From 9d8e06a74154b2283c5374fad25ae41aa7879cb0 Mon Sep 17 00:00:00 2001 From: Panu Matilainen Date: Mon, 28 Nov 2016 12:34:35 +0200 Subject: Permit headers with legacy region in headerCheck() and friends V3 packages don't have any regions straight off the wraps, but when exporting those headers (such as into rpmdb on installation), we create a "legacy region" which looks a whole lot like an immutable region of V4 packages. This causes some twists into things that we haven't been taking into account in recent refactoring... headerCheck() is supposed to permit all types of headers, don't require a specific region tag. In addition, permit legacy image region in hdrblobVerifyRegion(). Fixes a regression from commit 1c25d27895338913d84827d0d670b00887dd1d56 (and since then transmogrified through several phases) causing v3 packages to fail verification coming off rpmdb. --- lib/header.c | 3 ++- lib/package.c | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/header.c b/lib/header.c index 8b0fef791..001a45159 100644 --- a/lib/header.c +++ b/lib/header.c @@ -1772,7 +1772,8 @@ static rpmRC hdrblobVerifyRegion(rpmTagVal regionTag, int exact_size, ei2h(blob->pe, &einfo); if (!regionTag && (einfo.tag == RPMTAG_HEADERSIGNATURES || - einfo.tag ==RPMTAG_HEADERIMMUTABLE)) { + einfo.tag == RPMTAG_HEADERIMMUTABLE || + einfo.tag == RPMTAG_HEADERIMAGE)) { regionTag = einfo.tag; } diff --git a/lib/package.c b/lib/package.c index 0f694505e..1603e78fd 100644 --- a/lib/package.c +++ b/lib/package.c @@ -233,7 +233,7 @@ rpmRC headerCheck(rpmts ts, const void * uh, size_t uc, char ** msg) rpmKeyring keyring = rpmtsGetKeyring(ts, 1); struct hdrblob_s blob; - if (hdrblobInit(uh, uc, RPMTAG_HEADERIMMUTABLE, 0, &blob, msg) == RPMRC_OK) { + if (hdrblobInit(uh, uc, 0, 0, &blob, msg) == RPMRC_OK) { rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0); rc = headerSigVerify(keyring, vsflags, &blob, msg); rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), uc); -- cgit v1.2.1