Panu Matilainen [Fri, 4 Nov 2011 14:28:13 +0000 (16:28 +0200)]
Add a couple of missing includes, masked by NSS headers
Panu Matilainen [Fri, 4 Nov 2011 14:05:59 +0000 (16:05 +0200)]
Implement PGP key & sig algorithm specific part OO-style
- Collect the crypto algorithm specific bits into new struct
with function pointers for the necessary set/verify/free methods,
adjust callers to operate on these. This will allow nice and
clean switching for different underlying crypto implementations
with differing supported algorithms etc with minimal internals exposure.
- pgpSignatureNew() and pgpPubkeyNew() never fail to avoid having
to check for NULL's over and over, they just return a "null object"
object for which all operations return failure instead.
- This shreds out some of the output --prtpkts used to give. Wouldn't
be hard to preserve but the stderr fprintf() spew is not very
useful nor library-like behavior.
Panu Matilainen [Fri, 4 Nov 2011 12:18:29 +0000 (14:18 +0200)]
Lift RSA/DSA specific signature verification to helper functions
- Use function pointers to call appropriate helper, cleaning up
pgpVerifySig() a bit. Supposedly no functional changes, just
further isolation of NSS specifics.
- Pass down pubkey and signature as separate pointers, we'll
want to get rid of pgpDig eventually as it only obfuscates things.
Panu Matilainen [Fri, 4 Nov 2011 12:17:48 +0000 (14:17 +0200)]
Lift RSA/DSA key MPI calculations to helper functions
- Same as commit
8473a5b6ce2050a8e899b0be4a012f5724eb0b6d, only for keys
- Use function pointers to call appropriate helper etc, cleaning up
pgpPrtPubkeyParams() considerably. Supposedly no functional changes,
just further isolating NSS specifics behind generic interfaces.
Panu Matilainen [Fri, 4 Nov 2011 12:15:26 +0000 (14:15 +0200)]
Lift RSA/DSA signature MPI calculations to helper functions
- Use function pointers to call appropriate helper, cleaning up
pgpPrtSigParams() considerably. Supposedly no functional changes.
- Also serves as first step towards isolating NSS-specific bits
and pieces behind more generic interfaces to enable using
alternative crypto "engines" later on.
Panu Matilainen [Fri, 4 Nov 2011 10:44:58 +0000 (12:44 +0200)]
Remove now redundant NULL digparam checks within the PGP parser
- Since the only entry to these is pgpPrtPkts() and that ensures
the internals are never called with non-NULL digp... Cleans up
and simplifies the internals.
Panu Matilainen [Fri, 4 Nov 2011 10:32:17 +0000 (12:32 +0200)]
Arrange temporary storage for parsing if called with NULL dig
- The only known caller with NULL dig is in the rather useless
wrapping of prtPrtPkts() in the python bindings, but since in
theory some other callers could use this just for validating
a PGP packet .. preserve the behavior since it's easy. The
actual benefit here is that this frees the parser internals
of having to check for NULL pointers everywhere.
Panu Matilainen [Fri, 4 Nov 2011 10:24:32 +0000 (12:24 +0200)]
Added sanity checks on pgpPrtPkts() entry
- Error out cleanly on NULL pkts pointer (caller error but not worth
dying for)
- Error out early if packet is clearly not valid
Panu Matilainen [Wed, 2 Nov 2011 09:02:28 +0000 (11:02 +0200)]
Eliminate bunch of unused/useless debug cruft from pgp parser
Panu Matilainen [Wed, 2 Nov 2011 08:26:34 +0000 (10:26 +0200)]
Split digest parameter freeing into a separate helper function
- The data is all the same except for rsa/dsa specific bits,
to me this calls for a function. We might want to export
pgpCleanDigParams() or such later on but for now keep it static.
No functional changes.
Panu Matilainen [Wed, 2 Nov 2011 08:00:32 +0000 (10:00 +0200)]
Store the rsa/dsa parameters in pgpDigParamers struct directly
- Avoids having to pass around pgpDig pointers in addition to
pgpDigParamrs pointers. The type (key vs sig) is determined
early on in pgpPrtPkts() and doesn't change, and the rsa/dsa
data is associated with that always. No functional changes,
just makes the whole thing just a little bit cleaner.
