I know the split is somewhat painful this way, but it was the least painful (or
only) way I could see to accomplish this within reasonable time/effort.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984#issuecomment-2034208979
You are
Ah, I missed that. Then please ignore me ;-)
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984#issuecomment-2034198154
You are receiving this because you are subscribed to this thread.
Message ID:
Oh, I guess I wasn't clear: sure rpm-sequoia supports and exports all the
digest functionality rpm needs. What I mean is that it does NOT support using
libgcrypt/openssl from rpm side to do that.
libgcrypt/openssl digest support in rpm is only for the case where rpm-sequoia
is not available.
Why wouldn't it make sense? Sequoia needs to do digesting anyway to verify the
signatures, it might as well expose the functionality. Securitywise it is bad
design if two implementations are used.
--
Reply to this email directly or view it on GitHub:
The sole reason for this exercise is to be able to build rpm *without*
rpm-sequoia.
rpm-sequoia doesn't support external digest, and wouldn't make much sense for
it to do so.
--
Reply to this email directly or view it on GitHub:
You really should use Sequoia for digesting. It makes no sense to use
openssl/libgcrypt in rpm and something else in sequoia. If it's not already
exposed, can you please add expose digesting functionality in Sequoia?
--
Reply to this email directly or view it on GitHub:
Merged #2984 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984#event-12182799253
You are receiving this because you are subscribed to this thread.
Message ID:
___
Rpm-maint
Okay, best to just get this out of the way...
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984#issuecomment-2009249611
You are receiving this because you are subscribed to this thread.
Message ID:
Couple of simple tests added, a whole lot tests skipped when dummy pgp used.
The INSTALL docs hopefully a little saner now :laughing:
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984#issuecomment-2006967300
You are receiving this
@pmatilai commented on this pull request.
> +return PGPARMOR_NONE;
+}
+
+int pgpPubKeyCertLen(const uint8_t *pkts, size_t pktslen, size_t *certlen)
+{
+return -1;
+}
+
+char * pgpArmorWrap(int atype, const unsigned char * s, size_t ns)
+{
+return NULL;
+}
+
+rpmRC
@pmatilai pushed 1 commit.
6ede5d3ed8081ddcece6a44176ed38863c848e3f Allow building rpm without OpenPGP
support
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984/files/2286b6001d2e3bb09e6efa8a0a02bb0ccdd34880..6ede5d3ed8081ddcece6a44176ed38863c848e3f
You are
@pmatilai pushed 1 commit.
2286b6001d2e3bb09e6efa8a0a02bb0ccdd34880 Allow building rpm without OpenPGP
support
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984/files/2a5c0131cc24c803695bd48bff3742446f90a98a..2286b6001d2e3bb09e6efa8a0a02bb0ccdd34880
You are
This will also need some further tweaks to skip the relevant tests.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984#issuecomment-2006802381
You are receiving this because you are subscribed to this thread.
Message ID:
@pmatilai commented on this pull request.
> @@ -27,8 +27,8 @@ The source for the file utility + library is available from
ftp://ftp.astron.com/pub/file/
You will need a cryptographic library to support digests and
It gets tricky here because now those two are separated in some of the
All good points, thanks for the review!
As for `pgpVerifySignature[2]()`, I considered returning NOKEY for a softer
impact, but the gotcha is that the sanity check in rpmsinfoInit() causes things
to fail long before you get to call verify. So while adding a "not at home"
lint will of course
@nwalfield commented on this pull request.
Looks good to me!
> @@ -38,9 +38,17 @@ in Sequoia. Some other Sequoia advantages include being
> implemented in a
memory-safe language, configurable policy and user-relevant error messages.
For more information, see https://sequoia-pgp.org/
-If
As per the commit message, the intent is to follow-up this with a patch to
split the rpmpgp_legacy directory off the rpm main repo entirely, at which
point #2414 is achieved while letting others to maintain the code if they so
wish.
--
Reply to this email directly or view it on GitHub:
For bootstrapping purposes, having rpm depend on Rust is painful, but directing
people to unmaintained crypto code as an alternative is hair-raising. As a
middle ground, let rpm be built without OpenPGP support at all, which at least
gives you a functional rpm and rpm-build even if you cant
18 matches
Mail list logo
