Jindrich Novy [Wed, 9 Apr 2008 11:05:45 +0000 (13:05 +0200)]
Don't use stack allocations in rpm2cpio when not needed
Panu Matilainen [Wed, 9 Apr 2008 10:54:39 +0000 (13:54 +0300)]
Replace alloca+memset with xcalloc() in rpmdbRemove()
- return value is suspect: should return "ret" instead of 0 at exit
depending on what happened in removal but preserving previous behavior
for now...
Panu Matilainen [Wed, 9 Apr 2008 10:48:00 +0000 (13:48 +0300)]
Replace alloca+memset with xcalloc() in rpmdbAdd()
Panu Matilainen [Wed, 9 Apr 2008 10:47:29 +0000 (13:47 +0300)]
Replace alloca+memset with xcalloc() in rpmdbCountPackages()
Panu Matilainen [Wed, 9 Apr 2008 10:33:23 +0000 (13:33 +0300)]
Tonne of indentation + other formatting corrections to rpmdb.c
- no functional changes
Panu Matilainen [Wed, 9 Apr 2008 10:19:26 +0000 (13:19 +0300)]
Remove dead code
Panu Matilainen [Wed, 9 Apr 2008 10:17:01 +0000 (13:17 +0300)]
Report full nevra in rpmdb remove debug message
Panu Matilainen [Wed, 9 Apr 2008 09:47:03 +0000 (12:47 +0300)]
Plug memleak from signature verification now returning malloced msg
Panu Matilainen [Wed, 9 Apr 2008 09:36:38 +0000 (12:36 +0300)]
Simplify addTE()
- eliminate wtf parsing of NEVR string which doesn't actually handle epoch
- use NEVR and NEVRA formatting from headerGetN*() instead of doubling the
work here
Panu Matilainen [Wed, 9 Apr 2008 09:17:36 +0000 (12:17 +0300)]
Make headerGetNEVRA() return "src" as the arch of source packages
Panu Matilainen [Wed, 9 Apr 2008 08:17:43 +0000 (11:17 +0300)]
Initialize pointers, lowercase local variable
Panu Matilainen [Wed, 9 Apr 2008 08:16:24 +0000 (11:16 +0300)]
Rewrite headerGetN*() for simplicity
- eliminate stpcpy() games
- reuse evr formatting from headerGetEVR() instead of doing it over and
over again everywhere
Jindrich Novy [Wed, 9 Apr 2008 08:10:17 +0000 (10:10 +0200)]
Fix buffer overflow in verifyDSASignature()
- caused by assumption that sizeof(size_t) is always 4 (credited to jbj)
Panu Matilainen [Wed, 9 Apr 2008 07:37:34 +0000 (10:37 +0300)]
Replace bunch of wtf evr formatters with headerGetNVR()
Panu Matilainen [Wed, 9 Apr 2008 07:36:29 +0000 (10:36 +0300)]
Add headerGetEVR() convenience function
- return formatted evr string + optionally pointer to name
Panu Matilainen [Wed, 9 Apr 2008 07:32:44 +0000 (10:32 +0300)]
Make headerNEVRA() actually return epoch too
- ...but epoch is an integer type in headers, change proto to match that
Panu Matilainen [Wed, 9 Apr 2008 06:00:44 +0000 (09:00 +0300)]
And one more url->path rename for local variable...
