First commit of rpm v6: add version switch, drop obsolete signature tags
Add %_rpmfilever macro to control which format we create, with experimental disclaimer: the v6 spec hasn't been finalized yet, this is merely the beginning of the implementation for the parts we know already: Obsolete crypto (MD5 and SHA1) tags and the unreliable size tags in the signature header are dropped.
This commit is contained in:
Panu Matilainen
parent
ef29c4e7c7
commit
c1ee388126
21
build/pack.c
21
build/pack.c
|
|
@ -504,10 +504,12 @@ static rpmRC writeRPM(Package pkg, unsigned char ** pkgidp,
|
|||
sigStart = Ftell(fd);
|
||||
|
||||
/* Generate and write a placeholder signature header */
|
||||
SHA1 = nullDigest(RPM_HASH_SHA1, 1);
|
||||
if (pkg->rpmver < 6) {
|
||||
SHA1 = nullDigest(RPM_HASH_SHA1, 1);
|
||||
MD5 = nullDigest(RPM_HASH_MD5, 0);
|
||||
}
|
||||
SHA256 = nullDigest(RPM_HASH_SHA256, 1);
|
||||
MD5 = nullDigest(RPM_HASH_MD5, 0);
|
||||
if (rpmGenerateSignature(SHA256, SHA1, MD5, 0, 0, fd))
|
||||
if (rpmGenerateSignature(SHA256, SHA1, MD5, 0, 0, fd, pkg->rpmver))
|
||||
goto exit;
|
||||
SHA1 = _free(SHA1);
|
||||
SHA256 = _free(SHA256);
|
||||
|
|
@ -543,9 +545,12 @@ static rpmRC writeRPM(Package pkg, unsigned char ** pkgidp,
|
|||
if (writeHdr(fd, pkg->header))
|
||||
goto exit;
|
||||
|
||||
/* Calculate digests: SHA on header, legacy MD5 on header + payload */
|
||||
fdInitDigestID(fd, RPM_HASH_MD5, RPMTAG_SIGMD5, 0);
|
||||
fdInitDigestID(fd, RPM_HASH_SHA1, RPMTAG_SHA1HEADER, 0);
|
||||
/* Calculate the digests */
|
||||
if (pkg->rpmver < 6) {
|
||||
/* SHA1 and legacy MD5 on header + payload only in v4 */
|
||||
fdInitDigestID(fd, RPM_HASH_MD5, RPMTAG_SIGMD5, 0);
|
||||
fdInitDigestID(fd, RPM_HASH_SHA1, RPMTAG_SHA1HEADER, 0);
|
||||
}
|
||||
fdInitDigestID(fd, RPM_HASH_SHA256, RPMTAG_SHA256HEADER, 0);
|
||||
if (fdConsume(fd, hdrStart, payloadStart - hdrStart))
|
||||
goto exit;
|
||||
|
|
@ -560,8 +565,10 @@ static rpmRC writeRPM(Package pkg, unsigned char ** pkgidp,
|
|||
goto exit;
|
||||
|
||||
/* Generate the signature. Now with right values */
|
||||
if (rpmGenerateSignature(SHA256, SHA1, MD5, payloadEnd - hdrStart, archiveSize, fd))
|
||||
if (rpmGenerateSignature(SHA256, SHA1, MD5, payloadEnd - hdrStart,
|
||||
archiveSize, fd, pkg->rpmver)) {
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rc = RPMRC_OK;
|
||||
|
||||
|
|
|
|||
|
|
@ -176,6 +176,7 @@ struct Package_s {
|
|||
rpmds dependencies[PACKAGE_NUM_DEPS];
|
||||
rpmfiles cpioList;
|
||||
ARGV_t dpaths;
|
||||
int rpmver; /* v4, v6? */
|
||||
|
||||
struct Source * icon;
|
||||
|
||||
|
|
|
|||
|
|
@ -113,6 +113,7 @@ Package newPackage(const char *name, rpmstrPool pool, Package *pkglist)
|
|||
p->fileRenameMap = NULL;
|
||||
p->pool = rpmstrPoolLink(pool);
|
||||
p->dpaths = NULL;
|
||||
p->rpmver = rpmExpandNumeric("%_rpmfilever");
|
||||
|
||||
if (name)
|
||||
p->name = rpmstrPoolId(p->pool, name, 1);
|
||||
|
|
|
|||
|
|
@ -110,7 +110,8 @@ int rpmWriteSignature(FD_t fd, Header sigh)
|
|||
}
|
||||
|
||||
rpmRC rpmGenerateSignature(char *SHA256, char *SHA1, uint8_t *MD5,
|
||||
rpm_loff_t size, rpm_loff_t payloadSize, FD_t fd)
|
||||
rpm_loff_t size, rpm_loff_t payloadSize, FD_t fd,
|
||||
int rpmver)
|
||||
{
|
||||
Header sig = headerNew();
|
||||
struct rpmtd_s td;
|
||||
|
|
@ -131,6 +132,10 @@ rpmRC rpmGenerateSignature(char *SHA256, char *SHA1, uint8_t *MD5,
|
|||
headerPut(sig, &td, HEADERPUT_DEFAULT);
|
||||
}
|
||||
|
||||
/* Skip all the old stuff v6 doesn't have */
|
||||
if (rpmver >= 6)
|
||||
goto reserve;
|
||||
|
||||
if (SHA1) {
|
||||
rpmtdReset(&td);
|
||||
td.tag = RPMSIGTAG_SHA1;
|
||||
|
|
@ -193,6 +198,7 @@ rpmRC rpmGenerateSignature(char *SHA256, char *SHA1, uint8_t *MD5,
|
|||
spaceSize -= newsigSize - oldsigSize;
|
||||
}
|
||||
|
||||
reserve:
|
||||
if (gpgSize > 0)
|
||||
spaceSize += gpgSize;
|
||||
|
||||
|
|
|
|||
|
|
@ -37,9 +37,11 @@ int rpmWriteSignature(FD_t fd, Header h);
|
|||
* @param size size of header
|
||||
* @param payloadSize size of archive
|
||||
* @param fd output file
|
||||
* @param rpmver rpm format version (4 or 6)
|
||||
*/
|
||||
rpmRC rpmGenerateSignature(char *SHA256, char *SHA1, uint8_t *MD5,
|
||||
rpm_loff_t size, rpm_loff_t payloadSize, FD_t fd);
|
||||
rpm_loff_t size, rpm_loff_t payloadSize, FD_t fd,
|
||||
int rpmver);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
|||
|
|
@ -255,6 +255,12 @@ Supplements: (%{name} = %{version}-%{release} and langpacks-%{1})\
