From 60b30271bca682d7ffe824fca5360374b5c36a3c Mon Sep 17 00:00:00 2001 From: Michal Domonkos Date: Apr 05 2022 18:33:27 +0000 Subject: [PATCH 1/7] Fix minor ABI regression in rpmcli.h Upstream commit: f62b6d27cd741406a52a7e9c5b1d6f581dbd3af8 Related: #2037352 Resolves: #2072175 --- diff --git a/rpm-4.16.1.3-add-path-query-option.patch b/rpm-4.16.1.3-add-path-query-option.patch index 0a44718..324f098 100644 --- a/rpm-4.16.1.3-add-path-query-option.patch +++ b/rpm-4.16.1.3-add-path-query-option.patch @@ -1,4 +1,4 @@ -From ce8af503733b5661efa046cc7f5f68ee0dad75cc Mon Sep 17 00:00:00 2001 +From ba659220886c1a315f50fb91b9af4615b1a8757e Mon Sep 17 00:00:00 2001 From: Michal Domonkos Date: Mon, 16 Aug 2021 18:21:02 +0200 Subject: [PATCH] Add support for RPMDBI_BASENAMES on file queries @@ -14,8 +14,11 @@ Update the man page for --file to reflect it's current behavior and make Resolves: rhbz#1940895 -Combined with d1aebda01033bc8ba0d748b49f6fad9a5c0caa3f and backported -for 4.16.1.3. +Combined with: +d1aebda01033bc8ba0d748b49f6fad9a5c0caa3f +f62b6d27cd741406a52a7e9c5b1d6f581dbd3af8 + +Backported for 4.16.1.3. --- doc/rpm.8 | 9 ++++++-- lib/poptQV.c | 6 +++++- @@ -115,17 +118,17 @@ index fdabe6e52..9a71f0dc5 100644 mi = rpmtsInitIterator(ts, RPMDBI_PROVIDENAME, fn, 0); diff --git a/lib/rpmcli.h b/lib/rpmcli.h -index 4886c2453..8ef992ff2 100644 +index 4886c2453..3961418e7 100644 --- a/lib/rpmcli.h +++ b/lib/rpmcli.h -@@ -81,6 +81,7 @@ rpmcliFini(poptContext optCon); - enum rpmQVSources_e { - RPMQV_PACKAGE = 0, /*!< ... from package name db search. */ - RPMQV_PATH, /*!< ... from file path db search. */ +@@ -101,6 +101,7 @@ enum rpmQVSources_e { + RPMQV_SPECBUILTRPMS, /*!< ... from pkgs which would be built from spec */ + RPMQV_WHATOBSOLETES, /*!< ... from obsoletes db search. */ + RPMQV_WHATCONFLICTS, /*!< ... from conflicts db search. */ + RPMQV_PATH_ALL, /*!< ... from file path db search (all states). */ - RPMQV_ALL, /*!< ... from each installed package. */ - RPMQV_RPM, /*!< ... from reading binary rpm package. */ - RPMQV_GROUP, /*!< ... from group db search. */ + }; + + typedef rpmFlags rpmQVSources; diff --git a/tests/rpmquery.at b/tests/rpmquery.at index 9a4f1cb76..335d5ee0d 100644 --- a/tests/rpmquery.at @@ -190,5 +193,5 @@ index 9a4f1cb76..335d5ee0d 100644 AT_SETUP([integer array query]) AT_KEYWORDS([query]) -- -2.34.1 +2.35.1 diff --git a/rpm.spec b/rpm.spec index bcd8a8d..c864f79 100644 --- a/rpm.spec +++ b/rpm.spec @@ -32,7 +32,7 @@ %global rpmver 4.16.1.3 #global snapver rc1 -%global rel 11 +%global rel 12 %global sover 9 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -611,6 +611,9 @@ fi %doc doc/librpm/html/* %changelog +* Tue Apr 05 2022 Michal Domonkos - 4.16.1.3-12 +- Fix minor ABI regression in rpmcli.h (#2037352) + * Mon Feb 14 2022 Michal Domonkos - 4.16.1.3-11 - Fix IMA signature lengths assumed constant, take III (#2018937) - Fix regression reading rpm v3 and other rare packages (#2037186) From 5a103aa4931082cab20338a90b829d30db40f91c Mon Sep 17 00:00:00 2001 From: Florian Festi Date: Jun 