packages/rpm
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:15e5a85821c1c00370db9c457cb45579bb462433
Branches Tags
packages:main
...
compare: packages:c4890fde7c48210346790df4bab08225b885b4a0
Branches Tags
packages:main

10 Commits
15e5a85821 ... c4890fde7c

Author SHA1 Message Date
openeuler-ci-bot
c4890fde7c
!438 [sync] PR-436: sync patches from upstream 
From: @openeuler-sync-bot 
Reviewed-by: @xujing99 
Signed-off-by: @xujing99
 2024-12-02 11:50:02 +00:00
hugel
39c9dfcf59 sync patches from upstream 
(cherry picked from commit de7cb1cd4d8584ae25c729e13b8e0050912da834)
 2024-12-02 17:10:12 +08:00
openeuler-ci-bot
2ed0b383f9
!434 [sync] PR-430: Require macro filenames to end in alphanum char 
From: @openeuler-sync-bot 
Reviewed-by: @xujing99 
Signed-off-by: @xujing99
 2024-11-27 03:59:00 +00:00
hugel
e5d58d19d7 Require macro filenames to end in alphanum char 
(cherry picked from commit 698ba6426d83d1aa7b67127b4cd262ef23d59032)
 2024-11-27 11:12:21 +08:00
openeuler-ci-bot
749f193f00
!427 [sync] PR-424: sync patches from upstream 
From: @openeuler-sync-bot 
Reviewed-by: @xujing99 
Signed-off-by: @xujing99
 2024-11-26 11:03:42 +00:00
hugel
69863c5692 sync patches from upstream 
(cherry picked from commit 30d8a11850652cd3ef7c05d1b140bd8c3dcb5f23)
 2024-11-26 17:17:59 +08:00
openeuler-ci-bot
dd6fc7c370
!421 Support sm2p256v1 of ECDSA and sm3 of hash 
From: @xujing99 
Reviewed-by: @shenyangyang01 
Signed-off-by: @shenyangyang01
 2024-10-31 03:47:08 +00:00
xujing
24cbd83f22 Support sm2p256v1 of ECDSA and sm3 of hash 2024-10-30 20:43:22 +08:00
openeuler-ci-bot
0396a74350
!415 [sync] PR-412: fix RPM_LD_FLAGS not got exported 
From: @openeuler-sync-bot 
Reviewed-by: @xujing99 
Signed-off-by: @xujing99
 2024-10-28 03:52:16 +00:00
Funda Wang
0a3f16e8fc fix RPM_LD_FLAGS not got exported 
(cherry picked from commit 79449a6f79c719532324fe53c88000daf65a5135)
 2024-10-28 11:04:14 +08:00
19 changed files with 1751 additions and 5 deletions
Show Stats Expand all files Collapse all files

251
Support-sm2p256v1-of-ECDSA-and-sm3-of-hash.patch Normal file
View File

@ -0,0 +1,251 @@
From 32ab7eb58556d41df302af8166a77f2f2bf38754 Mon Sep 17 00:00:00 2001
From: xujing <xujing125@huawei.com>
Date: Wed, 18 Sep 2024 15:57:34 +0800
Subject: [PATCH] Support sm2p256v1 of ECDSA and sm3 of hash
---
include/rpm/rpmcrypto.h | 1 +
include/rpm/rpmpgp.h | 2 ++
macros.in | 4 +++
rpmio/digest_libgcrypt.c | 6 ++++
rpmio/digest_openssl.c | 69 +++++++++++++++++++++++++++++++++++++++-
rpmio/rpmpgp_internal.c | 1 +
rpmio/rpmpgpval.h | 1 +
sign/rpmsignfiles.c | 4 +++
8 files changed, 87 insertions(+), 1 deletion(-)
diff --git a/include/rpm/rpmcrypto.h b/include/rpm/rpmcrypto.h
index 69d329f..ef36e7a 100644
--- a/include/rpm/rpmcrypto.h
+++ b/include/rpm/rpmcrypto.h
@@ -27,6 +27,7 @@ typedef enum rpmHashAlgo_e {
RPM_HASH_SHA384 = 9, /*!< SHA384 */
RPM_HASH_SHA512 = 10, /*!< SHA512 */
RPM_HASH_SHA224 = 11, /*!< SHA224 */
+ RPM_HASH_SM3 = 109, /*!< SM3, the definition is the same as that of libgcrypt */
} rpmHashAlgo;
/** \ingroup rpmcrypto
diff --git a/include/rpm/rpmpgp.h b/include/rpm/rpmpgp.h
index a3238a6..0d46941 100644
--- a/include/rpm/rpmpgp.h
+++ b/include/rpm/rpmpgp.h
@@ -274,6 +274,7 @@ typedef enum pgpHashAlgo_e {
PGPHASHALGO_SHA384 = 9, /*!< SHA384 */
PGPHASHALGO_SHA512 = 10, /*!< SHA512 */
PGPHASHALGO_SHA224 = 11, /*!< SHA224 */
+ PGPHASHALGO_SM3 = 109, /*!< SM3, the definition is the same as that of libgcrypt */
} pgpHashAlgo;
/** \ingroup rpmpgp
@@ -290,6 +291,7 @@ typedef enum pgpCurveId_e {
PGPCURVE_BRAINPOOL_P512R1 = 5, /*!< brainpoolP512r1 */
PGPCURVE_ED25519 = 6, /*!< Ed25519 */
PGPCURVE_CURVE25519 = 7, /*!< Curve25519 */
+ PGPCURVE_SM2P256V1 = 8, /*!< sm2p256v1 */
} pgpCurveId;
/** \ingroup rpmpgp
diff --git a/macros.in b/macros.in
index 11c70be..1b05672 100644
--- a/macros.in
+++ b/macros.in
@@ -597,6 +597,10 @@ package or when debugging this package.\
-sbo %{shescape:%{?__signature_filename}} \
%{?__plaintext_filename:-- %{shescape:%{__plaintext_filename}}}
+# The sm3 hash algorithm and sm2p256v1 encryption and decryption algorithm
+# in ECDSA are disabled by default.
+%_enable_sm2p256v1_sm3_algo 0
+
#==============================================================================
# ---- Transaction macros.
# Macro(s) used to parameterize transactions.
diff --git a/rpmio/digest_libgcrypt.c b/rpmio/digest_libgcrypt.c
index 7a75d2d..d14cc52 100644
--- a/rpmio/digest_libgcrypt.c
+++ b/rpmio/digest_libgcrypt.c
@@ -42,6 +42,9 @@ size_t rpmDigestLength(int hashalgo)
return 28;
case RPM_HASH_SHA256:
return 32;
+ case RPM_HASH_SM3:
+ if (rpmExpandNumeric("%{?_enable_sm2p256v1_sm3_algo}"))
+ return 32;
case RPM_HASH_SHA384:
return 48;
case RPM_HASH_SHA512:
@@ -66,6 +69,9 @@ static int hashalgo2gcryalgo(int hashalgo)
return GCRY_MD_SHA384;
case RPM_HASH_SHA512:
return GCRY_MD_SHA512;
+ case RPM_HASH_SM3:
+ if (rpmExpandNumeric("%{?_enable_sm2p256v1_sm3_algo}"))
+ return GCRY_MD_SM3;
default:
return 0;
}
diff --git a/rpmio/digest_openssl.c b/rpmio/digest_openssl.c
index eb9fbaa..92b8113 100644
--- a/rpmio/digest_openssl.c
+++ b/rpmio/digest_openssl.c
@@ -9,6 +9,7 @@
#include <openssl/ec.h>
