Hello community, here is the log from the commit of package rpm for openSUSE:Leap:15.2 checked in at 2020-02-04 17:53:09 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/rpm (Old) and /work/SRC/openSUSE:Leap:15.2/.rpm.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rpm" Tue Feb 4 17:53:09 2020 rev:71 rq:760171 version:4.14.1 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/rpm/rpm.changes 2020-01-15 15:57:56.351751158 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.rpm.new.26092/rpm.changes 2020-02-04 17:53:10.492704184 +0100 @@ -1,0 +2,20 @@ +Thu Dec 12 13:41:04 CET 2019 - [email protected] + +- Consolidate beecrypt patches into 'beecrypt.diff' + old patches: beecrypt-4.1.2.diff beecrypt-4.1.2-build.diff +- Use libgcrypt as crypto library for SP2 [jsc#SLE-9552] + new patch: libgcrypt.diff +- Backport ndb fixes and enable ndb support [jsc#SLE-7272] + new patch: ndb-backport.diff +- Allow to disable bdb database support [jsc#SLE-7272] + new patch: disable-bdb.diff +- Rewrite rpmqpack to use rpm's database interface + modified patch: rpmqpack.diff + +------------------------------------------------------------------- +Fri Nov 15 13:20:20 CET 2019 - [email protected] + +- Backport lang_package -r fixes from Factory [bnc#1156300] + modified: rpm-suse_macros + +------------------------------------------------------------------- Old: ---- beecrypt-4.1.2-build.diff beecrypt-4.1.2.diff New: ---- beecrypt.diff disable-bdb.diff libgcrypt.diff ndb-backport.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-rpm.spec ++++++ --- /var/tmp/diff_new_pack.Cz2RsD/_old 2020-02-04 17:53:13.536706022 +0100 +++ /var/tmp/diff_new_pack.Cz2RsD/_new 2020-02-04 17:53:13.540706025 +0100 @@ -41,6 +41,9 @@ BuildRequires: python-rpm-macros BuildRequires: xz-devel BuildRequires: zlib-devel +%if 0%{?sle_version} >= 150200 +BuildRequires: libgcrypt-devel +%endif Requires: rpm = %{version} %{expand:%(sed -n -e '/^Source:/,/^BuildRoot:/p' <%{_sourcedir}/rpm.spec)} %if "%{python_flavor}" == "python2" ++++++ rpm.spec ++++++ --- /var/tmp/diff_new_pack.Cz2RsD/_old 2020-02-04 17:53:13.572706044 +0100 +++ /var/tmp/diff_new_pack.Cz2RsD/_new 2020-02-04 17:53:13.572706044 +0100 @@ -45,6 +45,9 @@ BuildRequires: rpm-build BuildRequires: xz-devel BuildRequires: zlib-devel +%if 0%{?sle_version} >= 150200 +BuildRequires: libgcrypt-devel +%endif #!BuildIgnore: rpmlint-Factory Provides: rpminst Requires(post): %fillup_prereq @@ -66,10 +69,9 @@ Source13: rpmconfigcheck.service Source14: find-provides.ksyms Source15: find-requires.ksyms -Patch1: beecrypt-4.1.2.diff +Patch1: beecrypt.diff Patch2: db.diff Patch3: rpm-4.12.0.1-fix-bashisms.patch -Patch4: beecrypt-4.1.2-build.diff Patch5: usr-lib-sysimage-rpm.patch # quilt patches start here Patch11: debugedit.diff @@ -137,6 +139,9 @@ Patch114: source_date_epoch_buildtime.diff Patch115: safesymlinks.diff Patch116: verifynodup.diff +Patch117: ndb-backport.diff +Patch118: disable-bdb.diff +Patch119: libgcrypt.diff Patch6464: auto-config-update-aarch64-ppc64le.diff Patch6465: auto-config-update-riscv64.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -209,20 +214,20 @@ %prep %setup -q -n rpm-%{version} -rm -rf sqlite -rm -rf beecrypt +rm -rf sqlite beecrypt +%if 0%{?sle_version} < 150200 tar xjf %{SOURCE10} +%patch1 +ln -s beecrypt-4.1.2 beecrypt +%endif tar xjf %{SOURCE11} ln -s db-4.8.30 db cd db %patch2 -p1 cd .. -ln -s beecrypt-4.1.2 beecrypt chmod -R u+w db/* rm -f rpmdb/db.h -%patch -P 1 %patch3 -p1 -%patch -P 4 %patch5 -p1 %patch -P 11 -P 12 -P 13 -P 14 -P 15 -P 16 -P 18 %patch -P 20 -P 21 -P 24 -P 25 -P 26 -P 27 -P 28 -P 29 @@ -234,7 +239,8 @@ %patch -P 85 %patch -P 93 -P 94 -P 99 %patch -P 100 -P 102 -P 103 -P 108 -%patch -P 109 -P 111 -P 112 -P 113 -P 114 -P 115 -P 116 +%patch -P 109 -P 111 -P 112 -P 113 -P 114 -P 115 -P 116 -P 117 -P 118 +%patch -P 119 %ifarch aarch64 ppc64le riscv64 %patch6464 @@ -244,7 +250,6 @@ %endif cp config.guess config.sub db/dist/ -cp config.guess config.sub beecrypt/ cp %{SOURCE14} %{SOURCE15} scripts/ #chmod 755 scripts/find-supplements{,.ksyms} chmod 755 scripts/find-provides.ksyms scripts/find-requires.ksyms @@ -281,22 +286,32 @@ BUILDTARGET="--build=%{_target_cpu}-suse-linux" %endif -#cp -p /usr/share/gettext/config.rpath . -cp autogen.sh beecrypt +%if 0%{?sle_version} < 150200 +cp config.guess config.sub autogen.sh beecrypt pushd beecrypt ./autogen.sh --disable-dependency-tracking --with-pic --without-python $BUILDTARGET make %{?_smp_mflags} popd +%endif autoreconf -fi ./configure --disable-dependency-tracking --prefix=%{_prefix} --mandir=%{_mandir} --infodir=%{_infodir} \ --libdir=%{_libdir} --sysconfdir=/etc --localstatedir=/var --sharedstatedir=/var/lib --with-lua \ --without-external-db \ +--enable-ndb \ --with-vendor=suse \ --with-rundir=/run \ --without-archive \ ---with-selinux --with-internal-beecrypt \ ---with-acl --with-cap --enable-shared %{?with_python: --enable-python} $BUILDTARGET +%if 0%{?sle_version} < 150200 +--with-internal-beecrypt \ +%else +--with-crypto=libgcrypt \ +%endif +--with-selinux \ +--with-acl --with-cap --enable-shared \ +%{?without_bdb: --enable-bdb=no} \ +%{?with_python: --enable-python} \ +$BUILDTARGET rm po/de.gmo make %{?_smp_mflags} @@ -308,7 +323,9 @@ %make_install mkdir -p %{buildroot}/bin ln -s /usr/bin/rpm %{buildroot}/bin/rpm +%if 0%{?!without_bdb:1} install -m 644 db3/db.h %{buildroot}/usr/include/rpm +%endif # remove .la file and the static variant of libpopt # have to remove the dependency from other .la files as well for f in %{buildroot}/%{_libdir}/*.la; do @@ -389,12 +406,14 @@ %{fillup_only -an services} # var/lib/rpm migration: set forwards compatible symlink for /usr/lib/sysimage/rpm so scriptlets in same transaction will still work -if test ! -L var/lib/rpm -a -f var/lib/rpm/Packages -a ! -f usr/lib/sysimage/rpm/Packages ; then +if test ! -L var/lib/rpm -a ! -f usr/lib/sysimage/rpm/Packages -a ! -f usr/lib/sysimage/rpm/Packages.db ; then + if test -f var/lib/rpm/Packages -o -f var/lib/rpm/Packages.db ; then rmdir usr/lib/sysimage/rpm ln -s ../../../var/lib/rpm usr/lib/sysimage/rpm + fi fi -test -f usr/lib/sysimage/rpm/Packages || rpmdb --initdb +test -f usr/lib/sysimage/rpm/Packages -o -f usr/lib/sysimage/rpm/Packages.db || rpmdb --initdb %posttrans # var/lib/rpm migration @@ -402,7 +421,7 @@ # delete no longer maintained databases rm -f var/lib/rpm/Filemd5s var/lib/rpm/Filedigests var/lib/rpm/Requireversion var/lib/rpm/Provideversion - if test -f var/lib/rpm/Packages ; then + if test -f var/lib/rpm/Packages -o -f var/lib/rpm/Packages.db ; then echo "migrating rpmdb from /var/lib/rpm to /usr/lib/sysimage/rpm..." # remove forwards compatible symlink ++++++ beecrypt-4.1.2-build.diff -> beecrypt.diff ++++++ --- /work/SRC/openSUSE:Leap:15.2/rpm/beecrypt-4.1.2-build.diff 2020-01-15 15:57:53.871749844 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.rpm.new.26092/beecrypt.diff 2020-02-04 17:53:10.284704058 +0100 @@ -1,26 +1,28 @@ ---- - acinclude.m4 | 4 ++-- - configure.ac | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - -Index: beecrypt-4.1.2/configure.ac -=================================================================== ---- beecrypt-4.1.2.orig/configure.ac -+++ beecrypt-4.1.2/configure.ac -@@ -1,8 +1,8 @@ - # Process this file with autoconf to produce a configure script. +--- beecrypt-4.1.2/Makefile.am.orig 2004-12-22 07:06:31.000000000 +0000 ++++ beecrypt-4.1.2/Makefile.am 2019-12-11 16:07:44.098540989 +0000 +@@ -49,7 +49,7 @@ libaltdir=$(prefix)/lib@LIBALT@ - AC_INIT([beecrypt],[4.1.2],[[email protected]]) --AM_INIT_AUTOMAKE - AC_CANONICAL_TARGET -+AM_INIT_AUTOMAKE - AC_CONFIG_SRCDIR(beecrypt.h) - AC_CONFIG_HEADERS([config.h]) + libalt_LTLIBRARIES = libbeecrypt.la + +-libbeecrypt_la_SOURCES = aes.c base64.c beecrypt.c blockmode.c blockpad.c blowfish.c dhaes.c dldp.c dlkp.c dlpk.c dlsvdp-dh.c dsa.c elgamal.c endianness.c entropy.c fips186.c hmac.c hmacmd5.c hmacsha1.c hmacsha256.c md5.c hmacsha384.c hmacsha512.c memchunk.c mp.c mpbarrett.c mpnumber.c mpprime.c mtprng.c pkcs1.c pkcs12.c rsa.c rsakp.c rsapk.c sha1.c sha256.c sha384.c sha512.c sha_k.c timestamp.c cppglue.cxx ++libbeecrypt_la_SOURCES = aes.c base64.c beecrypt.c blockmode.c blockpad.c blowfish.c dhaes.c dldp.c dlkp.c dlpk.c dlsvdp-dh.c dsa.c elgamal.c endianness.c entropy.c fips186.c hmac.c hmacmd5.c hmacsha1.c hmacsha256.c md5.c hmacsha384.c hmacsha512.c memchunk.c mp.c mpbarrett.c mpnumber.c mpprime.c mtprng.c pkcs1.c pkcs12.c rsa.c rsakp.c rsapk.c sha1.c sha256.c sha384.c sha512.c sha_k.c timestamp.c + libbeecrypt_la_DEPENDENCIES = $(BEECRYPT_OBJECTS) + libbeecrypt_la_LIBADD = aesopt.lo blowfishopt.lo mpopt.lo sha1opt.lo + libbeecrypt_la_LDFLAGS = -no-undefined -version-info $(LIBBEECRYPT_LT_CURRENT):$(LIBBEECRYPT_LT_REVISION):$(LIBBEECRYPT_LT_AGE) +@@ -62,5 +62,11 @@ EXTRA_DIST = BENCHMARKS BUGS CONTRIBUTOR -Index: beecrypt-4.1.2/acinclude.m4 -=================================================================== ---- beecrypt-4.1.2.orig/acinclude.m4 -+++ beecrypt-4.1.2/acinclude.m4 + DISTCLEANFILES = mpopt.s aesopt.s blowfishopt.s sha1opt.s + ++BUILT_SOURCES = listobjs ++ ++.PHONY: listobjs ++listobjs: ++ @echo $(libbeecrypt_la_OBJECTS) $(libbeecrypt_la_LIBADD) > $@ ++ + bench: + (cd tests && $(MAKE) $(AM_MAKEFLAGS) bench) +--- beecrypt-4.1.2/acinclude.m4.orig 2004-12-19 20:16:35.000000000 +0000 ++++ beecrypt-4.1.2/acinclude.m4 2019-12-11 16:08:05.370490481 +0000 @@ -459,7 +459,7 @@ AC_DEFUN([BEECRYPT_GNU_CC],[ CFLAGS="$CFLAGS -Wall -pedantic" else @@ -39,3 +41,38 @@ CXXFLAGS="$CXXFLAGS -DNDEBUG" if test "$bc_cv_c_aggressive_opt" = yes; then case $bc_target_cpu in +--- beecrypt-4.1.2/base64.c.orig 2004-12-19 20:21:04.000000000 +0000 ++++ beecrypt-4.1.2/base64.c 2019-12-11 16:07:44.098540989 +0000 +@@ -253,7 +253,6 @@ char* b64encode(const void* data, size_t + unsigned c; + + if (s == NULL) return NULL; +- if (*s == '\0') return calloc(1, sizeof(*t)); + + if (ns == 0) ns = strlen((const char*) s); + nt = ((ns + 2) / 3) * 4; +--- beecrypt-4.1.2/c++/io/DataOutputStream.cxx.orig 2004-11-04 12:38:15.000000000 +0000 ++++ beecrypt-4.1.2/c++/io/DataOutputStream.cxx 2019-12-11 16:07:44.098540989 +0000 +@@ -126,8 +126,8 @@ void DataOutputStream::writeLong(javalon + void DataOutputStream::writeChar(javaint v) throw (IOException) + { + _lock.lock(); +- out.write((v >> 8) && 0xff); +- out.write((v ) && 0xff); ++ out.write((v >> 8) & 0xff); ++ out.write((v ) & 0xff); + written += 2; + _lock.unlock(); + } +--- beecrypt-4.1.2/configure.ac.orig 2004-12-21 11:37:56.000000000 +0000 ++++ beecrypt-4.1.2/configure.ac 2019-12-11 16:08:05.366490491 +0000 +@@ -1,8 +1,8 @@ + # Process this file with autoconf to produce a configure script. + + AC_INIT([beecrypt],[4.1.2],[[email protected]]) +-AM_INIT_AUTOMAKE + AC_CANONICAL_TARGET ++AM_INIT_AUTOMAKE + AC_CONFIG_SRCDIR(beecrypt.h) + AC_CONFIG_HEADERS([config.h]) + ++++++ disable-bdb.diff ++++++ --- ./Makefile.am.orig 2019-12-09 15:06:29.928482250 +0000 +++ ./Makefile.am 2019-12-09 15:06:37.016465444 +0000 @@ -2,7 +2,7 @@ ACLOCAL_AMFLAGS = -I m4 -DISTCHECK_CONFIGURE_FLAGS = --with-external-db --enable-python +DISTCHECK_CONFIGURE_FLAGS = --enable-python include $(top_srcdir)/rpm.am AM_CFLAGS = @RPMCFLAGS@ --- ./configure.ac.orig 2019-12-09 15:06:29.940482221 +0000 +++ ./configure.ac 2019-12-09 15:06:37.016465444 +0000 @@ -509,6 +509,16 @@ AM_CONDITIONAL(LIBDW,[test "$WITH_LIBDW" AM_CONDITIONAL(HAVE_LIBDW_STRTAB,[test "$HAVE_LIBDW_STRTAB" = yes]) #================= +# Check for BDB support +AC_ARG_ENABLE([bdb], + [AS_HELP_STRING([--enable-bdb=@<:@yes/no/auto@:>@], + [build with Berkeley DB rpm database format support (default=yes)])], + [enable_bdb="$enableval"], + [enable_bdb=yes]) +have_bdb=no +AS_IF([test "x$enable_bdb" != "xno"], [ + + # Process --with/without-external-db AC_ARG_WITH(external_db, [AS_HELP_STRING([--with-external-db],[build against an external Berkeley db])], [case "$with_external_db" in @@ -533,12 +543,14 @@ yes ) ],[ AC_MSG_ERROR([missing required header db.h]) ]) + have_bdb=yes ;; no|maybe ) # Try internal database first, then fall back to external # unless --without-external-db (no) was explicitly given. if [ test -x db/dist/configure ]; then AC_DEFINE(HAVE_DB_H, 1, [Define if you have the <db3/db.h> header file]) + have_bdb=internal else case "$with_external_db" in maybe) @@ -561,11 +573,20 @@ no|maybe ) AC_MSG_ERROR([internal Berkeley DB directory not present, see INSTALL]) ;; esac + have_bdb=yes fi ;; esac - +AC_DEFINE([WITH_BDB], [1], [Define if BDB is available]) AC_SUBST([WITH_DB_LIB]) +]) + +AM_CONDITIONAL([BDB], [test "x$have_bdb" != "xno"]) +AM_CONDITIONAL([WITH_INTERNAL_DB],[test "x$have_bdb" = "xinternal"]) +if test "x$have_bdb" = "xinternal"; then + AC_CONFIG_SUBDIRS(db3) +fi + #================= # Process --enable-ndb @@ -1052,11 +1073,6 @@ AC_SUBST(RPMCONFIGDIR) AC_SUBST(OBJDUMP) -if test "$with_external_db" = no; then - AC_CONFIG_SUBDIRS(db3) -fi - -AM_CONDITIONAL([WITH_INTERNAL_DB],[test "$with_external_db" = no]) AM_CONDITIONAL([DOXYGEN],[test "$DOXYGEN" != no]) AM_CONDITIONAL([HACKINGDOCS],[test "$with_hackingdocs" = yes]) --- ./lib/Makefile.am.orig 2017-10-05 10:04:56.944602155 +0000 +++ ./lib/Makefile.am 2019-12-09 15:06:37.016465444 +0000 @@ -24,7 +24,7 @@ EXTRA_PROGRAMS = usrlib_LTLIBRARIES = librpm.la librpm_la_SOURCES = \ - backend/db3.c backend/dbi.c backend/dbi.h \ + backend/dbi.c backend/dbi.h \ backend/dbiset.c backend/dbiset.h \ headerutil.c header.c headerfmt.c header_internal.h \ rpmdb.c rpmdb_internal.h \ @@ -59,11 +59,14 @@ librpm_la_LIBADD += @LUA_LIBS@ librpm_la_SOURCES += rpmliblua.c rpmliblua.h endif +if BDB if WITH_INTERNAL_DB +librpm_la_SOURCES += backend/db3.c librpm_la_LIBADD += $(libdb_la) else librpm_la_LIBADD += @WITH_DB_LIB@ endif +endif if NDB librpm_la_SOURCES += \ --- ./lib/backend/dbi.c.orig 2017-10-05 10:04:56.946602155 +0000 +++ ./lib/backend/dbi.c 2019-12-09 15:12:53.475571937 +0000 @@ -49,12 +49,32 @@ dbDetectBackend(rpmdb rdb) rdb->db_ops = &ndb_dbops; } else #endif - { +#if defined(WITH_BDB) + if (!strcmp(db_backend, "bdb")) { rdb->db_ops = &db3_dbops; - if (*db_backend == '\0') { + } else +#endif + { + if (db_backend) free(db_backend); +#if defined(WITH_BDB) + if (!rdb->db_ops) { + rdb->db_ops = &db3_dbops; db_backend = xstrdup("bdb"); } +#endif +#ifdef ENABLE_NDB + if (!rdb->db_ops) { + rdb->db_ops = &ndb_dbops; + db_backend = xstrdup("ndb"); + } +#endif +#if defined(WITH_LMDB) + if (!rdb->db_ops) { + rdb->db_ops = &lmdb_dbops; + db_backend = xstrdup("lmdb"); + } +#endif } #if defined(WITH_LMDB) @@ -75,12 +95,14 @@ dbDetectBackend(rpmdb rdb) free(path); #endif +#if defined(WITH_BDB) path = rstrscat(NULL, dbhome, "/Packages", NULL); if (access(path, F_OK) == 0 && rdb->db_ops != &db3_dbops) { rdb->db_ops = &db3_dbops; rpmlog(RPMLOG_WARNING, _("Found BDB Packages database while attempting %s backend: using bdb backend.