Panu Matilainen [Tue, 1 Nov 2011 09:23:34 +0000 (11:23 +0200)]
Verify PGP signature packet sizes and number of MPIs match expectations
- Similar to commit
807b402d95702f3f91e9e2bfbd2b5ca8c9964ed9 but
for signature packets: packet must be larger than the "intro"
structure, and verify the calculated sizes match our expectations.
Panu Matilainen [Tue, 1 Nov 2011 08:52:13 +0000 (10:52 +0200)]
Eliminate buggy pgpPrtComment()
- Removes another source of stupid bugs: for rpm's purposes we're not
interested in PGP comment tag contents, and the implementation
here was unsafe as it assumes there always is a terminating \0
somewhere in the packet which might not be true for a malformed packet.
Panu Matilainen [Tue, 1 Nov 2011 08:40:02 +0000 (10:40 +0200)]
Verify PGP key packet sizes and number of MPIs match expectations, part II
- Same as commit
807b402d95702f3f91e9e2bfbd2b5ca8c9964ed9 but for
retrieving the actual key data instead of its fingerprint.
- Only look inside keys whose pubkey algo we actually support:
DSA and RSA. Anything else is better left untouched and treated
as an error to avoid nasty surprises.
Panu Matilainen [Tue, 1 Nov 2011 07:44:31 +0000 (09:44 +0200)]
Verify PGP key packet sizes and number of MPIs match expectations
- A key packet must be larger than the "intro" structure to have
room for the trailing MPIs, ie in order to be valid. This also
ensures we can safely access the pubkey algorithm data.
- Verify the number of trailing MPI's and their total size matches
the expectations and packet size exactly before bothering with
digest calculations.
- Also use sizeof(keyid) instead of "magic eight" and memcpy()
instead of memmove(), the argument keyid and memory returned
from rpmDigestFinal() cannot overlap.
Panu Matilainen [Wed, 26 Oct 2011 11:01:41 +0000 (14:01 +0300)]
Verify MPI size is within packet boundary in pgpMpiItem()
- Malformed data can claim the MPI size to be "arbitrarily" large,
pass packet end pointer to pgpMpiItem() and validate we have enough
bytes in the packet to contain the MPI before copying.
Panu Matilainen [Wed, 26 Oct 2011 09:42:26 +0000 (12:42 +0300)]
Remove support for V3 public keys
- V3 keys have been long since deprecated and extinct for all practical
purposes for more than a decade by now (for example, Red Hat Linux 6.0
from 1999 was the last RHL to use a V3 key for signing). RFC-4880
says V3 keys MUST NOT be generated (they have a number of weaknesses),
but implementations MAY accept them. We choose not to accept them
anymore, eliminating a code path that would essentially only get
triggered by malformed packages. The said code path also contained
a few buffer overflows and other bugs, so its more than just
"good riddance."
- Worth nothing is that only support for V3 *keys* is removed, V3
signatures are still supported along with V4 ones.
Panu Matilainen [Wed, 26 Oct 2011 06:14:40 +0000 (09:14 +0300)]
We dont deal with secret keys, leave them alone
- As we only do OpenPGP signature verification and never signing /
encrypting content ourselves, we have no need to know anything
about secret keys. One less place to worry about, tripping up
on bad data that we dont even try to use would be pretty dumb.
Panu Matilainen [Tue, 25 Oct 2011 12:47:15 +0000 (15:47 +0300)]
Centralize PGP packet decoding and sanity checking into helper function
- Stricter sanity checking on both old and new packet types - whereas
new format packets were mostly covered by pgpLen() changes already,
old format has similar case where malformed packet could cause us
to read beyond packet (buffer) end.
- Collect the necessary packet data into a struct that's nicer to
pass around (taking advantage of this mostly left for next steps)
Panu Matilainen [Tue, 25 Oct 2011 11:47:44 +0000 (14:47 +0300)]
Verify there are sufficient number of bytes to calculate packet length
- The number of bytes used to store a PGP packet body length is not
known until we decode the first byte, pass remaining packet length
to pgpLen() and verify there are sufficient bytes for the
used encoding before reading them.
- Clarify the function description while at it.
