a79d7ae0f0
At least ECDSA and RSA signatures can vary in length, but the IMA code assumes constant lengths and thus may either place invalid signatures on disk from either truncating or overshooting, and segfault if the stars are just so. Luckily the signatures are stored as strings so we can calculate the actual lengths at runtime and ignore the stored constant length info. Extend hex2bin() to optionally calculate the lengths and maximum, and use these for returning IMA data from the rpmfi(les) API. Additionally update the signing code to store the largest IMA signature length rather than what happened to be last to be on the safe side. We can't rely on this value due to invalid packages being out there, but then we need to calculate the lengths on rpmfiles populate so there's not a lot to gain anyhow. Fixes: #1833 |
||
|---|---|---|
| .. | ||
| data | ||
| Makefile.am | ||
| README.md | ||
| atlocal.in | ||
| local.at | ||
| rpmbuild.at | ||
| rpmbuildid.at | ||
| rpmconfig.at | ||
| rpmconfig2.at | ||
| rpmconfig3.at | ||
| rpmconflict.at | ||
| rpmdb.at | ||
| rpmdepmatch.at | ||
| rpmdeps.at | ||
| rpmgeneral.at | ||
| rpmi.at | ||
| rpmio.at | ||
| rpmmacro.at | ||
| rpmorder.at | ||
| rpmpgp.at | ||
| rpmpgpcheck.c | ||
| rpmpython.at | ||
| rpmquery.at | ||
| rpmreplace.at | ||
| rpmscript.at | ||
| rpmsigdig.at | ||
| rpmspec.at | ||
| rpmtests.at | ||
| rpmvercmp.at | ||
| rpmverify.at | ||
| rpmvfylevel.at | ||
README.md
To run these tests, you need at least these dependencies on the host:
- fakechroot
- gdb
- gnupg >= 2.0
Then run the command
make check
The number of tests performed depends on features enabled at configure time,
at least --with-/--without-lua and --enable-/--disable-python.
See also the INSTALL file for more information.
To run single tests, you can run the commands:
make populate_testing && ./rpmtests $NNN $MMM ...
where NNN and MMM are the numbers of the tests to be run.
To get the list of available tests, use the command:
./rpmtests -l
You can also select tests by keywords used in their description by using the command:
./rpmtests -k $KEYWORD
Use multiple -k parameters to have tests with different keywords run.
Use -k $KEYWORD1,$KEYWORD2 to execute tests matching both KEYWORD1 and KEYWORD2.
See the output of the command:
./rpmtests --help
for more options. But be aware some (like -j) need not work properly with
the test suite unless a very restricted set of test is run.