diff --git a/SOURCES/0001-Add-limits-to-autopatch-macro.patch b/SOURCES/0001-Add-limits-to-autopatch-macro.patch new file mode 100644 index 0000000..3235922 --- /dev/null +++ b/SOURCES/0001-Add-limits-to-autopatch-macro.patch @@ -0,0 +1,44 @@ +From f00bb5be9caa62220c6aeaf3f7264840d5c089e3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Tue, 5 Feb 2019 18:15:47 +0100 +Subject: [PATCH] Add limits to autopatch macro + +Limits allow to apply only range of patches with given parameters. +Useful if something needs to be done between patch sets. Allows applying +of patches with different -pX parameter in one spec file. + +Resolves: #626 +Co-authored-by: Florian Festi +--- + macros.in | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/macros.in b/macros.in +index 7b5b63020..912ad5997 100644 +--- a/macros.in ++++ b/macros.in +@@ -1265,11 +1265,19 @@ else\ + end} + + # Automatically apply all patches +-%autopatch(vp:)\ ++# -m Apply patches with number >= min only ++# -M Apply patches with number <= max only ++%autopatch(vp:m:M:)\ + %{lua:\ + local options = rpm.expand("%{!-v:-q} %{-p:-p%{-p*}} ")\ ++local low_limit = tonumber(rpm.expand("%{-m:%{-m*}}"))\ ++local high_limit = tonumber(rpm.expand("%{-M:%{-M*}}"))\ + for i, p in ipairs(patches) do\ +- print(rpm.expand("%apply_patch -m %{basename:"..p.."} "..options..p.." "..i.."\\n"))\ ++ local inum = patch_nums[i]\ ++ if ((not low_limit or inum>=low_limit) and (not high_limit or inum<=high_limit)) \ ++ then\ ++ print(rpm.expand("%apply_patch -m %{basename:"..p.."} "..options..p.." "..i.."\\n")) \ ++ end\ + end} + + # One macro to (optionally) do it all. +-- +2.26.2 + diff --git a/SOURCES/0001-Always-close-libelf-handle-1313.patch b/SOURCES/0001-Always-close-libelf-handle-1313.patch new file mode 100644 index 0000000..81a1296 --- /dev/null +++ b/SOURCES/0001-Always-close-libelf-handle-1313.patch @@ -0,0 +1,32 @@ +From 38c03ddb18e86c84d89af695f72442d8365eb64e Mon Sep 17 00:00:00 2001 +From: Florian Festi +Date: Tue, 21 Jul 2020 10:45:20 +0200 +Subject: [PATCH] Always close libelf handle (#1313) + +Otherwise executables that are not proper elf files are leaking libelf +handles. This results in file being left open (mmap'ed) and fails the +build on NFS as those files can't be deleted properly there. + +Resolves: rhbz#1840728 +See also: https://bugzilla.redhat.com/show_bug.cgi?id=1840728 +--- + build/files.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/build/files.c b/build/files.c +index f675306f7..62489c07c 100644 +--- a/build/files.c ++++ b/build/files.c +@@ -1935,8 +1935,8 @@ static int generateBuildIDs(FileList fl, ARGV_t *files) + if (terminate) + rc = 1; + } +- elf_end (elf); + } ++ elf_end (elf); + close (fd); + } + } +-- +2.26.2 + diff --git a/SOURCES/0001-Fix-python-ts.addErase-not-raising-exception-on-not-.patch b/SOURCES/0001-Fix-python-ts.addErase-not-raising-exception-on-not-.patch new file mode 100644 index 0000000..809f065 --- /dev/null +++ b/SOURCES/0001-Fix-python-ts.addErase-not-raising-exception-on-not-.patch @@ -0,0 +1,102 @@ +From 60066aba510b3ff4a7db092021aae71948e3f8be Mon Sep 17 00:00:00 2001 +From: Panu Matilainen +Date: Thu, 4 Jun 2020 11:18:01 +0300 +Subject: [PATCH] Fix python ts.addErase() not raising exception on not-found + packages + +The code would only raise an exception if TransactionSetCore.addErase() +returned an error, but the catch is that with many kinds of argument +types we'd silently skip the whole