#include <rpm/rpmcrypto.h>
+#include <rpm/rpmmacro.h>
#include "rpmio/rpmpgp_internal.h"
@@ -188,6 +189,10 @@ static const EVP_MD *getEVPMD(int hashalgo)
case RPM_HASH_SHA224:
return EVP_sha224();
+ case RPM_HASH_SM3:
+ if (rpmExpandNumeric("%{?_enable_sm2p256v1_sm3_algo}"))
+ return EVP_sm3();
+
default:
return EVP_md_null();
}
@@ -837,6 +842,14 @@ static int constructECDSASigningKey(struct pgpDigKeyECDSA_s *key, int curve)
OSSL_PARAM_END
};
key->evp_pkey = construct_pkey_from_param(EVP_PKEY_EC, params);
+ } else if (curve == PGPCURVE_SM2P256V1 &&
+ rpmExpandNumeric("%{?_enable_sm2p256v1_sm3_algo}")) {
+ OSSL_PARAM params[] = {
+ OSSL_PARAM_utf8_string("group", "SM2", 3),
+ OSSL_PARAM_octet_string("pub", key->q, key->qlen),
+ OSSL_PARAM_END
+ };
+ key->evp_pkey = construct_pkey_from_param(EVP_PKEY_SM2, params);
}
return key->evp_pkey ? 1 : 0;
#else
@@ -950,6 +963,46 @@ static void pgpFreeSigECDSA(pgpDigAlg pgpsig)
free(pgpsig->data);
}
+/* Source of zin information refer to https://datatracker.ietf.org/doc/html/draft-shen-sm2-ecdsa-02.html#appendix-D */
+const unsigned char zin_default[] = {
+ 0x00, 0x80, /* id length */
+ 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x31, 0x32, 0x33, 0x34,
+ 0x35, 0x36, 0x37, 0x38, /* default id: 1234567812345678 */
+ 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc, /* sm2 a */
+ 0x28, 0xe9, 0xfa, 0x9e, 0x9d, 0x9f, 0x5e, 0x34, 0x4d, 0x5a, 0x9e, 0x4b,
+ 0xcf, 0x65, 0x09, 0xa7, 0xf3, 0x97, 0x89, 0xf5, 0x15, 0xab, 0x8f, 0x92,
+ 0xdd, 0xbc, 0xbd, 0x41, 0x4d, 0x94, 0x0e, 0x93, /* sm2 b */
+ 0x32, 0xc4, 0xae, 0x2c, 0x1f, 0x19, 0x81, 0x19, 0x5f, 0x99, 0x04, 0x46,
+ 0x6a, 0x39, 0xc9, 0x94, 0x8f, 0xe3, 0x0b, 0xbf, 0xf2, 0x66, 0x0b, 0xe1,
+ 0x71, 0x5a, 0x45, 0x89, 0x33, 0x4c, 0x74, 0xc7, /* sm2 x */
+ 0xbc, 0x37, 0x36, 0xa2, 0xf4, 0xf6, 0x77, 0x9c, 0x59, 0xbd, 0xce, 0xe3,
+ 0x6b, 0x69, 0x21, 0x53, 0xd0, 0xa9, 0x87, 0x7c, 0xc6, 0x2a, 0x47, 0x40,
+ 0x02, 0xdf, 0x32, 0xe5, 0x21, 0x39, 0xf0, 0xa0 /* sm2 y */
+};
+
+static int calculate_sm2_hash(struct pgpDigKeyECDSA_s *key, uint8_t *msg, size_t msglen, uint8_t *hash)
+{
+ unsigned char z[32];
+
+ EVP_MD_CTX *ctx = EVP_MD_CTX_new();
+
+ EVP_DigestInit(ctx, EVP_sm3());
+ EVP_DigestUpdate(ctx, zin_default, sizeof(zin_default));
+ EVP_DigestUpdate(ctx, key->q + 1, key->qlen - 1);
+ EVP_DigestFinal_ex(ctx, z, NULL);
+
+ EVP_DigestInit(ctx, EVP_sm3());
+ EVP_DigestUpdate(ctx, z, sizeof(z));
+ EVP_DigestUpdate(ctx, msg, msglen);
+ EVP_DigestFinal_ex(ctx, hash, NULL);
+
+ EVP_MD_CTX_free(ctx);
+
+ return 0;
+}
+
static int pgpVerifySigECDSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig,
uint8_t *hash, size_t hashlen, int hash_algo)
{
@@ -959,6 +1012,8 @@ static int pgpVerifySigECDSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig,
unsigned char *xsig = NULL; /* signature encoded for X509 */
size_t xsig_len = 0;
EVP_PKEY_CTX *pkey_ctx = NULL;
+ uint8_t *hash_to_use = hash;
+ uint8_t sm2_hash[32] = { 0 };
if (!constructECDSASigningKey(key, pgpkey->curve))
goto done;
@@ -974,7 +1029,16 @@ static int pgpVerifySigECDSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig,
if (EVP_PKEY_verify_init(pkey_ctx) != 1)
goto done;
- if (EVP_PKEY_verify(pkey_ctx, xsig, xsig_len, hash, hashlen) == 1)
+ if (pgpkey->curve == PGPCURVE_SM2P256V1) {
+ if (rpmExpandNumeric("%{?_enable_sm2p256v1_sm3_algo}")) {
+ calculate_sm2_hash(key, hash, hashlen, sm2_hash);
+ hash_to_use = sm2_hash;
+ } else {
+ goto done;
+ }
+ }
+
+ if (EVP_PKEY_verify(pkey_ctx, xsig, xsig_len, hash_to_use, hashlen) == 1)
{
/* Success */
rc = 0;
@@ -1109,6 +1173,9 @@ static int pgpSupportedCurve(int algo, int curve)
return 1;
if (algo == PGPPUBKEYALGO_ECDSA && curve == PGPCURVE_NIST_P_521)
return 1;
+ if (algo == PGPPUBKEYALGO_ECDSA && curve == PGPCURVE_SM2P256V1 &&
+ rpmExpandNumeric("%{?_enable_sm2p256v1_sm3_algo}"))
+ return 1;
return 0;
}
diff --git a/rpmio/rpmpgp_internal.c b/rpmio/rpmpgp_internal.c
index 8b845b7..0960057 100644
--- a/rpmio/rpmpgp_internal.c
+++ b/rpmio/rpmpgp_internal.c
@@ -537,6 +537,7 @@ static uint8_t curve_oids[] = {
PGPCURVE_BRAINPOOL_P512R1, 0x09, 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0d,
PGPCURVE_ED25519, 0x09, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xda, 0x47, 0x0f, 0x01,
PGPCURVE_CURVE25519, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01,
+ PGPCURVE_SM2P256V1, 0x08, 0x2a, 0x81, 0x1c, 0xcf, 0x55, 0x1, 0x82, 0x2d,
0,
};
diff --git a/rpmio/rpmpgpval.h b/rpmio/rpmpgpval.h
index ad8ed08..b8b7cb4 100644
--- a/rpmio/rpmpgpval.h
+++ b/rpmio/rpmpgpval.h
@@ -77,6 +77,7 @@ static struct pgpValTbl_s const pgpHashTbl[] = {
{ PGPHASHALGO_SHA384, "SHA384" },
{ PGPHASHALGO_SHA512, "SHA512" },
{ PGPHASHALGO_SHA224, "SHA224" },
+ { PGPHASHALGO_SM3, "SM3" },
{ -1, "Unknown hash algorithm" },
};
diff --git a/sign/rpmsignfiles.c b/sign/rpmsignfiles.c
index 80ef233..fa20bf6 100644
--- a/sign/rpmsignfiles.c
+++ b/sign/rpmsignfiles.c
@@ -19,6 +19,10 @@
#define MAX_SIGNATURE_LENGTH 1024
+/*
+ * Currently, we do not support the sm3 hash algorithm to sign files.
+ * Therefore, we do not add sm3.
+ */
static const char *hash_algo_name[] = {
[RPM_HASH_MD5] = "md5",
[RPM_HASH_SHA1] = "sha1",
--
2.33.0

