Michal Domonkos 0b3e36
From f5695d04f56e27d9cf947c0502eb549c28aa817e Mon Sep 17 00:00:00 2001
Michal Domonkos 0b3e36
From: Panu Matilainen <pmatilai@redhat.com>
Michal Domonkos 0b3e36
Date: Tue, 25 May 2021 14:07:18 +0300
Michal Domonkos 0b3e36
Subject: [PATCH] Fix regression reading rpm v3 and other rare packages (#1635)
Michal Domonkos 0b3e36
Michal Domonkos 0b3e36
Commit d6a86b5e69e46cc283b1e06c92343319beb42e21 introduced far stricter
Michal Domonkos 0b3e36
checks on what tags are allowed in signature and main headers than rpm
Michal Domonkos 0b3e36
had previously seen, and unsurprisingly this introduced some regressions
Michal Domonkos 0b3e36
on less common cases:
Michal Domonkos 0b3e36
Michal Domonkos 0b3e36
- On rpm v3 packages and some newer 3rd party created packages (such as
Michal Domonkos 0b3e36
  install4j < 9.0.2), RPMTAG_ARCHIVESIZE resides in the main header
Michal Domonkos 0b3e36
  to begin with
Michal Domonkos 0b3e36
- In rpm 4.13 - 4.14, file IMA signatures were incorrectly placed in
Michal Domonkos 0b3e36
  the main header.
Michal Domonkos 0b3e36
Michal Domonkos 0b3e36
As a quirk, permit the existence of RPMTAG_ARCHIVESIZE,
Michal Domonkos 0b3e36
RPMTAG_FILESIGNATURES and RPMTAG_FILESIGNATURELENGTH in the main header
Michal Domonkos 0b3e36
too provided that the corresponding signature tag is not there (so
Michal Domonkos 0b3e36
they can reside in either but not both headers).
Michal Domonkos 0b3e36
Michal Domonkos 0b3e36
Initial workaround patch by Demi Marie Obenour.
Michal Domonkos 0b3e36
Michal Domonkos 0b3e36
Fixes: #1635
Michal Domonkos 0b3e36
Michal Domonkos 0b3e36
Backported for 4.16.1.3.
Michal Domonkos 0b3e36
---
Michal Domonkos 0b3e36
 lib/package.c | 35 ++++++++++++++++++++---------------
Michal Domonkos 0b3e36
 1 file changed, 20 insertions(+), 15 deletions(-)
Michal Domonkos 0b3e36
Michal Domonkos 0b3e36
diff --git a/lib/package.c b/lib/package.c
Michal Domonkos 0b3e36
index 36ed5abc6..8c2b66b0b 100644
Michal Domonkos 0b3e36
--- a/lib/package.c
Michal Domonkos 0b3e36
+++ b/lib/package.c
Michal Domonkos 0b3e36
@@ -35,21 +35,22 @@ struct taglate_s {
Michal Domonkos 0b3e36
     rpmTagVal stag;
Michal Domonkos 0b3e36
     rpmTagVal xtag;
Michal Domonkos 0b3e36
     rpm_count_t count;
Michal Domonkos 0b3e36
+    int quirk;
Michal Domonkos 0b3e36
 } const xlateTags[] = {
Michal Domonkos 0b3e36
-    { RPMSIGTAG_SIZE, RPMTAG_SIGSIZE, 1 },
Michal Domonkos 0b3e36
-    { RPMSIGTAG_PGP, RPMTAG_SIGPGP, 0 },
Michal Domonkos 0b3e36
-    { RPMSIGTAG_MD5, RPMTAG_SIGMD5, 16 },
Michal Domonkos 0b3e36
-    { RPMSIGTAG_GPG, RPMTAG_SIGGPG, 0 },
Michal Domonkos 0b3e36
-    /* { RPMSIGTAG_PGP5, RPMTAG_SIGPGP5, 0 }, */ /* long obsolete, dont use */
Michal Domonkos 0b3e36
-    { RPMSIGTAG_PAYLOADSIZE, RPMTAG_ARCHIVESIZE, 1 },