Panu Matilainen [Tue, 25 Oct 2011 11:22:07 +0000 (14:22 +0300)]
Avoid redundant calculations on pubkey fingerprint retrieval
- In pgpPrtPkt() we just calculated the packet body and length,
avoid redoing it for the fingerprint by splitting the actual
fingerprint calculation out of pgpPubkeyFingerprint() into a helper
function and calling that instead.
Panu Matilainen [Tue, 25 Oct 2011 11:03:43 +0000 (14:03 +0300)]
pgpPubkeyFingerprint() can fail, propagate errors part II
- rpmPubkeyNew() needs to return NULL if we fail to grab the
keyid, make it so...
Panu Matilainen [Tue, 25 Oct 2011 10:53:42 +0000 (13:53 +0300)]
pgpPubkeyFingerprint() can fail, propagate errors
- Rpm itself doesn't even use pgpExtractPubkeyFingerprint() anymore
but there appear to be other users so leaving it alone for now,
just behave sanely on errors.
Panu Matilainen [Mon, 24 Oct 2011 10:45:00 +0000 (13:45 +0300)]
Eliminate useless pgpIsPkt() helper function
- While I can imagine uses for such a function, our only caller is
using it in a bogus way: decodePkts() is trying to avoid looking into
binary-only data by calling it, but then pgpIsPkt() returns
"not pgp tag" for various things that *are* pgp tags, making the
whole thing just moot. If such checks are actually needed, we'd be better
of checking for printable characters or such.
Panu Matilainen [Mon, 24 Oct 2011 09:39:51 +0000 (12:39 +0300)]
Eliminate broken pgpLen() from the API
- pgpLen() only works for new format packets, and even for those
its unsafe and cannot be fixed without breaking the API. Start
by taking it behind the barn for further, err, operations. Rpm has
no users outside rpmpgp.c now and anybody else using it will be
better off not doing so.
Panu Matilainen [Mon, 24 Oct 2011 09:21:01 +0000 (12:21 +0300)]
Sanitize pgpsigFormat()
- Eliminate bogus size calculations: we have a buffer of td->count size
that may or may not contain legal OpenPGP signature. Leave it up to
pgpPrtPkts() to validate & figure it out and check its return code instead,
eliminating need to repeat a bunch of tedious calculations here.
- Use non-zero signature version is used as a hint for valid signature,
should be "close enough" for the rest of the code.
Panu Matilainen [Mon, 24 Oct 2011 08:04:51 +0000 (11:04 +0300)]
Valid PGP packets are always at least two bytes long
- Old format tags encode the number of body length bytes in the packet
header, new format encodes it in the first body length byte. In
both cases there must be at least two bytes worth of data for it
to be a valid header. Sanity check before accessing.
Thomas Jarosch [Fri, 21 Oct 2011 21:05:54 +0000 (23:05 +0200)]
Fix unterminated buffer after readlink() call
readlink() never terminates the buffer.
Detected by "cppcheck" (git HEAD)
Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Panu Matilainen [Sun, 23 Oct 2011 11:23:12 +0000 (14:23 +0300)]
Log an error on signing if we can't even parse the gpg-generated signature
- The error message is not very helpful but if pgpPrtPkts() fails
we dont have a whole lot clue in the caller why it failed, spitting
out at least *some* error is better than silently failing
(RhBug:748116, RhBug:719154)
Panu Matilainen [Sun, 23 Oct 2011 10:59:46 +0000 (13:59 +0300)]
Warn but don't fail the build on missing excluded files (RhBug:745629)
- If a file/directory is not to be packaged, there's not a whole lot
point making the build fail if its missing. In case exclude is
used to leave certain files to sub-packages, the sub-package file
lists will catch out missing files that are really missing as a
result of actual build failure or such (except perhaps for some
glob cases but missing files can go unnoticed in those cases anyway)
Panu Matilainen [Sun, 23 Oct 2011 10:53:21 +0000 (13:53 +0300)]
Eliminate bunch of exit points in addFile()
- Assume failure, handle setting fl->processingFailed centrally at exit
(file too large wasn't resulting in processingFailed getting set)
Panu Matilainen [Fri, 21 Oct 2011 08:49:53 +0000 (11:49 +0300)]
Fix ancient off-by-one at end boundary in string array size calculation
- String array size calculation could read one byte past data end
pointer when expected count and number of \0's disagree (ie invalid data)
due to while condition side-effects + bounds checking being in
the inner loop.
