From 0a7481d0f777a6fc0e578b31d08312f5376cb125 Mon Sep 17 00:00:00 2001 From: jbj Date: Thu, 20 Jun 2002 02:19:21 +0000 Subject: - make sure that rpm can verify prelinked shared libraries. - don't install /usr/lib/rpm/redhat per-vendor configuration anymore. CVS patchset: 5512 CVS date: 2002/06/20 02:19:21 --- lib/signature.c | 16 ++++++++-------- lib/transaction.c | 6 +++--- lib/verify.c | 5 ++++- 3 files changed, 15 insertions(+), 12 deletions(-) (limited to 'lib') diff --git a/lib/signature.c b/lib/signature.c index df5d4fcbc..aeb72d7b2 100644 --- a/lib/signature.c +++ b/lib/signature.c @@ -509,7 +509,7 @@ static int makeHDRSignature(Header sig, const char * file, int_32 sigTag, int_32 uht, uhc; if (!headerGetEntry(h, RPMTAG_HEADERIMMUTABLE, &uht, &uh, &uhc) - || uh == NULL) + || uh == NULL) { h = headerFree(h, NULL); goto exit; @@ -542,7 +542,7 @@ static int makeHDRSignature(Header sig, const char * file, int_32 sigTag, goto exit; (void) Fclose(fd); fd = NULL; if (makeGPGSignature(fn, &pkt, &pktlen, passPhrase) - || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen)) + || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen)) goto exit; ret = 0; break; @@ -560,7 +560,7 @@ static int makeHDRSignature(Header sig, const char * file, int_32 sigTag, goto exit; (void) Fclose(fd); fd = NULL; if (makePGPSignature(fn, &pkt, &pktlen, passPhrase) - || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen)) + || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen)) goto exit; ret = 0; break; @@ -597,15 +597,15 @@ int rpmAddSignature(Header sig, const char * file, int_32 sigTag, case RPMSIGTAG_MD5: pktlen = 16; pkt = xcalloc(1, pktlen); - if (mdbinfile(file, pkt) - || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen)) + if (domd5(file, pkt, 1, NULL) + || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen)) break; ret = 0; break; case RPMSIGTAG_PGP5: /* XXX legacy */ case RPMSIGTAG_PGP: if (makePGPSignature(file, &pkt, &pktlen, passPhrase) - || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen)) + || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen)) break; #ifdef NOTYET /* XXX needs hdrmd5ctx, like hdrsha1ctx. */ /* XXX Piggyback a header-only RSA signature as well. */ @@ -615,7 +615,7 @@ int rpmAddSignature(Header sig, const char * file, int_32 sigTag, break; case RPMSIGTAG_GPG: if (makeGPGSignature(file, &pkt, &pktlen, passPhrase) - || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen)) + || !headerAddEntry(sig, sigTag, RPM_BIN_TYPE, pkt, pktlen)) break; /* XXX Piggyback a header-only DSA signature as well. */ ret = makeHDRSignature(sig, file, RPMSIGTAG_DSA, passPhrase); @@ -960,7 +960,7 @@ rpmtsFindPubkey(rpmts ts) continue; ix = rpmdbGetIteratorFileNum(mi); if (ix >= pc - || b64decode(pubkeys[ix], (void **) &ts->pkpkt, &ts->pkpktlen)) + || b64decode(pubkeys[ix], (void **) &ts->pkpkt, &ts->pkpktlen)) ix = -1; pubkeys = headerFreeData(pubkeys, pt); break; diff --git a/lib/transaction.c b/lib/transaction.c index 906f84705..50f36001f 100644 --- a/lib/transaction.c +++ b/lib/transaction.c @@ -140,7 +140,7 @@ static fileAction decideFileFate(const rpmts ts, #endif const unsigned char * omd5 = ofi->md5s + (16 * ofi->i); const unsigned char * nmd5 = nfi->md5s + (16 * nfi->i); - if (domd5(fn, buffer, 0)) + if (domd5(fn, buffer, 0, NULL)) return FA_CREATE; /* assume file has been removed */ if (!memcmp(omd5, buffer, 16)) return FA_CREATE; /* unmodified config file, replace. */ @@ -150,7 +150,7 @@ static fileAction decideFileFate(const rpmts ts, } else { const char * omd5 = ofi->fmd5s[ofi->i]; const char * nmd5 = nfi->fmd5s[nfi->i]; - if (domd5(fn, buffer, 1)) + if (domd5(fn, buffer, 1, NULL)) return FA_CREATE; /* assume file has been removed */ if (!strcmp(omd5, buffer)) return FA_CREATE; /* unmodified config file, replace. */ @@ -641,7 +641,7 @@ assert(otherFi != NULL); /* Here is a pre-existing modified config file that needs saving. */ { char md5sum[50]; const unsigned char * md5 = fi->md5s + (16 * i); - if (!domd5(fn, md5sum, 0) && memcmp(md5, md5sum, 16)) { + if (!domd5(fn, md5sum, 0, NULL) && memcmp(md5, md5sum, 16)) { fi->actions[i] = FA_BACKUP; /*@switchbreak@*/ break; } diff --git a/lib/verify.c b/lib/verify.c index 42652b6e2..9330810e4 100644 --- a/lib/verify.c +++ b/lib/verify.c @@ -116,8 +116,11 @@ int rpmVerifyFile(const rpmts ts, const rpmfi fi, if (flags & RPMVERIFY_MD5) { unsigned char md5sum[16]; + size_t fsize; - rc = domd5(fn, md5sum, 0); + /* XXX If --nomd5, then prelinked library sizes are not corrected. */ + rc = domd5(fn, md5sum, 0, &fsize); + sb.st_size = fsize; if (rc) *result |= (RPMVERIFY_READFAIL|RPMVERIFY_MD5); else { -- cgit v1.2.3