Generalize file signing to use a generic flags field in signing arguments

There will be any number of signing flags in the future, and we don't
want to break the ABI for every single one of them by adding new
fields to the sign argument struct. Replace the signfiles field
with a bitfield in the common rpm style. No functional changes.

This is an API change of course, but we'll have to bump the soname for
the next release anyway so might as well do it now.

rpmsign.c

@@ -19,7 +19,7 @@ enum modes {
 static int mode = MODE_NONE;
 
 #ifdef WITH_IMAEVM
-static int signfiles = 0, fskpass = 0;
+static int fskpass = 0;
 static char * fileSigningKey = NULL;
 #endif
 
@@ -33,7 +33,8 @@ static struct poptOption signOptsTable[] = {
     { "delsign", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR), &mode, MODE_DELSIGN,
 	N_("delete package signatures"), NULL },
 #ifdef WITH_IMAEVM
-    { "signfiles", '\0', POPT_ARG_NONE, &signfiles, 0,
+    { "signfiles", '\0', (POPT_ARG_VAL|POPT_ARGFLAG_OR),
+	&sargs.signflags, RPMSIGN_FLAG_IMA,
 	N_("sign package(s) files"), NULL},
     { "fskpath", '\0', POPT_ARG_STRING, &fileSigningKey, 0,
 	N_("use file signing key <key>"),
@@ -107,7 +108,7 @@ static int doSign(poptContext optCon, struct rpmSignArgs *sargs)
 	rpmPushMacro(NULL, "_file_signing_key", NULL, fileSigningKey, RMIL_GLOBAL);
     }
 
-    if (signfiles) {
+    if (sargs->signflags & RPMSIGN_FLAG_IMA) {
 	char *fileSigningKeyPassword = NULL;
 	char *key = rpmExpand("%{?_file_signing_key}", NULL);
 	if (rstreq(key, "")) {
@@ -126,7 +127,7 @@ static int doSign(poptContext optCon, struct rpmSignArgs *sargs)
 	    free(fileSigningKeyPassword);
 	}
 
-	sargs->signfiles = 1;
+	sargs->signflags |= RPMSIGN_FLAG_IMA;
 	free(key);
     }
 #endif
@@ -163,7 +164,7 @@ int main(int argc, char *argv[])
     }
 
 #ifdef WITH_IMAEVM
-    if (fileSigningKey && !signfiles) {
+    if (fileSigningKey && !(sargs.signflags & RPMSIGN_FLAG_IMA)) {
 	argerror(_("--fskpath may only be specified when signing files"));
     }
 #endif

sign/rpmgensig.c

@@ -519,10 +519,10 @@ static int checkPkg(FD_t fd, char **msg)
  * Create/modify elements in signature header.
  * @param rpm		path to package
  * @param deleting	adding or deleting signature?
- * @param signfiles	sign files if non-zero
+ * @param flags
  * @return		0 on success, -1 on error
  */
-static int rpmSign(const char *rpm, int deleting, int signfiles)
+static int rpmSign(const char *rpm, int deleting, int flags)
 {
     FD_t fd = NULL;
     FD_t ofd = NULL;
@@ -578,7 +578,7 @@ static int rpmSign(const char *rpm, int deleting, int signfiles)
     unloadImmutableRegion(&sigh, RPMTAG_HEADERSIGNATURES);
     origSigSize = headerSizeof(sigh, HEADER_MAGIC_YES);
 
-    if (signfiles) {
+    if (flags & RPMSIGN_FLAG_IMA) {
 	if (includeFileSignatures(&sigh, &h))
 	    goto exit;
     }
@@ -716,7 +716,7 @@ int rpmPkgSign(const char *path, const struct rpmSignArgs * args)
 	}
     }
 
-    rc = rpmSign(path, 0, args ? args->signfiles : 0);
+    rc = rpmSign(path, 0, args ? args->signflags : 0);
 
     if (args) {
 	if (args->hashalgo) {

sign/rpmsign.h

@@ -13,10 +13,16 @@
 extern "C" {
 #endif
 
+enum rpmSignFlags_e {
+    RPMSIGN_FLAG_NONE		= 0,
+    RPMSIGN_FLAG_IMA		= (1 << 0),
+};
+typedef rpmFlags rpmSignFlags;
+
 struct rpmSignArgs {
     char *keyid;
     pgpHashAlgo hashalgo;
-    int signfiles;
+    rpmSignFlags signflags;
     /* ... what else? */
 };