\n"), db_backend); } free(path); +#endif if (db_backend) free(db_backend); --- ./lib/backend/dbi.h.orig 2019-12-09 15:06:29.920482268 +0000 +++ ./lib/backend/dbi.h 2019-12-09 15:06:37.016465444 +0000 @@ -265,8 +265,10 @@ struct rpmdbOps_s { const void * (*idxdbKey)(dbiIndex dbi, dbiCursor dbc, unsigned int *keylen); }; +#if defined(WITH_BDB) RPM_GNUC_INTERNAL extern struct rpmdbOps_s db3_dbops; +#endif #ifdef ENABLE_NDB RPM_GNUC_INTERNAL ++++++ libgcrypt.diff ++++++ --- ./configure.ac.orig 2019-12-05 15:51:12.366000367 +0000 +++ ./configure.ac 2019-12-05 15:51:24.345969493 +0000 @@ -274,7 +274,7 @@ AM_CONDITIONAL(LIBDWARF,[test "$WITH_LIB # Select crypto library AC_ARG_WITH(crypto, [AC_HELP_STRING([--with-crypto=CRYPTO_LIB], - [The cryptographic library to use (nss|beecrypt|openssl). The default is nss.]) + [The cryptographic library to use (nss|beecrypt|openssl|libgcrypt). The default is nss.]) ],[], [with_crypto=nss]) @@ -393,6 +393,25 @@ AC_SUBST(WITH_OPENSSL_INCLUDE) AC_SUBST(WITH_OPENSSL_LIB) #================= +# Check for libgcrypt library. +WITH_LIBGCRYPT_INCLUDE= +WITH_LIBGCRYPT_LIB= +if test "$with_crypto" = libgcrypt ; then +AC_PATH_TOOL(LIBGCRYPT_CONFIG, libgcrypt-config, notfound) +if test notfound != "$LIBGCRYPT_CONFIG" ; then +WITH_LIBGCRYPT_INCLUDE=`$LIBGCRYPT_CONFIG --cflags` +WITH_LIBGCRYPT_LIB=`$LIBGCRYPT_CONFIG --libs` +fi +if test -z "$WITH_LIBGCRYPT_LIB" ; then +AC_MSG_ERROR([libgcrypt not found]) +fi +fi + +AM_CONDITIONAL([WITH_LIBGCRYPT],[test "$with_crypto" = libgcrypt]) +AC_SUBST(WITH_LIBGCRYPT_INCLUDE) +AC_SUBST(WITH_LIBGCRYPT_LIB) + +#================= # Check for NSS library. # We need nss.h from NSS which needs nspr.h. Unfortunately both glibc and NSS # have a header named nss.h... so make extra check for NSS's sechash.h --- ./rpmio/Makefile.am.orig 2017-10-05 10:04:57.553602041 +0000 +++ ./rpmio/Makefile.am 2019-12-05 15:51:24.345969493 +0000 @@ -7,6 +7,7 @@ AM_CPPFLAGS = -I$(top_builddir) -I$(top_ AM_CPPFLAGS += @WITH_NSS_INCLUDE@ AM_CPPFLAGS += @WITH_BEECRYPT_INCLUDE@ AM_CPPFLAGS += @WITH_OPENSSL_INCLUDE@ +AM_CPPFLAGS += @WITH_LIBGCRYPT_INCLUDE@ AM_CPPFLAGS += @WITH_POPT_INCLUDE@ AM_CPPFLAGS += $(ZSTD_CFLAGS) AM_CPPFLAGS += -I$(top_srcdir)/misc @@ -29,9 +30,13 @@ else if WITH_OPENSSL librpmio_la_SOURCES += digest_openssl.c else +if WITH_LIBGCRYPT +librpmio_la_SOURCES += digest_libgcrypt.c +else librpmio_la_SOURCES += digest_nss.c endif endif +endif librpmio_la_LDFLAGS = -version-info $(rpm_version_info) @@ -40,6 +45,7 @@ librpmio_la_LIBADD = \ @WITH_NSS_LIB@ \ @WITH_BEECRYPT_LIB@ \ @WITH_OPENSSL_LIB@ \ + @WITH_LIBGCRYPT_LIB@ \ @WITH_BZ2_LIB@ \ @WITH_ZLIB_LIB@ \ @WITH_LIBELF_LIB@ \ --- ./rpmio/digest_libgcrypt.c.orig 2019-12-05 15:51:24.345969493 +0000 +++ ./rpmio/digest_libgcrypt.c 2019-12-05 15:51:24.345969493 +0000 @@ -0,0 +1,406 @@ +#include "system.h" + +#include <gcrypt.h> + +#include <rpm/rpmpgp.h> +#include "rpmio/digest.h" +#include "rpmio/rpmio_internal.h" +#include "debug.h" + +/** + * MD5/SHA1 digest private data. + */ +struct DIGEST_CTX_s { + rpmDigestFlags flags; /*!< Bit(s) to control digest operation. */ + int algo; /*!