2
Unbundle-config-site-and-add-RPM-LD-FLAGS-macro.patch
View File

@ -20,7 +20,7 @@ index a2411d7..8cb8a5a 100644
RPM_OS=\"%{_os}\"\
RPM_BUILD_NCPUS=\"%{_smp_build_ncpus}\"\
- export RPM_SOURCE_DIR RPM_BUILD_DIR RPM_OPT_FLAGS RPM_ARCH RPM_OS RPM_BUILD_NCPUS\
+ export RPM_SOURCE_DIR RPM_BUILD_DIR RPM_OPT_FLAGS RPM_ARCH RPM_OS RPM_BUILD_NCPUS RPM_OPT_FLAGS\
+ export RPM_SOURCE_DIR RPM_BUILD_DIR RPM_OPT_FLAGS RPM_ARCH RPM_OS RPM_BUILD_NCPUS RPM_LD_FLAGS\
RPM_DOC_DIR=\"%{_docdir}\"\
export RPM_DOC_DIR\
RPM_PACKAGE_NAME=\"%{NAME}\"\

263
backport-Add-ECDSA-support-to-digest_openssl.patch Normal file
View File

@ -0,0 +1,263 @@
From d2d35d1acb89d4113647a9aad2d049808112b935 Mon Sep 17 00:00:00 2001
From: Michael Schroeder <mls@suse.de>
Date: Wed, 17 Apr 2024 14:07:53 +0200
Subject: [PATCH] Add ECDSA support to digest_openssl
Conflict:modify digest_openssl.c in rpmio; adapt context
Reference:https://github.com/rpm-software-management/rpmpgp_legacy/commit/783a5ea3851b8509eb11a4998d6e4ea41cc7ba38
---
rpmio/digest_openssl.c | 208 ++++++++++++++++++++++++++++++++++++++++-
1 file changed, 207 insertions(+), 1 deletion(-)
diff --git a/rpmio/digest_openssl.c b/rpmio/digest_openssl.c
index 4d930c9..c8eb15f 100644
--- a/rpmio/digest_openssl.c
+++ b/rpmio/digest_openssl.c
@@ -6,6 +6,7 @@
#endif
#include <openssl/rsa.h>
#include <openssl/dsa.h>
+#include <openssl/ec.h>
#include <rpm/rpmcrypto.h>
#include "rpmio/rpmpgp_internal.h"
@@ -801,6 +802,181 @@ done:
return rc;
}
+/****************************** ECDSA ***************************************/
+
+struct pgpDigKeyECDSA_s {
+ EVP_PKEY *evp_pkey; /* Fully constructed key */
+ unsigned char *q; /* compressed point */
+ int qlen;
+};
+
+static int constructECDSASigningKey(struct pgpDigKeyECDSA_s *key, int curve)
+{
+ if (key->evp_pkey)
+ return 1; /* We've already constructed it, so just reuse it */
+
+#if OPENSSL_VERSION_MAJOR >= 3
+ if (curve == PGPCURVE_NIST_P_256) {
+ OSSL_PARAM params[] = {
+ OSSL_PARAM_utf8_string("group", "P-256", 5),
+ OSSL_PARAM_octet_string("pub", key->q, key->qlen),
+ OSSL_PARAM_END
+ };
+ key->evp_pkey = construct_pkey_from_param(EVP_PKEY_EC, params);
+ } else if (curve == PGPCURVE_NIST_P_384) {
+ OSSL_PARAM params[] = {
+ OSSL_PARAM_utf8_string("group", "P-384", 5),
+ OSSL_PARAM_octet_string("pub", key->q, key->qlen),
+ OSSL_PARAM_END
+ };
+ key->evp_pkey = construct_pkey_from_param(EVP_PKEY_EC, params);
+ }
+ return key->evp_pkey ? 1 : 0;
+#else
+ /* Create the EC key */
+ EC_KEY *ec = NULL;
+ if (curve == PGPCURVE_NIST_P_256)
+ ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ else if (curve == PGPCURVE_NIST_P_384)
+ ec = EC_KEY_new_by_curve_name(NID_secp384r1);
+ if (!ec)
+ return 0;
+
+ if (!EC_KEY_oct2key(ec, key->q, key->qlen, NULL))
+ goto exit;
+
+ /* Create an EVP_PKEY container to abstract the key-type. */
+ if (!(key->evp_pkey = EVP_PKEY_new()))
+ goto exit;
+
+ /* Assign the EC key to the EVP_PKEY structure.
+ This will take over memory management of the RSA key */
+ if (!EVP_PKEY_assign_EC_KEY(key->evp_pkey, ec)) {
+ EVP_PKEY_free(key->evp_pkey);
+ key->evp_pkey = NULL;
+ goto exit;
+ }
+ return 1;
+
+exit:
+ EC_KEY_free(ec);
+ return 0;
+#endif
+}
+
+static int pgpSetKeyMpiECDSA(pgpDigAlg pgpkey, int num, const uint8_t *p)
+{
+ size_t mlen = pgpMpiLen(p) - 2;
+ struct pgpDigKeyECDSA_s *key = pgpkey->data;
+ int rc = 1;
+
+ if (!key)
+ key = pgpkey->data = xcalloc(1, sizeof(*key));
+ if (num == 0 && !key->q && mlen > 1 && p[2] == 0x04) {
+ key->qlen = mlen;
+ key->q = xmalloc(key->qlen);
+ memcpy(key->q, p + 2, key->qlen),
+ rc = 0;
+ }
+ return rc;
+}
+
+static void pgpFreeKeyECDSA(pgpDigAlg pgpkey)
+{
+ struct pgpDigKeyECDSA_s *key = pgpkey->data;
+ if (key) {
+ if (key->q)
+ free(key->q);
+ if (key->evp_pkey)
+ EVP_PKEY_free(key->evp_pkey);
+ free(key);
+ }
+}
+
+struct pgpDigSigECDSA_s {
+ unsigned char *r;
+ int rlen;
+ unsigned char *s;
+ int slen;
+};
+
+static int pgpSetSigMpiECDSA(pgpDigAlg pgpsig, int num, const uint8_t *p)
+{
+ int mlen = pgpMpiLen(p) - 2;
+ int rc = 1;
+
+ struct pgpDigSigECDSA_s *sig = pgpsig->data;
+ if (!sig) {
+ sig = xcalloc(1, sizeof(*sig));
+ pgpsig->data = sig;
+ }
+
+ switch (num) {
+ case 0:
+ if (sig->r)
+ return 1; /* This should only ever happen once per signature */
+ sig->rlen = mlen;
+ sig->r = memcpy(xmalloc(mlen), p + 2, mlen);
+ rc = 0;
+ break;
+ case 1:
+ if (sig->s)
+ return 1; /* This should only ever happen once per signature */
+ sig->slen = mlen;
+ sig->s = memcpy(xmalloc(mlen), p + 2, mlen);
+ rc = 0;
+ break;
+ }
+
+ return rc;
+}
+
+static void pgpFreeSigECDSA(pgpDigAlg pgpsig)
+{
+ struct pgpDigSigECDSA_s *sig = pgpsig->data;
+ if (sig) {
+ free(sig->r);
+ free(sig->s);
+ }
+ free(pgpsig->data);
+}
+
+static int pgpVerifySigECDSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig,
+ uint8_t *hash, size_t hashlen, int hash_algo)
+{
+ int rc = 1; /* assume failure */
+ struct pgpDigSigECDSA_s *sig = pgpsig->data;
+ struct pgpDigKeyECDSA_s *key = pgpkey->data;
+ unsigned char *xsig = NULL; /* signature encoded for X509 */
+ size_t xsig_len = 0;
+ EVP_PKEY_CTX *pkey_ctx = NULL;
+
+ if (!constructECDSASigningKey(key, pgpkey->curve))
+ goto done;
+
+ xsig = constructDSASignature(sig->r, sig->rlen, sig->s, sig->slen, &xsig_len);
+ if (!xsig)
+ goto done;
+
+ pkey_ctx = EVP_PKEY_CTX_new(key->evp_pkey, NULL);
+ if (!pkey_ctx)
+ goto done;
+
+ if (EVP_PKEY_verify_init(pkey_ctx) != 1)
+ goto done;
+
+ if (EVP_PKEY_verify(pkey_ctx, xsig, xsig_len, hash, hashlen) == 1)
+ {
+ /* Success */
+ rc = 0;
+ }
+
+done:
+ if (pkey_ctx)
+ EVP_PKEY_CTX_free(pkey_ctx);
+ free(xsig);
+ return rc;
+}
/****************************** EDDSA ***************************************/
@@ -912,6 +1088,19 @@ static int pgpVerifyNULL(pgpDigAlg pgpkey, pgpDigAlg pgpsig,
return 1;
}
+static int pgpSupportedCurve(int algo, int curve)
+{
+#ifdef EVP_PKEY_ED25519
+ if (algo == PGPPUBKEYALGO_EDDSA && curve == PGPCURVE_ED25519)
+ return 1;
+#endif
+ if (algo == PGPPUBKEYALGO_ECDSA && curve == PGPCURVE_NIST_P_256)
+ return 1;
+ if (algo == PGPPUBKEYALGO_ECDSA && curve == PGPCURVE_NIST_P_384)
+ return 1;
+ return 0;
+}
+
/****************************** PGP **************************************/
pgpDigAlg pgpPubkeyNew(int algo, int curve)
{
@@ -928,9 +1117,20 @@ pgpDigAlg pgpPubkeyNew(int algo, int curve)
ka->free = pgpFreeKeyDSA;
ka->mpis = 4;
break;
+ case PGPPUBKEYALGO_ECDSA:
+ if (!pgpSupportedCurve(algo, curve)) {
+ ka->setmpi = pgpSetMpiNULL;
+ ka->mpis = -1;
+ break;
+ }
+ ka->setmpi = pgpSetKeyMpiECDSA;
+ ka->free = pgpFreeKeyECDSA;
+ ka->mpis = 1;
+ ka->curve = curve;
+ break;
#ifdef EVP_PKEY_ED25519
case PGPPUBKEYALGO_EDDSA:
- if (curve != PGPCURVE_ED25519) {
+ if (!pgpSupportedCurve(algo, curve)) {
ka->setmpi = pgpSetMpiNULL; /* unsupported curve */
ka->mpis = -1;
break;
@@ -969,6 +1169,12 @@ pgpDigAlg pgpSignatureNew(int algo)
sa->verify = pgpVerifySigDSA;
sa->mpis = 2;
break;
+ case PGPPUBKEYALGO_ECDSA:
+ sa->setmpi = pgpSetSigMpiECDSA;
+ sa->free = pgpFreeSigECDSA;
+ sa->verify = pgpVerifySigECDSA;
+ sa->mpis = 2;
+ break;
#ifdef EVP_PKEY_ED25519
case PGPPUBKEYALGO_EDDSA:
sa->setmpi = pgpSetSigMpiEDDSA;
--
2.23.0

29
backport-Allow-signing-with-ECDSA-keys.patch Normal file
View File

@ -0,0 +1,29 @@
From ef0afa856a609bea765dbccaebb75ceeddd202f3 Mon Sep 17 00:00:00 2001
From: Michael Schroeder <mls@suse.de>
Date: Fri, 12 Apr 2024 14:40:29 +0200
Subject: [PATCH] Allow signing with ECDSA keys
Conflict:NA
Reference:https://github.com/rpm-software-management/rpm/commit/ef0afa856a609bea765dbccaebb75ceeddd202f3
Key import and verification already works, it's just that rpm
does not know where to put the signature.
---
sign/rpmgensig.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/sign/rpmgensig.c b/sign/rpmgensig.c
index d7d08a2a3..4d2bbc31f 100644
--- a/sign/rpmgensig.c
+++ b/sign/rpmgensig.c
@@ -158,6 +158,7 @@ static rpmtd makeSigTag(Header sigh, int ishdr, uint8_t *pkt, size_t pktlen)
pubkey_algo = pgpDigParamsAlgo(sigp, PGPVAL_PUBKEYALGO);
switch (pubkey_algo) {
case PGPPUBKEYALGO_DSA:
+ case PGPPUBKEYALGO_ECDSA:
case PGPPUBKEYALGO_EDDSA:
sigtag = ishdr ? RPMSIGTAG_DSA : RPMSIGTAG_GPG;
break;
--
2.23.0

27
backport-Allow-version-to-be-omitted-in-the-replace-test-spec.patch Normal file
View File

@ -0,0 +1,27 @@
From 2c20f9677eff989817148d236543191dec0d8059 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 14 Nov 2023 09:07:28 +0200
Subject: [PATCH] Allow version to be omitted in the replace test spec
Conflict:adapt context
Reference:https://github.com/rpm-software-management/rpm/commit/2c20f9677eff989817148d236543191dec0d8059
---
tests/data/SPECS/replacetest.spec | 1 +
1 file changed, 1 insertion(+)
diff --git a/tests/data/SPECS/replacetest.spec b/tests/data/SPECS/replacetest.spec
index 0f86ea628..4fb72b408 100644
--- a/tests/data/SPECS/replacetest.spec
+++ b/tests/data/SPECS/replacetest.spec
@@ -2,6 +2,7 @@
%{?fixit: %global havepretrans 1}
%{!?user: %global user root}
%{!?grp: %global grp root}
+%{!?ver: %global ver 1.0}
Name: replacetest%{?sub:-%{sub}}
Version: %{ver}
--
2.33.0

64
backport-Enforce-the-same-sanity-checks-on-db-add-and-rebuild.patch Normal file
View File