- Lift the string length calculation to inline helper function, used for
both string and string array types.
- Streamline the calculations:
- Eliminate unnecessary length increments, calculate the length
from pointer distance
- Eliminate end pointer NULL checking within the loop: when caller
doesn't supply end pointer, cap to HEADER_MAX_DATA (ie 16MB),
anything larger would trip up in later hdrchkData() checks anyway.
- Avoid the off-by-one by eliminating the problematic inner loop.
Panu Matilainen [Thu, 20 Oct 2011 07:37:31 +0000 (10:37 +0300)]
Verify the entire region trailer, not just its offset, is within data area
- Offset being within the data area doesn't help if the actual data doesn't
fit. Since the trailer size is well known, we can just as easily
make the check accurate to prevent reading beyond end of data in case
the offset is subtly wrong.
- In headerLoad(), region offset of zero doesn't need sanity checking,
only validate if its something else and do so accurately there too.
Panu Matilainen [Mon, 17 Oct 2011 06:27:34 +0000 (09:27 +0300)]
Update man page(s) verify output description to match current behavior
- Since addition of file capability verification in rpm 4.7.x,
the verify output has nine characters, not eight (RhBug:746525)
Panu Matilainen [Wed, 12 Oct 2011 06:33:36 +0000 (09:33 +0300)]
Fix pretrans dependency calculation when provider is upgraded
- Pretrans-dependencies are twisty little beasts unlike anything else...
When a pretrans-dependency provider is updated, the currently installed
version is the provider for that transaction, unlike others where
the packages from installing set act as providers for updates. So
when looking up pretrans deps, we must not prune the to-be-erased
packages from the db match iterators. As an added twist, we also
must not cache these non-pruned cases as it would mess up the
cache for "regular" dependencies.
- Fixes this case reported on fedora-devel:
http://lists.fedoraproject.org/pipermail/devel/2011-October/158058.html
Mukund Sivaraman [Fri, 30 Sep 2011 10:04:44 +0000 (15:34 +0530)]
rpmio: Set a umask before using mkstemp()
This commit sets a restrictive umask before calling mkstemp().
This is because the permissions of files created by mkstemp() are
not defined in POSIX. Old versions of glibc created files with
mode 0666 which can be a security hole. Because the behavior is
implementation-dependent, we set a umask.
Mukund Sivaraman [Thu, 29 Sep 2011 07:09:13 +0000 (12:39 +0530)]
rpmio: Don't de-ref lzfile which was freed in lzclose()
Mukund Sivaraman [Thu, 29 Sep 2011 07:09:12 +0000 (12:39 +0530)]
build: Update .gitignore rules
Panu Matilainen [Tue, 11 Oct 2011 07:31:40 +0000 (10:31 +0300)]
Let headerLoad() failure message come through
- headerVerify() always returns with a message even for OK results,
which was masking the error message from headerLoad(), sometimes
giving not very helpful "headerRead failed: Header sanity check OK"
style messages.
Panu Matilainen [Thu, 6 Oct 2011 12:16:47 +0000 (15:16 +0300)]
Eliminate headerCheckPayloadFormat() from the API
- While we're on API killing spree... Exporting this was needless and
dumb to begin with (greetings to self in 2007...), bury it inside
depends.c as static and let rot there.
- Might be a better idea to kill it completely with some other
mechanism such as turning payload format into rpmlib() dependency
internally but just get it out of public sight for now.
Panu Matilainen [Thu, 6 Oct 2011 12:13:22 +0000 (15:13 +0300)]
Eliminate headerMergeLegacySigs() from the API
- No need to export this in the API - if you want merged signature
tags you use rpm's package reading functions.
Panu Matilainen [Thu, 6 Oct 2011 12:05:11 +0000 (15:05 +0300)]
Eliminate leftover headerRegenSigHeader() function
- This was only ever used by repackage support inside rpm and has been
orphan since 2008, likely more than just a little broken too as it
doesn't know about 64bit types and all. RIP.
Panu Matilainen [Thu, 6 Oct 2011 10:06:28 +0000 (13:06 +0300)]
Only bother allocating a pgpDig when needed
- Now that rpmVerifySignature() doesn't require a non-null dig
for digests, don't bother allocating one unless necessary.