< Used hash algorithm */ + gcry_md_hd_t h; +}; + + +/**************************** init ************************************/ + +int rpmInitCrypto(void) { + gcry_check_version(NULL); + gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); + return 0; +} + +int rpmFreeCrypto(void) { + return 0; +} + +/**************************** digest ************************************/ + +size_t rpmDigestLength(int hashalgo) +{ + switch (hashalgo) { + case PGPHASHALGO_MD5: + return 16; + case PGPHASHALGO_SHA1: + return 20; + case PGPHASHALGO_SHA224: + return 28; + case PGPHASHALGO_SHA256: + return 32; + case PGPHASHALGO_SHA384: + return 48; + case PGPHASHALGO_SHA512: + return 64; + default: + return 0; + } +} + +static int hashalgo2gcryalgo(int hashalgo) +{ + switch (hashalgo) { + case PGPHASHALGO_MD5: + return GCRY_MD_MD5; + case PGPHASHALGO_SHA1: + return GCRY_MD_SHA1; + case PGPHASHALGO_SHA224: + return GCRY_MD_SHA224; + case PGPHASHALGO_SHA256: + return GCRY_MD_SHA256; + case PGPHASHALGO_SHA384: + return GCRY_MD_SHA384; + case PGPHASHALGO_SHA512: + return GCRY_MD_SHA512; + default: + return 0; + } +} + +DIGEST_CTX rpmDigestInit(int hashalgo, rpmDigestFlags flags) +{ + gcry_md_hd_t h; + DIGEST_CTX ctx; + int gcryalgo = hashalgo2gcryalgo(hashalgo); + + if (!gcryalgo || gcry_md_open(&h, gcryalgo, 0) != 0) + return NULL; + + ctx = xcalloc(1, sizeof(*ctx)); + ctx->flags = flags; + ctx->algo = hashalgo; + ctx->h = h; + return ctx; +} + +int rpmDigestUpdate(DIGEST_CTX ctx, const void * data, size_t len) +{ + if (ctx == NULL) + return -1; + gcry_md_write(ctx->h, data, len); + return 0; +} + +int rpmDigestFinal(DIGEST_CTX ctx, void ** datap, size_t *lenp, int asAscii) +{ + unsigned char *digest; + int digestlen; + if (ctx == NULL) + return -1; + digest = gcry_md_read(ctx->h, 0); + digestlen = rpmDigestLength(ctx->algo); + if (!asAscii) { + if (lenp) + *lenp = digestlen; + if (datap) { + *datap = xmalloc(digestlen); + memcpy(*datap, digest, digestlen); + } + } else { + if (lenp) + *lenp = 2 * digestlen + 1; + if (datap) { + *datap = pgpHexStr((const uint8_t *)digest, digestlen); + } + } + gcry_md_close(ctx->h); + free(ctx); + return 0; +} + +DIGEST_CTX rpmDigestDup(DIGEST_CTX octx) +{ + DIGEST_CTX nctx = NULL; + if (octx) { + gcry_md_hd_t h; + if (gcry_md_copy(&h, octx->h)) + return NULL; + nctx = memcpy(xcalloc(1, sizeof(*nctx)), octx, sizeof(*nctx)); + nctx->h = h; + } + return nctx; +} + + +/****************************** RSA **************************************/ + +struct pgpDigSigRSA_s { + gcry_mpi_t s; +}; + +struct pgpDigKeyRSA_s { + gcry_mpi_t n; + gcry_mpi_t e; +}; + +static int pgpSetSigMpiRSA(pgpDigAlg pgpsig, int num, const uint8_t *p) +{ + struct pgpDigSigRSA_s *sig = pgpsig->data; + int mlen = pgpMpiLen(p); + int rc = 1; + + if (!sig) + sig = pgpsig->data = xcalloc(1, sizeof(*sig)); + + switch (num) { + case 0: + if (!gcry_mpi_scan(&sig->s, GCRYMPI_FMT_PGP, p, mlen, NULL)) + rc = 0; + break; + } + return rc; +} + +static int pgpSetKeyMpiRSA(pgpDigAlg pgpkey, int num, const uint8_t *p) +{ + struct pgpDigKeyRSA_s *key = pgpkey->data; + int mlen = pgpMpiLen(p); + int rc = 1; + + if (!key) + key = pgpkey->data = xcalloc(1, sizeof(*key)); + + switch (num) { + case 0: + if (!gcry_mpi_scan(&key->n, GCRYMPI_FMT_PGP, p, mlen, NULL)) + rc = 0; + break; + case 1: + if (!gcry_mpi_scan(&key->e, GCRYMPI_FMT_PGP, p, mlen, NULL)) + rc = 0; + break; + } + return rc; +} + +static int pgpVerifySigRSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig, uint8_t *hash, size_t hashlen, int hash_algo) +{ + struct pgpDigKeyRSA_s *key = pgpkey->data; + struct pgpDigSigRSA_s *sig = pgpsig->data; + gcry_sexp_t sexp_sig = NULL, sexp_data = NULL, sexp_pkey = NULL; + const char *hash_algo_name; + int rc = 1; + + if (!sig || !key) + return rc; + + hash_algo_name = gcry_md_algo_name(hashalgo2gcryalgo(hash_algo)); + gcry_sexp_build(&sexp_sig, NULL, "(sig-val (rsa (s %M)))", sig->s); + gcry_sexp_build(&sexp_data, NULL, "(data (flags pkcs1) (hash %s %b))", hash_algo_name, (int)hashlen, (const char *)hash); + gcry_sexp_build(&sexp_pkey, NULL, "(public-key (rsa (n %M) (e %M)))", key->n, key->e); + if (sexp_sig && sexp_data && sexp_pkey) + rc = gcry_pk_verify(sexp_sig, sexp_data, sexp_pkey) == 0 ? 