@ -0,0 +1,64 @@
From 1fbf8aeb4e78b8b4afeeaafcbc97b3cbf7cfeaba Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 17 Sep 2024 08:31:35 +0300
Subject: [PATCH] Enforce the same sanity checks on db add and rebuild
Conflict:adapt context; don't use RPMTAG_HEADERIMMUTABLE because
e484d99 is not merged; use int type instead of bool in validHeader()
Reference:https://github.com/rpm-software-management/rpm/commit/1fbf8aeb4e78b8b4afeeaafcbc97b3cbf7cfeaba
It doesn't make a whole lot of sense to allow inserting headers
that will get removed as invalid on the next rebuild. Funny what
oddities have survived all this time...
Fixes: #3306
---
lib/rpmdb.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/lib/rpmdb.c b/lib/rpmdb.c
index 3bf3457f3..dccdf80cd 100644
--- a/lib/rpmdb.c
+++ b/lib/rpmdb.c
@@ -2176,6 +2176,17 @@ exit:
return (rc == 0) ? RPMRC_OK : RPMRC_FAIL;
}
+static int validHeader(Header h)
+{
+ if (!(headerIsEntry(h, RPMTAG_NAME) &&
+ headerIsEntry(h, RPMTAG_VERSION) &&
+ headerIsEntry(h, RPMTAG_RELEASE)))
+ {
+ return 0;
+ }
+ return 1;
+}
+
int rpmdbAdd(rpmdb db, Header h)
{
dbiIndex dbi = NULL;
@@ -2189,7 +2200,7 @@ int rpmdbAdd(rpmdb db, Header h)
return 0;
hdrBlob = headerExport(h, &hdrLen);
- if (hdrBlob == NULL || hdrLen == 0) {
+ if (!validHeader(h) || hdrBlob == NULL || hdrLen == 0) {
ret = -1;
goto exit;
}
@@ -2424,10 +2435,7 @@ int rpmdbRebuild(const char * prefix, rpmts ts,
while ((h = rpmdbNextIterator(mi)) != NULL) {
/* let's sanity check this record a bit, otherwise just skip it */
- if (!(headerIsEntry(h, RPMTAG_NAME) &&
- headerIsEntry(h, RPMTAG_VERSION) &&
- headerIsEntry(h, RPMTAG_RELEASE)))
- {
+ if (!validHeader(h)) {
rpmlog(RPMLOG_ERR,
_("header #%u in the database is bad -- skipping.\n"),
rpmdbGetIteratorOffset(mi));
--
2.33.0

47
backport-Fix-FA_TOUCH-ed-files-getting-removed-on-failed-upda.patch Normal file
View File

@ -0,0 +1,47 @@
From 027ef640b33b38ca257bb301bb302e9c71d43c27 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Fri, 18 Oct 2024 14:50:35 +0300
Subject: [PATCH] Fix FA_TOUCH'ed files getting removed on failed update
Conflict:modify fsm.c instead of fsm.cc; don't modify testcode because
the test code differs greatly, it requires the root permission to run
chown. However, the current test code cannot implement chown. Manual
test cases will be used to guard test cases.
Reference:https://github.com/rpm-software-management/rpm/commit/027ef640b33b38ca257bb301bb302e9c71d43c27
On install/update, most files are laid down with a temporary suffix
and if the update fails, removing those at the end of the loop is
the right thing to do. However FA_TOUCH'ed files were already there,
we only update their metadata, and we better not remove them!
AFAICS this all versions since rpm >= 4.14 in one way or the other.
If %_minimize_writes is enabled then it affects way more than just
unmodified config files.
The test is a simplified version of pam update failing in the original
report. Technically, --nomtime should not be needed for the test
verification but we don't even try to restore the metadata on failure,
and fixing that is way out of scope here.
Fixes: RHEL-54386
Fixes: #3284
---
lib/fsm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/fsm.c b/lib/fsm.c
index e3be219c3..ec0303400 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -1094,7 +1094,7 @@ setmeta:
if (ensureDir(NULL, rpmfiDN(fi), 0, 0, 1, &di.dirfd))
continue;
- if (fp->stage > FILE_NONE && !fp->skip) {
+ if (fp->stage > FILE_NONE && !fp->skip && fp->action != FA_TOUCH) {
(void) fsmRemove(di.dirfd, fp->fpath, fp->sb.st_mode);
}
}
--
2.33.0

27
backport-Fix-a-memory-leak-on-rpmdb-importdb.patch Normal file
View File

@ -0,0 +1,27 @@
From 4b830f7b5a4a70a53e2eef63baf82b7fff308a3c Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Fri, 11 Oct 2024 14:26:57 +0300
Subject: [PATCH] Fix a memory leak on rpmdb --importdb
Conflict:modify rpmdb.c instead of tools/rpmdb.cc
Reference:https://github.com/rpm-software-management/rpm/commit/4b830f7b5a4a70a53e2eef63baf82b7fff308a3c
---
rpmdb.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/rpmdb.c b/rpmdb.c
index 20d5d67bd..1736e1ef7 100644
--- a/rpmdb.c
+++ b/rpmdb.c
@@ -79,6 +79,7 @@ static int importDB(rpmts ts)
Header h;
while ((h = headerRead(fd, HEADER_MAGIC_YES))) {
rc += rpmtsImportHeader(txn, h, 0);
+ headerFree(h);
}
} else {
rc = -1;
--
2.33.0

35
backport-Fix-memleak-when-process-policies.patch Normal file
View File

@ -0,0 +1,35 @@
From 937e725626eecad2e0c34463e733ae123ba2ff5e Mon Sep 17 00:00:00 2001
From: xujing <xujing125@huawei.com>
Date: Thu, 12 Sep 2024 20:52:30 +0800
Subject: [PATCH] Fix memleak when process policies
Conflict:NA
Reference:https://github.com/rpm-software-management/rpm/commit/937e725626eecad2e0c34463e733ae123ba2ff5e
---
build/policies.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/build/policies.c b/build/policies.c
index 5d704c0eb..69062ee6a 100644
--- a/build/policies.c
+++ b/build/policies.c
@@ -289,6 +289,7 @@ static rpmRC processPolicies(rpmSpec spec, Package pkg, int test)
mod = freeModule(mod);
name = _free(name);
types = _free(types);
+ optCon = poptFreeContext(optCon);
}
rc = RPMRC_OK;
@@ -297,6 +298,7 @@ static rpmRC processPolicies(rpmSpec spec, Package pkg, int test)
freeModule(mod);
free(name);
free(types);
+ poptFreeContext(optCon);
return rc;
}
--
2.33.0

49
backport-Fix-wrong-return-code-on-O_DIRECTORY-open-of-invalid.patch Normal file
View File

@ -0,0 +1,49 @@
From 89ce4e7ca592f5abafc3f25aeaa07d36a7b43a61 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 14 Nov 2023 11:37:48 +0200
Subject: [PATCH] Fix wrong return code on O_DIRECTORY open of invalid symlink
Conflict:NA
Reference:https://github.com/rpm-software-management/rpm/commit/89ce4e7ca592f5abafc3f25aeaa07d36a7b43a61
The dir argument to fsmOpenpath() is supposed to be a rough O_DIRECTORY
equivalent, and if the path is actually a misowned symlink it should
return ENOTDIR instead of ELOOP. Makes the resulting error messages
at least a little more comprehensible.
---
lib/fsm.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/lib/fsm.c b/lib/fsm.c
index 51f439ef3..091e90554 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -304,6 +304,7 @@ static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
struct stat lsb, sb;
int sflags = flags | O_NOFOLLOW;
int fd = openat(dirfd, path, sflags);
+ int ffd = fd;
/*
* Only ever follow symlinks by root or target owner. Since we can't
@@ -312,7 +313,7 @@ static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
* it could've only been the link owner or root.
*/
if (fd < 0 && errno == ELOOP && flags != sflags) {
- int ffd = openat(dirfd, path, flags);
+ ffd = openat(dirfd, path, flags);
if (ffd >= 0) {
if (fstatat(dirfd, path, &lsb, AT_SYMLINK_NOFOLLOW) == 0) {
if (fstat(ffd, &sb) == 0) {
@@ -327,7 +328,7 @@ static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
}
/* O_DIRECTORY equivalent */
- if (dir && fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode)) {
+ if (dir && ((fd != ffd) || (fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode)))) {
errno = ENOTDIR;
fsmClose(&fd);
}
--
2.33.0

138
backport-No-longer-use-the-low-level-API-in-openssl-3.patch Normal file
View File

