Hello community, here is the log from the commit of package libsolv for openSUSE:Factory checked in at 2020-06-03 20:28:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libsolv (Old) and /work/SRC/openSUSE:Factory/.libsolv.new.3606 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libsolv" Wed Jun 3 20:28:20 2020 rev:79 rq:809648 version:0.7.14 Changes: -------- --- /work/SRC/openSUSE:Factory/libsolv/libsolv.changes 2020-05-20 18:37:16.420206983 +0200 +++ /work/SRC/openSUSE:Factory/.libsolv.new.3606/libsolv.changes 2020-06-03 20:28:25.228425408 +0200 @@ -1,0 +2,9 @@ +Wed May 27 11:48:46 CEST 2020 - [email protected] + +- Support blacklisted packages in solver_findproblemrule() + [bnc#1172135] +- Support rules with multiple negative literals in choice rule + generation +- bump version to 0.7.14 + +------------------------------------------------------------------- Old: ---- libsolv-0.7.13.tar.bz2 New: ---- libsolv-0.7.14.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libsolv.spec ++++++ --- /var/tmp/diff_new_pack.7ScLDA/_old 2020-06-03 20:28:25.800427146 +0200 +++ /var/tmp/diff_new_pack.7ScLDA/_new 2020-06-03 20:28:25.808427171 +0200 @@ -52,7 +52,7 @@ %bcond_with zypp Name: libsolv -Version: 0.7.13 +Version: 0.7.14 Release: 0 Summary: Package dependency solver using a satisfiability algorithm License: BSD-3-Clause ++++++ libsolv-0.7.13.tar.bz2 -> libsolv-0.7.14.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/CMakeLists.txt new/libsolv-0.7.14/CMakeLists.txt --- old/libsolv-0.7.13/CMakeLists.txt 2020-04-20 17:19:12.000000000 +0200 +++ new/libsolv-0.7.14/CMakeLists.txt 2020-05-19 14:19:12.000000000 +0200 @@ -248,7 +248,6 @@ ENDIF (ENABLE_RPMDB) INCLUDE (CheckLibraryExists) - CHECK_LIBRARY_EXISTS(rpmio pgpDigGetParams "" HAVE_PGPDIGGETPARAMS) CHECK_LIBRARY_EXISTS(rpm rpmdbNextIteratorHeaderBlob "" HAVE_RPMDBNEXTITERATORHEADERBLOB) CHECK_LIBRARY_EXISTS(rpm rpmdbFStat "" HAVE_RPMDBFSTAT) ENDIF (ENABLE_RPMDB OR ENABLE_RPMPKG_LIBRPM) @@ -283,7 +282,7 @@ # should create config.h with #cmakedefine instead... FOREACH (VAR HAVE_STRCHRNUL HAVE_FOPENCOOKIE HAVE_FUNOPEN WORDS_BIGENDIAN - HAVE_RPM_DB_H HAVE_PGPDIGGETPARAMS HAVE_RPMDBNEXTITERATORHEADERBLOB HAVE_RPMDBFSTAT + HAVE_RPM_DB_H HAVE_RPMDBNEXTITERATORHEADERBLOB HAVE_RPMDBFSTAT WITH_LIBXML2 WITHOUT_COOKIEOPEN) IF(${VAR}) ADD_DEFINITIONS (-D${VAR}=1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/NEWS new/libsolv-0.7.14/NEWS --- old/libsolv-0.7.13/NEWS 2020-04-24 12:05:38.000000000 +0200 +++ new/libsolv-0.7.14/NEWS 2020-05-27 11:59:16.000000000 +0200 @@ -2,6 +2,14 @@ This file contains the major changes between libsolv versions: +Version 0.7.14 +- added support for ed25519 signatures +- selected bug fixes: + * Support blacklisted packages in solver_findproblemrule() + * Support rules with multiple negative literals in choice rule + generation + * Also detect rpmdb.sqlite in /usr/share/rpm + Version 0.7.13 - fix solvable swapping messing up uninternalized idarrays diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/VERSION.cmake new/libsolv-0.7.14/VERSION.cmake --- old/libsolv-0.7.13/VERSION.cmake 2020-04-24 12:05:38.000000000 +0200 +++ new/libsolv-0.7.14/VERSION.cmake 2020-05-27 11:59:16.000000000 +0200 @@ -49,5 +49,5 @@ SET(LIBSOLV_MAJOR "0") SET(LIBSOLV_MINOR "7") -SET(LIBSOLV_PATCH "13") +SET(LIBSOLV_PATCH "14") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/ext/repo_pubkey.c new/libsolv-0.7.14/ext/repo_pubkey.c --- old/libsolv-0.7.13/ext/repo_pubkey.c 2018-10-01 11:09:18.000000000 +0200 +++ new/libsolv-0.7.14/ext/repo_pubkey.c 2020-05-19 14:19:12.000000000 +0200 @@ -503,11 +503,12 @@ parsepubkey(Solvable *s, Repodata *data, unsigned char *p, int pl, int flags) { Repo *repo = s->repo; + Pool *pool = repo->pool; unsigned char *pstart = p; int tag, l; unsigned char keyid[8]; char subkeyofstr[17]; - unsigned int kcr = 0, maxex = 0, maxsigcr = 0; + unsigned int kcr = 0, maxex = 0, maxsigcr = 0, rpmsigcr = 0; unsigned char *pubkey = 0; int pubkeyl = 0; int insubkey = 0; @@ -524,10 +525,10 @@ { /* finish old key */ if (kcr) - repodata_set_num(data, s - repo->pool->solvables, SOLVABLE_BUILDTIME, kcr); + repodata_set_num(data, s - pool->solvables, SOLVABLE_BUILDTIME, kcr); if (maxex && maxex != -1) - repodata_set_num(data, s - repo->pool->solvables, PUBKEY_EXPIRES, maxex); - s->name = pool_str2id(s->repo->pool, insubkey ? "gpg-subkey" : "gpg-pubkey", 1); + repodata_set_num(data, s - pool->solvables, PUBKEY_EXPIRES, maxex); + s->name = pool_str2id(pool, insubkey ? "gpg-subkey" : "gpg-pubkey", 1); s->evr = 1; s->arch = 1; if (userid && useridl) @@ -535,7 +536,7 @@ char *useridstr = solv_malloc(useridl + 1); memcpy(useridstr, userid, useridl); useridstr[useridl] = 0; - setutf8string(data, s - repo->pool->solvables, SOLVABLE_SUMMARY, useridstr); + setutf8string(data, s - pool->solvables, SOLVABLE_SUMMARY, useridstr); free(useridstr); } if (pubdata) @@ -543,16 +544,16 @@ char keyidstr[17]; char evr[8 + 1 + 8 + 1]; solv_bin2hex(keyid, 8, keyidstr); - repodata_set_str(data, s - repo->pool->solvables, PUBKEY_KEYID, keyidstr); + repodata_set_str(data, s - pool->solvables, PUBKEY_KEYID, keyidstr); /* build rpm-style evr */ strcpy(evr, keyidstr + 8); - sprintf(evr + 8, "-%08x", maxsigcr); - s->evr = pool_str2id(repo->pool, evr, 1); + sprintf(evr + 8, "-%08x", (flags & USE_RPM_PUBKEY_BUILTTIME) ? rpmsigcr : maxsigcr); + s->evr = pool_str2id(pool, evr, 1); } if (insubkey && *subkeyofstr) - repodata_set_str(data, s - repo->pool->solvables, PUBKEY_SUBKEYOF, subkeyofstr); + repodata_set_str(data, s - pool->solvables, PUBKEY_SUBKEYOF, subkeyofstr); if (pubdata) /* set data blob */ - repodata_set_binary(data, s - repo->pool->solvables, PUBKEY_DATA, pubdata, pubdatal); + repodata_set_binary(data, s - pool->solvables, PUBKEY_DATA, pubdata, pubdatal); if (!pl) break; if (!hl) @@ -565,7 +566,7 @@ if (tag == 14 && pubdata && !insubkey) solv_bin2hex(keyid, 8, subkeyofstr); /* create new solvable for subkey */ - s = pool_id2solvable(repo->pool, repo_add_solvable(repo)); + s = pool_id2solvable(pool, repo_add_solvable(repo)); } p += hl; pl -= hl; @@ -616,7 +617,7 @@ solv_chksum_add(h, q + 2, ql2); solv_chksum_free(h, fp); solv_bin2hex(fp, 16, fpx); - repodata_set_str(data, s - s->repo->pool->solvables, PUBKEY_FINGERPRINT, fpx); + repodata_set_str(data, s - pool->solvables, PUBKEY_FINGERPRINT, fpx); } } pubdata = p + 7; @@ -640,7 +641,7 @@ solv_chksum_add(h, p, l); solv_chksum_free(h, fp); solv_bin2hex(fp, 20, fpx); - repodata_set_str(data, s - s->repo->pool->solvables, PUBKEY_FINGERPRINT, fpx); + repodata_set_str(data, s - pool->solvables, PUBKEY_FINGERPRINT, fpx); memcpy(keyid, fp + 12, 8); /* keyid is last 64 bits of fingerprint */ pubdata = p + 5; pubdatal = l - 5; @@ -664,6 +665,8 @@ pgpsig_makesigdata(&sig, p, l, pubkey, pubkeyl, userid, useridl, h); solv_chksum_free(h, 0); } + if (!rpmsigcr) + rpmsigcr = sig.created; if (!memcmp(keyid, sig.issuer, 8)) { #ifdef ENABLE_PGPVRFY @@ -694,7 +697,7 @@ repodata_set_num(data, shandle, SIGNATURE_EXPIRES, sig.created + sig.expires); if (sig.sigdata) repodata_set_binary(data, shandle, SIGNATURE_DATA, sig.sigdata, sig.sigdatal); - repodata_add_flexarray(data, s - s->repo->pool->solvables, PUBKEY_SIGNATURES, shandle); + repodata_add_flexarray(data, s - pool->solvables, PUBKEY_SIGNATURES, shandle); } solv_free(sig.sigdata); } @@ -711,83 +714,6 @@ return p ? p - pstart : 0; } - -#ifdef ENABLE_RPMDB - -/* this is private to rpm, but rpm lacks an interface to retrieve - * the values. Sigh. */ -struct pgpDigParams_s { - const char * userid; - const unsigned char * hash; -#ifndef HAVE_PGPDIGGETPARAMS - const char * params[4]; -#endif - unsigned char tag; - unsigned char version; /*!< version number. */ - unsigned char time[4]; /*!< time that the key was created. */ - unsigned char pubkey_algo; /*!