folkslinux
/
rpm
mirror of https://github.com/rpm-software-management/rpm.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

There is no need to recalculate digests during signing. 

Digests are not signatures even if they reside in "signature" header,
and signing a package must not affect the digests. So recalculating
digests on signing is not just wasteful, but also conceptually plain
wrong.

Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
This commit is contained in:
Lubos Kardos 2014-05-15 10:15:27 +02:00 committed by Panu Matilainen
parent 175521cc54
commit 1019fa396d
1 changed files with 0 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
sign/rpmgensig.c
View File

@ -465,20 +465,6 @@ static int rpmSign(const char *rpm, int deleting, const char *passPhrase)
headerFree(nh);
}
/* Toss and recalculate header+payload size and digests. */
{
rpmTagVal const sigs[] = { RPMSIGTAG_SIZE,
RPMSIGTAG_MD5,
RPMSIGTAG_SHA1,
};
int nsigs = sizeof(sigs) / sizeof(rpmTagVal);
for (int i = 0; i < nsigs; i++) {
(void) headerDel(sigh, sigs[i]);
if (rpmGenDigest(sigh, sigtarget, sigs[i]))
goto exit;
}
}
if (deleting) { /* Nuke all the signature tags. */
deleteSigs(sigh);
} else {