teknoraver / rpms / rpm

Forked from rpms/rpm 5 months ago
Clone

Blame 0001-Forward-port-obsoleted-crypto-needed-by-current-libd.patch

Florian Festi 3913b4
From 9a9514e665c30554a4d72c7c79475af315b83dc3 Mon Sep 17 00:00:00 2001
Florian Festi 3913b4
Message-Id: <9a9514e665c30554a4d72c7c79475af315b83dc3.1683531413.git.pmatilai@redhat.com>
Florian Festi 3913b4
From: Panu Matilainen <pmatilai@redhat.com>
Florian Festi 3913b4
Date: Mon, 8 May 2023 09:26:46 +0300
Florian Festi 3913b4
Subject: [PATCH] Forward-port obsoleted crypto needed by current libdnf
Florian Festi 3913b4
Florian Festi 3913b4
Provide the minimum required bits to allow the old PackageKit-inherited
Florian Festi 3913b4
signature in libdnf to work until the switch to dnf5 happens, allegedly
Florian Festi 3913b4
during this release cycle.
Florian Festi 3913b4
---
Florian Festi 3913b4
 include/rpm/rpmkeyring.h |  4 ++++
Florian Festi 3913b4
 include/rpm/rpmpgp.h     | 15 ++++++++++++
Florian Festi 3913b4
 rpmio/rpmkeyring.c       | 52 ++++++++++++++++++++++++++++++++++++++++
Florian Festi 3913b4
 rpmio/rpmpgp_sequoia.c   | 11 +++++++++
Florian Festi 3913b4
 4 files changed, 82 insertions(+)
Florian Festi 3913b4
Florian Festi 3913b4
diff --git a/include/rpm/rpmkeyring.h b/include/rpm/rpmkeyring.h
Florian Festi 3913b4
index 3d8d55773..c84292ff8 100644
Florian Festi 3913b4
--- a/include/rpm/rpmkeyring.h
Florian Festi 3913b4
+++ b/include/rpm/rpmkeyring.h
Florian Festi 3913b4
@@ -101,6 +101,10 @@ char * rpmPubkeyBase64(rpmPubkey key);
Florian Festi 3913b4
  */
Florian Festi 3913b4
 pgpDigParams rpmPubkeyPgpDigParams(rpmPubkey key);
Florian Festi 3913b4
 
Florian Festi 3913b4
+/* Obsolete APIs required by libdnf, do not use */
Florian Festi 3913b4
+rpmRC rpmKeyringLookup(rpmKeyring keyring, pgpDig sig);
Florian Festi 3913b4
+pgpDig rpmPubkeyDig(rpmPubkey key);
Florian Festi 3913b4
+
Florian Festi 3913b4
 #ifdef __cplusplus
Florian Festi 3913b4
 }
Florian Festi 3913b4
 #endif
Florian Festi 3913b4
diff --git a/include/rpm/rpmpgp.h b/include/rpm/rpmpgp.h
Florian Festi 3913b4
index 675cbad73..f83642c18 100644
Florian Festi 3913b4
--- a/include/rpm/rpmpgp.h
Florian Festi 3913b4
+++ b/include/rpm/rpmpgp.h
Florian Festi 3913b4
@@ -1225,6 +1225,21 @@ int pgpSignatureType(pgpDigParams sig);
Florian Festi 3913b4
  */
Florian Festi 3913b4
 char *pgpIdentItem(pgpDigParams digp);
Florian Festi 3913b4
 
Florian Festi 3913b4
+/* Obsolete APIs required by libdnf, do not use */
Florian Festi 3913b4
+typedef struct pgpDig_s * pgpDig;
Florian Festi 3913b4
+
Florian Festi 3913b4
+RPM_GNUC_DEPRECATED
Florian Festi 3913b4
+pgpDig pgpNewDig(void);
Florian Festi 3913b4
+
Florian Festi 3913b4
+RPM_GNUC_DEPRECATED
Florian Festi 3913b4
+pgpDig pgpFreeDig(pgpDig dig);
Florian Festi 3913b4
+
Florian Festi 3913b4
+RPM_GNUC_DEPRECATED
Florian Festi 3913b4
+pgpDigParams pgpDigGetParams(pgpDig dig, unsigned int pkttype);
Florian Festi 3913b4
+
Florian Festi 3913b4
+RPM_GNUC_DEPRECATED
Florian Festi 3913b4
+int pgpPrtPkts(const uint8_t *pkts, size_t pktlen, pgpDig dig, int printing);
Florian Festi 3913b4
+
Florian Festi 3913b4
 #ifdef __cplusplus
Florian Festi 3913b4
 }
Florian Festi 3913b4
 #endif
Florian Festi 3913b4
diff --git a/rpmio/rpmkeyring.c b/rpmio/rpmkeyring.c
Florian Festi 3913b4
index e3eb9e6ea..464163895 100644
Florian Festi 3913b4
--- a/rpmio/rpmkeyring.c
Florian Festi 3913b4
+++ b/rpmio/rpmkeyring.c
Florian Festi 3913b4
@@ -289,3 +289,55 @@ rpmRC rpmKeyringVerifySig(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX ctx)
Florian Festi 3913b4
 
