|
 |
2f13d7 |
From 8235711d92d8783abe63d6e4f29afd495fc4b22e Mon Sep 17 00:00:00 2001
|
|
|
2f13d7 |
From: chantra <chantr4@gmail.com>
|
|
|
2f13d7 |
Date: Wed, 16 Feb 2022 23:21:14 -0800
|
|
|
2f13d7 |
Subject: [PATCH 25/30] [extents] move more functions/helpers behind
|
|
|
2f13d7 |
rpmextents_internal.h
|
|
|
2f13d7 |
|
|
|
2f13d7 |
---
|
|
|
2f13d7 |
lib/rpmchecksig.c | 58 ++-------------------------------------
|
|
|
2f13d7 |
lib/rpmextents.c | 56 +++++++++++++++++++++++++++++++++++++
|
|
|
2f13d7 |
lib/rpmextents_internal.h | 6 ++++
|
|
|
2f13d7 |
3 files changed, 64 insertions(+), 56 deletions(-)
|
|
|
2f13d7 |
|
|
|
2f13d7 |
diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c
|
|
|
2f13d7 |
index 729f79f9f..5e8794e2d 100644
|
|
|
2f13d7 |
--- a/lib/rpmchecksig.c
|
|
|
2f13d7 |
+++ b/lib/rpmchecksig.c
|
|
|
2f13d7 |
@@ -221,61 +221,6 @@ exit:
|
|
|
2f13d7 |
return rc;
|
|
|
2f13d7 |
}
|
|
|
2f13d7 |
|
|
|
2f13d7 |
-static int rpmpkgVerifySigsTranscoded(FD_t fd){
|
|
|
2f13d7 |
- rpm_loff_t current;
|
|
|
2f13d7 |
- int32_t rc;
|
|
|
2f13d7 |
- size_t len;
|
|
|
2f13d7 |
- uint64_t content_len;
|
|
|
2f13d7 |
- char *content = NULL;
|
|
|
2f13d7 |
- struct extents_footer_t footer;
|
|
|
2f13d7 |
-
|
|
|
2f13d7 |
- current = Ftell(fd);
|
|
|
2f13d7 |
-
|
|
|
2f13d7 |
- if(extentsFooterFromFD(fd, &footer) != RPMRC_OK) {
|
|
|
2f13d7 |
- rc = -1;
|
|
|
2f13d7 |
- goto exit;
|
|
|
2f13d7 |
- }
|
|
|
2f13d7 |
- if(Fseek(fd, footer.offsets.checksig_offset, SEEK_SET) < 0) {
|
|
|
2f13d7 |
- rpmlog(RPMLOG_ERR, _("rpmpkgVerifySigsTranscoded: Failed to seek signature verification offset\n"));
|
|
|
2f13d7 |
- rc = -1;
|
|
|
2f13d7 |
- goto exit;
|
|
|
2f13d7 |
- }
|
|
|
2f13d7 |
- len = sizeof(rc);
|
|
|
2f13d7 |
- if (Fread(&rc, len, 1, fd) != len) {
|
|
|
2f13d7 |
- rpmlog(RPMLOG_ERR, _("rpmpkgVerifySigsTranscoded: Failed to read Signature Verification RC\n"));
|
|
|
2f13d7 |
- rc = -1;
|
|
|
2f13d7 |
- goto exit;
|
|
|
2f13d7 |
- }
|
|
|
2f13d7 |
-
|
|
|
2f13d7 |
- len = sizeof(content_len);
|
|
|
2f13d7 |
- if (Fread(&content_len, len, 1, fd) != len) {
|
|
|
2f13d7 |
- rpmlog(RPMLOG_ERR, _("rpmpkgVerifySigsTranscoded: Failed to read signature content length\n"));
|
|
|
2f13d7 |
- goto exit;
|
|
|
2f13d7 |
- }
|
|
|
2f13d7 |
-
|
|
|
2f13d7 |
- content = malloc(content_len + 1);
|
|
|
2f13d7 |
- if(content == NULL) {
|
|
|
2f13d7 |
- rpmlog(RPMLOG_ERR, _("rpmpkgVerifySigsTranscoded: Failed to allocate memory to read signature content\n"));
|
|
|
2f13d7 |
- goto exit;
|
|
|
2f13d7 |
