Tree - rpms/rpm - CentOS Git server

dcavalca / rpms / rpm

Forked from rpms/rpm a year ago

Source
Stats

Blame 0001-Only-read-through-payload-on-verify-if-actually-need.patch

Blob History Raw

James Antill	ee2eaf	`From 362c4401979f896de1e69a3e18d33954953912cc Mon Sep 17 00:00:00 2001`
James Antill	ee2eaf	`Message-Id: <362c4401979f896de1e69a3e18d33954953912cc.1554983588.git.pmatilai@redhat.com>`
James Antill	ee2eaf	`From: Panu Matilainen <pmatilai@redhat.com>`
James Antill	ee2eaf	`Date: Tue, 11 Dec 2018 13:21:47 +0200`
James Antill	ee2eaf	`Subject: [PATCH] Only read through payload on verify if actually needed`
James Antill	ee2eaf
James Antill	ee2eaf	`If none of our verify items ranges over the payload, then why bother?`
James Antill	ee2eaf
James Antill	ee2eaf	`To do this, add an internal rpmvs API to get it's range, and use`
James Antill	ee2eaf	`that to decide whether trip over the payload is needed or not.`
James Antill	ee2eaf	`In addition, the payload digest tag needs to be grabbed outside of the`
James Antill	ee2eaf	`condition to avoid depending on other values. The details including`
James Antill	ee2eaf	`RPMVSF_NEEDPAYLOAD will be handled internally to rpmvs which makes it`
James Antill	ee2eaf	`actually nicer code-wise too.`
James Antill	ee2eaf	`---`
James Antill	ee2eaf	`lib/rpmchecksig.c \| 8 ++++----`
James Antill	ee2eaf	`lib/rpmvs.c \| 12 ++++++++++++`
James Antill	ee2eaf	`lib/rpmvs.h \| 3 +++`
James Antill	ee2eaf	`3 files changed, 19 insertions(+), 4 deletions(-)`
James Antill	ee2eaf
James Antill	ee2eaf	`diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c`
James Antill	ee2eaf	`index 1ba72a45e..810f7153d 100644`
James Antill	ee2eaf	`--- a/lib/rpmchecksig.c`
James Antill	ee2eaf	`+++ b/lib/rpmchecksig.c`
James Antill	ee2eaf	`@@ -187,11 +187,11 @@ rpmRC rpmpkgRead(struct rpmvs_s *vs, FD_t fd,`
James Antill	ee2eaf	`/* Finalize header range */`
James Antill	ee2eaf	`rpmvsFiniRange(vs, RPMSIG_HEADER);`
James Antill	ee2eaf
James Antill	ee2eaf	`- /* Unless disabled, read the payload, generating digest(s) on the fly. */`
James Antill	ee2eaf	`- if (!(rpmvsFlags(vs) & RPMVSF_NEEDPAYLOAD)) {`
James Antill	ee2eaf	`- /* Fish interesting tags from the main header. This is a bit hacky... */`
James Antill	ee2eaf	`- rpmvsAppendTag(vs, blob, RPMTAG_PAYLOADDIGEST);`
James Antill	ee2eaf	`+ /* Fish interesting tags from the main header. This is a bit hacky... */`
James Antill	ee2eaf	`+ rpmvsAppendTag(vs, blob, RPMTAG_PAYLOADDIGEST);`
James Antill	ee2eaf
James Antill	ee2eaf	`+ /* If needed and not explicitly disabled, read the payload as well. */`
James Antill	ee2eaf	`+ if (rpmvsRange(vs) & RPMSIG_PAYLOAD) {`
James Antill	ee2eaf	`/* Initialize digests ranging over the payload only */`
James Antill	ee2eaf	`rpmvsInitRange(vs, RPMSIG_PAYLOAD);`
James Antill	ee2eaf
James Antill	ee2eaf	`diff --git a/lib/rpmvs.c b/lib/rpmvs.c`
James Antill	ee2eaf	`index 622e48011..0d475af86 100644`
James Antill	ee2eaf	`--- a/lib/rpmvs.c`
James Antill	ee2eaf	`+++ b/lib/rpmvs.c`
James Antill	ee2eaf	`@@ -396,6 +396,18 @@ void rpmvsFiniRange(struct rpmvs_s *sis, int range)`
James Antill	ee2eaf	`}`
James Antill	ee2eaf	`}`
James Antill	ee2eaf
James Antill	ee2eaf	`+int rpmvsRange(struct rpmvs_s *vs)`
James Antill	ee2eaf	`+{`
James Antill	ee2eaf	`+ int range = 0;`
James Antill	ee2eaf	`+ for (int i = 0; i < vs->nsigs; i++) {`
James Antill	ee2eaf	`+ if (rpmsinfoDisabled(&vs->sigs[i], vs->vsflags))`
James Antill	ee2eaf	`+ continue;`
James Antill	ee2eaf	`+ range \|= vs->sigs[i].range;`
James Antill	ee2eaf	`+ }`
James Antill	ee2eaf	`+`
James Antill	ee2eaf	`+ return range;`
James Antill	ee2eaf	`+}`
James Antill	ee2eaf	`+`
James Antill	ee2eaf	`static int sinfoCmp(const void a, const void b)`
James Antill	ee2eaf	`{`
James Antill	ee2eaf	`const struct rpmsinfo_s *sa = a;`
James Antill	ee2eaf	`--- rpm-4.14.3/lib/rpmvs.h.orig 2020-04-28 10:57:19.727347211 +0200`
James Antill	ee2eaf	`+++ rpm-4.14.3/lib/rpmvs.h 2020-04-28 10:57:43.622612015 +0200`
James Antill	ee2eaf	`@@ -66,6 +66,8 @@`
James Antill	ee2eaf
James Antill	ee2eaf	`void rpmvsFiniRange(struct rpmvs_s *sis, int range);`
James Antill	ee2eaf
James Antill	ee2eaf	`+int rpmvsRange(struct rpmvs_s *vs);`
James Antill	ee2eaf	`+`
James Antill	ee2eaf	`int rpmvsVerify(struct rpmvs_s *sis, int type,`
James Antill	ee2eaf	`rpmsinfoCb cb, void *cbdata);`
James Antill	ee2eaf
James Antill	ee2eaf	`--`
James Antill	ee2eaf	`2.20.1`

dcavalca / rpms / rpm

Source Code

Blame 0001-Only-read-through-payload-on-verify-if-actually-need.patch