diff options
author | Panu Matilainen <pmatilai@redhat.com> | 2017-04-11 17:45:52 +0300 |
---|---|---|
committer | Panu Matilainen <pmatilai@redhat.com> | 2017-04-11 19:00:45 +0300 |
commit | 0777f87a912f46c28d8eb423009c450b7ffabf1c (patch) | |
tree | e5716aea77e10bd9e41a92fb352befe0d8427a1e | |
parent | 5b4f59bd80be07289e62f6162ec566ad55211c5d (diff) | |
download | rpm-0777f87a912f46c28d8eb423009c450b7ffabf1c.tar.gz |
Include all the necessary data in struct rpmsinfo directly
This seems more trouble than it's worth on the outset, but then the
new data is not really being used yet.
-rw-r--r-- | lib/package.c | 7 | ||||
-rw-r--r-- | lib/rpmchecksig.c | 15 | ||||
-rw-r--r-- | lib/signature.c | 30 | ||||
-rw-r--r-- | lib/signature.h | 10 |
4 files changed, 42 insertions, 20 deletions
diff --git a/lib/package.c b/lib/package.c index dde504a85..fcc908059 100644 --- a/lib/package.c +++ b/lib/package.c @@ -158,7 +158,6 @@ static rpmRC headerSigVerify(rpmKeyring keyring, rpmVSFlags vsflags, unsigned int *keyidp, char **buf) { rpmRC rc = RPMRC_FAIL; - pgpDigParams sig = NULL; struct rpmtd_s sigtd; struct entryInfo_s einfo; struct rpmsinfo_s sinfo; @@ -205,7 +204,7 @@ static rpmRC headerSigVerify(rpmKeyring keyring, rpmVSFlags vsflags, goto exit; } - if (rpmsinfoInit(&sigtd, "header", &sinfo, &sig, buf)) + if (rpmsinfoInit(&sigtd, "header", &sinfo, buf)) goto exit; if (sinfo.hashalgo) { @@ -217,17 +216,17 @@ static rpmRC headerSigVerify(rpmKeyring keyring, rpmVSFlags vsflags, rpmDigestUpdate(ctx, dstblob->pe, (dstblob->ril * sizeof(*dstblob->pe))); rpmDigestUpdate(ctx, dstblob->dataStart, dstblob->rdl); - rc = rpmVerifySignature(keyring, &sigtd, sig, ctx, buf); + rc = rpmVerifySignature(keyring, &sigtd, sinfo.sig, ctx, buf); if (keyidp && sinfo.type == RPMSIG_SIGNATURE_TYPE) *keyidp = sinfo.keyid; rpmDigestFinal(ctx, NULL, NULL, 0); } + rpmsinfoFini(&sinfo); exit: rpmtdFreeData(&sigtd); - pgpDigParamsFree(sig); return rc; } diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c index 009489b26..fb1d08e61 100644 --- a/lib/rpmchecksig.c +++ b/lib/rpmchecksig.c @@ -222,9 +222,11 @@ static void initDigests(FD_t fd, Header sigh, int range, rpmQueryFlags flags) struct rpmsinfo_s sinfo; struct rpmtd_s sigtd; HeaderIterator hi = headerInitIterator(sigh); + memset(&sinfo, 0, sizeof(sinfo)); for (; headerNext(hi, &sigtd) != 0; rpmtdFreeData(&sigtd)) { - if (rpmsinfoInit(&sigtd, "package", &sinfo, NULL, NULL)) + rpmsinfoFini(&sinfo); + if (rpmsinfoInit(&sigtd, "package", &sinfo, NULL)) continue; if (!(flags & VERIFY_SIGNATURE) && sinfo.type == RPMSIG_SIGNATURE_TYPE) continue; @@ -234,6 +236,7 @@ static void initDigests(FD_t fd, Header sigh, int range, rpmQueryFlags flags) if (sinfo.hashalgo && (sinfo.range & range)) fdInitDigestID(fd, sinfo.hashalgo, sinfo.id, 0); } + rpmsinfoFini(&sinfo); headerFreeIterator(hi); } @@ -244,17 +247,17 @@ static int verifyItems(FD_t fd, Header sigh, int range, rpmQueryFlags flags, int failed = 0; struct rpmsinfo_s sinfo; struct rpmtd_s sigtd; - pgpDigParams sig = NULL; char *result = NULL; HeaderIterator hi = headerInitIterator(sigh); + memset(&sinfo, 0, sizeof(sinfo)); for (; headerNext(hi, &sigtd) != 0; rpmtdFreeData(&sigtd)) { /* Clean up parameters from previous sigtag. */ - sig = pgpDigParamsFree(sig); + rpmsinfoFini(&sinfo); result = _free(result); /* Note: we permit failures to be ignored via disablers */ - rpmRC rc = rpmsinfoInit(&sigtd, "package", &sinfo, &sig, &result); + rpmRC rc = rpmsinfoInit(&sigtd, "package", &sinfo, &result); if (!