16 2022 12:42:05 +0000 Subject: [PATCH 2/7] Give error message for failed PGP key import due to missing SHA1 support Resolves: #2069877 --- diff --git a/0001-Give-error-message-for-failed-PGP-key-import.patch b/0001-Give-error-message-for-failed-PGP-key-import.patch new file mode 100644 index 0000000..c3ae790 --- /dev/null +++ b/0001-Give-error-message-for-failed-PGP-key-import.patch @@ -0,0 +1,25 @@ +From b105f03f956e6e1523df2ac3fffc86b924fd6e1b Mon Sep 17 00:00:00 2001 +From: Florian Festi +Date: Thu, 16 Jun 2022 14:29:01 +0200 +Subject: [PATCH] Give error message for failed PGP key import + +due to missing SHA1 support +--- + rpmio/rpmpgp.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c +index d0688ebe9..71f8ed192 100644 +--- a/rpmio/rpmpgp.c ++++ b/rpmio/rpmpgp.c +@@ -860,6 +860,7 @@ int pgpPubkeyFingerprint(const uint8_t *h, size_t hlen, + *fplen = dlen; + } else { + free(d); ++ rpmlog(RPMLOG_ERR, _("Failed calculating fingerprint of public key. SHA1 not supported.\n")); + } + } + +-- +2.36.1 + diff --git a/rpm.spec b/rpm.spec index c864f79..77b0ac7 100644 --- a/rpm.spec +++ b/rpm.spec @@ -32,7 +32,7 @@ %global rpmver 4.16.1.3 #global snapver rc1 -%global rel 12 +%global rel 13 %global sover 9 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -87,6 +87,7 @@ Patch113: rpm-4.16.1.3-fix-spurious-transfiletriggerpostun-execution.patch Patch906: rpm-4.7.1-geode-i686.patch # Probably to be upstreamed in slightly different form Patch907: rpm-4.15.x-ldflags.patch +Patch908: 0001-Give-error-message-for-failed-PGP-key-import.patch # Not yet (all) upstream, debugedit DWARF5 # https://code.wildebeest.org/git/user/mjw/rpm/log/?h=gcc-dwarf5-4.16.1.2 @@ -611,6 +612,9 @@ fi %doc doc/librpm/html/* %changelog +* Thu Jun 16 2022 Florian Festi - 4.16.1.3-13 +- Error message for failed key import (#2069877) + * Tue Apr 05 2022 Michal Domonkos - 4.16.1.3-12 - Fix minor ABI regression in rpmcli.h (#2037352) From a654ea1b9c9b83a89883fd1691fc640a58fd3bec Mon Sep 17 00:00:00 2001 From: Florian Festi Date: Jun 29 2022 06:56:02 +0000 Subject: [PATCH 3/7] Give warning on not supported hash for RSA keys Resolves: #2069877 --- diff --git a/0001-Give-error-message-for-failed-PGP-key-import.patch b/0001-Give-error-message-for-failed-PGP-key-import.patch deleted file mode 100644 index c3ae790..0000000 --- a/0001-Give-error-message-for-failed-PGP-key-import.patch +++ /dev/null @@ -1,25 +0,0 @@ -From b105f03f956e6e1523df2ac3fffc86b924fd6e1b Mon Sep 17 00:00:00 2001 -From: Florian Festi -Date: Thu, 16 Jun 2022 14:29:01 +0200 -Subject: [PATCH] Give error message for failed PGP key import - -due to missing SHA1 support ---- - rpmio/rpmpgp.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c -index d0688ebe9..71f8ed192 100644 ---- a/rpmio/rpmpgp.c -+++ b/rpmio/rpmpgp.c -@@ -860,6 +860,7 @@ int pgpPubkeyFingerprint(const uint8_t *h, size_t hlen, - *fplen = dlen; - } else { - free(d); -+ rpmlog(RPMLOG_ERR, _("Failed calculating fingerprint of public key. SHA1 not supported.