@ -0,0 +1,138 @@
From 408f2053da61fa80c5a306b8f87cdd70a7c57a62 Mon Sep 17 00:00:00 2001
From: Michael Schroeder <mls@suse.de>
Date: Wed, 17 Apr 2024 13:05:28 +0200
Subject: [PATCH] No longer use the low level API in openssl-3
Conflict:modify digest_openssl.c in rpmio; adapt context
Reference:https://github.com/rpm-software-management/rpmpgp_legacy/commit/de96811994b28d8fb43dfb101a9cbca263eb1ce5
Instead, construct the key with EVP_PKEY_fromdata()
---
rpmio/digest_openssl.c | 73 +++++++++++++++++++++++++++++++++++++++++-
1 file changed, 72 insertions(+), 1 deletion(-)
diff --git a/rpmio/digest_openssl.c b/rpmio/digest_openssl.c
index 41d77d0..4d930c9 100644
--- a/rpmio/digest_openssl.c
+++ b/rpmio/digest_openssl.c
@@ -1,10 +1,13 @@
#include "system.h"
#include <openssl/evp.h>
+#if OPENSSL_VERSION_MAJOR >= 3
+# include <openssl/params.h>
+#endif
#include <openssl/rsa.h>
#include <openssl/dsa.h>
-#include <rpm/rpmcrypto.h>
+#include <rpm/rpmcrypto.h>
#include "rpmio/rpmpgp_internal.h"
@@ -283,6 +286,46 @@ done:
}
+/*********************** pkey construction *******************************/
+
+#if OPENSSL_VERSION_MAJOR >= 3
+
+static EVP_PKEY *
+construct_pkey_from_param(int id, OSSL_PARAM *params)
+{
+ EVP_PKEY *pkey = NULL;
+ EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_id(id, NULL);
+ if (!ctx || EVP_PKEY_fromdata_init(ctx) <= 0 || EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_PUBLIC_KEY, params) <= 0)
+ pkey = NULL;
+ if (ctx)
+ EVP_PKEY_CTX_free(ctx);
+ return pkey;
+}
+
+static OSSL_PARAM
+create_bn_param(char *key, BIGNUM *bn)
+{
+ int sz = bn ? BN_num_bytes(bn) : -1;
+ if (sz < 0 || BN_is_negative(bn)) {
+ OSSL_PARAM param = OSSL_PARAM_END;
+ return param;
+ }
+ if (sz == 0)
+ sz = 1;
+ unsigned char *buf = xmalloc(sz);
+ BN_bn2nativepad(bn, buf, sz);
+ OSSL_PARAM param = OSSL_PARAM_BN(key, buf, sz);
+ return param;
+}
+
+static void
+free_bn_param(OSSL_PARAM *param)
+{
+ free(param->data);
+}
+
+#endif
+
/****************************** RSA **************************************/
/* Key */
@@ -300,6 +343,17 @@ static int constructRSASigningKey(struct pgpDigKeyRSA_s *key)
if (key->evp_pkey)
return 1; /* We've already constructed it, so just reuse it */
+#if OPENSSL_VERSION_MAJOR >= 3
+ OSSL_PARAM params[] = {
+ create_bn_param("n", key->n),
+ create_bn_param("e", key->e),
+ OSSL_PARAM_END
+ };
+ key->evp_pkey = construct_pkey_from_param(EVP_PKEY_RSA, params);
+ free_bn_param(params + 0);
+ free_bn_param(params + 1);
+ return key->evp_pkey ? 1 : 0;
+#else
/* Create the RSA key */
RSA *rsa = RSA_new();
if (!rsa) return 0;
@@ -324,6 +378,7 @@ static int constructRSASigningKey(struct pgpDigKeyRSA_s *key)
exit:
RSA_free(rsa);
return 0;
+#endif
}
static int pgpSetKeyMpiRSA(pgpDigAlg pgpkey, int num, const uint8_t *p)
@@ -506,6 +561,21 @@ static int constructDSASigningKey(struct pgpDigKeyDSA_s *key)
if (key->evp_pkey)
return 1; /* We've already constructed it, so just reuse it */
+#if OPENSSL_VERSION_MAJOR >= 3
+ OSSL_PARAM params[] = {
+ create_bn_param("p", key->p),
+ create_bn_param("q", key->q),
+ create_bn_param("g", key->g),
+ create_bn_param("pub", key->y),
+ OSSL_PARAM_END
+ };
+ key->evp_pkey = construct_pkey_from_param(EVP_PKEY_DSA, params);
+ free_bn_param(params + 0);
+ free_bn_param(params + 1);
+ free_bn_param(params + 2);
+ free_bn_param(params + 3);
+ return key->evp_pkey ? 1 : 0;
+#else
/* Create the DSA key */
DSA *dsa = DSA_new();
if (!dsa) return 0;
@@ -533,6 +603,7 @@ static int constructDSASigningKey(struct pgpDigKeyDSA_s *key)
exit:
DSA_free(dsa);
return 0;
+#endif
}
--
2.23.0

175
backport-Refactor-fsmOpenat-return-style-for-consistency-with.patch Normal file
View File

@ -0,0 +1,175 @@
From 14516542c113560dc0070df2f9102568a7a71b58 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Mon, 19 Aug 2024 11:03:10 +0300
Subject: [PATCH] Refactor fsmOpenat() return style for consistency within the
fsm
Conflict:adapt context; don't modify testcode because the test code differs
greatly, 0091214 requires the root permission to run chown. However, the
current test code cannot implement chown. Manual test cases will be used to
guard test cases.
Reference:https://github.com/rpm-software-management/rpm/commit/14516542c113560dc0070df2f9102568a7a71b58
Everything inside the fsm is returning a return code as the main
returned data and file descriptors as one of the arguments, except
for fsmOpenat() which I for some reason modeled after openat() instead.
This mismatch makes for some strange code in the callers.
The only visible change here is supposed to be the error message
changing slightly due to using rpmfileStrerror() instead of strerror().
Co-authored-by: Florian Festi <ffesti@redhat.com>
---
lib/fsm.c | 62 +++++++++++++++++++++++++--------------------------
1 file changed, 31 insertions(+), 31 deletions(-)
diff --git a/lib/fsm.c b/lib/fsm.c
index 20b270cf5..b5f8800a8 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -65,7 +65,7 @@ struct filedata_s {
* things around needlessly
*/
static const char * fileActionString(rpmFileAction a);
-static int fsmOpenat(int dirfd, const char *path, int flags, int dir);
+static int fsmOpenat(int *fdp, int dirfd, const char *path, int flags, int dir);
static int fsmClose(int *wfdp);
/** \ingroup payload
@@ -98,9 +98,9 @@ static int fsmLink(int odirfd, const char *opath, int dirfd, const char *path)
#if WITH_CAP
static int cap_set_fileat(int dirfd, const char *path, cap_t fcaps)
{
- int rc = -1;
- int fd = fsmOpenat(dirfd, path, O_RDONLY|O_NOFOLLOW, 0);
- if (fd >= 0) {
+ int fd = -1;
+ int rc = fsmOpenat(&fd, dirfd, path, O_RDONLY|O_NOFOLLOW, 0);
+ if (!rc) {
rc = cap_set_fd(fd, fcaps);
fsmClose(&fd);
}
@@ -299,12 +299,13 @@ static int fsmMkdir(int dirfd, const char *path, mode_t mode)
return rc;
}
-static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
+static int fsmOpenat(int *wfdp, int dirfd, const char *path, int flags, int dir)
{
struct stat lsb, sb;
int sflags = flags | O_NOFOLLOW;
int fd = openat(dirfd, path, sflags);
int ffd = fd;
+ int rc = 0;
/*
* Only ever follow symlinks by root or target owner. Since we can't
@@ -328,11 +329,17 @@ static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
}
/* O_DIRECTORY equivalent */
- if (dir && ((fd != ffd) || (fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode)))) {
- errno = ENOTDIR;
+ if (!rc && dir && ((fd != ffd) || (fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode))))
+ rc = RPMERR_ENOTDIR;
+
+ if (!rc && fd < 0)
+ rc = RPMERR_OPEN_FAILED;
+
+ if (rc)
fsmClose(&fd);
- }
- return fd;
+
+ *wfdp = fd;
+ return rc;
}
static int fsmDoMkDir(rpmPlugins plugins, int dirfd, const char *dn,
@@ -351,9 +358,7 @@ static int fsmDoMkDir(rpmPlugins plugins, int dirfd, const char *dn,
rc = fsmMkdir(dirfd, dn, mode);
if (!rc) {
- *fdp = fsmOpenat(dirfd, dn, O_RDONLY|O_NOFOLLOW, 1);
- if (*fdp == -1)
- rc = RPMERR_ENOTDIR;
+ rc = fsmOpenat(fdp, dirfd, dn, O_RDONLY|O_NOFOLLOW, 1);
}
if (!rc) {
@@ -378,47 +383,44 @@ static int ensureDir(rpmPlugins plugins, const char *p, int owned, int create,
char *sp = NULL, *bn;
char *apath = NULL;
int oflags = O_RDONLY;
- int rc = 0;
if (*dirfdp >= 0)
- return rc;
+ return 0;
- int dirfd = fsmOpenat(-1, "/", oflags, 1);
+ int dirfd = -1;
+ int rc = fsmOpenat(&dirfd, -1, "/", oflags, 1);
int fd = dirfd; /* special case of "/" */
char *path = xstrdup(p);
char *dp = path;
while ((bn = strtok_r(dp, "/", &sp)) != NULL) {
- fd = fsmOpenat(dirfd, bn, oflags, 1);
+ rc = fsmOpenat(&fd, dirfd, bn, oflags, 1);
/* assemble absolute path for plugins benefit, sigh */
apath = rstrscat(&apath, "/", bn, NULL);
- if (fd < 0 && errno == ENOENT && create) {
+ if (rc && errno == ENOENT && create) {
mode_t mode = S_IFDIR | (_dirPerms & 07777);
rc = fsmDoMkDir(plugins, dirfd, bn, apath, owned, mode, &fd);
}
fsmClose(&dirfd);
- if (fd >= 0) {
- dirfd = fd;
- } else {
- if (!quiet) {
- rpmlog(RPMLOG_ERR, _("failed to open dir %s of %s: %s\n"),
- bn, p, strerror(errno));
- }
- rc = RPMERR_OPEN_FAILED;
+ if (rc)
break;
- }
+ dirfd = fd;
dp = NULL;
}
if (rc) {
+ if (!quiet) {
+ char *msg = rpmfileStrerror(rc);
+ rpmlog(RPMLOG_ERR, _("failed to open dir %s of %s: %s\n"),
+ bn, p, msg);
+ free(msg);
+ }
fsmClose(&fd);
fsmClose(&dirfd);
- } else {
- rc = 0;
}
*dirfdp = dirfd;
@@ -1026,10 +1028,8 @@ setmeta:
/* Only follow safe symlinks, and never on temporary files */
if (fp->suffix)
flags |= AT_SYMLINK_NOFOLLOW;
- fd = fsmOpenat(di.dirfd, fp->fpath, flags,
+ rc = fsmOpenat(&fd, di.dirfd, fp->fpath, flags,
S_ISDIR(fp->sb.st_mode));
- if (fd < 0)
- rc = RPMERR_OPEN_FAILED;
}
if (!rc && fp->setmeta) {
--
2.33.0