< public key algorithm. */ - unsigned char hash_algo; - unsigned char sigtype; - unsigned char hashlen; - unsigned char signhash16[2]; - unsigned char signid[8]; - unsigned char saved; -}; - -#ifndef HAVE_PGPDIGGETPARAMS -struct pgpDig_s { - struct pgpDigParams_s signature; - struct pgpDigParams_s pubkey; -}; -#endif - - -/* only rpm knows how to do the release calculation, we don't dare - * to recreate all the bugs in libsolv */ -static void -parsepubkey_rpm(Solvable *s, Repodata *data, unsigned char *pkts, int pktsl) -{ - Pool *pool = s->repo->pool; - struct pgpDigParams_s *digpubkey; - pgpDig dig = 0; - char keyid[16 + 1]; - char evrbuf[8 + 1 + 8 + 1]; - unsigned int btime; - -#ifndef RPM5 - dig = pgpNewDig(); -#else - dig = pgpDigNew(RPMVSF_DEFAULT, 0); -#endif - (void) pgpPrtPkts(pkts, pktsl, dig, 0); -#ifdef HAVE_PGPDIGGETPARAMS - digpubkey = pgpDigGetParams(dig, PGPTAG_PUBLIC_KEY); -#else - digpubkey = &dig->pubkey; -#endif - if (digpubkey) - { - btime = digpubkey->time[0] << 24 | digpubkey->time[1] << 16 | digpubkey->time[2] << 8 | digpubkey->time[3]; - solv_bin2hex(digpubkey->signid, 8, keyid); - solv_bin2hex(digpubkey->signid + 4, 4, evrbuf); - evrbuf[8] = '-'; - solv_bin2hex(digpubkey->time, 4, evrbuf + 9); - s->evr = pool_str2id(pool, evrbuf, 1); - repodata_set_str(data, s - s->repo->pool->solvables, PUBKEY_KEYID, keyid); - if (digpubkey->userid) - setutf8string(data, s - s->repo->pool->solvables, SOLVABLE_SUMMARY, digpubkey->userid); - if (btime) - repodata_set_num(data, s - s->repo->pool->solvables, SOLVABLE_BUILDTIME, btime); - } -#ifndef RPM5 - (void)pgpFreeDig(dig); -#else - (void)pgpDigFree(dig); -#endif -} - -#endif /* ENABLE_RPMDB */ - /* parse an ascii armored pubkey * adds multiple pubkeys if ADD_MULTIPLE_PUBKEYS is set */ static int @@ -809,9 +735,6 @@ { setutf8string(data, p, SOLVABLE_DESCRIPTION, pubkey); pl = parsepubkey(pool->solvables + p, data, pkts, pktsl, flags); -#ifdef ENABLE_RPMDB - parsepubkey_rpm(pool->solvables + p, data, pkts, pktsl); -#endif if (!pl || !(flags & ADD_MULTIPLE_PUBKEYS)) break; } @@ -988,9 +911,6 @@ char *descr = armor(pbuf, pbufl, "-----BEGIN PGP PUBLIC KEY BLOCK-----", "-----END PGP PUBLIC KEY BLOCK-----", solvversion); setutf8string(data, p, SOLVABLE_DESCRIPTION, descr); parsepubkey(pool->solvables + p, data, pbuf, pbufl, flags); -#ifdef ENABLE_RPMDB - parsepubkey_rpm(pool->solvables + p, data, pbuf, pbufl); -#endif } int diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/ext/repo_pubkey.h new/libsolv-0.7.14/ext/repo_pubkey.h --- old/libsolv-0.7.13/ext/repo_pubkey.h 2018-10-22 15:37:12.000000000 +0200 +++ new/libsolv-0.7.14/ext/repo_pubkey.h 2020-05-19 14:19:12.000000000 +0200 @@ -12,6 +12,7 @@ #define ADD_WITH_SUBKEYS (1 << 9) #define ADD_MULTIPLE_PUBKEYS (1 << 10) #define ADD_WITH_KEYSIGNATURES (1 << 11) +#define USE_RPM_PUBKEY_BUILTTIME (1 << 12) extern int repo_add_rpmdb_pubkeys(Repo *repo, int flags); extern Id repo_add_pubkey(Repo *repo, const char *keyfile, int flags); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/ext/repo_rpmdb_librpm.h new/libsolv-0.7.14/ext/repo_rpmdb_librpm.h --- old/libsolv-0.7.13/ext/repo_rpmdb_librpm.h 2020-01-22 13:04:17.000000000 +0100 +++ new/libsolv-0.7.14/ext/repo_rpmdb_librpm.h 2020-05-26 14:54:18.000000000 +0200 @@ -46,7 +46,7 @@ detect_dbpath(struct rpmdbstate *state) { state->dbpath = access_rootdir(state, "/var/lib/rpm", W_OK) == -1 - && access_rootdir(state, "/usr/share/rpm/Packages", R_OK) == 0 + && (access_rootdir(state, "/usr/share/rpm/Packages", R_OK) == 0 || access_rootdir(state, "/usr/share/rpm/rpmdb.sqlite", R_OK) == 0) ? "/usr/share/rpm" : "/var/lib/rpm"; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/ext/solv_ed25519.h new/libsolv-0.7.14/ext/solv_ed25519.h --- old/libsolv-0.7.13/ext/solv_ed25519.h 2020-05-18 18:24:10.000000000 +0200 +++ new/libsolv-0.7.14/ext/solv_ed25519.h 2020-05-25 15:04:13.000000000 +0200 @@ -28,11 +28,9 @@ MPED25519_CONST(0x7FFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFED); static mp_t ed25519_d[] = /* -(121665/121666) */ MPED25519_CONST(0x52036CEE, 0x2B6FFE73, 0x8CC74079, 0x7779E898, 0x00700A4D, 0x4141D8AB, 0x75EB4DCA, 0x135978A3); -static mp_t ed25519_p58[] = /* (q-5)/8 */ - MPED25519_CONST(0x0FFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFD); static mp_t ed25519_sqrtm1[] = /* sqrt(-1) */ MPED25519_CONST(0x2B832480, 0x4FC1DF0B, 0x2B4D0099, 0x3DFBD7A7, 0x2F431806, 0xAD2FE478, 0xC4EE1B27, 0x4A0EA0B0); -static mp_t ed25519_n[] = /* l */ +static mp_t ed25519_l[] = /* order of base point */ MPED25519_CONST(0x10000000, 0x00000000, 0x00000000, 0x00000000, 0x14DEF9DE, 0xA2F79CD6, 0x5812631A, 0x5CF5D3ED); static mp_t ed25519_gx[] = /* base point */ MPED25519_CONST(0x216936D3, 0xCD6E53FE, 0xC0A4E231, 