Panu Matilainen [Wed, 9 Apr 2008 05:58:46 +0000 (08:58 +0300)]
Rip the last remaining disk/file URL stuff in processSourceFiles()
Panu Matilainen [Wed, 9 Apr 2008 05:56:27 +0000 (08:56 +0300)]
And more url ripping in build internals... (addFile)
Panu Matilainen [Wed, 9 Apr 2008 05:37:15 +0000 (08:37 +0300)]
URL -> path renames continued... (build internal)
Panu Matilainen [Wed, 9 Apr 2008 05:25:46 +0000 (08:25 +0300)]
Rename FileListRec_s disk + cpio path variables
- on-disk is diskPath, rename previous fileURL to cpioPath to make it
more obvious it's the path in the package cpio
- neither is an URL
Panu Matilainen [Fri, 4 Apr 2008 17:37:48 +0000 (20:37 +0300)]
Yet more url ripping - buildroot is never an url
- this is a bit nasty as it changes public interfaces but rename to make
it explicit they're just plain paths, not urls
Panu Matilainen [Wed, 9 Apr 2008 05:17:48 +0000 (08:17 +0300)]
Remove remote host stuff from build doScript()
Panu Matilainen [Fri, 4 Apr 2008 16:53:40 +0000 (19:53 +0300)]
More url-path ripping in build/
- processBinaryFile() and processMetadataFile() don't need steenking urls
Panu Matilainen [Tue, 8 Apr 2008 14:15:32 +0000 (17:15 +0300)]
Whoops.. gpg-pubkey "release" on import got busted accidentally
Panu Matilainen [Tue, 8 Apr 2008 12:36:46 +0000 (15:36 +0300)]
Simplify rpmtsImportPubkey() a bit
Jindrich Novy [Tue, 8 Apr 2008 11:48:39 +0000 (13:48 +0200)]
Rewrite pgpArmorWrap(), the former one was insecure/hackish
Panu Matilainen [Tue, 8 Apr 2008 11:11:47 +0000 (14:11 +0300)]
Collapse unknown / unsupport RSA sigtypes into one fallthrough
Panu Matilainen [Tue, 8 Apr 2008 11:06:07 +0000 (14:06 +0300)]
verifyRSASignature() buffer & other fixes
- avoid stpcpy() into static sized buffer
- avoid potential sigp NULL-dereferences
Panu Matilainen [Tue, 8 Apr 2008 10:27:59 +0000 (13:27 +0300)]
verifyDSASignature() buffer & other fixes
- avoid stpcpy() into static sized buffer
- avoid potential sigp NULL-dereference
Panu Matilainen [Tue, 8 Apr 2008 10:23:01 +0000 (13:23 +0300)]
verifyDSASignature() buffer & other fixes
- avoid stpcpy() into static sized buffer
- avoid potential sigp NULL-dereference
Panu Matilainen [Tue, 8 Apr 2008 09:35:36 +0000 (12:35 +0300)]
Eliminate four copy-paste versions of nibble(), stick to rpmstring.h
- the one in signature.c wasn't even used...
Panu Matilainen [Mon, 7 Apr 2008 13:13:29 +0000 (16:13 +0300)]
Eep, fix bunch of segfaults and other fun from previous commits
- leftover stpcpy()'s to non-malloced addresses and other "minor"
issues in verify*Signature() stpcpy() elimination ;)
Panu Matilainen [Mon, 7 Apr 2008 12:07:08 +0000 (15:07 +0300)]
Avoid stpcpy() to static sized buffer in verifySizeSignature()
Panu Matilainen [Mon, 7 Apr 2008 12:01:49 +0000 (15:01 +0300)]
Avoid stpcpy() to static sized buffer in verifyMD5Signature()
Panu Matilainen [Mon, 7 Apr 2008 11:55:36 +0000 (14:55 +0300)]
Avoid stpcpy() to static sized buffer in verifySHA1Signature()
Panu Matilainen [Mon, 7 Apr 2008 11:04:00 +0000 (14:04 +0300)]
Eliminate several copy-paste hex converters, use pgpHexStr() instead
Panu Matilainen [Mon, 7 Apr 2008 10:51:20 +0000 (13:51 +0300)]
Uh, return allocated pointer, not the end of string...
Panu Matilainen [Mon, 7 Apr 2008 10:37:56 +0000 (13:37 +0300)]
Remove static print buffer from pgpMpiStr(), return malloc'd data instead
- convert callers
- only rpmpgp.c internal needs, move it there and make static?