\n")); - } - } - --- -2.36.1 - diff --git a/0001-Give-warning-on-not-supported-hash-for-RSA-keys.patch b/0001-Give-warning-on-not-supported-hash-for-RSA-keys.patch new file mode 100644 index 0000000..24a7326 --- /dev/null +++ b/0001-Give-warning-on-not-supported-hash-for-RSA-keys.patch @@ -0,0 +1,40 @@ +From 48546ffc0a3f3eb15bfd439a19fc9722eaea592f Mon Sep 17 00:00:00 2001 +From: Florian Festi +Date: Tue, 28 Jun 2022 12:50:54 +0200 +Subject: [PATCH] Give warning on not supported hash for RSA keys + +This can happen when old keys are used on systems that have disabled SHA1 +e.g. for FIPS requirements. + +This is less than ideal but there is currently no way to pass a meaningful +error code up to rpmtsImportPubkey. rpmPubkeyNew just returns a valid key +or NULL. + +See rhbz#2069877 +--- + rpmio/digest_openssl.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/rpmio/digest_openssl.c b/rpmio/digest_openssl.c +index a28a13acc..2ec5140f1 100644 +--- a/rpmio/digest_openssl.c ++++ b/rpmio/digest_openssl.c +@@ -4,6 +4,7 @@ + #include + #include + #include ++#include + + #include "rpmio/digest.h" + +@@ -483,6 +484,7 @@ static int pgpVerifySigRSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig, + + ret = EVP_PKEY_CTX_set_signature_md(pkey_ctx, getEVPMD(hash_algo)); + if (ret < 0) { ++ rpmlog(RPMLOG_WARNING, "Signature not supported. Hash algorithm %s not available.\n", pgpValString(PGPVAL_HASHALGO, hash_algo)); + rc = 1; + goto done; + } +-- +2.36.1 + diff --git a/rpm.spec b/rpm.spec index 77b0ac7..14e9bf2 100644 --- a/rpm.spec +++ b/rpm.spec @@ -32,7 +32,7 @@ %global rpmver 4.16.1.3 #global snapver rc1 -%global rel 13 +%global rel 14 %global sover 9 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -87,7 +87,7 @@ Patch113: rpm-4.16.1.3-fix-spurious-transfiletriggerpostun-execution.patch Patch906: rpm-4.7.1-geode-i686.patch # Probably to be upstreamed in slightly different form Patch907: rpm-4.15.x-ldflags.patch -Patch908: 0001-Give-error-message-for-failed-PGP-key-import.patch +Patch908: 0001-Give-warning-on-not-supported-hash-for-RSA-keys.patch # Not yet (all) upstream, debugedit DWARF5 # https://code.wildebeest.org/git/user/mjw/rpm/log/?h=gcc-dwarf5-4.16.1.2 @@ -612,8 +612,8 @@ fi %doc doc/librpm/html/* %changelog -* Thu Jun 16 2022 Florian Festi - 4.16.1.3-13 -- Error message for failed key import (#2069877) +* Tue Jun 28 2022 Florian Festi - 4.16.1.3-14 +- Warning for failed key import (#2069877) * Tue Apr 05 2022 Michal Domonkos - 4.16.1.3-12 - Fix minor ABI regression in rpmcli.h (#2037352) From a44688b6366190fe476dc92d1d06ea0b70a219b5 Mon Sep 17 00:00:00 2001 From: Nick Clifton Date: Jun 30 2022 10:49:55 +0000 Subject: [PATCH 4/7] Pass _find_debuginfo_vendor_opts to the find-debuginfo script. Resolves: #2099617 --- diff --git a/rpm-4.16.1.3-find_debuginfo_vendor_opts.patch b/rpm-4.16.1.3-find_debuginfo_vendor_opts.patch new file mode 100644 index 0000000..c6f30a7 --- /dev/null +++ b/rpm-4.16.1.3-find_debuginfo_vendor_opts.patch @@ -0,0 +1,20 @@ +--- rpm.orig/macros.in 2022-06-30 11:37:18.975312592 +0100 ++++ rpm-4.16.1.3/macros.in 2022-06-30 11:37:43.145158323 +0100 +@@ -167,6 +167,9 @@ + # A spec file can %%define _find_debuginfo_opts to pass options to + # the script. See the script for details. + # ++# Vendor spec files (eg redhat-rpm-config:macros) can %%define ++# _find_debuginfo_vendor_opts to pass options to the script. ++# + %__debug_install_post \ + %{_rpmconfigdir}/find-debuginfo.sh \\\ + %{?