addition because no headers were found. +This looks to be a regression introduced some eleven years ago in +commit 9b20c706a4f93266450fae2f94007343b2e8fd9e. + +As a special case, a match iterator argument will not raise an exception +if it doesn't actually match anything. + +Fixes: #1214 +--- + python/rpm/transaction.py | 26 +++++++++++++++----------- + tests/rpmpython.at | 22 ++++++++++++++++++++++ + 2 files changed, 37 insertions(+), 11 deletions(-) + +diff --git a/python/rpm/transaction.py b/python/rpm/transaction.py +index 7c4a551d3..3c9ddb207 100644 +--- a/python/rpm/transaction.py ++++ b/python/rpm/transaction.py +@@ -91,14 +91,22 @@ class TransactionSet(TransactionSetCore): + + def addErase(self, item): + hdrs = [] +- if isinstance(item, rpm.hdr): +- hdrs = [item] +- elif isinstance(item, rpm.mi): ++ # match iterators are passed on as-is ++ if isinstance(item, rpm.mi): + hdrs = item +- elif isinstance(item, int): +- hdrs = self.dbMatch(rpm.RPMDBI_PACKAGES, item) +- elif isinstance(item, _string_types): +- hdrs = self.dbMatch(rpm.RPMDBI_LABEL, item) ++ elif isinstance(item, rpm.hdr): ++ hdrs.append(item) ++ elif isinstance(item, (int, _string_types)): ++ if isinstance(item, int): ++ dbi = rpm.RPMDBI_PACKAGES ++ else: ++ dbi = rpm.RPMDBI_LABEL ++ ++ for h in self.dbMatch(dbi, item): ++ hdrs.append(h) ++ ++ if not hdrs: ++ raise rpm.error("package not installed") + else: + raise TypeError("invalid type %s" % type(item)) + +@@ -106,10 +114,6 @@ class TransactionSet(TransactionSetCore): + if not TransactionSetCore.addErase(self, h): + raise rpm.error("package not installed") + +- # garbage collection should take care but just in case... +- if isinstance(hdrs, rpm.mi): +- del hdrs +- + def run(self, callback, data): + rc = TransactionSetCore.run(self, callback, data, self._probFilter) + +diff --git a/tests/rpmpython.at b/tests/rpmpython.at +index 3a7c251f1..de39c8417 100644 +--- a/tests/rpmpython.at ++++ b/tests/rpmpython.at +@@ -201,6 +201,28 @@ for e in ts: + [foo-1.0-1.noarch] + ) + ++RPMPY_TEST([add erasure to transaction],[ ++ts = rpm.ts() ++for i in ['foo', 1234]: ++ myprint('addErase %s' % i) ++ try: ++ ts.addErase(i) ++ except rpm.error as err: ++ myprint(err) ++myprint('addErase mi') ++mi = ts.dbMatch('name', 'foo') ++try: ++ ts.addErase(mi) ++except rpm.error as err: ++ myprint(err) ++], ++[addErase foo ++package not installed ++addErase 1234 ++package not installed ++addErase mi] ++) ++ + RPMPY_TEST([add bogus package to transaction 1],[ + ts = rpm.ts() + h = rpm.hdr() +-- +2.26.2 + diff --git a/SOURCES/0001-Introduce-patch_nums-and-source_nums-Lua-variables-i.patch b/SOURCES/0001-Introduce-patch_nums-and-source_nums-Lua-variables-i.patch new file mode 100644 index 0000000..ccf39e3 --- /dev/null +++ b/SOURCES/0001-Introduce-patch_nums-and-source_nums-Lua-variables-i.patch @@ -0,0 +1,63 @@ +From 9ad4b813483f8cf6c641f56387248b33b6dfc570 Mon Sep 17 00:00:00 2001 +From: Panu Matilainen +Date: Wed, 20 Feb 2019 15:28:30 +0200 +Subject: [PATCH] Introduce patch_nums and source_nums Lua variables in spec + context + +The pre-existing patches and sources variables only contains patch and +source filenames, but for some purposes we need access to the associated +patch/source number too. We could use the number as the table key, but +that would make the table unsorted. That we could handle in our own +macros, but would break compatibility for anybody doing custom stuff +with these. So it seems