- pgpNewDig() cannot fail so dont bother checking.
Panu Matilainen [Thu, 6 Oct 2011 09:56:13 +0000 (12:56 +0300)]
Eliminate redundant NULL-checks in lower level sigchecking functions
- sigtd->data and dig checking (where needed) is done at
rpmVerifySignature() level, dont bother double-checking
- Hash context is dup'ed, which CAN fail, so while we dont need
to check the argument for non-null, the dup result needs to
be checked for digests. For actual signatures the dup happens
elsewhere, we dont need to check the argument for non-null here.
Panu Matilainen [Thu, 6 Oct 2011 09:49:18 +0000 (12:49 +0300)]
Sanitize rpmVerifySignature() a bit
- Hash context is required for everything, require non-NULL ctx
in rpmVerifySignature() already
- pgpDig is only relevant for true signature, digest checking doesn't
need it - dont require dummy dig to be passed for digests.
- Treat unknown signatures as a case of bad parameters: we're the
only caller of rpmVerifySignature() so it'd be us screwing up if
we ask for unknown signature to be verified.
- Treat bad parameters as a hard failure instead of "not found",
bad parameters mean we cannot verify the signature which really
equals FAIL.
Panu Matilainen [Thu, 6 Oct 2011 08:14:05 +0000 (11:14 +0300)]
Also add RPMTAG_OPTFLAGS during spec parse since we easily can...
Panu Matilainen [Thu, 6 Oct 2011 08:02:31 +0000 (11:02 +0300)]
Add implicit self-provides during spec parse already
- Makes the self-provides accessible on spec parse queries, shouldn't
affect anything else.
Panu Matilainen [Wed, 5 Oct 2011 13:54:15 +0000 (16:54 +0300)]
Split signature/digest verification out of headerVerify()
- headerVerify() is big enough without having all the signature
goo inline, just lift the whole signature/digest business into
separate function. Supposedly no functional changes...
Panu Matilainen [Wed, 5 Oct 2011 12:08:07 +0000 (15:08 +0300)]
Unobfuscate header digest calculation in headerVerify()
- Assigning goo to temporary variables for calling rpmDigestUpdate()
doesn't make it any more readable, more the contrary. Also
don't bother with htonl() (calls that should've been ntohl()
for "correctness") when we have the data elsewhere in host order already.
Panu Matilainen [Wed, 5 Oct 2011 11:46:12 +0000 (14:46 +0300)]
Unobfuscate headerVerify() exit logic
- Jumping forwards is one thing, jumping backwards and forwards to an
exit label residing in the middle of a function is something else...
Refactor to single point of exit, at the end of the function.
- Handle the no header-only signature/digest case (whether disabled
or v3 package) and cleanup centrally at the exit label, everything
falls through there now.
Panu Matilainen [Wed, 5 Oct 2011 10:58:33 +0000 (13:58 +0300)]
Eliminate pointless exit label from headerVerify()
- pgpNewDig() like most rpm "constructor" functions cannot fail,
no point checking the result. Allows an icky backwards goto + label
to be eliminated.
Panu Matilainen [Tue, 4 Oct 2011 12:35:42 +0000 (15:35 +0300)]
Push couple of variables to more local scope
- No functional changes, just preparing to tidy up the headerVerify()
monster a bit.
Panu Matilainen [Tue, 4 Oct 2011 11:59:49 +0000 (14:59 +0300)]
Eliminate redundant local variable in headerLoad()
Panu Matilainen [Mon, 3 Oct 2011 14:49:29 +0000 (17:49 +0300)]
Sanity check region length on header load
- Region size can't obviously be larger than the containing header,
sanity check to avoid crashes from malformed packages.
- We should really test for length equality here, but with dribbles
the size is sometimes off by three, whatever the reason (bug likely),
leaving that investigation for some sunnier day...
Panu Matilainen [Fri, 30 Sep 2011 12:28:00 +0000 (15:28 +0300)]
Sanity check OpenPGP packet lengths in pgpPrtSubType()
- Sub-packet prefix length + packet length can't very well be larger
than the remaining packet length. In addition to sanity checking,
return an error code and have callers actually check for it.