_smp_build_ncpus:-j%{_smp_build_ncpus}} \\\ +@@ -179,6 +182,7 @@ + %{?_unique_debug_srcs:--unique-debug-src-base "%{name}-%{VERSION}-%{RELEASE}.%{_arch}"} \\\ + %{?_find_debuginfo_dwz_opts} \\\ + %{?_find_debuginfo_opts} \\\ ++ %{?_find_debuginfo_vendor_opts} \\\ + %{?_debugsource_packages:-S debugsourcefiles.list} \\\ + "%{_builddir}/%{?buildsubdir}"\ + %{nil} diff --git a/rpm.spec b/rpm.spec index 14e9bf2..879ed7a 100644 --- a/rpm.spec +++ b/rpm.spec @@ -32,7 +32,7 @@ %global rpmver 4.16.1.3 #global snapver rc1 -%global rel 14 +%global rel 15 %global sover 9 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -100,6 +100,7 @@ Patch916: 0006-debugedit-Handle-DWARF-5-debug_line-and-debug_line_s.patch # Downstream-only patches Patch1000: rpm-4.16.1.3-hashtab-use-after-free-fix.patch +Patch1001: rpm-4.16.1.3-find_debuginfo_vendor_opts.patch # Partially GPL/LGPL dual-licensed and some bits with BSD # SourceLicense: (GPLv2+ and LGPLv2+ with exceptions) and BSD @@ -612,6 +613,9 @@ fi %doc doc/librpm/html/* %changelog +* Thu Jun 30 2022 Nick Clifton - 4.16.1.3-15 +- Pass _find_debuginfo_vendor_opts to the find-debuginfo script. (#2099617) + * Tue Jun 28 2022 Florian Festi - 4.16.1.3-14 - Warning for failed key import (#2069877) From 0a4ec89b01dbc0e2e05850e1f1cecb12c4e02b2e Mon Sep 17 00:00:00 2001 From: Florian Festi Date: Aug 01 2022 07:07:44 +0000 Subject: [PATCH 5/7] Make rpm2cpio.sh more robust Resolves: #1983015 --- diff --git a/rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch b/rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch new file mode 100644 index 0000000..f2a0989 --- /dev/null +++ b/rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch @@ -0,0 +1,57 @@ +diff --git a/scripts/rpm2cpio.sh b/scripts/rpm2cpio.sh +index 4531271cc..74aeed851 100755 +--- a/scripts/rpm2cpio.sh ++++ b/scripts/rpm2cpio.sh +@@ -15,13 +15,23 @@ _dd() { + } + + calcsize() { ++ ++ case "$(_dd $1 bs=4 count=1 | tr -d '\0')" in ++ "$(printf '\216\255\350')"*) ;; # '\x8e\xad\xe8' ++ *) fatal "File doesn't look like rpm: $pkg" ;; ++ esac ++ + offset=$(($1 + 8)) + + local i b b0 b1 b2 b3 b4 b5 b6 b7 + + i=0 + while [ $i -lt 8 ]; do +- b="$(_dd $(($offset + $i)) bs=1 count=1)" ++ # add . to not loose \n ++ # strip \0 as it gets dropped with warning otherwise ++ b="$(_dd $(($offset + $i)) bs=1 count=1 | tr -d '\0' ; echo .)" ++ b=${b%.