0 : 1; + gcry_sexp_release(sexp_sig); + gcry_sexp_release(sexp_data); + gcry_sexp_release(sexp_pkey); + return rc; +} + +static void pgpFreeSigRSA(pgpDigAlg pgpsig) +{ + struct pgpDigSigRSA_s *sig = pgpsig->data; + if (sig) { + gcry_mpi_release(sig->s); + pgpsig->data = _free(sig); + } +} + +static void pgpFreeKeyRSA(pgpDigAlg pgpkey) +{ + struct pgpDigKeyRSA_s *key = pgpkey->data; + if (key) { + gcry_mpi_release(key->n); + gcry_mpi_release(key->e); + pgpkey->data = _free(key); + } +} + + +/****************************** DSA **************************************/ + +struct pgpDigSigDSA_s { + gcry_mpi_t r; + gcry_mpi_t s; +}; + +struct pgpDigKeyDSA_s { + gcry_mpi_t p; + gcry_mpi_t q; + gcry_mpi_t g; + gcry_mpi_t y; +}; + +static int pgpSetSigMpiDSA(pgpDigAlg pgpsig, int num, const uint8_t *p) +{ + struct pgpDigSigDSA_s *sig = pgpsig->data; + int mlen = pgpMpiLen(p); + int rc = 1; + + if (!sig) + sig = pgpsig->data = xcalloc(1, sizeof(*sig)); + + switch (num) { + case 0: + if (!gcry_mpi_scan(&sig->r, GCRYMPI_FMT_PGP, p, mlen, NULL)) + rc = 0; + break; + case 1: + if (!gcry_mpi_scan(&sig->s, GCRYMPI_FMT_PGP, p, mlen, NULL)) + rc = 0; + break; + } + return rc; +} + +static int pgpSetKeyMpiDSA(pgpDigAlg pgpkey, int num, const uint8_t *p) +{ + struct pgpDigKeyDSA_s *key = pgpkey->data; + int mlen = pgpMpiLen(p); + int rc = 1; + + if (!key) + key = pgpkey->data = xcalloc(1, sizeof(*key)); + + switch (num) { + case 0: + if (!gcry_mpi_scan(&key->p, GCRYMPI_FMT_PGP, p, mlen, NULL)) + rc = 0; + break; + case 1: + if (!gcry_mpi_scan(&key->q, GCRYMPI_FMT_PGP, p, mlen, NULL)) + rc = 0; + break; + case 2: + if (!gcry_mpi_scan(&key->g, GCRYMPI_FMT_PGP, p, mlen, NULL)) + rc = 0; + break; + case 3: + if (!gcry_mpi_scan(&key->y, GCRYMPI_FMT_PGP, p, mlen, NULL)) + rc = 0; + break; + } + return rc; +} + +static int pgpVerifySigDSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig, uint8_t *hash, size_t hashlen, int hash_algo) +{ + struct pgpDigKeyDSA_s *key = pgpkey->data; + struct pgpDigSigDSA_s *sig = pgpsig->data; + gcry_sexp_t sexp_sig = NULL, sexp_data = NULL, sexp_pkey = NULL; + int rc = 1; + + if (!sig || !key) + return rc; + + gcry_sexp_build(&sexp_sig, NULL, "(sig-val (dsa (r %M) (s %M)))", sig->r, sig->s); + gcry_sexp_build(&sexp_data, NULL, "(data (flags raw) (value %b))", (int)hashlen, (const char *)hash); + gcry_sexp_build(&sexp_pkey, NULL, "(public-key (dsa (p %M) (q %M) (g %M) (y %M)))", key->p, key->q, key->g, key->y); + if (sexp_sig && sexp_data && sexp_pkey) + rc = gcry_pk_verify(sexp_sig, sexp_data, sexp_pkey) == 0 ? 0 : 1; + gcry_sexp_release(sexp_sig); + gcry_sexp_release(sexp_data); + gcry_sexp_release(sexp_pkey); + return rc; +} + +static void pgpFreeSigDSA(pgpDigAlg pgpsig) +{ + struct pgpDigSigDSA_s *sig = pgpsig->data; + if (sig) { + gcry_mpi_release(sig->r); + gcry_mpi_release(sig->s); + pgpsig->data = _free(sig); + } +} + +static void pgpFreeKeyDSA(pgpDigAlg pgpkey) +{ + struct pgpDigKeyDSA_s *key = pgpkey->data; + if (key) { + gcry_mpi_release(key->p); + gcry_mpi_release(key->q); + gcry_mpi_release(key->g); + gcry_mpi_release(key->y); + pgpkey->data = _free(key); + } +} + + +/****************************** NULL **************************************/ + +static int pgpSetMpiNULL(pgpDigAlg pgpkey, int num, const uint8_t *p) +{ + return 1; +} + +static int pgpVerifyNULL(pgpDigAlg pgpkey, pgpDigAlg pgpsig, + uint8_t *hash, size_t hashlen, int hash_algo) +{ + return 1; +} + +pgpDigAlg pgpPubkeyNew(int algo) +{ + pgpDigAlg ka = xcalloc(1, sizeof(*ka));; + + switch (algo) { + case PGPPUBKEYALGO_RSA: + ka->setmpi = pgpSetKeyMpiRSA; + ka->free = pgpFreeKeyRSA; + ka->mpis = 2; + break; + case