- Fixes (yet another) segfault on malformed package (RhBug:742499)
Panu Matilainen [Thu, 29 Sep 2011 10:22:32 +0000 (13:22 +0300)]
Sanity check region offset range on headerLoad()
- Fixes the first case crash of RhBug:741606 / CVE-2011-3378 where
immutable region offset is way out of bounds.
Panu Matilainen [Thu, 29 Sep 2011 09:50:57 +0000 (12:50 +0300)]
Sanity check region offset in regionSwab()
- Region offsets are supposed to be negative when when an entry
is involved, otherwise zero. Fixes some cases of crash'n'burn on
malformed headers having bogus offsets (CVE-2011-3378)
Panu Matilainen [Thu, 15 Sep 2011 12:01:27 +0000 (15:01 +0300)]
Whoops, ftell() and rpmio equivalents should return long not off_t
Panu Matilainen [Thu, 15 Sep 2011 11:58:19 +0000 (14:58 +0300)]
Fix up a few strict-prototype warnings on x86
Panu Matilainen [Thu, 15 Sep 2011 09:21:21 +0000 (12:21 +0300)]
Kick out ppc arch detection leftovers
- This should've been in commit
6e2f56fe25a9ee62af51e0408861a8a43c97a709
all the way back then, unused ever since...
Panu Matilainen [Thu, 15 Sep 2011 09:06:50 +0000 (12:06 +0300)]
Eliminate hysterical copy-paste comments from rpmrc
Panu Matilainen [Thu, 15 Sep 2011 09:05:52 +0000 (12:05 +0300)]
Bit of rpmrc spring-cleaning: nuke detection for some extinct creatures
Panu Matilainen [Tue, 13 Sep 2011 11:11:14 +0000 (14:11 +0300)]
Add Transifex config + adjust .gitignore to track it
Panu Matilainen [Tue, 13 Sep 2011 11:07:29 +0000 (14:07 +0300)]
Nuke ancient ChangeLog in po/
Panu Matilainen [Mon, 12 Sep 2011 10:26:42 +0000 (13:26 +0300)]
Use POPT_BIT_SET for setting the scriptlet flags
- No functional changes, just avoid doing extra work for what popt
can already do for us.
Panu Matilainen [Mon, 12 Sep 2011 10:02:13 +0000 (13:02 +0300)]
Actually remember scriptlet flags in the rpmScript struct
- Currently doesn't make any difference but since we actually
have a flags member in the struct, might as well use it. Also
we'll shortly be needing these during the actual execution too.
Panu Matilainen [Mon, 12 Sep 2011 09:54:48 +0000 (12:54 +0300)]
Rename scriptlet flags from RPMSCRIPT_FOO to RPMSCRIPT_FLAG_FOO
- No functional changes (and this is still internal-only API),
just making more obvious what they are and clearing the
RPMSCRIPT_FOO namespace for possible future use for the scriptlet
types themselves.
Panu Matilainen [Mon, 12 Sep 2011 09:19:15 +0000 (12:19 +0300)]
Show all interpreter arguments on --scripts query (ticket #847)
- Previously any arguments to interpreter were invisible unless
you happened to know that RPMTAG_FOOPROG are actually string
arrays despite their type showing plain string, and queried
as arrays. This makes all the arguments for all scriptlets
supporting interpreter arguments visible on --scripts query
and also serves as an example on how to properly query them.i
- Perhaps worth noting is the exact formatting of the query:
"(using[ %{PRETRANSPROG}]" instead of the more typical style of
"(using [%{PRETRANSPROG} ]" to avoid extra trailing blanks.
Panu Matilainen [Mon, 12 Sep 2011 09:10:29 +0000 (12:10 +0300)]
Show possible %verifyscript interpreter similarly to other scriptlets
Panu Matilainen [Mon, 12 Sep 2011 08:43:11 +0000 (11:43 +0300)]
Scriptlet argument tags are really arrays
- While the vast majority of scriptlet interpreters only consist
of the interpreter name itself, they all can consist of arbitrary
number of extra arguments. Rpm itself doesn't really care whether
the tags are strings or string arrays but the scalar definition
causes the rest of arguments to be invisible from eg python.
Also having the type shown as string array hints at the proper
query format when accessing these (and rpm itself is doing it
wrong too in --scripts alias). Related to ticket #847.
