alexk / rpms / rpm

Forked from rpms/rpm 2 years ago
Clone
2f13d7
From dc53b002bd3d03a21e9af406a9aff5e588710b5b Mon Sep 17 00:00:00 2001
2f13d7
From: chantra <chantr4@gmail.com>
2f13d7
Date: Mon, 28 Mar 2022 19:42:39 -0700
2f13d7
Subject: [PATCH 30/30] [rpmcow] Make rpm -i install package without the need
2f13d7
 of --nodigest
2f13d7
2f13d7
When using transcoded files, the logic to check signature is different
2f13d7
and was done while the file was transcoded. This change the code path
2f13d7
used by `rpm -{i,U}` to check if the file is transcoded, and in such
2f13d7
cases, assume it was already verified.
2f13d7
---
2f13d7
 lib/transaction.c    | 29 ++++++++++++++++++-----------
2f13d7
 tests/rpm2extents.at |  6 +++---
2f13d7
 2 files changed, 21 insertions(+), 14 deletions(-)
2f13d7
2f13d7
diff --git a/lib/transaction.c b/lib/transaction.c
2f13d7
index 36c2a7a64..703e4140c 100644
2f13d7
--- a/lib/transaction.c
2f13d7
+++ b/lib/transaction.c
2f13d7
@@ -37,6 +37,7 @@
2f13d7
 #include "lib/rpmfi_internal.h"	/* only internal apis */
2f13d7
 #include "lib/rpmte_internal.h"	/* only internal apis */
2f13d7
 #include "lib/rpmts_internal.h"
2f13d7
+#include "lib/rpmextents_internal.h"
2f13d7
 #include "lib/rpmvs.h"
2f13d7
 #include "rpmio/rpmhook.h"
2f13d7
 #include "lib/rpmtriggers.h"
2f13d7
@@ -1286,19 +1287,25 @@ static int verifyPackageFiles(rpmts ts, rpm_loff_t total)
2f13d7
 
2f13d7
 	rpmtsNotify(ts, p, RPMCALLBACK_VERIFY_PROGRESS, oc++, total);
2f13d7
 	FD_t fd = rpmtsNotify(ts, p, RPMCALLBACK_INST_OPEN_FILE, 0, 0);
2f13d7
-	if (fd != NULL) {
2f13d7
-	    prc = rpmpkgRead(vs, fd, NULL, NULL, &vd.msg);
2f13d7
-	    rpmtsNotify(ts, p, RPMCALLBACK_INST_CLOSE_FILE, 0, 0);
2f13d7
+	if(fd != NULL && isTranscodedRpm(fd) == RPMRC_OK) {
2f13d7
+	    /* Transcoded RPMs are validated at transcoding time */
2f13d7
+	    prc = RPMRC_OK;
2f13d7
+	    verified = 1;
2f13d7
+	} else {
2f13d7
+	    if (fd != NULL) {
2f13d7
+		prc = rpmpkgRead(vs, fd, NULL, NULL, &vd.msg);
2f13d7
+		rpmtsNotify(ts, p, RPMCALLBACK_INST_CLOSE_FILE, 0, 0);
2f13d7
+	    }
2f13d7
+	    if (prc == RPMRC_OK)
2f13d7
+		prc = rpmvsVerify(vs, RPMSIG_VERIFIABLE_TYPE, vfyCb, &vd);
2f13d7
+
2f13d7
+	    /* Record verify result */
2f13d7
+	    if (vd.type[RPMSIG_SIGNATURE_TYPE] == RPMRC_OK)
2f13d7
+		verified |= RPMSIG_SIGNATURE_TYPE;
2f13d7
+	    if (vd.type[RPMSIG_DIGEST_TYPE] == RPMRC_OK)
2f13d7
+		verified |= RPMSIG_DIGEST_TYPE;
2f13d7
 	}
2f13d7
 
2f13d7
-	if (prc == RPMRC_OK)
2f13d7
-	    prc = rpmvsVerify(vs, RPMSIG_VERIFIABLE_TYPE, vfyCb, &vd);
2f13d7
-
2f13d7
-	/* Record verify result */
2f13d7
-	if (vd.type[RPMSIG_SIGNATURE_TYPE] == RPMRC_OK)
2f13d7
-	    verified |= RPMSIG_SIGNATURE_TYPE;
2f13d7
-	if (vd.type[RPMSIG_DIGEST_TYPE] == RPMRC_OK)
2f13d7
-	    verified |= RPMSIG_DIGEST_TYPE;
2f13d7
 	rpmteSetVerified(p, verified);
2f13d7
 
2f13d7
 	if (prc)
2f13d7
diff --git a/tests/rpm2extents.at b/tests/rpm2extents.at
2f13d7
index 5c66de7f6..5135c9cf8 100644
2f13d7
--- a/tests/rpm2extents.at
2f13d7
+++ b/tests/rpm2extents.at
2f13d7
@@ -102,7 +102,7 @@ AT_CHECK([
2f13d7
 RPMDB_INIT
2f13d7
 
2f13d7
 runroot_other cat /data/RPMS/hello-2.0-1.x86_64.rpm | runroot_other rpm2extents SHA256 > ${RPMTEST}/tmp/hello-2.0-1.x86_64.rpm 2> /dev/null
2f13d7
-runroot_plugins rpm -i --nodigest --nodeps --undefine=%__transaction_dbus_announce /tmp/hello-2.0-1.x86_64.rpm
2f13d7
+runroot_plugins rpm -i --nodeps --undefine=%__transaction_dbus_announce /tmp/hello-2.0-1.x86_64.rpm
2f13d7
 test -f ${RPMTEST}/usr/bin/hello
2f13d7
 ],
2f13d7
 [0],
2f13d7
@@ -115,7 +115,7 @@ AT_KEYWORDS([reflink])
2f13d7
 AT_CHECK([
2f13d7
 RPMDB_INIT
2f13d7
 
2f13d7
-runroot_plugins rpm -i --nodigest --nodeps --undefine=%__transaction_dbus_announce /data/RPMS/hello-2.0-1.x86_64.rpm && exit $?
2f13d7
+runroot_plugins rpm -i --nodeps --undefine=%__transaction_dbus_announce /data/RPMS/hello-2.0-1.x86_64.rpm && exit $?
2f13d7
 # Check that the file is properly installed in chroot
2f13d7
 test -f ${RPMTEST}/usr/bin/hello
2f13d7
 ],
2f13d7
@@ -132,7 +132,7 @@ RPMDB_INIT
2f13d7
 
2f13d7
 PKG=hlinktest-1.0-1.noarch.rpm
2f13d7
 runroot_other cat /data/RPMS/${PKG} | runroot_other rpm2extents SHA256 > ${RPMTEST}/tmp/${PKG} 2> /dev/null
2f13d7
-runroot_plugins rpm -i --nodigest --nodeps --undefine=%__transaction_dbus_announce /tmp/${PKG}
2f13d7
+runroot_plugins rpm -i --nodeps --undefine=%__transaction_dbus_announce /tmp/${PKG}
2f13d7
 ],
2f13d7
 [0],
2f13d7
 [],
2f13d7
-- 
2f13d7
2.35.1
2f13d7