- }
|
|
|
2f13d7 |
- content[content_len] = 0;
|
|
|
2f13d7 |
- if (Fread(content, content_len, 1, fd) != content_len) {
|
|
|
2f13d7 |
- rpmlog(RPMLOG_ERR, _("rpmpkgVerifySigsTranscoded: Failed to read signature content\n"));
|
|
|
2f13d7 |
- goto exit;
|
|
|
2f13d7 |
- }
|
|
|
2f13d7 |
-
|
|
|
2f13d7 |
- rpmlog(RPMLOG_NOTICE, "%s", content);
|
|
|
2f13d7 |
-exit:
|
|
|
2f13d7 |
- if(content){
|
|
|
2f13d7 |
- free(content);
|
|
|
2f13d7 |
- }
|
|
|
2f13d7 |
- if (Fseek(fd, current, SEEK_SET) < 0) {
|
|
|
2f13d7 |
- rpmlog(RPMLOG_ERR, _("rpmpkgVerifySigsTranscoded: unable to seek back to original location\n"));
|
|
|
2f13d7 |
- }
|
|
|
2f13d7 |
- return rc;
|
|
|
2f13d7 |
-
|
|
|
2f13d7 |
-}
|
|
|
2f13d7 |
-
|
|
|
2f13d7 |
static int rpmpkgVerifySigs(rpmKeyring keyring, int vfylevel, rpmVSFlags flags,
|
|
|
2f13d7 |
FD_t fd, const char *fn)
|
|
|
2f13d7 |
{
|
|
|
2f13d7 |
@@ -289,8 +234,9 @@ static int rpmpkgVerifySigs(rpmKeyring keyring, int vfylevel, rpmVSFlags flags,
|
|
|
2f13d7 |
rpmlog(RPMLOG_NOTICE, "%s:%s", fn, vd.verbose ? "\n" : "");
|
|
|
2f13d7 |
|
|
|
2f13d7 |
if(isTranscodedRpm(fd) == RPMRC_OK){
|
|
|
2f13d7 |
- return rpmpkgVerifySigsTranscoded(fd);
|
|
|
2f13d7 |
+ return extentsVerifySigs(fd);
|
|
|
2f13d7 |
}
|
|
|
2f13d7 |
+
|
|
|
2f13d7 |
struct rpmvs_s *vs = rpmvsCreate(vfylevel, flags, keyring);
|
|
|
2f13d7 |
|
|
|
2f13d7 |
rc = rpmpkgRead(vs, fd, NULL, NULL, &msg;;
|
|
|
2f13d7 |
diff --git a/lib/rpmextents.c b/lib/rpmextents.c
|
|
|
2f13d7 |
index 46b7aadff..f28596f0b 100644
|
|
|
2f13d7 |
--- a/lib/rpmextents.c
|
|
|
2f13d7 |
+++ b/lib/rpmextents.c
|
|
|
2f13d7 |
@@ -9,6 +9,62 @@
|
|
|
2f13d7 |
|
|
|
2f13d7 |
#include "lib/rpmextents_internal.h"
|
|
|
2f13d7 |
|
|
|
2f13d7 |
+
|
|
|
2f13d7 |
+int extentsVerifySigs(FD_t fd){
|
|
|
2f13d7 |
+ rpm_loff_t current;
|
|
|
2f13d7 |
+ int32_t rc;
|
|
|
2f13d7 |
+ size_t len;
|
|
|
2f13d7 |
+ uint64_t content_len;
|
|
|
2f13d7 |
+ char *content = NULL;
|
|
|
2f13d7 |
+ struct extents_footer_t footer;
|
|
|
2f13d7 |
+
|
|
|
2f13d7 |
+ current = Ftell(fd);
|
|
|
2f13d7 |
+
|
|
|
2f13d7 |
+ if(extentsFooterFromFD(fd, &footer) != RPMRC_OK) {
|
|
|
2f13d7 |
+ rc = -1;
|
|
|
2f13d7 |
+ goto exit;
|
|
|
2f13d7 |
+ }
|
|
|
2f13d7 |
+ if(Fseek(fd, footer.offsets.checksig_offset, SEEK_SET) < 0) {
|
|
|
2f13d7 |
+ rpmlog(RPMLOG_ERR, _("extentsVerifySigs: Failed to seek signature verification offset\n"));
|
|
|
2f13d7 |
+ rc = -1;
|
|
|
2f13d7 |
+ goto exit;
|
|
|
2f13d7 |
+ }
|
|
|
2f13d7 |
+ len = sizeof(rc);
|
|
|
2f13d7 |