Panu Matilainen [Mon, 12 Sep 2011 08:36:27 +0000 (11:36 +0300)]
Sanity check trigger scriptlet arguments on build
- Trigger scriptlets differ from other types in that additional
arguments to scriptlet interpreter are not supported due to the
way trigger data is stored in the header. Until now any extra
arguments have just been quietly discarded, make it an hard
error to avoid surprises.
Panu Matilainen [Tue, 6 Sep 2011 19:37:42 +0000 (22:37 +0300)]
Fix brp-python-bytecompile breakage from the recent whitespace patch
Panu Matilainen [Tue, 6 Sep 2011 13:12:15 +0000 (16:12 +0300)]
Use the new FOO_NEVRS extensions for --requires etc popt aliases
- Makes the popt foobar somewhat saner and fixes RhBug:717534 and
RhBug:735801 while at it.
Panu Matilainen [Tue, 6 Sep 2011 12:58:35 +0000 (15:58 +0300)]
Add four new extension tags for pretty-formatting dependencies
- The current method that --requires and friends use is kinda
cumbersome and outputs extra whitespace for dependencies which
dont have flags+version attached. Adding extensions for this
is likely to be easier than teaching query formatting to
permit conditionalizing on current value instead of just tag existence.
Jeff Tickle [Tue, 6 Sep 2011 06:52:19 +0000 (09:52 +0300)]
$RPM_BUILD_ROOT breaks brp-* scripts if it contains spaces (ticket #843)
- This patch adds quotes around $RPM_BUILD_ROOT in places that I noticed
they were missing, and attempts to handle some of the problems that can
occur when looping over the output of find.
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Ville Skyttä [Mon, 29 Aug 2011 18:35:30 +0000 (21:35 +0300)]
Manual typo fix.
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Ville Skyttä [Mon, 29 Aug 2011 18:34:02 +0000 (21:34 +0300)]
Sync autoconf macro defaults in manual with the macros file.
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Panu Matilainen [Mon, 5 Sep 2011 05:38:31 +0000 (08:38 +0300)]
Make --pipe command failures reflect our exit codes (RhBug:735481)
Panu Matilainen [Fri, 2 Sep 2011 09:56:55 +0000 (12:56 +0300)]
Make rpmScript opaque
- Add accessor for fetching the script tag, the final piece that
psm needs (and will continue to do so) from script internals.
This allows the script type to become opaque for real.
Panu Matilainen [Fri, 2 Sep 2011 09:43:53 +0000 (12:43 +0300)]
Add an API for creating real rpmScript items out of triggers, use it
- Bury rpmScriptNew() into being internal helper in rpmscript -
triggers and other scripts differ quite a bit in how their data
is laid out in the header, especially args need "special attention".
- Besides cleaning up things in the psm side, this technically makes
trigger scripts runnable without having a header at hand. Of course
currently trigger scripts are currently created and destroyed
on the spot from headers so this is of academic interest...
Panu Matilainen [Fri, 2 Sep 2011 07:54:00 +0000 (10:54 +0300)]
First step towards unifying triggers into rpmScript API
- Add a lower level script creation function to deal with the
body expansions and such, use it for triggers as well.
- This is still fairly ugly but its something that can be reasonably
backported to 4.9.x which needs this too, as currently triggers
are forgetting to set script->descr, causing "(null) failure" messages
on glibc and on others, in would just crash on trigger failure
and/or in debug verbosity level.
Panu Matilainen [Thu, 1 Sep 2011 17:29:30 +0000 (20:29 +0300)]
Fix up one strict-prototype warning that has crept in meantime
Panu Matilainen [Thu, 1 Sep 2011 17:26:13 +0000 (20:26 +0300)]
GCC warning option tweaks
- WTH are we compiling with -Wno-char-subscripts? This appears to have
been there since the dawn of times, and at least nowadays removing
it causes no new warnings.
- Re-enable -Wstrict-prototypes, either NSS headers have gotten fixed
or GCC has gotten smarter and no longer whines about broken
system headers.