Florian Festi 3913b4
     return rc;
Florian Festi 3913b4
 }
Florian Festi 3913b4
+
Florian Festi 3913b4
+rpmRC rpmKeyringLookup(rpmKeyring keyring, pgpDig sig)
Florian Festi 3913b4
+{
Florian Festi 3913b4
+    pthread_rwlock_rdlock(&keyring->lock);
Florian Festi 3913b4
+
Florian Festi 3913b4
+    rpmRC res = RPMRC_NOKEY;
Florian Festi 3913b4
+    pgpDigParams sigp = pgpDigGetParams(sig, PGPTAG_SIGNATURE);
Florian Festi 3913b4
+    rpmPubkey key = findbySig(keyring, sigp);
Florian Festi 3913b4
+
Florian Festi 3913b4
+    if (key) {
Florian Festi 3913b4
+	/*
Florian Festi 3913b4
+ 	 * Callers expect sig to have the key data parsed into pgpDig
Florian Festi 3913b4
+ 	 * on (successful) return, sigh. No need to check for return
Florian Festi 3913b4
+ 	 * here as this is validated at rpmPubkeyNew() already.
Florian Festi 3913b4
+ 	 */
Florian Festi 3913b4
+	pgpPrtPkts(key->pkt, key->pktlen, sig, _print_pkts);
Florian Festi 3913b4
+	res = RPMRC_OK;
Florian Festi 3913b4
+    }
Florian Festi 3913b4
+
Florian Festi 3913b4
+    pthread_rwlock_unlock(&keyring->lock);
Florian Festi 3913b4
+    return res;
Florian Festi 3913b4
+}
Florian Festi 3913b4
+
Florian Festi 3913b4
+pgpDig rpmPubkeyDig(rpmPubkey key)
Florian Festi 3913b4
+{
Florian Festi 3913b4
+    pgpDig dig = NULL;
Florian Festi 3913b4
+    static unsigned char zeros[] = 
Florian Festi 3913b4
+	{ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
Florian Festi 3913b4
+    int rc;
Florian Festi 3913b4
+    if (key == NULL)
Florian Festi 3913b4
+	return NULL;
Florian Festi 3913b4
+
Florian Festi 3913b4
+    dig = pgpNewDig();
Florian Festi 3913b4
+
Florian Festi 3913b4
+    pthread_rwlock_rdlock(&key->lock);
Florian Festi 3913b4
+    rc = pgpPrtPkts(key->pkt, key->pktlen, dig, _print_pkts);
Florian Festi 3913b4
+    pthread_rwlock_unlock(&key->lock);
Florian Festi 3913b4
+
Florian Festi 3913b4
+    if (rc == 0) {
Florian Festi 3913b4
+	pgpDigParams pubp = pgpDigGetParams(dig, PGPTAG_PUBLIC_KEY);
Florian Festi 3913b4
+	if (!pubp || !memcmp(pgpDigParamsSignID(pubp), zeros, sizeof(zeros)) ||
Florian Festi 3913b4
+            pgpDigParamsCreationTime(pubp) == 0 ||
Florian Festi 3913b4
+            pgpDigParamsUserID(pubp) == NULL) {
Florian Festi 3913b4
+	    rc = -1;
Florian Festi 3913b4
+	}
Florian Festi 3913b4
+    }
Florian Festi 3913b4
+
Florian Festi 3913b4
+    if (rc)
Florian Festi 3913b4
+	dig = pgpFreeDig(dig);
Florian Festi 3913b4
+
Florian Festi 3913b4
+    return dig;
Florian Festi 3913b4
+}
Florian Festi 3913b4
diff --git a/rpmio/rpmpgp_sequoia.c b/rpmio/rpmpgp_sequoia.c
Florian Festi 3913b4
index d0b673953..0c1c848dc 100644
Florian Festi 3913b4
--- a/rpmio/rpmpgp_sequoia.c
Florian Festi 3913b4
+++ b/rpmio/rpmpgp_sequoia.c
Florian Festi 3913b4
@@ -80,3 +80,14 @@ W(int, rpmDigestUpdate, (DIGEST_CTX ctx, const void * data, size_t len),
Florian Festi 3913b4
 W(int, rpmDigestFinal,
Florian Festi 3913b4
   (DIGEST_CTX ctx, void ** datap, size_t *lenp, int asAscii),
Florian Festi 3913b4
   (ctx, datap, lenp, asAscii))
Florian Festi 3913b4
+
Florian Festi 3913b4
+// Minimal backport of APIs required by libdnf until dnf5 takes over
Florian Festi 3913b4
+W(int, pgpPrtPkts,
Florian Festi 3913b4
+  (const uint8_t *pkts, size_t pktlen, pgpDig dig, int printing),
Florian Festi 3913b4
+  (pkts, pktlen, dig, printing))
Florian Festi 3913b4
+W(pgpDig, pgpNewDig, (void), ())
Florian Festi 3913b4
+W(pgpDig, pgpFreeDig, (pgpDig dig), (dig))
Florian Festi 3913b4
+W(pgpDigParams, pgpDigGetParams,
Florian Festi 3913b4
+  (pgpDig dig, unsigned int pkttype),
Florian Festi 3913b4
+  (dig, pkttype))
Florian Festi 3913b4
+
Florian Festi 3913b4
-- 
Florian Festi 3913b4
2.40.1
Florian Festi 3913b4