} # strip . again ++ + [ -z "$b" ] && + b="0" || + b="$(exec printf '%u\n' "'$b")" +@@ -33,7 +43,7 @@ calcsize() { + offset=$(($offset + $rsize)) + } + +-case "$(_dd 0 bs=8 count=1)" in ++case "$(_dd 0 bs=8 count=1 | tr -d '\0')" in + "$(printf '\355\253\356\333')"*) ;; # '\xed\xab\xee\xdb' + *) fatal "File doesn't look like rpm: $pkg" ;; + esac +@@ -44,11 +54,11 @@ sigsize=$rsize + calcsize $(($offset + (8 - ($sigsize % 8)) % 8)) + hdrsize=$rsize + +-case "$(_dd $offset bs=3 count=1)" in +- "$(printf '\102\132')"*) _dd $offset | bunzip2 ;; # '\x42\x5a' +- "$(printf '\037\213')"*) _dd $offset | gunzip ;; # '\x1f\x8b' +- "$(printf '\375\067')"*) _dd $offset | xzcat ;; # '\xfd\x37' +- "$(printf '\135\000')"*) _dd $offset | unlzma ;; # '\x5d\x00' +- "$(printf '\050\265')"*) _dd $offset | unzstd ;; # '\x28\xb5' +- *) fatal "Unrecognized rpm file: $pkg" ;; ++case "$(_dd $offset bs=2 count=1 | tr -d '\0')" in ++ "$(printf '\102\132')") _dd $offset | bunzip2 ;; # '\x42\x5a' ++ "$(printf '\037\213')") _dd $offset | gunzip ;; # '\x1f\x8b' ++ "$(printf '\375\067')") _dd $offset | xzcat ;; # '\xfd\x37' ++ "$(printf '\135')") _dd $offset | unlzma ;; # '\x5d\x00' ++ "$(printf '\050\265')") _dd $offset | unzstd ;; # '\x28\xb5' ++ *) fatal "Unrecognized payload compression format in rpm file: $pkg" ;; + esac diff --git a/rpm.spec b/rpm.spec index 879ed7a..491f2f1 100644 --- a/rpm.spec +++ b/rpm.spec @@ -32,7 +32,7 @@ %global rpmver 4.16.1.3 #global snapver rc1 -%global rel 15 +%global rel 16 %global sover 9 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -82,6 +82,7 @@ Patch110: rpm-4.16.1.3-add-path-query-option.patch Patch111: rpm-4.16.1.3-skip-recorded-symlinks-in-setperms.patch Patch112: rpm-4.16.1.3-fix-regression-reading-rpm-v3-pkgs.patch Patch113: rpm-4.16.1.3-fix-spurious-transfiletriggerpostun-execution.patch +Patch114: rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch # These are not yet upstream Patch906: rpm-4.7.1-geode-i686.patch @@ -613,6 +614,9 @@ fi %doc doc/librpm/html/* %changelog +* Fri Jul 22 2022 Florian Festi - 4.16.1.3-16 +- Make rpm2cpio.sh more robust (#1983015) + * Thu Jun 30 2022 Nick Clifton - 4.16.1.3-15 - Pass _find_debuginfo_vendor_opts to the find-debuginfo script. (#2099617) From e3ce4eba285f834795d7c83324b0a3edfbc47969 Mon Sep 17 00:00:00 2001 From: Florian Festi Date: Aug 03 2022 15:42:27 +0000 Subject: [PATCH 6/7] Make rpm2cpio.sh more robust Also reduce bytes read for checking the magic header to 4 as the zero bytes read break on aarch64 for some reason. Resolves: #1983015 --- diff --git a/rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch b/rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch index f2a0989..38b2f5a 100644 --- a/rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch +++ b/rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch @@ -32,7 +32,7 @@ index 4531271cc..74aeed851 100755 } -case "$(_dd 0 bs=8 count=1)" in -+case "$(_dd 0 bs=8 count=1 | tr -d '\0')" in ++case "$(_dd 0 bs=4 count=1 | tr -d '\0')" in "$(printf '\355\253\356\333')"*) ;; # '\xed\xab\xee\xdb' *) fatal "File doesn't look like rpm: $pkg" ;; esac diff --git a/rpm.spec b/rpm.spec index 491f2f1..d21d853 100644 --- a/rpm.spec +++ b/rpm.spec @@ -32,7 +32,7 @@ %global rpmver 4.16.1.3 #global snapver rc1 -%global rel 16 +%global rel 17 %global sover 9 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -614,7 +614,7 @@ fi %doc doc/librpm/html/* %changelog -* Fri Jul 22 2022 Florian Festi - 4.16.1.3-16 +* Wed Aug 03 2022 Florian Festi - 4.16.1.3-17 - Make rpm2cpio.sh more robust (#1983015) * Thu Jun 30 2022 Nick Clifton - 4.16.1.3-15 From edf2dc93fe89392d2a2c6967133465849e0e1627 Mon Sep 17 00:00:00 2001 From: chantra Date: Aug 18 2022 18:03:34 +0000 Subject: [PATCH 7/7] Merge remote-tracking branch 'c9-stream/c9s' into c9s-sig-hyperscale --- diff --git a/0001-Give-warning-on-not-supported-hash-for-RSA-keys.patch b/0001-Give-warning-on-not-supported-hash-for-RSA-keys.patch new file mode 100644 index 0000000..24a7326 --- /dev/null +++ b/0001-Give-warning-on-not-supported-hash-for-RSA-keys.patch @@ -0,0 +1,40 @@ +From 48546ffc0a3f3eb15bfd439a19fc9722eaea592f Mon Sep 17 00:00:00 2001 +From: Florian Festi +Date: Tue, 28 Jun 2022 12:50:54 +0200 +Subject: [PATCH] Give warning on not supported hash for RSA keys + +This can happen when old keys are used on systems that have disabled SHA1 +e.g. for FIPS requirements. + +This is less than ideal but there is currently no way to pass a meaningful +error code up to rpmtsImportPubkey. rpmPubkeyNew just returns a valid key +or NULL. + +See rhbz#2069877 +--- + rpmio/digest_openssl.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/rpmio/digest_openssl.c b/rpmio/digest_openssl.c +index a28a13acc..2ec5140f1 100644 +--- a/rpmio/digest_openssl.c ++++ b/rpmio/digest_openssl.c +@@ -4,6 +4,7 @@ + #include + #include + #include ++#include + + #include "rpmio/digest.h" + +@@ -483,6 +484,7 @@ static int pgpVerifySigRSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig, + + ret = EVP_PKEY_CTX_set_signature_md(pkey_ctx, getEVPMD(hash_algo)); + if (ret < 0) { ++ rpmlog(RPMLOG_WARNING, "Signature not supported. Hash algorithm %s not available.\n", pgpValString(PGPVAL_HASHALGO, hash_algo)); + rc = 1; + goto done; + } +-- +2.36.1 + diff --git a/rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch b/rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch new file mode 100644 index 0000000..38b2f5a --- /dev/null +++ b/rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch @@ -0,0 +1,57 @@ +diff --git a/scripts/rpm2cpio.sh b/scripts/rpm2cpio.sh +index 4531271cc..74aeed851 100755 +--- a/scripts/rpm2cpio.sh ++++ b/scripts/rpm2cpio.sh +@@ -15,13 +15,23 @@ _dd() { + } + + calcsize() { ++ ++ case "$(_dd $1 bs=4 count=1 | tr -d '\0')" in ++ "$(printf '\216\255\350')"*) ;; # '\x8e\xad\xe8' ++ *) fatal "File doesn't look like rpm: $pkg" ;; ++ esac ++ + offset=$(($1 + 8)) + + local i b b0 b1 b2 b3 b4 b5 b6 b7 + + i=0 + while [ $i -lt 8 ]; do +- b="$(_dd $(($offset + $i)) bs=1 count=1)" ++ # add . to not loose \n ++ # strip \0 as it gets dropped with warning otherwise ++ b="$(_dd $(($offset + $i)) bs=1 count=1 | tr -d '\0' ; echo .)" ++ b=${b%.