Michal Domonkos 0b3e36
-    { RPMSIGTAG_FILESIGNATURES, RPMTAG_FILESIGNATURES, 0 },
Michal Domonkos 0b3e36
-    { RPMSIGTAG_FILESIGNATURELENGTH, RPMTAG_FILESIGNATURELENGTH, 1 },
Michal Domonkos 0b3e36
-    { RPMSIGTAG_SHA1, RPMTAG_SHA1HEADER, 1 },
Michal Domonkos 0b3e36
-    { RPMSIGTAG_SHA256, RPMTAG_SHA256HEADER, 1 },
Michal Domonkos 0b3e36
-    { RPMSIGTAG_DSA, RPMTAG_DSAHEADER, 0 },
Michal Domonkos 0b3e36
-    { RPMSIGTAG_RSA, RPMTAG_RSAHEADER, 0 },
Michal Domonkos 0b3e36
-    { RPMSIGTAG_LONGSIZE, RPMTAG_LONGSIGSIZE, 1 },
Michal Domonkos 0b3e36
-    { RPMSIGTAG_LONGARCHIVESIZE, RPMTAG_LONGARCHIVESIZE, 1 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_SIZE, RPMTAG_SIGSIZE, 1, 0 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_PGP, RPMTAG_SIGPGP, 0, 0 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_MD5, RPMTAG_SIGMD5, 16, 0 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_GPG, RPMTAG_SIGGPG, 0, 0 },
Michal Domonkos 0b3e36
+    /* { RPMSIGTAG_PGP5, RPMTAG_SIGPGP5, 0, 0 }, */ /* long obsolete, dont use */
Michal Domonkos 0b3e36
+    { RPMSIGTAG_PAYLOADSIZE, RPMTAG_ARCHIVESIZE, 1, 1 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_FILESIGNATURES, RPMTAG_FILESIGNATURES, 0, 1 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_FILESIGNATURELENGTH, RPMTAG_FILESIGNATURELENGTH, 1, 1 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_SHA1, RPMTAG_SHA1HEADER, 1, 0 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_SHA256, RPMTAG_SHA256HEADER, 1, 0 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_DSA, RPMTAG_DSAHEADER, 0, 0 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_RSA, RPMTAG_RSAHEADER, 0, 0 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_LONGSIZE, RPMTAG_LONGSIGSIZE, 1, 0 },
Michal Domonkos 0b3e36
+    { RPMSIGTAG_LONGARCHIVESIZE, RPMTAG_LONGARCHIVESIZE, 1, 0 },
Michal Domonkos 0b3e36
     { 0 }
Michal Domonkos 0b3e36
 };
Michal Domonkos 0b3e36
 
Michal Domonkos 0b3e36
@@ -67,8 +68,12 @@ rpmTagVal headerMergeLegacySigs(Header h, Header sigh, char **msg)
Michal Domonkos 0b3e36
 
Michal Domonkos 0b3e36
     for (xl = xlateTags; xl->stag; xl++) {
Michal Domonkos 0b3e36
 	/* There mustn't be one in the main header */
Michal Domonkos 0b3e36
-	if (headerIsEntry(h, xl->xtag))
Michal Domonkos 0b3e36
+	if (headerIsEntry(h, xl->xtag)) {
Michal Domonkos 0b3e36
+	    /* Some tags may exist in either header, but never both */
Michal Domonkos 0b3e36
+	    if (xl->quirk && !headerIsEntry(sigh, xl->stag))
Michal Domonkos 0b3e36
+		continue;
Michal Domonkos 0b3e36
 	    goto exit;
Michal Domonkos 0b3e36
+	}
Michal Domonkos 0b3e36
     }
Michal Domonkos 0b3e36
 
Michal Domonkos 0b3e36
     rpmtdReset(&td);
Michal Domonkos 0b3e36
-- 
Michal Domonkos 0b3e36
2.35.1
Michal Domonkos 0b3e36