best to just add parallel arrays sharing the +same array indexes so that both values are as easily accessible, +depending on the need. + +Inspired by Pascal "Pixel" Rigaux's similar patch in Mageia, which differs +in that the number-arrays are indexed by the filename and is unordered. +Compared to patches/sources this seemed against principle of least +surprise, and is slightly more cumbersome int the case we want the number +directly, such as in PR #626. The variable names differ so there +is no incompatibility to that downstream patch introduced. +--- + build/parsePreamble.c | 9 +++++++++ + build/spec.c | 3 ++- + 2 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/build/parsePreamble.c b/build/parsePreamble.c +index 812c41f9f..9520bac4b 100644 +--- a/build/parsePreamble.c ++++ b/build/parsePreamble.c +@@ -322,6 +322,15 @@ static int addSource(rpmSpec spec, Package pkg, const char *field, rpmTagVal tag + rpmluaSetVar(lua, var); + rpmluavFree(var); + rpmluaPop(lua); ++ ++ what = (flag & RPMBUILD_ISPATCH) ? "patch_nums" : "source_nums"; ++ rpmluaPushTable(lua, what); ++ var = rpmluavNew(); ++ rpmluavSetListMode(var, 1); ++ rpmluavSetValueNum(var, p->num); ++ rpmluaSetVar(lua, var); ++ rpmluavFree(var); ++ rpmluaPop(lua); + } + #endif + free(body); +diff --git a/build/spec.c b/build/spec.c +index 80eaca611..55095c6ce 100644 +--- a/build/spec.c ++++ b/build/spec.c +@@ -305,7 +305,8 @@ rpmSpec newSpec(void) + #ifdef WITH_LUA + /* make sure patches and sources tables always exist */ + rpmlua lua = NULL; /* global state */ +- const char * luavars[] = { "patches", "sources", NULL, }; ++ const char * luavars[] = { "patches", "sources", ++ "patch_nums", "source_nums", NULL, }; + for (const char **vp = luavars; vp && *vp; vp++) { + rpmluaDelVar(lua, *vp); + rpmluaPushTable(lua, *vp); +-- +2.26.2 + diff --git a/SOURCES/0001-When-doing-the-same-thing-more-than-once-use-a-loop.patch b/SOURCES/0001-When-doing-the-same-thing-more-than-once-use-a-loop.patch new file mode 100644 index 0000000..9e9ee45 --- /dev/null +++ b/SOURCES/0001-When-doing-the-same-thing-more-than-once-use-a-loop.patch @@ -0,0 +1,38 @@ +From 9cbc1fe444b048c3f7cf5ea09ab650d1c146d54a Mon Sep 17 00:00:00 2001 +From: Panu Matilainen +Date: Wed, 20 Feb 2019 14:49:19 +0200 +Subject: [PATCH] When doing the same thing more than once, use a loop... + +No functional changes but this'll simplify the next commit quite a bit. +--- + build/spec.c | 12 +++++------- + 1 file changed, 5 insertions(+), 7 deletions(-) + +diff --git a/build/spec.c b/build/spec.c +index e414e4102..80eaca611 100644 +--- a/build/spec.c ++++ b/build/spec.c +@@ -303,15 +303,13 @@ rpmSpec newSpec(void) + spec->pool = rpmstrPoolCreate(); + + #ifdef WITH_LUA +- { + /* make sure patches and sources tables always exist */ + rpmlua lua = NULL; /* global state */ +- rpmluaDelVar(lua, "patches"); +- rpmluaDelVar(lua, "sources"); +- rpmluaPushTable(lua, "patches"); +- rpmluaPushTable(lua, "sources"); +- rpmluaPop(lua); +- rpmluaPop(lua); ++ const char * luavars[] = { "patches", "sources", NULL, }; ++ for (const char **vp = luavars; vp && *vp; vp++) { ++ rpmluaDelVar(lua, *vp); ++ rpmluaPushTable(lua, *vp); ++ rpmluaPop(lua); + } + #endif + return spec; +-- +2.26.2 + diff --git a/SOURCES/0001-Work-around-buggy-signature-region-preventing-resign.patch b/SOURCES/0001-Work-around-buggy-signature-region-preventing-resign.patch new file mode 100644 index 0000000..54dd45f --- /dev/null +++ b/SOURCES/0001-Work-around-buggy-signature-region-preventing-resign.patch @@ -0,0 +1,44 @@ +From 8fefd2bd21b30996ad0748eab6baadf915610642 Mon Sep 17 00:00:00 2001 +From: Panu Matilainen +Date: Thu, 13 Aug 2020 13:29:10 +0300 +Subject: [PATCH] Work around buggy signature region preventing resigning + (RhBug:1851508) + +Various proprietary packages in the wild have subtly malformed data +in the signature header, in particular wrt the immutable region size, +presumably from using some in-house/3rd party signing tools which do +not understand the immutable region business at all. This can prevent +resigning and signature deletion on such packages due to the more +thorough checking that rpmsign does. + +As the old wisdom goes, be liberal in what you accept... we can easily +work around the crud by just taking a fresh copy of the contents that +are legit as such (otherwise the package would be uninstallable). + + +Adjusted for 4.14.3 + +--- rpm-4.14.3/sign/rpmgensig.c.orig 2020-10-29 16:00:38.785229048 +0100 ++++ rpm-4.14.3/sign/rpmgensig.c 2020-10-29 16:08:55.997791345 +0100 +@@ -401,12 +401,19 @@ + + if (headerGet(*hdrp, tag, utd, HEADERGET_DEFAULT)) { + oh = headerCopyLoad(utd->data); +- nh = headerCopy(oh); +- headerFree(oh); + rpmtdFreeData(utd); ++ } else { ++ /* XXX should we warn if the immutable region is corrupt/missing? */ ++ oh = headerLink(*hdrp); ++ } ++ ++ if (oh) { ++ /* Perform a copy to eliminate crud from buggy signing tools etc */ ++ nh = headerCopy(oh); + headerFree(*hdrp); + *hdrp = headerLink(nh); + headerFree(nh); ++ headerFree(oh); + } + } + diff --git a/SPECS/rpm.spec b/SPECS/rpm.spec index 1cef8f9..00927d7 100644 --- a/SPECS/rpm.spec +++ b/SPECS/rpm.spec @@ -30,7 +30,7 @@ %global rpmver 4.14.3 #global snapver rc2 -%global rel 4 +%global rel 10 %global srcver %{version}%{?snapver:-%{snapver}} %global srcdir %{?snapver:testing}%{!?snapver:%{name}-%(echo %{version} | cut -d'.' -f1-2).x} @@ -92,6 +92,12 @@ Patch140: 0001-Fix-resource-leaks-on-zstd-open-error-paths.patch # XXX should be before 0001-Pass-RPM_BUILD_NCPUS-to-build-scripts.patch Patch141: 0001-Isolate-_smp_build_ncpus-and-use-it-for-_smp_mflags.patch Patch142: rpm-4.14.3-GPG-Switch-back-to-pipe-7-for-signing.patch +Patch143: 0001-Work-around-buggy-signature-region-preventing-resign.patch +Patch144: 0001-Fix-python-ts.addErase-not-raising-exception-on-not-.patch +Patch145: 0001-Always-close-libelf-handle-1313.patch +Patch146: 0001-When-doing-the-same-thing-more-than-once-use-a-loop.patch +Patch147: 0001-Introduce-patch_nums-and-source_nums-Lua-variables-i.patch +Patch148: 0001-Add-limits-to-autopatch-macro.patch # Python 3 string API sanity Patch500: 0001-In-Python-3-return-all-our-string-data-as-surrogate-.patch @@ -653,6 +659,20 @@ make check || cat tests/rpmtests.log %doc doc/librpm/html/* %changelog +* Sun Jan 10 2021 Michal Domonkos - 4.14.3-10 +- Rebuild for libimaevm soname bump, now for real (#1896046) + +* Thu Jan 07 2021 Florian Festi - 4.14.3-8 +- Add limits to autopatch macro (#1834931) + +* Thu Dec 03 2020 Michal Domonkos - 4.14.3-6 +- Rebuild for libimaevm soname bump (#1896046) + +* Fri Oct 30 2020 Florian Festi - 4.14.3-5 +- Don't error out when replacing an invalid signature (#1874062) +- Raise an expection when erasing a package fails in Python (#1872623) +- Fix builds on NFS filesystems (#1840728) + * Fri Jun 26 2020 Michal Domonkos - 4.14.3-4 - Fix hang when signing with expired key (#1746353)