} # strip . again ++ + [ -z "$b" ] && + b="0" || + b="$(exec printf '%u\n' "'$b")" +@@ -33,7 +43,7 @@ calcsize() { + offset=$(($offset + $rsize)) + } + +-case "$(_dd 0 bs=8 count=1)" in ++case "$(_dd 0 bs=4 count=1 | tr -d '\0')" in + "$(printf '\355\253\356\333')"*) ;; # '\xed\xab\xee\xdb' + *) fatal "File doesn't look like rpm: $pkg" ;; + esac +@@ -44,11 +54,11 @@ sigsize=$rsize + calcsize $(($offset + (8 - ($sigsize % 8)) % 8)) + hdrsize=$rsize + +-case "$(_dd $offset bs=3 count=1)" in +- "$(printf '\102\132')"*) _dd $offset | bunzip2 ;; # '\x42\x5a' +- "$(printf '\037\213')"*) _dd $offset | gunzip ;; # '\x1f\x8b' +- "$(printf '\375\067')"*) _dd $offset | xzcat ;; # '\xfd\x37' +- "$(printf '\135\000')"*) _dd $offset | unlzma ;; # '\x5d\x00' +- "$(printf '\050\265')"*) _dd $offset | unzstd ;; # '\x28\xb5' +- *) fatal "Unrecognized rpm file: $pkg" ;; ++case "$(_dd $offset bs=2 count=1 | tr -d '\0')" in ++ "$(printf '\102\132')") _dd $offset | bunzip2 ;; # '\x42\x5a' ++ "$(printf '\037\213')") _dd $offset | gunzip ;; # '\x1f\x8b' ++ "$(printf '\375\067')") _dd $offset | xzcat ;; # '\xfd\x37' ++ "$(printf '\135')") _dd $offset | unlzma ;; # '\x5d\x00' ++ "$(printf '\050\265')") _dd $offset | unzstd ;; # '\x28\xb5' ++ *) fatal "Unrecognized payload compression format in rpm file: $pkg" ;; + esac diff --git a/rpm-4.16.1.3-add-path-query-option.patch b/rpm-4.16.1.3-add-path-query-option.patch index 0a44718..324f098 100644 --- a/rpm-4.16.1.3-add-path-query-option.patch +++ b/rpm-4.16.1.3-add-path-query-option.patch @@ -1,4 +1,4 @@ -From ce8af503733b5661efa046cc7f5f68ee0dad75cc Mon Sep 17 00:00:00 2001 +From ba659220886c1a315f50fb91b9af4615b1a8757e Mon Sep 17 00:00:00 2001 From: Michal Domonkos Date: Mon, 16 Aug 2021 18:21:02 +0200 Subject: [PATCH] Add support for RPMDBI_BASENAMES on file queries @@ -14,8 +14,11 @@ Update the man page for --file to reflect it's current behavior and make Resolves: rhbz#1940895 -Combined with d1aebda01033bc8ba0d748b49f6fad9a5c0caa3f and backported -for 4.16.1.3. +Combined with: +d1aebda01033bc8ba0d748b49f6fad9a5c0caa3f +f62b6d27cd741406a52a7e9c5b1d6f581dbd3af8 + +Backported for 4.16.1.3. --- doc/rpm.8 | 9 ++++++-- lib/poptQV.c | 6 +++++- @@ -115,17 +118,17 @@ index fdabe6e52..9a71f0dc5 100644 mi = rpmtsInitIterator(ts, RPMDBI_PROVIDENAME, fn, 0); diff --git a/lib/rpmcli.h b/lib/rpmcli.h -index 4886c2453..8ef992ff2 100644 +index 4886c2453..3961418e7 100644 --- a/lib/rpmcli.h +++ b/lib/rpmcli.h -@@ -81,6 +81,7 @@ rpmcliFini(poptContext optCon); - enum rpmQVSources_e { - RPMQV_PACKAGE = 0, /*!< ... from package name db search. */ - RPMQV_PATH, /*!< ... from file path db search. */ +@@ -101,6 +101,7 @@ enum rpmQVSources_e { + RPMQV_SPECBUILTRPMS, /*!< ... from pkgs which would be built from spec */ + RPMQV_WHATOBSOLETES, /*!< ... from obsoletes db search. */ + RPMQV_WHATCONFLICTS, /*!< ... from conflicts db search. */ + RPMQV_PATH_ALL, /*!< ... from file path db search (all states). */ - RPMQV_ALL, /*!< ... from each installed package. */ - RPMQV_RPM, /*!< ... from reading binary rpm package. */ - RPMQV_GROUP, /*!