilainen <pmatilai@redhat.com>
|
|
Date: Mon, 8 May 2023 09:26:46 +0300
|
|
Subject: [PATCH] Forward-port obsoleted crypto needed by current libdnf
|
|
|
|
Provide the minimum required bits to allow the old PackageKit-inherited
|
|
signature in libdnf to work until the switch to dnf5 happens, allegedly
|
|
during this release cycle.
|
|
---
|
|
include/rpm/rpmkeyring.h | 4 ++++
|
|
include/rpm/rpmpgp.h | 15 ++++++++++++
|
|
rpmio/rpmkeyring.c | 52 ++++++++++++++++++++++++++++++++++++++++
|
|
rpmio/rpmpgp_sequoia.c | 11 +++++++++
|
|
4 files changed, 82 insertions(+)
|
|
|
|
diff --git a/include/rpm/rpmkeyring.h b/include/rpm/rpmkeyring.h
|
|
index 3d8d55773..c84292ff8 100644
|
|
--- a/include/rpm/rpmkeyring.h
|
|
+++ b/include/rpm/rpmkeyring.h
|
|
@@ -101,6 +101,10 @@ char * rpmPubkeyBase64(rpmPubkey key);
|
|
*/
|
|
pgpDigParams rpmPubkeyPgpDigParams(rpmPubkey key);
|
|
|
|
+/* Obsolete APIs required by libdnf, do not use */
|
|
+rpmRC rpmKeyringLookup(rpmKeyring keyring, pgpDig sig);
|
|
+pgpDig rpmPubkeyDig(rpmPubkey key);
|
|
+
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
diff --git a/include/rpm/rpmpgp.h b/include/rpm/rpmpgp.h
|
|
index 675cbad73..f83642c18 100644
|
|
--- a/include/rpm/rpmpgp.h
|
|
+++ b/include/rpm/rpmpgp.h
|
|
@@ -1225,6 +1225,21 @@ int pgpSignatureType(pgpDigParams sig);
|
|
*/
|
|
char *pgpIdentItem(pgpDigParams digp);
|
|
|
|
+/* Obsolete APIs required by libdnf, do not use */
|
|
+typedef struct pgpDig_s * pgpDig;
|
|
+
|
|
+RPM_GNUC_DEPRECATED
|
|
+pgpDig pgpNewDig(void);
|
|
+
|
|
+RPM_GNUC_DEPRECATED
|
|
+pgpDig pgpFreeDig(pgpDig dig);
|
|
+
|
|
+RPM_GNUC_DEPRECATED
|
|
+pgpDigParams pgpDigGetParams(pgpDig dig, unsigned int pkttype);
|
|
+
|
|
+RPM_GNUC_DEPRECATED
|
|
+int pgpPrtPkts(const uint8_t *pkts, size_t pktlen, pgpDig dig, int printing);
|
|
+
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
diff --git a/rpmio/rpmkeyring.c b/rpmio/rpmkeyring.c
|
|
index e3eb9e6ea..464163895 100644
|
|
--- a/rpmio/rpmkeyring.c
|
|
+++ b/rpmio/rpmkeyring.c
|
|
@@ -289,3 +289,55 @@ rpmRC rpmKeyringVerifySig(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX ctx)
|
|
|
|
return rc;
|
|
}
|
|
+
|
|
+rpmRC rpmKeyringLookup(rpmKeyring keyring, pgpDig sig)
|
|
+{
|
|
+ pthread_rwlock_rdlock(&keyring->lock);
|
|
+
|
|
+ rpmRC res = RPMRC_NOKEY;
|
|
+ pgpDigParams sigp = pgpDigGetParams(sig, PGPTAG_SIGNATURE);
|
|
+ rpmPubkey key = findbySig(keyring, sigp);
|
|
+
|
|
+ if (key) {
|
|
+ /*
|
|
+ * Callers expect sig to have the key data parsed into pgpDig
|
|
+ * on (successful) return, sigh. No need to check for return
|
|
+ * here as this is validated at rpmPubkeyNew() already.
|
|
+ */
|
|
+ pgpPrtPkts(key->pkt, key->pktlen, sig, _print_pkts);
|
|
+ res = RPMRC_OK;
|
|
+ }
|
|
+
|
|
+ pthread_rwlock_unlock(&keyring->lock);
|
|
+ return res;
|
|
+}
|
|
+
|
|
+pgpDig rpmPubkeyDig(rpmPubkey key)
|
|
+{
|
|
+ pgpDig dig = NULL;
|
|
+ static unsigned char zeros[] =
|
|
+ { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
|
|
+ int rc;
|
|
+ if (key == NULL)
|
|
+ return NULL;
|
|
+
|
|
+ dig = pgpNewDig();
|
|
+
|
|
+ pthread_rwlock_rdlock(&key->lock);
|
|
+ rc = pgpPrtPkts(key->pkt, key->pktlen, dig, _print_pkts);
|
|
+ pthread_rwlock_unlock(&key->lock);
|
|
+
|
|
+ if (rc == 0) {
|
|
+ pgpDigParams pubp = pgpDigGetParams(dig, PGPTAG_PUBLIC_KEY);
|
|
+ if (!pubp || !memcmp(pgpDigParamsSignID(pubp), zeros, sizeof(zeros)) ||
|
|
+ pgpDigParamsCreationTime(pubp) == 0 ||
|
|
+ pgpDigParamsUserID(pubp) == NULL) {
|
|
+ rc = -1;
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if (rc)
|
|
+ dig = pgpFreeDig(dig);
|
|
+
|
|
+ return dig;
|
|
+}
|
|
diff --git a/rpmio/rpmpgp_sequoia.c b/rpmio/rpmpgp_sequoia.c
|
|
index d0b673953..0c1c848dc 100644
|
|
--- a/rpmio/rpmpgp_sequoia.c
|
|
+++ b/rpmio/rpmpgp_sequoia.c
|
|
@@ -80,3 +80,14 @@ W(int, rpmDigestUpdate, (DIGEST_CTX ctx, const void * data, size_t len),
|
|
W(int, rpmDigestFinal,
|
|
(DIGEST_CTX ctx, void ** datap, size_t *lenp, int asAscii),
|
|
(ctx, datap, lenp, asAscii))
|
|
+
|
|
+// Minimal backport of APIs required by libdnf until dnf5 takes over
|
|
+W(int, pgpPrtPkts,
|
|
+ (const uint8_t *pkts, size_t pktlen, pgpDig dig, int printing),
|
|
+ (pkts, pktlen, dig, printing))
|
|
+W(pgpDig, pgpNewDig, (void), ())
|
|
+W(pgpDig, pgpFreeDig, (pgpDig dig), (dig))
|
|
+W(pgpDigParams, pgpDigGetParams,
|
|
+ (pgpDig dig, unsigned int pkttype),
|
|
+ (dig, pkttype))
|
|
+
|
|
--
|
|
2.40.1
|
|
|