From 202359dc598f2162175e3a8552c9b338d27b8989 Mon Sep 17 00:00:00 2001
From: Jes Sorensen <jsorensen@fb.com>
Date: Tue, 14 Apr 2020 10:33:32 -0400
Subject: [PATCH 24/33] Generate a zero-length signature for symlinks
The fsverity utility follows the symlink when generating a signature.
Since we don't want to sign the same file twice, we need to skip these
links, and instead just generate a dummy zero-length signature here.
Signed-off-by: Jes Sorensen <jsorensen@fb.com>
---
sign/rpmsignverity.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/sign/rpmsignverity.c b/sign/rpmsignverity.c
index 177561957..2c7d21620 100644
--- a/sign/rpmsignverity.c
+++ b/sign/rpmsignverity.c
@@ -45,7 +45,10 @@ static char *rpmVeritySignFile(rpmfi fi, size_t *sig_size, char *key,
uint8_t *sig = NULL;
int status;
- file_size = rpmfiFSize(fi);
+ if (S_ISLNK(rpmfiFMode(fi)))
+ file_size = 0;
+ else
+ file_size = rpmfiFSize(fi);
memset(¶ms, 0, sizeof(struct libfsverity_merkle_tree_params));
params.version = 1;
--
2.27.0