Panu Matilainen [Mon, 7 Apr 2008 10:29:48 +0000 (13:29 +0300)]
Merge pgpHexCvt() into pgpHexPrt(), removing it from public headers
Panu Matilainen [Mon, 7 Apr 2008 10:26:46 +0000 (13:26 +0300)]
Minimally convert all pgpHexCvt() users to use pgpHexStr() instead
Panu Matilainen [Mon, 7 Apr 2008 10:02:18 +0000 (13:02 +0300)]
Remove static print buffer from pgpHexStr, return malloc'ed memory instead
- inlined to get xmalloc() from system.h for consistent malloc fail behavior
- convert callers for new behavior, apart from some debug fprintf()'s
Panu Matilainen [Mon, 7 Apr 2008 09:35:37 +0000 (12:35 +0300)]
argvPrint() doesn't modify argv, make it const
Panu Matilainen [Mon, 7 Apr 2008 09:34:07 +0000 (12:34 +0300)]
Add ARGI_const_t, use where appropriate
Panu Matilainen [Mon, 7 Apr 2008 09:11:16 +0000 (12:11 +0300)]
ARGV_t const pendantry
- const on typedef'ed ARGV_t doesn't mean a thing, add a new,
(exec* compatible) ARGV_const_t and use where appropriate consistently in
argv.h, rpmcli.h etc
- popt's argv const is the wrong way around for exec() family, add explicit
ARGV_t casts on popGetArgs() uses where needed
- compiler silence, aaahh...
Panu Matilainen [Mon, 7 Apr 2008 06:31:21 +0000 (09:31 +0300)]
Remove ARGstr_t typedef, it serves no purpose
- argv strings are just regular strings, the structure is what's special
Panu Matilainen [Mon, 7 Apr 2008 06:29:06 +0000 (09:29 +0300)]
Remove bogus const from ARGV_t
Panu Matilainen [Mon, 7 Apr 2008 05:25:17 +0000 (08:25 +0300)]
Missing rpmstring.h include
Panu Matilainen [Sun, 6 Apr 2008 16:34:59 +0000 (19:34 +0300)]
Eliminate the uuuuugly and unsafe static tagname buffer
- generate the "human friendly" strings at build time, store into the tag
table structure
- also avoids copying of strings and lowercasing strings at runtime
Panu Matilainen [Sun, 6 Apr 2008 16:18:44 +0000 (19:18 +0300)]
Move the tagtbl.c generator monster awk out of Makefile.am
- stick it into a separate script, reformat so it's possible to actually
read it...
Panu Matilainen [Fri, 4 Apr 2008 14:00:38 +0000 (17:00 +0300)]
Oops, no newline at end of filename please...
Panu Matilainen [Fri, 4 Apr 2008 13:26:55 +0000 (16:26 +0300)]
%{_builddir} is not an url, ever
Panu Matilainen [Fri, 4 Apr 2008 13:23:56 +0000 (16:23 +0300)]
We only ever deal with local, regular files in doUntar()
Panu Matilainen [Fri, 4 Apr 2008 13:21:58 +0000 (16:21 +0300)]
We only ever deal with local, regular files in doPatch()
Panu Matilainen [Fri, 4 Apr 2008 13:08:37 +0000 (16:08 +0300)]
Rip the url-craziness in rpmMkdirPath()
Panu Matilainen [Fri, 4 Apr 2008 13:03:59 +0000 (16:03 +0300)]
Get rid of the horrid zcmd hackery in build
- rpmExpand() with %uncompress macro etc simplifies things a lot
Panu Matilainen [Fri, 4 Apr 2008 12:52:52 +0000 (15:52 +0300)]
Missing decompression arguments for bzip in uncompress macro
Panu Matilainen [Fri, 4 Apr 2008 12:19:28 +0000 (15:19 +0300)]
getcwd(NULL,0) has undefined behavior, use rpmGetCwd() instead
Panu Matilainen [Fri, 4 Apr 2008 11:59:55 +0000 (14:59 +0300)]
Stop pretending spec can be an URL or stdin, neither works
- simplifies buildForTarget() somewhat
- while at it, eliminate remaining unsafe string operations
Jindrich Novy [Fri, 4 Apr 2008 11:48:02 +0000 (13:48 +0200)]
Escape '%' in format
Panu Matilainen [Fri, 4 Apr 2008 11:33:45 +0000 (14:33 +0300)]
Wait for popen() to finish before passing to isSpecFile()
Panu Matilainen [Fri, 4 Apr 2008 10:52:59 +0000 (13:52 +0300)]
Move spec extraction from tarball out of buildForTarget(), simplify
- use basename() and dirname() instead of manual pointer manipulation games
- static buffer only used for reading tar output, sizes checked
Panu Matilainen [Fri, 4 Apr 2008 09:12:29 +0000 (12:12 +0300)]
Oops, add --wildcards back to spec extraction
- shouldn't really have to hardcode such stuff but...