< ... from group db search. */ + }; + + typedef rpmFlags rpmQVSources; diff --git a/tests/rpmquery.at b/tests/rpmquery.at index 9a4f1cb76..335d5ee0d 100644 --- a/tests/rpmquery.at @@ -190,5 +193,5 @@ index 9a4f1cb76..335d5ee0d 100644 AT_SETUP([integer array query]) AT_KEYWORDS([query]) -- -2.34.1 +2.35.1 diff --git a/rpm-4.16.1.3-find_debuginfo_vendor_opts.patch b/rpm-4.16.1.3-find_debuginfo_vendor_opts.patch new file mode 100644 index 0000000..c6f30a7 --- /dev/null +++ b/rpm-4.16.1.3-find_debuginfo_vendor_opts.patch @@ -0,0 +1,20 @@ +--- rpm.orig/macros.in 2022-06-30 11:37:18.975312592 +0100 ++++ rpm-4.16.1.3/macros.in 2022-06-30 11:37:43.145158323 +0100 +@@ -167,6 +167,9 @@ + # A spec file can %%define _find_debuginfo_opts to pass options to + # the script. See the script for details. + # ++# Vendor spec files (eg redhat-rpm-config:macros) can %%define ++# _find_debuginfo_vendor_opts to pass options to the script. ++# + %__debug_install_post \ + %{_rpmconfigdir}/find-debuginfo.sh \\\ + %{?_smp_build_ncpus:-j%{_smp_build_ncpus}} \\\ +@@ -179,6 +182,7 @@ + %{?_unique_debug_srcs:--unique-debug-src-base "%{name}-%{VERSION}-%{RELEASE}.%{_arch}"} \\\ + %{?_find_debuginfo_dwz_opts} \\\ + %{?_find_debuginfo_opts} \\\ ++ %{?_find_debuginfo_vendor_opts} \\\ + %{?_debugsource_packages:-S debugsourcefiles.list} \\\ + "%{_builddir}/%{?buildsubdir}"\ + %{nil} diff --git a/rpm.spec b/rpm.spec index 3bb6097..f9be114 100644 --- a/rpm.spec +++ b/rpm.spec @@ -42,7 +42,7 @@ %global rpmver 4.16.1.3 #global snapver rc1 -%global rel 11.3 +%global rel 17.1 %global sover 9 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -102,11 +102,13 @@ Patch110: rpm-4.16.1.3-add-path-query-option.patch Patch111: rpm-4.16.1.3-skip-recorded-symlinks-in-setperms.patch Patch112: rpm-4.16.1.3-fix-regression-reading-rpm-v3-pkgs.patch Patch113: rpm-4.16.1.3-fix-spurious-transfiletriggerpostun-execution.patch +Patch114: rpm-4.16.1.3-Make-rpm2cpio.sh-more-robust.patch # These are not yet upstream Patch906: rpm-4.7.1-geode-i686.patch # Probably to be upstreamed in slightly different form Patch907: rpm-4.15.x-ldflags.patch +Patch908: 0001-Give-warning-on-not-supported-hash-for-RSA-keys.patch # Not yet (all) upstream, debugedit DWARF5 # https://code.wildebeest.org/git/user/mjw/rpm/log/?h=gcc-dwarf5-4.16.1.2 @@ -119,6 +121,7 @@ Patch916: 0006-debugedit-Handle-DWARF-5-debug_line-and-debug_line_s.patch # Downstream-only patches Patch1000: rpm-4.16.1.3-hashtab-use-after-free-fix.patch +Patch1001: rpm-4.16.1.3-find_debuginfo_vendor_opts.patch # fsverity support %if %{with libfsverity} @@ -808,6 +811,21 @@ fi %{_datadir}/selinux/packages/rpm_hs.pp.bz2 %changelog +* Thu Aug 18 2022 Manu Bretelle - 4.16.1.3-17.1 +- Rebuild for hyperscale + +* Wed Aug 03 2022 Florian Festi - 4.16.1.3-17 +- Make rpm2cpio.sh more robust (#1983015) + +* Thu Jun 30 2022 Nick Clifton - 4.16.1.3-15 +- Pass _find_debuginfo_vendor_opts to the find-debuginfo script. (#2099617) + +* Tue Jun 28 2022 Florian Festi - 4.16.1.3-14 +- Warning for failed key import (#2069877) + +* Tue Apr 05 2022 Michal Domonkos - 4.16.1.3-12 +- Fix minor ABI regression in rpmcli.h (#2037352) + * Sun Apr 03 2022 Neal Gompa - 4.16.1.3-11.3 - Migrate rpmdb to /usr/lib/sysimage/rpm https://fedoraproject.org/wiki/Changes/RelocateRPMToUsr