87
backport-Report-unsafe-symlinks-during-installation-as-a-spec.patch Normal file
View File

@ -0,0 +1,87 @@
From 535eacc96ae6fe5289a2917bb0af43e491b0f4f4 Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Mon, 19 Aug 2024 11:43:33 +0300
Subject: [PATCH] Report unsafe symlinks during installation as a specific case
Conflict:don't modify testcode because the test code differs greatly, 0091214
requires the root permission to run chown. However, the current test code
cannot implement chown. Manual test cases will be used to guard test cases.
Reference:https://github.com/rpm-software-management/rpm/commit/535eacc96ae6fe5289a2917bb0af43e491b0f4f4
RPM refuses to follow non root owned symlinks pointing to files owned by
another user for security reasons. This case was lumped in with
O_DIRECTORY behavior, leading to confusing error message as the symlink
often indeed points at a directory. Emit a more meaningful error message
when encountering unsafe symlinks.
We already detect the error condition in the main if block here, might
as well set the error code right there and then so we don't need to
redetect later. We previously only tested for the unsafe link condition
when our O_DIRECTORY equivalent was set, but that seems wrong. Probably
doesn't matter with the existing callers, but we really must not
follow those unsafe symlinks no matter what.
Co-authored-by: Florian Festi <ffesti@redhat.com>
Resolves: #3100
---
lib/fsm.c | 10 ++++++----
lib/rpmfi.c | 2 +-
2 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/lib/fsm.c b/lib/fsm.c
index b5f8800a8..4c0968f73 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -304,7 +304,6 @@ static int fsmOpenat(int *wfdp, int dirfd, const char *path, int flags, int dir)
struct stat lsb, sb;
int sflags = flags | O_NOFOLLOW;
int fd = openat(dirfd, path, sflags);
- int ffd = fd;
int rc = 0;
/*
@@ -314,7 +313,7 @@ static int fsmOpenat(int *wfdp, int dirfd, const char *path, int flags, int dir)
* it could've only been the link owner or root.
*/
if (fd < 0 && errno == ELOOP && flags != sflags) {
- ffd = openat(dirfd, path, flags);
+ int ffd = openat(dirfd, path, flags);
if (ffd >= 0) {
if (fstatat(dirfd, path, &lsb, AT_SYMLINK_NOFOLLOW) == 0) {
if (fstat(ffd, &sb) == 0) {
@@ -323,13 +322,16 @@ static int fsmOpenat(int *wfdp, int dirfd, const char *path, int flags, int dir)
}
}
}
- if (ffd != fd)
+ /* Symlink with non-matching owners */
+ if (ffd != fd) {
close(ffd);
+ rc = RPMERR_INVALID_SYMLINK;
+ }
}
}
/* O_DIRECTORY equivalent */
- if (!rc && dir && ((fd != ffd) || (fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode))))
+ if (!rc && dir && fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode))
rc = RPMERR_ENOTDIR;
if (!rc && fd < 0)
diff --git a/lib/rpmfi.c b/lib/rpmfi.c
index a3d8ad470..d8dbb67c7 100644
--- a/lib/rpmfi.c
+++ b/lib/rpmfi.c
@@ -2426,7 +2426,7 @@ char * rpmfileStrerror(int rc)
case RPMERR_DIGEST_MISMATCH: s = _("Digest mismatch"); break;
case RPMERR_INTERNAL: s = _("Internal error"); break;
case RPMERR_UNMAPPED_FILE: s = _("Archive file not in header"); break;
- case RPMERR_INVALID_SYMLINK: s = _("Invalid symlink"); break;
+ case RPMERR_INVALID_SYMLINK: s = _("Unsafe symlink"); break;
case RPMERR_ENOTDIR: s = strerror(ENOTDIR); break;
case RPMERR_ENOENT: s = strerror(ENOENT); break;
case RPMERR_ENOTEMPTY: s = strerror(ENOTEMPTY); break;
--
2.33.0

77
backport-Require-macro-filenames-to-end-in-alphanum-char.patch Normal file
View File

@ -0,0 +1,77 @@
From 63e3061fa2471c663bed43d02f97c80953dfc9f7 Mon Sep 17 00:00:00 2001
From: Michal Domonkos <mdomonko@redhat.com>
Date: Wed, 23 Oct 2024 15:45:07 +0200
Subject: [PATCH] Require macro filenames to end in alphanum char
Conflict:modify macro.c instead of macro.cc; use AT_{CHECK,CLEANUP}
instead of RPMTEST_{CHECK,CLEANUP} because adafe8d04724b is not merged;
use "/usr/lib/rpm" instead of $RPM_CONFIGDIR_PATH because f134eb1 and
1592f16 are not merged; "mkdir -p $RPMTEST/usr/lib/rpm/macros.d/" to
ensure directory exist.
Reference:https://github.com/rpm-software-management/rpm/commit/63e3061fa2471c663bed43d02f97c80953dfc9f7
Make sure (text editor) backup files, such as those with the tilde (~)
at the end, aren't processed by our macrofiles globs. These can appear
while editing a macro file in place and may result in confusing behavior
where an old version of a macro overrides the one being written, like
seen in the ticket #3373.
Rather than enumerating any specific suffixes, just mandate that macro
files end with alphanumerics. That's more of a name sanity check than
anything but fits the bill here.
Co-authored-by: Peter Oliver <git@mavit.org.uk>
---
rpmio/macro.c | 4 +++-
tests/rpmmacro.at | 18 ++++++++++++++++++
2 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/rpmio/macro.c b/rpmio/macro.c
index 1a9f2f63a..11668b7ee 100644
--- a/rpmio/macro.c
+++ b/rpmio/macro.c
@@ -1981,9 +1981,11 @@ rpmInitMacros(rpmMacroContext mc, const char * macrofiles)
/* Read macros from each file. */
for (path = files; *path; path++) {
+ size_t len = strlen(*path);
if (rpmFileHasSuffix(*path, ".rpmnew") ||
rpmFileHasSuffix(*path, ".rpmsave") ||
- rpmFileHasSuffix(*path, ".rpmorig")) {
+ rpmFileHasSuffix(*path, ".rpmorig") ||
+ (len > 0 && !risalnum((*path)[len - 1]))) {
continue;
}
(void) loadMacroFile(mc, *path);
diff --git a/tests/rpmmacro.at b/tests/rpmmacro.at
index 50096fd5d..968d48ee7 100644
--- a/tests/rpmmacro.at
+++ b/tests/rpmmacro.at
@@ -2,6 +2,24 @@
#
AT_BANNER([RPM macros])
+# ------------------------------
+AT_SETUP([macro path: skip editor backups])
+AT_KEYWORDS([macros])
+RPMTEST_SETUP
+AT_CHECK([
+mkdir -p $RPMTEST/usr/lib/rpm/macros.d/
+echo '%this that' > $RPMTEST/usr/lib/rpm/macros.d/macros.this
+runroot rpm --eval '%{this}'
+mv $RPMTEST/usr/lib/rpm/macros.d/macros.this{,~}
+runroot rpm --eval '%{this}'
+],
+[0],
+[that
+%{this}
+],
+[])
+AT_CLEANUP
+
# ------------------------------
AT_SETUP([simple rpm --eval])
AT_KEYWORDS([macros])
--
2.33.0

78
backport-Support-ECDSA-in-key-parsing.patch Normal file
View File

@ -0,0 +1,78 @@
From 8bc74f9ec48386beadf396ba5830aacf6672df4c Mon Sep 17 00:00:00 2001
From: Michael Schroeder <mls@suse.de>
Date: Thu, 11 Apr 2024 14:13:22 +0200
Subject: [PATCH] Support ECDSA in key parsing
Conflict:modify rpmpgp_internal.c in rpmio; adapt context because 296f2256b90
and b5b9600834 is not mearged
Reference:https://github.com/rpm-software-management/rpmpgp_legacy/commit/ca6c204cfa95f016ba03a73d5e6e4451cf8d4d6d
---
rpmio/rpmpgp_internal.c | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/rpmio/rpmpgp_internal.c b/rpmio/rpmpgp_internal.c
index 0fcd220..610a9b2 100644
--- a/rpmio/rpmpgp_internal.c
+++ b/rpmio/rpmpgp_internal.c
@@ -576,11 +576,6 @@ static int pgpCurveByOid(const uint8_t *p, int l)
return 0;
}
-static int isKey(pgpDigParams keyp)
-{
- return keyp->tag == PGPTAG_PUBLIC_KEY || keyp->tag == PGPTAG_PUBLIC_SUBKEY;
-}
-
static int pgpPrtPubkeyParams(uint8_t pubkey_algo,
const uint8_t *p, const uint8_t *h, size_t hlen,
pgpDigParams keyp)
@@ -588,12 +583,12 @@ static int pgpPrtPubkeyParams(uint8_t pubkey_algo,
int rc = 1; /* assume failure */
const uint8_t *pend = h + hlen;
int curve = 0;
- if (!isKey(keyp))
+ if (keyp->tag != PGPTAG_PUBLIC_KEY && keyp->tag != PGPTAG_PUBLIC_SUBKEY)
return rc;
/* We can't handle more than one key at a time */
if (keyp->alg)
return rc;
- if (pubkey_algo == PGPPUBKEYALGO_EDDSA) {
+ if (pubkey_algo == PGPPUBKEYALGO_EDDSA || pubkey_algo == PGPPUBKEYALGO_ECDSA) {
int len = (hlen > 1) ? p[0] : 0;
if (len == 0 || len == 0xff || len >= hlen)
return rc;
@@ -686,8 +681,9 @@ static int getPubkeyFingerprint(const uint8_t *h, size_t hlen,
return rc;
se = (uint8_t *)(v + 1);
switch (v->pubkey_algo) {
+ case PGPPUBKEYALGO_ECDSA:
case PGPPUBKEYALGO_EDDSA:
- /* EdDSA has a curve id before the MPIs */
+ /* ECC has a curve id before the MPIs */
if (se[0] == 0x00 || se[0] == 0xff || pend - se < 1 + se[0])
return rc;
se += 1 + se[0];
@@ -1206,8 +1202,11 @@ rpmRC pgpVerifySignature(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx)
if (sig == NULL || ctx == NULL)
goto exit;
+ /* make sure the dig param types are correct */
if (sig->tag != PGPTAG_SIGNATURE)
goto exit;
+ if (key && key->tag != PGPTAG_PUBLIC_KEY && key->tag != PGPTAG_PUBLIC_SUBKEY)
+ goto exit;
if (sig->hash != NULL)
rpmDigestUpdate(ctx, sig->hash, sig->hashlen);
@@ -1235,8 +1234,6 @@ rpmRC pgpVerifySignature(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx)
* done all we can, return NOKEY to indicate "looks okay but dunno."
*/
if (key && key->alg) {
- if (!isKey(key))
- goto exit;
pgpDigAlg sa = sig->alg;
pgpDigAlg ka = key->alg;
if (sa && sa->verify && sig->pubkey_algo == key->pubkey_algo) {
--
2.23.0