0xFDD6DC5C, 0x692CC760, 0x9525A7B2, 0xC9562D60, 0x8F25D51A); @@ -40,8 +38,6 @@ MPED25519_CONST(0x66666666, 0x66666666, 0x66666666, 0x66666666, 0x66666666, 0x66666666, 0x66666666, 0x66666658); static mp_t ed25519_one[] = /* 1 */ MPED25519_CONST(0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001); -static mp_t ed25519_qm2[] = /* mod - 2 */ - MPED25519_CONST(0x7FFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFEB); /* small helpers to save some typing */ static inline void @@ -56,6 +52,36 @@ mpsub(MPED25519_LEN, target, m1, m2, ed25519_q); } +/* target = 512 bit input modulo ed25519_q */ +static void +mped25519_reduce512(mp_t *target, mp_t *a) +{ + int i; + mp2_t x; + + for (x = 0, i = 0; i < MPED25519_LEN; i++) + { + x += (mp2_t)a[i] + (mp2_t)a[i + MPED25519_LEN] * 38; + target[i] = x; + x >>= MP_T_BITS; + } + x *= 38; + if ((target[MPED25519_LEN - 1] & (1 << (MP_T_BITS - 1))) != 0) + { + x += 19; + target[MPED25519_LEN - 1] -= 1 << (MP_T_BITS - 1); + } + for (i = 0; x && i < MPED25519_LEN; i++) + { + x += (mp2_t)target[i]; + target[i] = x; + x >>= MP_T_BITS; + } + if (target[MPED25519_LEN - 1] > ed25519_q[MPED25519_LEN - 1] || + (target[MPED25519_LEN - 1] == ed25519_q[MPED25519_LEN - 1] && !mpisless(MPED25519_LEN - 1, target, ed25519_q))) + mpsubmod(MPED25519_LEN, target, ed25519_q); +} + static void mped25519_mul(mp_t *target, mp_t *m1, mp_t *m2) { @@ -74,33 +100,67 @@ } tmp[i + j] = x; } - for (x = 0, i = 0; i < MPED25519_LEN; i++) - { - x += (mp2_t)tmp[i] + (mp2_t)tmp[i + MPED25519_LEN] * 38; - tmp[i] = x; - x >>= MP_T_BITS; - } - x *= 38; - if ((tmp[MPED25519_LEN - 1] & (1 << (MP_T_BITS - 1))) != 0) - { - x += 19; - tmp[MPED25519_LEN - 1] -= 1 << (MP_T_BITS - 1); - } - for (i = 0; x && i < MPED25519_LEN; i++) + mped25519_reduce512(target, tmp); +} + +static inline void +mped25519_sqr(mp_t *target, mp_t *m) +{ + mped25519_mul(target, m, m); +} + +/* target = a ^ (2^252 - 4), a11 = a ^ 11 */ +static void +mped25519_pow_252_4(mp_t *target, mp_t *a, mp_t *a_11) +{ + static const int todo[16] = { 0, 5, 1, 10, 2, 20, 3, 10, 2, 50, 5, 100, 6, 50, 5, 2 }; + mp_t data[9][MPED25519_LEN]; + int i, j; + + mpcpy(MPED25519_LEN, target, a); + mped25519_sqr(target, target); + mpcpy(MPED25519_LEN, a_11, target); + mped25519_sqr(target, target); + mped25519_sqr(target, target); + mped25519_mul(data[0], target, a); /* data[0] = 9 */ + mped25519_mul(a_11, data[0], a_11); /* a_11 = 11 */ + mped25519_mul(target, a_11, a_11); /* target = 22 */ + for (i = 0; i < 8; i++) { - x += (mp2_t)tmp[i]; - tmp[i] = x; - x >>= MP_T_BITS; + mped25519_mul(target, target, data[todo[i * 2]]); + mpcpy(MPED25519_LEN, data[i + 1], target); + for (j = todo[i * 2 + 1]; j-- > 0;) + mped25519_sqr(target, target); } - if (tmp[MPED25519_LEN - 1] >= ed25519_q[MPED25519_LEN - 1]) - mpsubmod(MPED25519_LEN, tmp, ed25519_q); - mpcpy(MPED25519_LEN, target, tmp); } -static inline void +/* target = a ^ (2^252 - 3) */ +static void +mped25519_pow_252_3(mp_t *target, mp_t *a) +{ + mp_t t11[MPED25519_LEN]; + mped25519_pow_252_4(target, a, t11); + mped25519_mul(target, target, a); +} + +/* target = a ^ -1 = a ^ (2^255 - 21) */ +static void mped25519_inv(mp_t *target, mp_t *a) { - mppow(MPED25519_LEN, target, a, MPED25519_LEN, ed25519_qm2, ed25519_q); + mp_t t[MPED25519_LEN], t11[MPED25519_LEN]; + mped25519_pow_252_4(t, a, t11); + mped25519_sqr(t, t); + mped25519_sqr(t, t); + mped25519_sqr(t, t); /* 2^255 - 32 */ + mped25519_mul(target, t, t11); +} + +static void +mped25519_reduce512_l(mp_t *target, mp_t *a) +{ + mp_t tmp[MPED25519_LEN]; + mpzero(MPED25519_LEN, target); + mpmul_add(MPED25519_LEN, target, ed25519_one, MPED25519_LEN * 2, a, tmp, ed25519_l); } /* recover x coordinate from y and sign */ @@ -113,28 +173,27 @@ if (!mpisless(MPED25519_LEN, y, ed25519_q)) return 0; /* calculate num=y^2-1 and den=dy^2+1 */ - mped25519_mul(num, y, y); + mped25519_sqr(num, y); mped25519_mul(den, num, ed25519_d); mped25519_sub(num, num, ed25519_one); mped25519_add(den, den, ed25519_one); - /* calculate x = num*den^3 * (num*den^7)^p58 */ - mped25519_mul(tmp1, den, den); /* tmp1 = den^2 */ + /* calculate x = num*den^3 * (num*den^7)^((q-5)/8) */ + mped25519_sqr(tmp1, den); /* tmp1 = den^2 */ mped25519_mul(tmp2, tmp1, den); /* tmp2 = den^3 */ - mped25519_mul(tmp1, tmp2, tmp2); /* tmp1 = den^6 */ + mped25519_sqr(tmp1, tmp2); /* tmp1 = den^6 */ mped25519_mul(x, tmp1, den); /* x = den^7 */ mped25519_mul(tmp1, x, num); /* tmp1 = num * den^7 */ - mppow(MPED25519_LEN, x, tmp1, MPED25519_LEN, ed25519_p58, ed25519_q); /* x = tmp1 ^ p58 */ + mped25519_pow_252_3(x, tmp1); /* x = tmp1^((q-5)/8) */ mped25519_mul(tmp1, x, tmp2); /* tmp1 = x * den^3 */ mped25519_mul(x, tmp1, num); /* x = tmp1 * num */ /* check if den*x^2 == num */ - mped25519_mul(tmp2, x, x); + mped25519_sqr(tmp2, x); mped25519_mul(tmp1, tmp2, den); if (!mpisequal(MPED25519_LEN, tmp1, num)) { - mped25519_mul(tmp1, x, ed25519_sqrtm1); /* x = x * sqrt(-1) */ - mpcpy(MPED25519_LEN, x, tmp1); - mped25519_mul(tmp2, x, x); + mped25519_mul(x, x, ed25519_sqrtm1); /* x = x * sqrt(-1) */ + mped25519_sqr(tmp2, x); mped25519_mul(tmp1, tmp2, den); if (!mpisequal(MPED25519_LEN, tmp1, num)) return 0; @@ -146,28 +205,6 @@ return 1; } -static void -mped25519_setfromle(int len, mp_t *out, const unsigned char *buf, int bufl, int highmask) -{ - unsigned char lebuf[64]; /* bufl must be <= 64 */ - int i; - for (i = 0; i < bufl; i++) - lebuf[bufl - 1 - i] = buf[i]; - lebuf[0] &= highmask; - mpsetfrombe(len, out, lebuf, bufl); -} - -static void -mped25519_modn_fromle(mp_t *out, const unsigned char *buf, int bufl) -{ - mp_t tmp[64 / MP_T_BYTES]; /* bufl must be <= 64 */ - mp_t tmp2[MPED25519_LEN]; - int len = (bufl + MP_T_BYTES - 1) / MP_T_BYTES; - mped25519_setfromle(len, tmp, buf, bufl, 0xff); - mpzero(MPED25519_LEN, out); - mpmul_add(MPED25519_LEN, out, ed25519_one, len, tmp, tmp2, ed25519_n); -} - /* see https://hyperelliptic.org/EFD/g1p/auto-twisted-projective.html */ /* M=7 add=6 */ static void @@ -177,11 +214,11 @@ mp_t F[MPED25519_LEN], H[MPED25519_LEN], J[MPED25519_LEN]; mped25519_add(C, p_x, p_y); - mped25519_mul(B, C, C); - mped25519_mul(C, p_x, p_x); - mped25519_mul(D, p_y, p_y); + mped25519_sqr(B, C); + mped25519_sqr(C, p_x); + mped25519_sqr(D, p_y); mped25519_sub(F, C, D); - mped25519_mul(H, p_z, p_z); + mped25519_sqr(H, p_z); mped25519_add(H, H, H); mped25519_add(J, F, H); mped25519_add(H, C, D); @@ -200,7 +237,7 @@ mp_t G[MPED25519_LEN], H[MPED25519_LEN], J[MPED25519_LEN]; mped25519_mul(A, p_z, q_z); - mped25519_mul(B, A, A); + mped25519_sqr(B, A); mped25519_mul(C, p_x, q_x); mped25519_mul(D, p_y, q_y); mped25519_mul(F, ed25519_d, C); @@ -240,20 +277,15 @@ static void mped25519_ptdump(mp_t *p_x, mp_t *p_y, mp_t *p_z, char *s) { - if (p_z) - { - mp_t zi[MPED25519_LEN], px[MPED25519_LEN], py[MPED25519_LEN]; - mped25519_mpdump(p_x, s, 'X'); - mped25519_mpdump(p_y, s, 'Y'); - mped25519_mpdump(p_z, s, 'Z'); - mped25519_inv(zi, p_z); - mped25519_mul(px, p_x, zi); - mped25519_mul(py, p_y, zi); - p_x = px; - p_y = py; - } - mped25519_mpdump(p_x, s, 'x'); - mped25519_mpdump(p_y, s, 'y'); + mp_t zi[MPED25519_LEN], px[MPED25519_LEN], py[MPED25519_LEN]; + mped25519_mpdump(p_x, s, 'X'); + mped25519_mpdump(p_y, s, 'Y'); + mped25519_mpdump(p_z, s, 'Z'); + mped25519_inv(zi, p_z); + mped25519_mul(px, p_x, zi); + mped25519_mul(py, p_y, zi); + mped25519_mpdump(px, s, 'x'); + mped25519_mpdump(py, s, 'y'); } #endif @@ -265,9 +297,7 @@ { mp_t p_x[MPED25519_LEN], p_y[MPED25519_LEN], p_z[MPED25519_LEN]; mp_t pi_z[MPED25519_LEN]; - mp_t tabx[16][MPED25519_LEN]; - mp_t taby[16][MPED25519_LEN]; - mp_t tabz[16][MPED25519_LEN]; + mp_t tabx[16][MPED25519_LEN], taby[16][MPED25519_LEN], tabz[16][MPED25519_LEN]; int i, x, dodouble = 0; mpzero(MPED25519_LEN, p_x); @@ -301,8 +331,9 @@ if (i > 0) { i--; + if (dodouble) + mped25519_ptdouble(p_x, p_y, p_z); x <<= 1; - mped25519_ptdouble(p_x, p_y, p_z); x |= s1[i / MP_T_BITS] & (1 << (i % MP_T_BITS)) ? 4 : 0; x |= s2[i / MP_T_BITS] & (1 << (i % MP_T_BITS)) ? 1 : 0; } @@ -318,35 +349,48 @@ return mpiszero(MPED25519_LEN, p_z) ? 