richardphibel / rpms / rpm

Forked from rpms/rpm 2 years ago
Clone
043c42
From 74766d30b95f1575df8a42d185f2643caa235a8b Mon Sep 17 00:00:00 2001
043c42
Message-Id: <74766d30b95f1575df8a42d185f2643caa235a8b.1543835412.git.pmatilai@redhat.com>
043c42
From: Panu Matilainen <pmatilai@redhat.com>
043c42
Date: Fri, 23 Nov 2018 12:47:27 +0200
043c42
Subject: [PATCH] Handle unsupported digests the same as disabled ones
043c42
 (RhBug:1652529)
043c42
043c42
A digest type unsupported by the underlying crypto library (whether
043c42
technically or by configuration) does not mean the digest is invalid,
043c42
it just cannot be used. Which for the purposes of verification is the
043c42
same as if that digest didn't exist at all, and that's exactly how we
043c42
handle digests and signatures disabled by configuration.
043c42
043c42
One particular case is FIPS mode which globally disables the use of MD5,
043c42
which we mishandled prior to this by showing it as OK in verification
043c42
despite actually not verifying it at all.
043c42
043c42
The exact place for handling this case is a bit subtle: the "obvious"
043c42
place for checking for supported type is in rpmvsInitRange() but this
043c42
doesn't work because of rpmDigestBundleAddID() return code semantics.
043c42
The other "obvious" place would be rpmvsVerify(), but by that point
043c42
we have even more funny cases to consider. So for now, it's actually
043c42
easiest to check for this in rpmvsFiniRange() even if it's not the
043c42
most obvious place for doing so. Might want to change the
043c42
rpmDigestBundleAddID() semantics later, but this makes for a nicer
043c42
backport (we'll need this in 4.14.x too).
043c42
---
043c42
 lib/rpmvs.c | 3 +++
043c42
 1 file changed, 3 insertions(+)
043c42
043c42
diff --git a/lib/rpmvs.c b/lib/rpmvs.c
043c42
index 7b5b86f8e..622e48011 100644
043c42
--- a/lib/rpmvs.c
043c42
+++ b/lib/rpmvs.c
043c42
@@ -388,6 +388,9 @@ void rpmvsFiniRange(struct rpmvs_s *sis, int range)
043c42
 
043c42
 	if (sinfo->range == range && sinfo->rc == RPMRC_OK) {
043c42
 	    sinfo->ctx = rpmDigestBundleDupCtx(sis->bundle, sinfo->id);
043c42
+	    /* Handle unsupported digests the same as disabled ones */
043c42
+	    if (sinfo->ctx == NULL)
043c42
+		sinfo->rc = RPMRC_NOTFOUND;
043c42
 	    rpmDigestBundleFinal(sis->bundle, sinfo->id, NULL, NULL, 0);
043c42
 	}
043c42
     }
043c42
-- 
043c42
2.19.2
043c42