52
backport-Support-NIST-P-521.patch Normal file
View File

@ -0,0 +1,52 @@
From 6344fec232cdd0e9d821a0b17e480494f4dcfd4b Mon Sep 17 00:00:00 2001
From: Michael Schroeder <mls@suse.de>
Date: Mon, 22 Apr 2024 12:54:32 +0200
Subject: [PATCH] Support NIST P-521
Conflict:don't modify digest_libgcrypt.c;modify digest_openssl.c in rpmio;
Reference:https://github.com/rpm-software-management/rpmpgp_legacy/commit/6344fec232cdd0e9d821a0b17e480494f4dcfd4b
Because the standard says we SHOULD.
---
rpmio/digest_openssl.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/rpmio/digest_openssl.c b/rpmio/digest_openssl.c
index 662b469..42eec66 100644
--- a/rpmio/digest_openssl.c
+++ b/rpmio/digest_openssl.c
@@ -556,6 +556,13 @@ static int constructECDSASigningKey(struct pgpDigKeyECDSA_s *key, int curve)
OSSL_PARAM_END
};
key->evp_pkey = construct_pkey_from_param(EVP_PKEY_EC, params);
+ } else if (curve == PGPCURVE_NIST_P_521) {
+ OSSL_PARAM params[] = {
+ OSSL_PARAM_utf8_string("group", "P-521", 5),
+ OSSL_PARAM_octet_string("pub", key->q, key->qlen),
+ OSSL_PARAM_END
+ };
+ key->evp_pkey = construct_pkey_from_param(EVP_PKEY_EC, params);
}
return key->evp_pkey ? 1 : 0;
#else
@@ -565,6 +572,8 @@ static int constructECDSASigningKey(struct pgpDigKeyECDSA_s *key, int curve)
ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
else if (curve == PGPCURVE_NIST_P_384)
ec = EC_KEY_new_by_curve_name(NID_secp384r1);
+ else if (curve == PGPCURVE_NIST_P_521)
+ ec = EC_KEY_new_by_curve_name(NID_secp521r1);
if (!ec)
return 0;
@@ -817,6 +826,8 @@ static int pgpSupportedCurve(int algo, int curve)
return 1;
if (algo == PGPPUBKEYALGO_ECDSA && curve == PGPCURVE_NIST_P_384)
return 1;
+ if (algo == PGPPUBKEYALGO_ECDSA && curve == PGPCURVE_NIST_P_521)
+ return 1;
return 0;
}
--
2.23.0

316
backport-Use-EVP_PKEY_verify-to-verify-DSA-signatures.patch Normal file
View File

@ -0,0 +1,316 @@
From 8bf5c6b094e4f703d9fa1422a463654b512b25ae Mon Sep 17 00:00:00 2001
From: Michael Schroeder <mls@suse.de>
Date: Wed, 17 Apr 2024 11:05:17 +0200
Subject: [PATCH] Use EVP_PKEY_verify to verify DSA signatures
Conflict:modify digest_openssl.c in rpmio
Reference:https://github.com/rpm-software-management/rpmpgp_legacy/commit/8bf5c6b094e4f703d9fa1422a463654b512b25ae
The low level API will be deprecated in openssl-3
---
rpmio/digest_openssl.c | 179 +++++++++++++++++++++++------------------------
1 file changed, 86 insertions(+), 93 deletions(-)
diff --git a/rpmio/digest_openssl.c b/rpmio/digest_openssl.c
index 8dd7abe..2a39115 100644
--- a/rpmio/digest_openssl.c
+++ b/rpmio/digest_openssl.c
@@ -43,17 +43,12 @@ struct pgpDigKeyRSA_s {
BIGNUM *n; /* Common Modulus */
BIGNUM *e; /* Public Exponent */
EVP_PKEY *evp_pkey; /* Fully constructed key */
- unsigned char immutable; /* if set, this key cannot be mutated */
};
static int constructRSASigningKey(struct pgpDigKeyRSA_s *key)
{
- if (key->evp_pkey) {
- /* We've already constructed it, so just reuse it */
- return 1;
- } else if (key->immutable)
- return 0;
- key->immutable = 1;
+ if (key->evp_pkey)
+ return 1; /* We've already constructed it, so just reuse it */
/* Create the RSA key */
RSA *rsa = RSA_new();
@@ -88,7 +83,7 @@ static int pgpSetKeyMpiRSA(pgpDigAlg pgpkey, int num, const uint8_t *p)
if (!key)
key = pgpkey->data = xcalloc(1, sizeof(*key));
- else if (key->immutable)
+ else if (key->evp_pkey)
return 1;
switch (num) {
@@ -238,7 +233,8 @@ static int pgpVerifySigRSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig,
}
done:
- EVP_PKEY_CTX_free(pkey_ctx);
+ if (pkey_ctx)
+ EVP_PKEY_CTX_free(pkey_ctx);
free(padded_sig);
return rc;
}
@@ -252,40 +248,41 @@ struct pgpDigKeyDSA_s {
BIGNUM *g; /* Base */
BIGNUM *y; /* Public Key */
- DSA *dsa_key; /* Fully constructed key */
+ EVP_PKEY *evp_pkey; /* Fully constructed key */
};
static int constructDSASigningKey(struct pgpDigKeyDSA_s *key)
{
- int rc;
-
- if (key->dsa_key) {
- /* We've already constructed it, so just reuse it */
- return 1;
- }
+ if (key->evp_pkey)
+ return 1; /* We've already constructed it, so just reuse it */
/* Create the DSA key */
DSA *dsa = DSA_new();
if (!dsa) return 0;
if (!DSA_set0_pqg(dsa, key->p, key->q, key->g)) {
- rc = 0;
- goto done;
+ goto exit;
}
-
if (!DSA_set0_key(dsa, key->y, NULL)) {
- rc = 0;
- goto done;
+ goto exit;
}
- key->dsa_key = dsa;
+ /* Create an EVP_PKEY container to abstract the key-type. */
+ if (!(key->evp_pkey = EVP_PKEY_new()))
+ goto exit;
- rc = 1;
-done:
- if (rc == 0) {
- DSA_free(dsa);
+ /* Assign the DSA key to the EVP_PKEY structure.
+ This will take over memory management of the RSA key */
+ if (!EVP_PKEY_assign_DSA(key->evp_pkey, dsa)) {
+ EVP_PKEY_free(key->evp_pkey);
+ key->evp_pkey = NULL;
+ goto exit;
}
- return rc;
+ return 1;
+
+exit:
+ DSA_free(dsa);
+ return 0;
}
@@ -349,10 +346,10 @@ static void pgpFreeKeyDSA(pgpDigAlg pgpkey)
{
struct pgpDigKeyDSA_s *key = pgpkey->data;
if (key) {
- if (key->dsa_key) {
- DSA_free(key->dsa_key);
+ if (key->evp_pkey) {
+ EVP_PKEY_free(key->evp_pkey);
} else {
- /* If sig->dsa_key was constructed,
+ /* If key->evp_pkey was constructed,
* the memory management of these BNs
* are freed with it. */
BN_clear_free(key->p);
@@ -367,82 +364,72 @@ static void pgpFreeKeyDSA(pgpDigAlg pgpkey)
/* Signature */
struct pgpDigSigDSA_s {
- BIGNUM *r;
- BIGNUM *s;
-
- DSA_SIG *dsa_sig;
+ unsigned char *r;
+ int rlen;
+ unsigned char *s;
+ int slen;
};
-static int constructDSASignature(struct pgpDigSigDSA_s *sig)
+static void add_asn1_tag(unsigned char *p, int tag, int len)
{
- int rc;
-
- if (sig->dsa_sig) {
- /* We've already constructed it, so just reuse it */
- return 1;
- }
-
- /* Create the DSA signature */
- DSA_SIG *dsa_sig = DSA_SIG_new();
- if (!dsa_sig) return 0;
-
- if (!DSA_SIG_set0(dsa_sig, sig->r, sig->s)) {
- rc = 0;
- goto done;
+ *p++ = tag;
+ if (len >= 256) {
+ *p++ = 130;
+ *p++ = len >> 8;
+ } else if (len > 128) {
+ *p++ = 129;
}
+ *p++ = len;
+}
- sig->dsa_sig = dsa_sig;
-
- rc = 1;
-done:
- if (rc == 0) {
- DSA_SIG_free(sig->dsa_sig);
- }
- return rc;
+static unsigned char *constructDSASignature(unsigned char *r, int rlen, unsigned char *s, int slen, size_t *siglenp)
+{
+ int len1 = rlen + (!rlen || (*r & 0x80) != 0 ? 1 : 0), hlen1 = len1 < 128 ? 2 : len1 < 256 ? 3 : 4;
+ int len2 = slen + (!slen || (*s & 0x80) != 0 ? 1 : 0), hlen2 = len2 < 128 ? 2 : len2 < 256 ? 3 : 4;
+ int len3 = hlen1 + len1 + hlen2 + len2, hlen3 = len3 < 128 ? 2 : len3 < 256 ? 3 : 4;
+ unsigned char *buf;
+ if (rlen < 0 || rlen >= 65534 || slen < 0 || slen >= 65534 || len3 > 65535)
+ return 0; /* should never happen as pgp's MPIs have a length < 8192 */
+ buf = xmalloc(hlen3 + len3);
+ add_asn1_tag(buf, 0x30, len3);
+ add_asn1_tag(buf + hlen3, 0x02, len1);
+ buf[hlen3 + hlen1] = 0; /* zero first byte of the integer */
+ memcpy(buf + hlen3 + hlen1 + len1 - rlen, r, rlen);
+ add_asn1_tag(buf + hlen3 + hlen1 + len1, 0x02, len2);
+ buf[hlen3 + len3 - len2] = 0; /* zero first byte of the integer */
+ memcpy(buf + hlen3 + len3 - slen, s, slen);
+ *siglenp = hlen3 + len3;
+ return buf;
}
static int pgpSetSigMpiDSA(pgpDigAlg pgpsig, int num, const uint8_t *p)
{
- BIGNUM *bn = NULL;
-
int mlen = pgpMpiLen(p) - 2;
int rc = 1;
struct pgpDigSigDSA_s *sig = pgpsig->data;
if (!sig) {
sig = xcalloc(1, sizeof(*sig));
+ pgpsig->data = sig;
}
- /* Create a BIGNUM from the signature pointer.
- Note: this assumes big-endian data as required
- by the PGP multiprecision integer format
- (RFC4880, Section 3.2) */
- bn = BN_bin2bn(p+2, mlen, NULL);
- if (!bn) return 1;
-
switch (num) {
case 0:
- if (sig->r) {
- /* This should only ever happen once per signature */
- BN_free(bn);
- return 1;
- }
- sig->r = bn;
+ if (sig->r)
+ return 1; /* This should only ever happen once per signature */
+ sig->rlen = mlen;
+ sig->r = memcpy(xmalloc(mlen), p + 2, mlen);
rc = 0;
break;
case 1:
- if (sig->s) {
- /* This should only ever happen once per signature */
- BN_free(bn);
- return 1;
- }
- sig->s = bn;
+ if (sig->s)
+ return 1; /* This should only ever happen once per signature */
+ sig->slen = mlen;
+ sig->s = memcpy(xmalloc(mlen), p + 2, mlen);
rc = 0;
break;
}
- pgpsig->data = sig;
-
return rc;
}
@@ -450,17 +437,10 @@ static void pgpFreeSigDSA(pgpDigAlg pgpsig)
{
struct pgpDigSigDSA_s *sig = pgpsig->data;
if (sig) {
- if (sig->dsa_sig) {
- DSA_SIG_free(sig->dsa_sig);
- } else {
- /* If sig->dsa_sig was constructed,
- * the memory management of these BNs
- * are freed with it. */
- BN_clear_free(sig->r);
- BN_clear_free(sig->s);
- }
- free(pgpsig->data);
+ free(sig->r);
+ free(sig->s);
}
+ free(pgpsig->data);
}
static int pgpVerifySigDSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig,
@@ -468,22 +448,35 @@ static int pgpVerifySigDSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig,
{
int rc = 1; /* assume failure */
struct pgpDigSigDSA_s *sig = pgpsig->data;
-
struct pgpDigKeyDSA_s *key = pgpkey->data;
+ unsigned char *xsig = NULL; /* signature encoded for X509 */
+ size_t xsig_len = 0;
+ EVP_PKEY_CTX *pkey_ctx = NULL;
if (!constructDSASigningKey(key))
goto done;
- if (!constructDSASignature(sig))
+ xsig = constructDSASignature(sig->r, sig->rlen, sig->s, sig->slen, &xsig_len);
+ if (!xsig)
+ goto done;
+
+ pkey_ctx = EVP_PKEY_CTX_new(key->evp_pkey, NULL);
+ if (!pkey_ctx)
+ goto done;
+
+ if (EVP_PKEY_verify_init(pkey_ctx) != 1)
goto done;
- if (DSA_do_verify(hash, hashlen, sig->dsa_sig, key->dsa_key) == 1)
+ if (EVP_PKEY_verify(pkey_ctx, xsig, xsig_len, hash, hashlen) == 1)
{
/* Success */
rc = 0;
}
done:
+ if (pkey_ctx)
+ EVP_PKEY_CTX_free(pkey_ctx);
+ free(xsig);
return rc;
}
--
2.23.0