Jindrich Novy [Fri, 4 Apr 2008 11:17:53 +0000 (13:17 +0200)]
Simplify formatting
Jindrich Novy [Fri, 4 Apr 2008 11:01:50 +0000 (13:01 +0200)]
Simplify package comparison and format creation.
- also avoid static buffer usage
Panu Matilainen [Fri, 4 Apr 2008 09:06:06 +0000 (12:06 +0300)]
Assume failure in buildForTarget() to remove redundancy
Panu Matilainen [Fri, 4 Apr 2008 08:54:21 +0000 (11:54 +0300)]
Refactor spec extraction on tar build to address several issues
- simplify the code
- use %{__tar} instead of tar as the extraction command
- avoid sprintf to "big enough" buffer
- basic spec sanity check while extracting, fixes rhbz#281391
Panu Matilainen [Fri, 4 Apr 2008 08:53:07 +0000 (11:53 +0300)]
Spec of size zero cannot be a valid spec file
Panu Matilainen [Fri, 4 Apr 2008 06:55:30 +0000 (09:55 +0300)]
Remove copy-paste currentDirectory() from sqlite, use rpmGetCwd()
Panu Matilainen [Fri, 4 Apr 2008 06:53:17 +0000 (09:53 +0300)]
Rename currentDirectory() to rpmGetCwd() and move to librpmio
Panu Matilainen [Thu, 3 Apr 2008 17:48:17 +0000 (20:48 +0300)]
We don't support url's in db paths, rip.
- file:// vs / is silly and anything else wont work, so pretending
url support just plain bogus
Panu Matilainen [Thu, 3 Apr 2008 16:44:49 +0000 (19:44 +0300)]
Replace silly static rpmioFileExists() in rpmdb.c with plain old access()
- accepting url's there is not only useless but just plain bogus
Panu Matilainen [Thu, 3 Apr 2008 16:28:37 +0000 (19:28 +0300)]
Remove ancient db1->db3 conversion cruft
Jindrich Novy [Thu, 3 Apr 2008 11:47:05 +0000 (13:47 +0200)]
Don't use static buffers in parseForRegexLang()
- use dynamic allocation instead to avoid overflows
- also update addFile(), which is actually the only function
that calls parseForRegexLang()
Panu Matilainen [Thu, 3 Apr 2008 10:17:57 +0000 (13:17 +0300)]
Lose the remaining static buffer from rpmVerifySignatures()
- Simple and stupid: catenate previous buffer + latest message
with rasprintf() over and over again. Not the most efficient way but hardly
matters here...
Panu Matilainen [Thu, 3 Apr 2008 09:53:11 +0000 (12:53 +0300)]
Typo...
Panu Matilainen [Thu, 3 Apr 2008 09:46:33 +0000 (12:46 +0300)]
Refactor signature check results formatting
- Document what it's supposed to do, should be more obvious from the
code too now.
- Remove one level of stpcpy's to static buffer.
- Simplify the theoretical case where many missing/untrusted keys are
found (this shouldn't happen in practise ever) by only showing last of them
Panu Matilainen [Thu, 3 Apr 2008 06:59:46 +0000 (09:59 +0300)]
Enable stack protector by default if gcc supports it
Panu Matilainen [Thu, 3 Apr 2008 05:37:20 +0000 (08:37 +0300)]
Remove unnecessary check for "keyid:" in result
- nothing in signature.c emits such string
Panu Matilainen [Thu, 3 Apr 2008 05:07:00 +0000 (08:07 +0300)]
Start eliminating static buffers from header/signature checks
- Push msg buffer allocations down to the lowlevel rpmVerifySignature() and
internal verify*Signature functions, nothing above them knows how much
memory they need for messages. Use rasprintf() where obvious,
stupid malloc(bigenuf) for now otherwise.