(flags & VERIFY_SIGNATURE) && sinfo.type == RPMSIG_SIGNATURE_TYPE) continue; @@ -265,7 +268,7 @@ static int verifyItems(FD_t fd, Header sigh, int range, rpmQueryFlags flags, if (sinfo.hashalgo && sinfo.range == range && rc == RPMRC_OK) { DIGEST_CTX ctx = fdDupDigest(fd, sinfo.id); - rc = rpmVerifySignature(keyring, &sigtd, sig, ctx, &result); + rc = rpmVerifySignature(keyring, &sigtd, sinfo.sig, ctx, &result); rpmDigestFinal(ctx, NULL, NULL, 0); fdFiniDigest(fd, sinfo.id, NULL, NULL, 0); } @@ -278,7 +281,7 @@ static int verifyItems(FD_t fd, Header sigh, int range, rpmQueryFlags flags, if (rc != RPMRC_OK) failed = 1; } - pgpDigParamsFree(sig); + rpmsinfoFini(&sinfo); headerFreeIterator(hi); free(result); diff --git a/lib/signature.c b/lib/signature.c index 0a4a0b979..2ba6d1d3b 100644 --- a/lib/signature.c +++ b/lib/signature.c @@ -22,13 +22,12 @@ #include "debug.h" rpmRC rpmsinfoInit(rpmtd td, const char *origin, - struct rpmsinfo_s *sinfo, pgpDigParams *sigp, char **msg) + struct rpmsinfo_s *sinfo, char **msg) { rpmRC rc = RPMRC_FAIL; rpm_tagtype_t tagtype = 0; rpm_count_t tagsize = 0; rpm_count_t tagcount = 0; - pgpDigParams sig = NULL; int hexstring = 0; memset(sinfo, 0, sizeof(*sinfo)); @@ -136,28 +135,41 @@ rpmRC rpmsinfoInit(rpmtd td, const char *origin, } if (sinfo->type == RPMSIG_SIGNATURE_TYPE) { - if (pgpPrtParams(td->data, td->count, PGPTAG_SIGNATURE, &sig)) { + if (pgpPrtParams(td->data, td->count, PGPTAG_SIGNATURE, &sinfo->sig)) { rasprintf(msg, _("%s tag %u: BAD, invalid OpenPGP signature"), origin, td->tag); goto exit; } - sinfo->hashalgo = pgpDigParamsAlgo(sig, PGPVAL_HASHALGO); - sinfo->keyid = pgpGrab(sig->signid+4, 4); + sinfo->hashalgo = pgpDigParamsAlgo(sinfo->sig, PGPVAL_HASHALGO); + sinfo->keyid = pgpGrab(sinfo->sig->signid+4, 4); + } else if (sinfo->type == RPMSIG_DIGEST_TYPE) { + if (td->type == RPM_BIN_TYPE) + sinfo->dig = pgpHexStr(td->data, td->count); + else + sinfo->dig = xstrdup(rpmtdGetString(td)); } + sinfo->tag = td->tag; if (sinfo->hashalgo) sinfo->id = td->tag; rc = RPMRC_OK; - if (sigp) - *sigp = sig; - else - pgpDigParamsFree(sig); exit: return rc; } +void rpmsinfoFini(struct rpmsinfo_s *sinfo) +{ + if (sinfo) { + if (sinfo->type == RPMSIG_SIGNATURE_TYPE) + pgpDigParamsFree(sinfo->sig); + else if (sinfo->type == RPMSIG_DIGEST_TYPE) + free(sinfo->dig); + memset(sinfo, 0, sizeof(*sinfo)); + } +} + /** * Print package size (debug purposes only) * @param fd package file handle diff --git a/lib/signature.h b/lib/signature.h index d216bd0f3..2242143ac 100644 --- a/lib/signature.h +++ b/lib/signature.h @@ -22,11 +22,16 @@ enum { }; struct rpmsinfo_s { + rpmTagVal tag; int id; int hashalgo; int range; int type; unsigned int keyid; + union { + pgpDigParams sig; + char *dig; + }; }; #ifdef __cplusplus @@ -79,8 +84,11 @@ rpmRC rpmGenerateSignature(char *SHA256, char *SHA1, uint8_t *MD5, RPM_GNUC_INTERNAL rpmRC rpmsinfoInit(rpmtd td, const char *origin, - struct rpmsinfo_s *sigt, pgpDigParams *sigp, char **msg); + struct rpmsinfo_s *sigt, char **msg); + +RPM_GNUC_INTERNAL +void rpmsinfoFini(struct rpmsinfo_s *sinfo); #ifdef __cplusplus } #endif |