+ if (Fread(&rc, len, 1, fd) != len) {
|
|
|
2f13d7 |
+ rpmlog(RPMLOG_ERR, _("extentsVerifySigs: Failed to read Signature Verification RC\n"));
|
|
|
2f13d7 |
+ rc = -1;
|
|
|
2f13d7 |
+ goto exit;
|
|
|
2f13d7 |
+ }
|
|
|
2f13d7 |
+
|
|
|
2f13d7 |
+ len = sizeof(content_len);
|
|
|
2f13d7 |
+ if (Fread(&content_len, len, 1, fd) != len) {
|
|
|
2f13d7 |
+ rpmlog(RPMLOG_ERR, _("extentsVerifySigs: Failed to read signature content length\n"));
|
|
|
2f13d7 |
+ goto exit;
|
|
|
2f13d7 |
+ }
|
|
|
2f13d7 |
+
|
|
|
2f13d7 |
+ content = rmalloc(content_len + 1);
|
|
|
2f13d7 |
+ if(content == NULL) {
|
|
|
2f13d7 |
+ rpmlog(RPMLOG_ERR, _("extentsVerifySigs: Failed to allocate memory to read signature content\n"));
|
|
|
2f13d7 |
+ goto exit;
|
|
|
2f13d7 |
+ }
|
|
|
2f13d7 |
+ content[content_len] = 0;
|
|
|
2f13d7 |
+ if (Fread(content, content_len, 1, fd) != content_len) {
|
|
|
2f13d7 |
+ rpmlog(RPMLOG_ERR, _("extentsVerifySigs: Failed to read signature content\n"));
|
|
|
2f13d7 |
+ goto exit;
|
|
|
2f13d7 |
+ }
|
|
|
2f13d7 |
+
|
|
|
2f13d7 |
+ rpmlog(RPMLOG_NOTICE, "%s", content);
|
|
|
2f13d7 |
+exit:
|
|
|
2f13d7 |
+ if(content){
|
|
|
2f13d7 |
+ rfree(content);
|
|
|
2f13d7 |
+ }
|
|
|
2f13d7 |
+ if (Fseek(fd, current, SEEK_SET) < 0) {
|
|
|
2f13d7 |
+ rpmlog(RPMLOG_ERR, _("extentsVerifySigs: unable to seek back to original location\n"));
|
|
|
2f13d7 |
+ }
|
|
|
2f13d7 |
+ return rc;
|
|
|
2f13d7 |
+
|
|
|
2f13d7 |
+}
|
|
|
2f13d7 |
+
|
|
|
2f13d7 |
rpmRC extentsFooterFromFD(FD_t fd, struct extents_footer_t *footer) {
|
|
|
2f13d7 |
|
|
|
2f13d7 |
rpmRC rc = RPMRC_NOTFOUND;
|
|
|
2f13d7 |
diff --git a/lib/rpmextents_internal.h b/lib/rpmextents_internal.h
|
|
|
2f13d7 |
index f0c29c807..380c08425 100644
|
|
|
2f13d7 |
--- a/lib/rpmextents_internal.h
|
|
|
2f13d7 |
+++ b/lib/rpmextents_internal.h
|
|
|
2f13d7 |
@@ -29,6 +29,12 @@ struct __attribute__ ((__packed__)) extents_footer_t {
|
|
|
2f13d7 |
extents_magic_t magic;
|
|
|
2f13d7 |
};
|
|
|
2f13d7 |
|
|
|
2f13d7 |
+/** \ingroup rpmextents
|
|
|
2f13d7 |
+ * Checks the results of the signature verification ran during transcoding.
|
|
|
2f13d7 |
+ * @param fd The FD_t of the transcoded RPM
|
|
|
2f13d7 |
+ * @return The number of checks that `rpmvsVerify` failed during transcoding.
|
|
|
2f13d7 |
+ */
|
|
|
2f13d7 |
+int extentsVerifySigs(FD_t fd);
|
|
|
2f13d7 |
|
|
|
2f13d7 |
/** \ingroup rpmextents
|
|
|
2f13d7 |
* Read the RPM Extents footer from a file descriptor.
|
|
|
2f13d7 |
--
|
|
|
2f13d7 |
2.35.1
|
|
|
2f13d7 |
|