diff options
author | Panu Matilainen <pmatilai@redhat.com> | 2019-06-12 12:59:42 +0300 |
---|---|---|
committer | Panu Matilainen <pmatilai@redhat.com> | 2020-03-26 11:57:58 +0200 |
commit | 48819594743606e3f151da0801f8fe17dd062415 (patch) | |
tree | 861040a731fcddb4e3f80b41434fb290e52bd835 | |
parent | f127976964f6e1bccb7e5c65aba3cf7031efee36 (diff) | |
download | rpm-48819594743606e3f151da0801f8fe17dd062415.tar.gz |
Fix rpmVerifySignatures() passing garbage as verify flags in rpm >= 4.14
Commit a239ddefa90575ce80ed4436beb4005a97e32644 changed rpmpkgVerifySigs()
to accept fine-grained vsflags instead of query/verify style
nosignature/nodigest hammers, but rpmVerifySignatures() didn't get
updated accordingly. This will cause most unexpect behavior (in particular
in 4.14.x), for example QUERY_DIGEST which was used for disabling all
digest verification was defined as (1 << 19), which happens to be the same
as RPMVSF_NORSA which is how it would now be treated. Similarly confusion
with VERIFY_SCRIPT becoming RPMVSF_NODSA etc.
Just use the transaction verify flags instead, and mark the qva argument
as unused. It's an API change but that's okay in 4.15, and it's also an
explicit breakage at compile time (due to those DIGEST/SIGNATURE symbols
removal). In 4.14.x this is a regression but can be fixed within the API.
(cherry picked from commit 929c61e7507d2132c5263f567ccce89f2090f8a3)
-rw-r--r-- | lib/rpmchecksig.c | 3 | ||||
-rw-r--r-- | lib/rpmcli.h | 2 |
2 files changed, 3 insertions, 2 deletions
diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c index 6bc6a61ee..ab78572e1 100644 --- a/lib/rpmchecksig.c +++ b/lib/rpmchecksig.c @@ -267,8 +267,9 @@ int rpmVerifySignatures(QVA_t qva, rpmts ts, FD_t fd, const char * fn) int rc = 1; /* assume failure */ if (ts && qva && fd && fn) { rpmKeyring keyring = rpmtsGetKeyring(ts, 1); + rpmVSFlags vsflags = rpmtsVfyFlags(ts); int vfylevel = rpmtsVfyLevel(ts); - rc = rpmpkgVerifySigs(keyring, vfylevel, qva->qva_flags, fd, fn); + rc = rpmpkgVerifySigs(keyring, vfylevel, vsflags, fd, fn); rpmKeyringFree(keyring); } return rc; diff --git a/lib/rpmcli.h b/lib/rpmcli.h index 60f5ec685..99af2585a 100644 --- a/lib/rpmcli.h +++ b/lib/rpmcli.h @@ -262,7 +262,7 @@ int showVerifyPackage(QVA_t qva, rpmts ts, Header h); /** * Check package and header signatures. - * @param qva parsed query/verify options + * @param qva unused * @param ts transaction set * @param fd package file handle * @param fn package file name |