37
rpm.spec
View File

@ -1,6 +1,6 @@
Name: rpm
Version: 4.18.2
Release: 18
Release: 23
Summary: RPM Package Manager
License: GPL-2.0-or-later
URL: https://rpm.org/
@ -48,9 +48,25 @@ Patch6025: backport-Fix-crash-on-Lua-file-trigger-exiting-with-return-ed.patch
Patch6026: backport-Fix-V-option-usage-in-our-tests.patch
Patch6027: backport-Remove-libtool-la-symlinks.patch
Patch6028: backport-Specify-the-private-key-in-rpm-addsign.patch
Patch6029: backport-Use-EVP_PKEY_verify-to-verify-DSA-signatures.patch
Patch6030: backport-No-longer-use-the-low-level-API-in-openssl-3.patch
Patch6031: backport-Add-ECDSA-support-to-digest_openssl.patch
Patch6032: backport-Support-NIST-P-521.patch
Patch6033: backport-Allow-signing-with-ECDSA-keys.patch
Patch6034: backport-Support-ECDSA-in-key-parsing.patch
Patch6035: backport-Fix-memleak-when-process-policies.patch
Patch6036: backport-Enforce-the-same-sanity-checks-on-db-add-and-rebuild.patch
Patch6037: backport-Fix-a-memory-leak-on-rpmdb-importdb.patch
Patch6038: backport-Require-macro-filenames-to-end-in-alphanum-char.patch
Patch6039: backport-Allow-version-to-be-omitted-in-the-replace-test-spec.patch
Patch6040: backport-Fix-wrong-return-code-on-O_DIRECTORY-open-of-invalid.patch
Patch6041: backport-Refactor-fsmOpenat-return-style-for-consistency-with.patch
Patch6042: backport-Report-unsafe-symlinks-during-installation-as-a-spec.patch
Patch6043: backport-Fix-FA_TOUCH-ed-files-getting-removed-on-failed-upda.patch
Patch9000: Add-digest-list-plugin.patch
Patch9001: Add-IMA-digest-list-support.patch
Patch9002: Support-sm2p256v1-of-ECDSA-and-sm3-of-hash.patch
BuildRequires: gcc autoconf automake libtool make gawk popt-devel openssl-devel readline-devel
BuildRequires: zlib-devel zstd-devel >= 1.3.8 xz-devel bzip2-devel libarchive-devel ima-evm-utils-devel
@ -336,7 +352,22 @@ make clean
%exclude %{_mandir}/man8/rpmspec.8*
%changelog
* Fri Oct 25 2024 hugel<xuce10@h-partners.com> - 4.18.2-18
* Mon Dec 2 2024 hugel<gengqihu2@h-partners.com> - 4.18.2-23
- sync patches from upstream
* Wed Nov 27 2024 hugel<gengqihu2@h-partners.com> - 4.18.2-22
- Require macro filenames to end in alphanum char
* Tue Nov 26 2024 hugel<gengqihu2@h-partners.com> - 4.18.2-21
- sync patches from upstream
* Tue Oct 29 2024 xujing<xujing125@huawei.com> - 4.18.2-20
- Support sm2p256v1 of ECDSA and sm3 of hash
* Sat Oct 26 2024 Funda Wang <fundawang@yeah.net> - 4.18.2-19
- fix RPM_LD_FLAGS not got exported
* Fri Oct 25 2024 xuce<xuce10@h-partners.com> - 4.18.2-18
- Separate the SELinux patch from the IMA digest list patch
* Sun Sep 29 2024 hugel<gengqihu2@h-partners.com> - 4.18.2-17
@ -418,7 +449,7 @@ make clean
* Tue Jun 20 2023 renhongxun<renhongxun@h-partners.com> - 4.18.1-1
- upgrade version to 4.18.1
* Wed Jun 21 2023 renhongxun<renhongxun@h-partners.com> - 4.18.0-11
* Tue Jun 20 2023 renhongxun<renhongxun@h-partners.com> - 4.18.0-11
- Fix per-file plugin hook regression introduced in 4.18
* Mon Jun 19 2023 renhongxun<renhongxun@h-partners.com> - 4.18.0-10

2
still-in-use-of-python-scripts-from-old-version.patch
View File

@ -117,7 +117,7 @@ index 0000000..d9c4832
+#
+# Support this by assuming that below each /usr/lib/python$VERSION/, all
+# .pyc/.pyo files are to be compiled for /usr/bin/python$VERSION.
+#
+#
+# For example, below /usr/lib/python2.6/, we're targeting /usr/bin/python2.6
+# and below /usr/lib/python3.1/, we're targeting /usr/bin/python3.1
+