Just FWIW, there's now an in-tree tool for looking at low-level package
structure:
https://github.com/rpm-software-management/rpm/blob/master/tools/rpmdump.c
--
Reply to this email directly or view it on GitHub:
Finally managed to convince myself that it should be feasible (with reasonable
amount of work) to have a "nopgp" build option by adding a dummy implementation
of the internal PGP interface that just returns -ENOTHOME for everything, and
allow choosing between libgcrypt and openssl for the hash
For bootstrapping purposes, having rpm depend on Rust is painful, but directing
people to unmaintained crypto code as an alternative is hair-raising. As a
middle ground, let rpm be built without OpenPGP support at all, which at least
gives you a functional rpm and rpm-build even if you cant
As per the commit message, the intent is to follow-up this with a patch to
split the rpmpgp_legacy directory off the rpm main repo entirely, at which
point #2414 is achieved while letting others to maintain the code if they so
wish.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984 implements the dummy
PGP option.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2414#issuecomment-2006529326
You are receiving this because you are subscribed to this thread.
@nwalfield commented on this pull request.
Looks good to me!
> @@ -38,9 +38,17 @@ in Sequoia. Some other Sequoia advantages include being
> implemented in a
memory-safe language, configurable policy and user-relevant error messages.
For more information, see https://sequoia-pgp.org/
-If
@pmatilai commented on this pull request.
> @@ -27,8 +27,8 @@ The source for the file utility + library is available from
ftp://ftp.astron.com/pub/file/
You will need a cryptographic library to support digests and
It gets tricky here because now those two are separated in some of the
This will also need some further tweaks to skip the relevant tests.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984#issuecomment-2006802381
You are receiving this because you are subscribed to this thread.
Message ID:
All good points, thanks for the review!
As for `pgpVerifySignature[2]()`, I considered returning NOKEY for a softer
impact, but the gotcha is that the sanity check in rpmsinfoInit() causes things
to fail long before you get to call verify. So while adding a "not at home"
lint will of course
@pmatilai pushed 1 commit.
2286b6001d2e3bb09e6efa8a0a02bb0ccdd34880 Allow building rpm without OpenPGP
support
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984/files/2a5c0131cc24c803695bd48bff3742446f90a98a..2286b6001d2e3bb09e6efa8a0a02bb0ccdd34880
You are
I wish you could elaborate more. From your answer, I am not able to deduce
1. If you like / not like the idea if you were free from current implementation
2. What it would take to change the implementation
3. If there are any hopes or not
--
Reply to this email directly or view it on GitHub:
@gordonmessmer pushed 1 commit.
9cb6fc8272970b074e77076369f88a5cacb5c13a Rather than read the version for an
ELF shared object directly
--
View it on GitHub:
I've added a commit to illustrate a slightly different approach. Code quality
and error handling need more work, and there are no new tests, but I'd like to
ignore that for the moment and discuss only whether this approach is worth
developing further.
This change adds another file to packages
@pmatilai pushed 1 commit.
6ede5d3ed8081ddcece6a44176ed38863c848e3f Allow building rpm without OpenPGP
support
--
View it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984/files/2286b6001d2e3bb09e6efa8a0a02bb0ccdd34880..6ede5d3ed8081ddcece6a44176ed38863c848e3f
You are
@pmatilai commented on this pull request.
> +return PGPARMOR_NONE;
+}
+
+int pgpPubKeyCertLen(const uint8_t *pkts, size_t pktslen, size_t *certlen)
+{
+return -1;
+}
+
+char * pgpArmorWrap(int atype, const unsigned char * s, size_t ns)
+{
+return NULL;
+}
+
+rpmRC
Couple of simple tests added, a whole lot tests skipped when dummy pgp used.
The INSTALL docs hopefully a little saner now :laughing:
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2984#issuecomment-2006967300
You are receiving this
The main package preamble has to come first, the rest of the spec parser is
built on top of that assumption.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/discussions/2959#discussioncomment-8839919
You are receiving this because you are
17 matches
Mail list logo