michal-grzedzicki / rpms / rpm

Forked from rpms/rpm 4 months ago
Clone

Blame 0024-Generate-a-zero-length-signature-for-symlinks.patch

45e748
From 202359dc598f2162175e3a8552c9b338d27b8989 Mon Sep 17 00:00:00 2001
45e748
From: Jes Sorensen <jsorensen@fb.com>
45e748
Date: Tue, 14 Apr 2020 10:33:32 -0400
45e748
Subject: [PATCH 24/33] Generate a zero-length signature for symlinks
45e748
45e748
The fsverity utility follows the symlink when generating a signature.
45e748
Since we don't want to sign the same file twice, we need to skip these
45e748
links, and instead just generate a dummy zero-length signature here.
45e748
45e748
Signed-off-by: Jes Sorensen <jsorensen@fb.com>
45e748
---
45e748
 sign/rpmsignverity.c | 5 ++++-
45e748
 1 file changed, 4 insertions(+), 1 deletion(-)
45e748
45e748
diff --git a/sign/rpmsignverity.c b/sign/rpmsignverity.c
45e748
index 177561957..2c7d21620 100644
45e748
--- a/sign/rpmsignverity.c
45e748
+++ b/sign/rpmsignverity.c
45e748
@@ -45,7 +45,10 @@ static char *rpmVeritySignFile(rpmfi fi, size_t *sig_size, char *key,
45e748
     uint8_t *sig = NULL;
45e748
     int status;
45e748
 
45e748
-    file_size = rpmfiFSize(fi);
45e748
+    if (S_ISLNK(rpmfiFMode(fi)))
45e748
+	file_size = 0;
45e748
+    else
45e748
+	file_size = rpmfiFSize(fi);
45e748
 
45e748
     memset(&params, 0, sizeof(struct libfsverity_merkle_tree_params));
45e748
     params.version = 1;
45e748
-- 
45e748
2.27.0
45e748