|
|||
# (legacy).
|
||||
%_rpmfilename %{_build_name_fmt}
|
||||
|
||||
# EXPERIMENTAL
|
||||
# This does NOT generate actual v6 format, the exact format
|
||||
# hasn't been finalized yet.
|
||||
# Which rpm format go generate (4 or 6)
|
||||
%_rpmfilever 4
|
||||
|
||||
# The directory where sources/patches from a source package will be
|
||||
# installed. This is also where sources/patches are found when building.
|
||||
%_sourcedir %{_topdir}/SOURCES
|
||||
|
|
|
|||
|
|
@ -8,60 +8,36 @@ Sigtype: 5
|
|||
|
||||
Signature:
|
||||
Header magic: 1e8ad8e (reserved: 0)
|
||||
Index entries: 7 (112 bytes)
|
||||
Data size: 4276 bytes
|
||||
Header size: 4388 bytes
|
||||
Padding: 4 bytes
|
||||
Region entries 7
|
||||
Region size 128
|
||||
Index entries: 3 (48 bytes)
|
||||
Data size: 4209 bytes
|
||||
Header size: 4257 bytes
|
||||
Padding: 7 bytes
|
||||
Region entries 3
|
||||
Region size 64
|
||||
Dribbles: 0
|
||||
|
||||
Tag #0 [region]
|
||||
tagno: 62 (Headersignatures)
|
||||
type: 7 (blob)
|
||||
offset: 4260
|
||||
offset: 4193
|
||||
count: 16
|
||||
|
||||
region trailer
|
||||
tagno: 62 (Headersignatures)
|
||||
type: 7 (blob)
|
||||
offset: -112
|
||||
offset: -48
|
||||
count: 16
|
||||
|
||||
Tag #1 [region]
|
||||
tagno: 269 (Sha1)
|
||||
tagno: 273 (Sha256)
|
||||
type: 6 (string)
|
||||
offset: 0
|
||||
count: 1
|
||||
|
||||
Tag #2 [region]
|
||||
tagno: 273 (Sha256)
|
||||
type: 6 (string)
|
||||
offset: 41
|
||||
count: 1
|
||||
|
||||
Tag #3 [region]
|
||||
tagno: 1000 (Size)
|
||||
type: 4 (int32)
|
||||
offset: 108
|
||||
count: 1
|
||||
|
||||
Tag #4 [region]
|
||||
tagno: 1004 (Md5)
|
||||
type: 7 (blob)
|
||||
offset: 112
|
||||
count: 16
|
||||
|
||||
Tag #5 [region]
|
||||
tagno: 1007 (Payloadsize)
|
||||
type: 4 (int32)
|
||||
offset: 128
|
||||
count: 1
|
||||
|
||||
Tag #6 [region]
|
||||
tagno: 1008 (Reservedspace)
|
||||
type: 7 (blob)
|
||||
offset: 132
|
||||
offset: 65
|
||||
count: 4128
|
||||
|
||||
Header:
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
runroot rpmbuild -bb --quiet \
|
||||
--define "_rpmfilever ${ver}" \
|
||||
--define "_rpmdir %{_topdir}/RPMS/${ver}" \
|
||||
--define "optflags -O2 -g" \
|
||||
--define "_target_platform noarch-linux" \
|
||||
|
|
|
|||
|
|
@ -1,11 +1,9 @@
|
|||
SHA256HEADER: 8ab715bef152a18bef62df29805b9d1b8f2c5d92955a1a7fa2491967cc17c035
|
||||
SHA1HEADER: 7a8ad9bdb9b0910fa54724f7bdac8ac49d992d2f
|
||||
SIGMD5: 87da99d1993240e2d698f5b3dbcbd44c
|
||||
SHA256HEADER: 56435bfb3c842ac7bcd30d2955607624bf7035a10555ea0efd74a4eaa8216447
|
||||
SHA1HEADER: (none)
|
||||
SIGMD5: (none)
|
||||
PAYLOADDIGEST: 116ce41ebb72f1877cda3d7dedaf5b78770e202d6389ade4e415d78548d703a8
|
||||
PAYLOADDIGESTALT: 116ce41ebb72f1877cda3d7dedaf5b78770e202d6389ade4e415d78548d703a8
|
||||
/build/RPMS/6/noarch/attrtest-1.0-1.noarch.rpm:
|
||||
Header SHA256 digest: OK
|
||||
Header SHA1 digest: OK
|
||||
Payload SHA256 ALT digest: OK
|
||||
Payload SHA256 digest: OK
|
||||
MD5 digest: OK
|
||||
|
|
|
|||
Loading…
Reference in New Issue