0 : 1; } +static void +mped25519_setfromle(int len, mp_t *out, const unsigned char *buf, int bufl, int highmask) +{ + unsigned char bebuf[64]; /* bufl must be <= 64 */ + int i; + for (i = 0; i < bufl; i++) + bebuf[bufl - 1 - i] = buf[i]; + bebuf[0] &= highmask; + mpsetfrombe(len, out, bebuf, bufl); +} + static int -mped25519(const unsigned char *pub, const unsigned char *sigr, const unsigned char *sigs, const unsigned char *data, unsigned int datal) +mped25519(const unsigned char *pub, const unsigned char *sig, const unsigned char *data, unsigned int datal) { unsigned char hbuf[64], rbuf[32]; int i; mp_t pub_x[MPED25519_LEN], pub_y[MPED25519_LEN]; - mp_t h[MPED25519_LEN], s[MPED25519_LEN]; + mp_t h[MPED25519_LEN], s[MPED25519_LEN], h2[MPED25519_LEN * 2]; mp_t r_x[MPED25519_LEN], r_y[MPED25519_LEN]; Chksum *chk; - if ((sigs[31] & 0xe0) != 0) - return 0; + mped25519_setfromle(MPED25519_LEN, s, sig + 32, 32, 0xff); + if (!mpisless(MPED25519_LEN, s, ed25519_l)) + return 0; /* bad s */ /* uncompress pubkey, we invert the sign to get -pub */ mped25519_setfromle(MPED25519_LEN, pub_y, pub, 32, 0x7f); if (!mped25519_recover_x(pub_x, pub_y, pub[31] & 0x80 ? 0 : 1)) return 0; /* bad pubkey */ #if 0 - mped25519_ptdump(pub_x, pub_y, 0, "pub = "); + mped25519_mpdump(pub_x, "-pubx = ", 0); + mped25519_mpdump(pub_y, "puby = ", 0); #endif - /* calculate h and s */ + /* calculate h = H(sig[0..31]|pub|data) mod l */ chk = solv_chksum_create(REPOKEY_TYPE_SHA512); if (!chk) return 0; - solv_chksum_add(chk, sigr, 32); + solv_chksum_add(chk, sig, 32); solv_chksum_add(chk, pub, 32); solv_chksum_add(chk, data, datal); solv_chksum_free(chk, hbuf); - mped25519_modn_fromle(h, hbuf, 64); - mped25519_modn_fromle(s, sigs, 32); + mped25519_setfromle(MPED25519_LEN * 2, h2, hbuf, 64, 0xff); + mped25519_reduce512_l(h, h2); #if 0 mped25519_mpdump(s, "s = ", 0); mped25519_mpdump(h, "h = ", 0); @@ -354,11 +398,11 @@ /* calculate r = s * G - h * pub */ if (!mped25519_scmult2(r_x, r_y, s, ed25519_gx, ed25519_gy, h, pub_x, pub_y)) return 0; - /* compress r into rbuf and verify that it matches sigr */ + /* compress r into rbuf and verify that it matches sig */ for (i = 0; i < 32; i++) rbuf[i] = r_y[i / MP_T_BYTES] >> (8 * (i % MP_T_BYTES)); if ((r_x[0] & 1) != 0) rbuf[31] |= 0x80; - return memcmp(sigr, rbuf, 32) == 0 ? 1 : 0; + return memcmp(sig, rbuf, 32) == 0 ? 1 : 0; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/ext/solv_pgpvrfy.c new/libsolv-0.7.14/ext/solv_pgpvrfy.c --- old/libsolv-0.7.13/ext/solv_pgpvrfy.c 2020-05-18 18:24:10.000000000 +0200 +++ new/libsolv-0.7.14/ext/solv_pgpvrfy.c 2020-05-25 15:04:13.000000000 +0200 @@ -24,12 +24,6 @@ #define MP_T_BITS (MP_T_BYTES * 8) -static inline void -mpzero(int len, mp_t *target) -{ - memset(target, 0, MP_T_BYTES * len); -} - static inline mp_t * mpnew(int len) { @@ -37,6 +31,12 @@ } static inline void +mpzero(int len, mp_t *target) +{ + memset(target, 0, MP_T_BYTES * len); +} + +static inline void mpcpy(int len, mp_t *target, mp_t *source) { memcpy(target, source, len * MP_T_BYTES); @@ -55,6 +55,34 @@ target[i / MP_T_BYTES] |= (int)(*--buf) << (8 * (i % MP_T_BYTES)); } +static int +mpisless(int len, mp_t *a, mp_t *b) +{ + int i; + for (i = len - 1; i >= 0; i--) + if (a[i] < b[i]) + return 1; + else if (a[i] > b[i]) + return 0; + return 0; +} + +static int +mpisequal(int len, mp_t *a, mp_t *b) +{ + return memcmp(a, b, len * MP_T_BYTES) == 0; +} + +static int +mpiszero(int len, mp_t *a) +{ + int i; + for (i = 0; i < len; i++) + if (a[i]) + return 0; + return 1; +} + #if 0 static void mpdump(int l, mp_t *a, char *s) { @@ -67,22 +95,11 @@ } #endif -/* subtract mod if target >= mod */ +/* subtract mod from target. target >= mod */ static inline void mpsubmod(int len, mp_t *target, mp_t *mod) { int i; mp2_t n; - if (target[len - 1] < mod[len - 1]) - return; - if (target[len - 1] == mod[len - 1]) - { - for (i = len - 2; i >= 0; i--) - if (target[i] < mod[i]) - return; - else if (target[i] > mod[i]) - break; - } - /* target >= mod, subtract mod */ for (n = 0, i = 0; i < len; i++) { mp2_t n2 = (mp2_t)mod[i] + n; @@ -127,7 +144,7 @@ x -= n; } target[i] = x; - if (x >= mod[i]) + if (x > mod[i] || (x == mod[i] && !mpisless(i, target, mod))) mpsubmod(i + 1, target, mod); } @@ -203,7 +220,7 @@ mpmul_inplace(len, target, t + len * e, t, t2, mod); } -/* target = b ^ e (b has to be < mod) */ +/* target = b ^ e (b < mod) */ static void mppow(int len, mp_t *target, mp_t *b, int elen, mp_t *e, mp_t *mod) { @@ -239,7 +256,7 @@ free(t); } -/* target = m1 * m2 (m1 has to be < mod) */ +/* target = m1 * m2 (m1 < mod) */ static void mpmul(int len, mp_t *target, mp_t *m1, int m2len, mp_t *m2, mp_t *mod) { @@ -249,34 +266,6 @@ free(tmp); } -static int -mpisless(int len, mp_t *a, mp_t *b) -{ - int i; - for (i = len - 1; i >= 0; i--) - if (a[i] < b[i]) - return 1; - else if (a[i] > b[i]) - return 0; - return 0; -} - -static int -mpisequal(int len, mp_t *a, mp_t *b) -{ - return memcmp(a, b, len * MP_T_BYTES) == 0; -} - -static int -mpiszero(int len, mp_t *a) -{ - int i; - for (i = 0; i < len; i++) - if (a[i]) - return 0; - return 1; -} - static void mpdec(int len, mp_t *a) { @@ -299,15 +288,9 @@ target[i] = x; x >>= MP_T_BITS; } - if (x || !mpisless(len, target, mod)) - { - for (x = 0, i = 0; i < len; i++) - { - x = (mp2_t)target[i] - mod[i] - x; - target[i] = x; - x = x & ((mp2_t)1 << MP_T_BITS) ? 1 : 0; - } - } + if (x || target[len - 1] > mod[len - 1] || + (target[len -1 ] == mod[len - 1] && !mpisless(len - 1, target, mod))) + mpsubmod(len, target, mod); } /* target = m1 - m2 (m1, m2 < mod). target may be m1 or m2 */ @@ -342,6 +325,7 @@ mp_t *tmp; mp_t *u1, *u2; mp_t *gu1, *yu2; + int res; #if 0 mpdump(pl, p, "p = "); mpdump(ql, q, "q = "); @@ -362,7 +346,7 @@ mpdec(ql, tmp); /* tmp-- */ mpdec(ql, tmp); /* tmp-- */ w = mpnew(ql); - mppow(ql, w, s, ql, tmp, q); /* w = s ^ tmp (s ^ -1) */ + mppow(ql, w, s, ql, tmp, q); /* w = s ^ tmp = (s ^ -1) */ u1 = mpnew(pl); /* note pl */ /* order is important here: h can be >= q */ mpmul(ql, u1, w, hl, h, q); /* u1 = w * h */ @@ -384,19 +368,16 @@ #if 0 mpdump(ql, tmp, "res = "); #endif - if (!mpisequal(ql, tmp, r)) - { - free(tmp); - return 0; - } + res = mpisequal(ql, tmp, r); free(tmp); - return 1; + return res; } static int mprsa(int nl, mp_t *n, int el, mp_t *e, mp_t *m, mp_t *c) { mp_t *tmp; + int res; #if 0 mpdump(nl, n, "n = "); mpdump(el, e, "e = "); @@ -412,13 +393,9 @@ #if 0 mpdump(nl, tmp, "res = "); #endif - if (!mpisequal(nl, tmp, c)) - { - free(tmp); - return 0; - } + res = mpisequal(nl, tmp, c); free(tmp); - return 1; + return res; } #if ENABLE_PGPVRFY_ED25519 @@ -613,7 +590,7 @@ memcpy(sigdata + 32 - rlen, r, rlen); if (slen) memcpy(sigdata + 64 - slen, s, rlen); - res = mped25519(pub + 1 + 10 + 2 + 1, sigdata, sigdata + 32, sig + 2, hashl); + res = mped25519(pub + 1 + 10 + 2 + 1, sigdata, sig + 2, hashl); break; } #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/package/libsolv.changes new/libsolv-0.7.14/package/libsolv.changes --- old/libsolv-0.7.13/package/libsolv.changes 2020-04-24 12:05:38.000000000 +0200 +++ new/libsolv-0.7.14/package/libsolv.changes 2020-05-27 11:59:16.000000000 +0200 @@ -1,4 +1,13 @@ ------------------------------------------------------------------- +Wed May 27 11:48:46 CEST 2020 - [email protected] + +- Support blacklisted packages in solver_findproblemrule() + [bnc#1172135] +- Support rules with multiple negative literals in choice rule + generation +- bump version to 0.7.14 + +------------------------------------------------------------------- Fri Apr 24 12:00:30 CEST 2020 - [email protected] - Fix solvable swapping messing up idarrays diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/src/policy.c new/libsolv-0.7.14/src/policy.c --- old/libsolv-0.7.13/src/policy.c 2020-04-17 17:39:21.000000000 +0200 +++ new/libsolv-0.7.14/src/policy.c 2020-05-27 11:49:25.000000000 +0200 @@ -833,6 +833,7 @@ } } +#ifdef ENABLE_CONDA static int pool_buildversioncmp(Pool *pool, Solvable *s1, Solvable *s2) { @@ -858,6 +859,7 @@ return 0; return pool_evrcmp_str(pool, f1 ? f1 : "" , f2 ? f2 : "", EVRCMP_COMPARE); } +#endif /* * prune_to_best_version @@ -906,10 +908,17 @@ if (r == 0 && has_package_link(pool, s)) r = pool_link_evrcmp(pool, best, s); #endif - if (r == 0 && pool->disttype == DISTTYPE_CONDA) - r = pool_buildversioncmp(pool, best, s); - if (r == 0 && pool->disttype == DISTTYPE_CONDA) - r = pool_buildflavorcmp(pool, best, s); +#ifdef ENABLE_CONDA + if (pool->disttype == DISTTYPE_CONDA) + { + if (r == 0) + r = (best->repo ? best->repo->subpriority : 0) - (s->repo ? s->repo->subpriority : 0); + if (r == 0) + r = pool_buildversioncmp(pool, best, s); + if (r == 0) + r = pool_buildflavorcmp(pool, best, s); + } +#endif if (r < 0) best = s; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/src/problems.c new/libsolv-0.7.14/src/problems.c --- old/libsolv-0.7.13/src/problems.c 2019-11-15 11:59:29.000000000 +0100 +++ new/libsolv-0.7.14/src/problems.c 2020-05-26 17:39:10.000000000 +0200 @@ -1068,10 +1068,10 @@ */ static void -findproblemrule_internal(Solver *solv, Id idx, Id *reqrp, Id *conrp, Id *sysrp, Id *jobrp, Map *rseen) +findproblemrule_internal(Solver *solv, Id idx, Id *reqrp, Id *conrp, Id *sysrp, Id *jobrp, Id *blkrp, Map *rseen) { Id rid, d; - Id lreqr, lconr, lsysr, ljobr; + Id lreqr, lconr, lsysr, ljobr, lblkr; Rule *r; Id jobassert = 0; int i, reqset = 0; /* 0: unset, 1: installed, 2: jobassert, 3: assert */ @@ -1093,7 +1093,7 @@ /* the problem rules are somewhat ordered from "near to the problem" to * "near to the job" */ - lreqr = lconr = lsysr = ljobr = 0; + lreqr = lconr = lsysr = ljobr = lblkr = 0; while ((rid = solv->learnt_pool.elements[idx++]) != 0) { assert(rid > 0); @@ -1102,9 +1102,9 @@ if (MAPTST(rseen, rid - solv->learntrules)) continue; MAPSET(rseen, rid - solv->learntrules); - findproblemrule_internal(solv, solv->learnt_why.elements[rid - solv->learntrules], &lreqr, &lconr, &lsysr, &ljobr, rseen); + findproblemrule_internal(solv, solv->learnt_why.elements[rid - solv->learntrules], &lreqr, &lconr, &lsysr, &ljobr, &lblkr, rseen); } - else if ((rid >= solv->jobrules && rid < solv->jobrules_end) || (rid >= solv->infarchrules && rid < solv->infarchrules_end) || (rid >= solv->duprules && rid < solv->duprules_end) || (rid >= solv->bestrules && rid < solv->bestrules_end) || (rid >= solv->yumobsrules && rid <= solv->yumobsrules_end)) + else if ((rid >= solv->jobrules && rid < solv->jobrules_end) || (rid >= solv->infarchrules && rid < solv->infarchrules_end) || (rid >= solv->duprules && rid < solv->duprules_end) || (rid >= solv->bestrules && rid < solv->bestrules_end) || (rid >= solv->yumobsrules && rid < solv->yumobsrules_end)) { if (!*jobrp) *jobrp = rid; @@ -1114,6 +1114,11 @@ if (!*sysrp) *sysrp = rid; } + else if (rid >= solv->blackrules && rid < solv->blackrules_end) + { + if (!*blkrp) + *blkrp = rid; + } else { assert(rid < solv->pkgrules_end); @@ -1176,6 +1181,8 @@ *jobrp = ljobr; if (!*sysrp && lsysr) *sysrp = lsysr; + if (!*blkrp && lblkr) + *blkrp = lblkr; } /* @@ -1190,12 +1197,12 @@ Id solver_findproblemrule(Solver *solv, Id problem) { - Id reqr, conr, sysr, jobr; + Id reqr, conr, sysr, jobr, blkr; Id idx = solv->problems.elements[2 * problem - 2]; Map rseen; - reqr = conr = sysr = jobr = 0; + reqr = conr = sysr = jobr = blkr = 0; map_init(&rseen, solv->learntrules ? solv->nrules - solv->learntrules : 0); - findproblemrule_internal(solv, idx, &reqr, &conr, &sysr, &jobr, &rseen); + findproblemrule_internal(solv, idx, &reqr, &conr, &sysr, &jobr, &blkr, &rseen); map_free(&rseen); /* check if the request is about a not-installed package requiring a installed * package conflicting with the non-installed package. In that case return the conflict */ @@ -1223,6 +1230,8 @@ return reqr; /* some requires */ if (conr) return conr; /* some conflict */ + if (blkr) + return blkr; /* a blacklisted package */ if (sysr) return sysr; /* an update rule */ if (jobr) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libsolv-0.7.13/src/rules.c new/libsolv-0.7.14/src/rules.c --- old/libsolv-0.7.13/src/rules.c 2020-02-12 11:39:14.000000000 +0100 +++ new/libsolv-0.7.14/src/rules.c 2020-05-27 11:39:15.000000000 +0200 @@ -3210,7 +3210,7 @@ Map m, mneg; Rule *r; Queue q, qi, qcheck, infoq; - int i, j, rid, havechoice; + int i, j, rid, havechoice, negcnt; Id p, d, pp; Id p2, pp2; Solvable *s, *s2; @@ -3389,9 +3389,12 @@ qi.elements[j] = 0; } /* empty map again */ + negcnt = 0; FOR_RULELITERALS(p, pp, r) if (p > 0) MAPCLR(&m, p); + else + negcnt++; if (i == qi.count) { #if 0 @@ -3400,7 +3403,14 @@ #endif continue; } - + /* add neg elements to the front */ + if (negcnt > 1) + { + i = 0; + FOR_RULELITERALS(p, pp, r) + if (p < 0 && p != r->p) + queue_insert(&q, i++, p); + } /* don't add identical rules */ if (lastaddedp == r->p && lastaddedcnt == q.count) {