PGPPUBKEYALGO_DSA: + ka->setmpi = pgpSetKeyMpiDSA; + ka->free = pgpFreeKeyDSA; + ka->mpis = 4; + break; + default: + ka->setmpi = pgpSetMpiNULL; + ka->mpis = -1; + break; + } + + ka->verify = pgpVerifyNULL; /* keys can't be verified */ + + return ka; +} + +pgpDigAlg pgpSignatureNew(int algo) +{ + pgpDigAlg sa = xcalloc(1, sizeof(*sa)); + + switch (algo) { + case PGPPUBKEYALGO_RSA: + sa->setmpi = pgpSetSigMpiRSA; + sa->free = pgpFreeSigRSA; + sa->verify = pgpVerifySigRSA; + sa->mpis = 1; + break; + case PGPPUBKEYALGO_DSA: + sa->setmpi = pgpSetSigMpiDSA; + sa->free = pgpFreeSigDSA; + sa->verify = pgpVerifySigDSA; + sa->mpis = 2; + break; + default: + sa->setmpi = pgpSetMpiNULL; + sa->verify = pgpVerifyNULL; + sa->mpis = -1; + break; + } + return sa; +} ++++++ ndb-backport.diff ++++++ ++++ 1229 lines (skipped) ++++++ rpm-suse_macros ++++++ --- /var/tmp/diff_new_pack.Cz2RsD/_old 2020-02-04 17:53:13.812706189 +0100 +++ /var/tmp/diff_new_pack.Cz2RsD/_new 2020-02-04 17:53:13.812706189 +0100 @@ -263,7 +263,8 @@ %package %{-n:-n %{-n*}-}lang \ Summary: Translations for package %{name} \ Group: System/Localization \ -Requires: %{-n:%{-n*}}%{!-n:%{name}} = %{version} \ +%{-n:Requires: %{-n*} = %{version}} \ +%{!-n:%{!-r:Requires: %{name} = %{version}}} \ %{-r:Requires: %{-r*}} \ Provides: %{-n:%{-n*}}%{!-n:%{name}}-lang-all = %{version} \ Supplements: %{-n:%{-n*}}%{!-n:%{name}} \ ++++++ rpmqpack.diff ++++++ --- /var/tmp/diff_new_pack.Cz2RsD/_old 2020-02-04 17:53:13.844706208 +0100 +++ /var/tmp/diff_new_pack.Cz2RsD/_new 2020-02-04 17:53:13.844706208 +0100 @@ -50,9 +50,9 @@ + +.SH AUTHOR +Michael Schroeder <[email protected]> ---- ./rpmqpack.c.orig 2017-12-01 15:04:13.398003904 +0000 -+++ ./rpmqpack.c 2017-12-01 15:04:13.398003904 +0000 -@@ -0,0 +1,59 @@ +--- ./rpmqpack.c.orig 2019-12-06 10:14:03.989178873 +0000 ++++ ./rpmqpack.c 2019-12-06 10:32:16.430275015 +0000 +@@ -0,0 +1,60 @@ +#include <sys/types.h> +#include <limits.h> +#include <fcntl.h> @@ -60,55 +60,56 @@ +#include <stdlib.h> +#include <string.h> + -+#include <db.h> -+ -+DBT key; -+DBT data; ++#include <rpm/rpmts.h> ++#include <rpm/rpmdb.h> ++#include <rpm/rpmmacro.h> + +int +main(int argc, char **argv) +{ -+ DB *db = 0; -+ DBC *dbc = 0; + int ret = 0; ++ rpmts ts; + -+ if (db_create(&db, 0, 0)) ++ rpmDefineMacro(NULL, "_dbpath /var/lib/rpm", 0); ++ ts = rpmtsCreate(); ++ if (!ts) + { -+ perror("db_create"); ++ fprintf(stderr, "rpmtsCreate failed\n"); + exit(1); + } -+ if (db->open(db, 0, "/var/lib/rpm/Name", 0, DB_UNKNOWN, DB_RDONLY, 0664)) ++ if (rpmtsOpenDB(ts, O_RDONLY)) + { -+ perror("db->open"); ++ perror("rpmtsOpenDB"); + exit(1); + } -+ if (argc == 1) ++ if (argc <= 1) + { -+ if (db->cursor(db, NULL, &dbc, 0)) ++ rpmdbIndexIterator ii; ++ ii = rpmdbIndexIteratorInit(rpmtsGetRdb(ts), RPMDBI_NAME); ++ if (ii) + { -+ perror("db->cursor"); -+ exit(1); ++ const void *key = 0; ++ size_t keylen = 0; ++ while ((rpmdbIndexIteratorNext(ii, &key, &keylen)) == 0) ++ printf("%*.*s\n", (int)keylen, (int)keylen, (char *)key); + } -+ while (dbc->c_get(dbc, &key, &data, DB_NEXT) == 0) -+ printf("%*.*s\n", (int)key.size, (int)key.size, (char *)key.data); -+ dbc->c_close(dbc); ++ rpmdbIndexIteratorFree(ii); + } + else + { + argc--; + while (argc--) + { ++ rpmdbMatchIterator mi; + argv++; -+ key.data = (void *)*argv; -+ key.size = strlen(*argv); -+ data.data = NULL; -+ data.size = 0; -+ if (db->get(db, 0, &key, &data, 0) == 0) ++ mi = rpmdbInitIterator(rpmtsGetRdb(ts), RPMDBI_NAME, (void *)*argv, strlen(*argv)); ++ if (mi && rpmdbGetIteratorCount(mi)) + printf("%s\n", *argv); -+ else ++ else + ret = 1; -+ } ++ rpmdbFreeIterator(mi); ++ } + } -+ db->close(db, 0); ++ rpmtsFree(ts); + return ret; +}