Panu Matilainen [Thu, 1 Sep 2011 11:23:28 +0000 (14:23 +0300)]
Oops, RPMSENSE_PRETRANS and _POSTTRANS missing from python bindings
Panu Matilainen [Thu, 1 Sep 2011 10:50:55 +0000 (13:50 +0300)]
Don't add config() provides if config install is disabled
- Similarly to commit
40ee8e7427ace319687dd36bd5f745d1ef2f2236,
take --noconfigs into account for the virtual config() provides too
Panu Matilainen [Thu, 1 Sep 2011 10:40:50 +0000 (13:40 +0300)]
Don't add file provides for doc/config files if they wont be installed
- Files which dont get installed cannot very well satisfy dependencies,
take this into account for docs and configs when --nodocs & --noconfigs
flags are used.
Panu Matilainen [Thu, 1 Sep 2011 10:19:18 +0000 (13:19 +0300)]
Pass tsflags to rpmal and remember them
- No functional changes here, but we'll need to know some of these
bits for accurately calculating various dependency bits later on.
Panu Matilainen [Thu, 1 Sep 2011 09:55:30 +0000 (12:55 +0300)]
Source formatting cosmetics: function blocks start on the next line
Panu Matilainen [Thu, 1 Sep 2011 09:39:06 +0000 (12:39 +0300)]
Only consider installed files when looking at removed dependencies
- Non-installed files cannot very well have dependencies, this
eliminates some bogosities from those cases.
Panu Matilainen [Thu, 1 Sep 2011 09:11:13 +0000 (12:11 +0300)]
Add RPMTAG_INSTFILENAMES tag extension for state-aware file lists
- For a more consistent experience wrt all the state-awareness stuff,
this needs to be easily querifiable too.
- Also makes the tagnames kludgery from commit
cac8c389607d7a5735b2905035fdfe4404670d06 unnecessary
Panu Matilainen [Thu, 1 Sep 2011 09:07:30 +0000 (12:07 +0300)]
Add + use helper macro for testing for installed file state
Panu Matilainen [Thu, 1 Sep 2011 08:20:54 +0000 (11:20 +0300)]
Oops, missing include for rpmFreeMacros() in python module
- This should've been in commit
f07ab5c1afa9b0b7105082a8617ec6a7657fc27e
Panu Matilainen [Thu, 1 Sep 2011 06:40:52 +0000 (09:40 +0300)]
Avoid SystemError on inserting an empty list insert to header from python
Panu Matilainen [Thu, 1 Sep 2011 05:31:04 +0000 (08:31 +0300)]
Add method to reset + reload rpm configuration to python bindings
Panu Matilainen [Wed, 31 Aug 2011 08:09:03 +0000 (11:09 +0300)]
Remember ds color (if set) through rpmdsCurrent()
- Currently only dependency sets coming from transaction elements
get colored, only bother allocating memory for non-zero color.
Panu Matilainen [Wed, 31 Aug 2011 08:07:32 +0000 (11:07 +0300)]
Oops, forgot to add the instfilenames pseudo index to tag lookup code
- DBI tags dont really belong there to begin with but changing this
would be more painful than its worth...
Panu Matilainen [Mon, 29 Aug 2011 13:19:32 +0000 (16:19 +0300)]
Use RPMDBI_INSTFILENAMES on file queries as well
- This changes query behavior quite a bit as files with non-installed
status are no longer returned as matches. The rationale is that
it makes figuring out dependency issues with the "new" behavior
more obvious (but perhaps we should have a switch to enable
former behavior). Besides not satisfying dependencies, files with
non-installed status are not really owned by the package, as they
would not be removed on package removal.
Panu Matilainen [Mon, 29 Aug 2011 12:49:08 +0000 (15:49 +0300)]
Take advantage on RPMDBI_INSTFILENAMES in rpmdbProvides()
- No functional changes, we did the same thing "manually" here already.
Only now the data is more conveniently available through API to
other callers who might care (yum & friends)
Panu Matilainen [Mon, 29 Aug 2011 12:43:15 +0000 (15:43 +0300)]
Add a new pseudo index for actually installed files
- RPMDBI_BASENAMES (ugh) returns all headers with matching filenames,
whether the files are actually installed or not, which can be
rather misleading when dealing with file dependencies. The new
RPMDBI_INSTFILENAMES only returns headers with matching filenames
whose state indicates they are actually present on the system.
Panu Matilainen [Mon, 29 Aug 2011 12:23:02 +0000 (15:23 +0300)]
Generalize pseudo tag handling in rpmdbInitIterator()
- No functional changes, just makes the case where a pseudo index
uses a differently numbered underlying physical db index more generic.