- Changes public API but can't be helped, printing to an unchecked buffer(s)
of unknown size from one of the more security sensitive pieces is just
.. not ok
- Minimally convert callers to the new allocation scheme
Jindrich Novy [Wed, 2 Apr 2008 16:14:47 +0000 (18:14 +0200)]
Simplify message key creation in i18nTag()
Panu Matilainen [Thu, 3 Apr 2008 05:04:22 +0000 (08:04 +0300)]
Shut up a few silly compiler warnings that have crept in
- missing cast in python header subscript
- (false) warning about uninitialized variable, unused variable in rpmfc
- missing include in rpmio
Panu Matilainen [Wed, 2 Apr 2008 13:52:44 +0000 (16:52 +0300)]
Further streamline / simplify rpmVerifySignatures()
- Use more meaningful variable names than res2 and res3
- In verbose mode we just dump whatever rpmVerifySignature() returns,
error or not. Otherwise the output depends on the result. Make this
obvious in the code.
Panu Matilainen [Wed, 2 Apr 2008 13:30:21 +0000 (16:30 +0300)]
Make signature verification result not depend on rpm verbosity level, ick
Panu Matilainen [Wed, 2 Apr 2008 12:42:21 +0000 (15:42 +0300)]
Further redundancy / copy-paste coding elimination
Panu Matilainen [Wed, 2 Apr 2008 12:36:00 +0000 (15:36 +0300)]
Collapse the huge sigtag switch in rpmVerifySignatures() a bit
- move the tag names from a helper functions
- collapse similar cases to just one
Panu Matilainen [Wed, 2 Apr 2008 12:02:31 +0000 (15:02 +0300)]
Simplify missing/untrusted keys logging
Panu Matilainen [Wed, 2 Apr 2008 11:25:51 +0000 (14:25 +0300)]
Revert "Disable signature and digest checks on query modes (rhbz#438625)"
This reverts commit
5a684f5527bc7f32fca9ba7878802519bb515e93.
All the sigchecking on database queries is mostly waste of time, but
this disables signature checks on queries of non-installed, untrusted
packages too. Separate vsflags for db / non-db operations or such needed
before this can change.
Jindrich Novy [Tue, 1 Apr 2008 14:37:42 +0000 (16:37 +0200)]
Fix off-by one in urlOpen()
- the former implementation didn't take the ending '\0' into account
Panu Matilainen [Tue, 1 Apr 2008 12:40:07 +0000 (15:40 +0300)]
Updated German translation from Fabian Affolter
Panu Matilainen [Tue, 1 Apr 2008 10:35:16 +0000 (13:35 +0300)]
Enhance error message on failed ts lock acquire (rhbz#427064)
- adds strerror() output to the failure log message, this should give
sufficient hint as to what's wrong (eg "permission denied")
Panu Matilainen [Tue, 1 Apr 2008 10:32:57 +0000 (13:32 +0300)]
Convert rpmlock.c to general rpm indentation style
Panu Matilainen [Mon, 31 Mar 2008 14:06:47 +0000 (17:06 +0300)]
Avoid entirely unnecessary static buffer + string copy.
Jindrich Novy [Mon, 31 Mar 2008 12:13:59 +0000 (14:13 +0200)]
Make ExcludeArch/ExclusiveArch/ExcludeOS/ExclusiveOS actually work
Panu Matilainen [Mon, 31 Mar 2008 10:31:03 +0000 (13:31 +0300)]
Avoid static sprintf buffer in rpmReadHeader()
Panu Matilainen [Mon, 31 Mar 2008 10:12:29 +0000 (13:12 +0300)]
Avoid static buffer for error messages in rpmReadSignature()
Panu Matilainen [Mon, 31 Mar 2008 09:07:37 +0000 (12:07 +0300)]
Make rpmLeadCheck() return error msg instead of direct logging
- allows silent checking of lead and differentiating between
non-rpm files and incompatible rpms, avoiding bogus "not an rpm package"
message on manifests
Panu Matilainen [Mon, 31 Mar 2008 07:44:23 +0000 (10:44 +0300)]
Dead code removal (macro stuff)
Panu Matilainen [Mon, 31 Mar 2008 07:41:07 +0000 (10:41 +0300)]
Dead code removal (popt switches)
Panu Matilainen [Mon, 31 Mar 2008 06:56:24 +0000 (09:56 +0300)]
Simplify rpmdsThis() code
- use rasprintf() to construct [e:]v-r string instead of stpcpy games
- use str2hge() for N + EVR