diff --git a/.gitignore b/.gitignore index f2a1beb..a1653d0 100644 --- a/.gitignore +++ b/.gitignore @@ -57,3 +57,4 @@ /rpm-4.18.0.tar.bz2 /rpm-4.18.1.tar.bz2 /rpm-4.18.90.tar.bz2 +/rpm-4.18.91.tar.bz2 diff --git a/0001-Add-pgpVerifySignature2-and-pgpPrtParams2.patch b/0001-Add-pgpVerifySignature2-and-pgpPrtParams2.patch deleted file mode 100644 index a8c32df..0000000 --- a/0001-Add-pgpVerifySignature2-and-pgpPrtParams2.patch +++ /dev/null @@ -1,361 +0,0 @@ -From 87b9e0c28c3df3937f6676ee1b4164d6154dd9d3 Mon Sep 17 00:00:00 2001 -From: "Neal H. Walfield" -Date: Wed, 12 Apr 2023 17:56:19 +0200 -Subject: [PATCH] Add pgpVerifySignature2() and pgpPrtParams2() - -Add new functions pgpVerifySignature2() and pgpPrtParams2(), which are -like their earlier versions, but optionally return descriptive error -messages (in the case of failure) or lints (in the case of success). -Adjust tests accordingly. - -This requires rpm-sequoia 1.4 or later. - -See https://github.com/rpm-software-management/rpm-sequoia/issues/39 -and -https://github.com/rpm-software-management/rpm/issues/2127#issuecomment-1482646398 - -Fixes #2483. ---- - ci/Dockerfile | 2 ++ - include/rpm/rpmpgp.h | 23 +++++++++++++++++++ - lib/rpmvs.c | 19 +++++++++++++--- - rpmio/CMakeLists.txt | 2 +- - rpmio/rpmkeyring.c | 7 +++++- - rpmio/rpmpgp_internal.c | 15 +++++++++++++ - rpmio/rpmpgp_sequoia.c | 7 ++++++ - tests/rpmi.at | 10 +++++++-- - tests/rpmsigdig.at | 50 +++++++++++++++++++++++++++++++---------- - 9 files changed, 116 insertions(+), 19 deletions(-) - -diff --git a/ci/Dockerfile b/ci/Dockerfile -index d8f808962..552934fcd 100644 ---- a/ci/Dockerfile -+++ b/ci/Dockerfile -@@ -7,6 +7,8 @@ RUN sed -i -e "s:^enabled=.$:enabled=0:g" /etc/yum.repos.d/*openh264.repo - # dummy for controlling per-repo gpgcheck via Semaphore setup - RUN sed -i -e "s:^gpgcheck=.$:gpgcheck=1:g" /etc/yum.repos.d/*.repo - RUN dnf -y update -+# until 1.4.0 lands in stable -+RUN dnf -y --enablerepo=updates-testing install "rpm-sequoia-devel >= 1.4.0" - RUN dnf -y install \ - autoconf \ - cmake \ -diff --git a/include/rpm/rpmpgp.h b/include/rpm/rpmpgp.h -index 87a2a5bd2..675cbad73 100644 ---- a/include/rpm/rpmpgp.h -+++ b/include/rpm/rpmpgp.h -@@ -1009,6 +1009,18 @@ int pgpPubkeyKeyID(const uint8_t * pkt, size_t pktlen, pgpKeyID_t keyid); - int pgpPrtParams(const uint8_t *pkts, size_t pktlen, unsigned int pkttype, - pgpDigParams * ret); - -+/** \ingroup rpmpgp -+ * Parse a OpenPGP packet(s). -+ * @param pkts OpenPGP packet(s) -+ * @param pktlen OpenPGP packet(s) length (no. of bytes) -+ * @param pkttype Expected packet type (signature/key) or 0 for any -+ * @param[out] ret signature/pubkey packet parameters on success (alloced) -+ * @param[out] lints error messages and lints -+ * @return -1 on error, 0 on success -+ */ -+int pgpPrtParams2(const uint8_t *pkts, size_t pktlen, unsigned int pkttype, -+ pgpDigParams * ret, char **lints); -+ - /** \ingroup rpmpgp - * Parse subkey parameters from OpenPGP packet(s). - * @param pkts OpenPGP packet(s) -@@ -1186,6 +1198,17 @@ pgpDigParams pgpDigParamsFree(pgpDigParams digp); - */ - rpmRC pgpVerifySignature(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx); - -+/** \ingroup rpmpgp -+ * Verify a PGP signature and return a error message or lint. -+ * @param key public key -+ * @param sig signature -+ * @param hashctx digest context -+ * @param lints error messages and lints -+ * @return RPMRC_OK on success -+ */ -+rpmRC pgpVerifySignature2(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx, -+ char **lints); -+ - /** \ingroup rpmpgp - * Return the type of a PGP signature. If `sig` is NULL, or is not a signature, - * returns -1. -diff --git a/lib/rpmvs.c b/lib/rpmvs.c -index a1425ea17..9b2106927 100644 ---- a/lib/rpmvs.c -+++ b/lib/rpmvs.c -@@ -193,10 +193,23 @@ static void rpmsinfoInit(const struct vfyinfo_s *vinfo, - } - - if (sinfo->type == RPMSIG_SIGNATURE_TYPE) { -- if (pgpPrtParams(data, dlen, PGPTAG_SIGNATURE, &sinfo->sig)) { -- rasprintf(&sinfo->msg, _("%s tag %u: invalid OpenPGP signature"), -- origin, td->tag); -+ char *lints = NULL; -+ int ec = pgpPrtParams2(data, dlen, PGPTAG_SIGNATURE, &sinfo->sig, &lints); -+ if (ec) { -+ if (lints) { -+ rasprintf(&sinfo->msg, -+ ("%s tag %u: invalid OpenPGP signature: %s"), -+ origin, td->tag, lints); -+ free(lints); -+ } else { -+ rasprintf(&sinfo->msg, -+ _("%s tag %u: invalid OpenPGP signature"), -+ origin, td->tag); -+ } - goto exit; -+ } else if (lints) { -+ rpmlog(RPMLOG_WARNING, "%s\n", lints); -+ free(lints); - } - sinfo->hashalgo = pgpDigParamsAlgo(sinfo->sig, PGPVAL_HASHALGO); - sinfo->keyid = pgpGrab(pgpDigParamsSignID(sinfo->sig)+4, 4); -diff --git a/rpmio/CMakeLists.txt b/rpmio/CMakeLists.txt -index 2fb5794b0..6aa9ab1f1 100644 ---- a/rpmio/CMakeLists.txt -+++ b/rpmio/CMakeLists.txt -@@ -21,7 +21,7 @@ if (WITH_INTERNAL_OPENPGP) - target_link_libraries(librpmio PRIVATE PkgConfig::LIBGCRYPT) - endif() - else() -- pkg_check_modules(RPMSEQUOIA REQUIRED IMPORTED_TARGET rpm-sequoia>=1.3.0) -+ pkg_check_modules(RPMSEQUOIA REQUIRED IMPORTED_TARGET rpm-sequoia>=1.4.0) - target_sources(librpmio PRIVATE rpmpgp_sequoia.c) - target_link_libraries(librpmio PRIVATE PkgConfig::RPMSEQUOIA) - endif() -diff --git a/rpmio/rpmkeyring.c b/rpmio/rpmkeyring.c -index 166ee43a2..e3eb9e6ea 100644 ---- a/rpmio/rpmkeyring.c -+++ b/rpmio/rpmkeyring.c -@@ -276,7 +276,12 @@ rpmRC rpmKeyringVerifySig(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX ctx) - pgpkey = key->pgpkey; - - /* We call verify even if key not found for a signature sanity check */ -- rc = pgpVerifySignature(pgpkey, sig, ctx); -+ char *lints = NULL; -+ rc = pgpVerifySignature2(pgpkey, sig, ctx, &lints); -+ if (lints) { -+ rpmlog(rc ? RPMLOG_ERR : RPMLOG_WARNING, "%s\n", lints); -+ free(lints); -+ } - } - - if (keyring) -diff --git a/rpmio/rpmpgp_internal.c b/rpmio/rpmpgp_internal.c -index ce1d3c27d..82972bcc8 100644 ---- a/rpmio/rpmpgp_internal.c -+++ b/rpmio/rpmpgp_internal.c -@@ -1043,6 +1043,14 @@ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype, - return rc; - } - -+int pgpPrtParams2(const uint8_t * pkts, size_t pktlen, unsigned int pkttype, -+ pgpDigParams * ret, char **lints) -+{ -+ if (lints) -+ *lints = NULL; -+ return pgpPrtParams(pkts, pktlen, pkttype, ret); -+} -+ - int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen, - pgpDigParams mainkey, pgpDigParams **subkeys, - int *subkeysCount) -@@ -1179,6 +1187,13 @@ exit: - - } - -+rpmRC pgpVerifySignature2(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx, char **lints) -+{ -+ if (lints) -+ *lints = NULL; -+ return pgpVerifySignature(key, sig, hashctx); -+} -+ - static pgpArmor decodePkts(uint8_t *b, uint8_t **pkt, size_t *pktlen) - { - const char * enc = NULL; -diff --git a/rpmio/rpmpgp_sequoia.c b/rpmio/rpmpgp_sequoia.c -index c6434270a..d0b673953 100644 ---- a/rpmio/rpmpgp_sequoia.c -+++ b/rpmio/rpmpgp_sequoia.c -@@ -36,6 +36,9 @@ W(uint32_t, pgpDigParamsCreationTime, (pgpDigParams digp), (digp)) - W(rpmRC, pgpVerifySignature, - (pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx), - (key, sig, hashctx)) -+W(rpmRC, pgpVerifySignature2, -+ (pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx, char **lints), -+ (key, sig, hashctx, lints)) - W(int, pgpPubkeyKeyID, - (const uint8_t * pkt, size_t pktlen, pgpKeyID_t keyid), - (pkt, pktlen, keyid)) -@@ -51,6 +54,10 @@ W(int, pgpPubKeyCertLen, - W(int, pgpPrtParams, - (const uint8_t *pkts, size_t pktlen, unsigned int pkttype, pgpDigParams *ret), - (pkts, pktlen, pkttype, ret)) -+W(int, pgpPrtParams2, -+ (const uint8_t *pkts, size_t pktlen, unsigned int pkttype, pgpDigParams *ret, -+ char **lints), -+ (pkts, pktlen, pkttype, ret, lints)) - W(int, pgpPrtParamsSubkeys, - (const uint8_t *pkts, size_t pktlen, - pgpDigParams mainkey, pgpDigParams **subkeys, -diff --git a/tests/rpmi.at b/tests/rpmi.at -index 9d74cf689..423d97bca 100644 ---- a/tests/rpmi.at -+++ b/tests/rpmi.at -@@ -342,7 +342,7 @@ AT_CLEANUP - - AT_SETUP([rpm -U ]) - AT_KEYWORDS([install]) --AT_CHECK([ -+AT_CHECK_UNQUOTED([ - RPMDB_INIT - - pkg="hello-2.0-1.x86_64-signed.rpm" -@@ -355,7 +355,13 @@ runroot rpm -U --ignorearch --ignoreos --nodeps \ - ], - [1], - [], --[error: /tmp/hello-2.0-1.x86_64-signed.rpm: Header RSA signature: BAD (package tag 268: invalid OpenPGP signature) -+[`if test x$PGP = xinternal; then -+ echo 'error: /tmp/hello-2.0-1.x86_64-signed.rpm: Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)' -+else -+ echo 'error: /tmp/hello-2.0-1.x86_64-signed.rpm: Header RSA signature: BAD (package tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:' -+ echo ' Failed to parse Signature Packet' -+ echo ' because: Malformed packet: Subpacket extends beyond the end of the subpacket area)' -+fi` - error: /tmp/hello-2.0-1.x86_64-signed.rpm cannot be installed - ]) - AT_CLEANUP -diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at -index 9fb3febc9..df1f669e4 100644 ---- a/tests/rpmsigdig.at -+++ b/tests/rpmsigdig.at -@@ -386,17 +386,17 @@ AT_CHECK([ - RPMDB_INIT - - echo Checking package before importing key: --runroot rpmkeys --define '_pkgverify_level all' -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm; echo $? -+runroot rpmkeys --define '_pkgverify_level all' -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm 2>&1; echo $? - echo Importing key: --runroot rpmkeys --quiet --import /data/keys/alice-expired-subkey.asc; echo $? -+runroot rpmkeys --quiet --import /data/keys/alice-expired-subkey.asc 2>&1; echo $? - echo Checking for key: - runroot rpm -qi gpg-pubkey-eb04e625-* | grep Version | head -n1 - echo Checking package after importing key: --runroot rpmkeys --define '_pkgverify_level all' -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm; echo $? -+runroot rpmkeys --define '_pkgverify_level all' -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm 2>&1; echo $? - echo Checking package after importing key, no digest: --runroot rpmkeys --define '_pkgverify_level all' -Kv --nodigest /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm; echo $? -+runroot rpmkeys --define '_pkgverify_level all' -Kv --nodigest /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm 2>&1; echo $? - echo Checking package after importing key, no signature: --runroot rpmkeys --define '_pkgverify_level all' -Kv --nosignature /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm; echo $? -+runroot rpmkeys --define '_pkgverify_level all' -Kv --nosignature /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm 2>&1; echo $? - ], - [0], - [[Checking package before importing key: -@@ -416,6 +416,10 @@ Checking for key: - Version : eb04e625 - Checking package after importing key: - /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm: -+error: Verifying a signature using certificate B6542F92F30650C36B6F41BCB3A771BFEB04E625 (Alice ): -+ Key 1F71177215217EE0 invalid: key is not alive -+ because: The subkey is not live -+ because: Expired on 2022-04-12T00:00:15Z - Header V4 RSA/SHA512 Signature, key ID 15217ee0: NOTTRUSTED - Header DSA signature: NOTFOUND - Header SHA256 digest: OK -@@ -427,6 +431,10 @@ Checking package after importing key: - 1 - Checking package after importing key, no digest: - /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm: -+error: Verifying a signature using certificate B6542F92F30650C36B6F41BCB3A771BFEB04E625 (Alice ): -+ Key 1F71177215217EE0 invalid: key is not alive -+ because: The subkey is not live -+ because: Expired on 2022-04-12T00:00:15Z - Header V4 RSA/SHA512 Signature, key ID 15217ee0: NOTTRUSTED - Header DSA signature: NOTFOUND - RSA signature: NOTFOUND -@@ -455,15 +463,15 @@ RPMDB_INIT - echo Checking package before importing key: - runroot rpmkeys --define '_pkgverify_level all' -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm; echo $? - echo Importing key: --runroot rpmkeys --quiet --import /data/keys/alice-revoked-subkey.asc; echo $? -+runroot rpmkeys --quiet --import /data/keys/alice-revoked-subkey.asc 2>&1; echo $? - echo Checking for key: - runroot rpm -qi gpg-pubkey-eb04e625-* | grep Version | head -n1 - echo Checking package after importing key: --runroot rpmkeys --define '_pkgverify_level all' -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm; echo $? -+runroot rpmkeys --define '_pkgverify_level all' -Kv /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm 2>&1; echo $? - echo Checking package after importing key, no digest: --runroot rpmkeys --define '_pkgverify_level all' -Kv --nodigest /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm; echo $? -+runroot rpmkeys --define '_pkgverify_level all' -Kv --nodigest /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm 2>&1; echo $? - echo Checking package after importing key, no signature: --runroot rpmkeys --define '_pkgverify_level all' -Kv --nosignature /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm; echo $? -+runroot rpmkeys --define '_pkgverify_level all' -Kv --nosignature /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm 2>&1; echo $? - ], - [0], - [[Checking package before importing key: -@@ -483,6 +491,8 @@ Checking for key: - Version : eb04e625 - Checking package after importing key: - /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm: -+error: Verifying a signature using certificate B6542F92F30650C36B6F41BCB3A771BFEB04E625 (Alice ): -+ Key 1F71177215217EE0 is invalid: key is revoked - Header V4 RSA/SHA512 Signature, key ID 15217ee0: NOTTRUSTED - Header DSA signature: NOTFOUND - Header SHA256 digest: OK -@@ -494,6 +504,8 @@ Checking package after importing key: - 1 - Checking package after importing key, no digest: - /data/RPMS/hello-2.0-1.x86_64-signed-with-subkey.rpm: -+error: Verifying a signature using certificate B6542F92F30650C36B6F41BCB3A771BFEB04E625 (Alice ): -+ Key 1F71177215217EE0 is invalid: key is revoked - Header V4 RSA/SHA512 Signature, key ID 15217ee0: NOTTRUSTED - Header DSA signature: NOTFOUND - RSA signature: NOTFOUND -@@ -740,7 +752,7 @@ AT_CLEANUP - # Test pre-built corrupted package verification (corrupted signature) - AT_SETUP([rpmkeys -Kv 1]) - AT_KEYWORDS([rpmkeys digest signature]) --AT_CHECK([ -+AT_CHECK_UNQUOTED([ - RPMDB_INIT - - pkg="hello-2.0-1.x86_64-signed.rpm" -@@ -754,14 +766,28 @@ runroot rpmkeys -Kv /tmp/${pkg} - ], - [1], - [/tmp/hello-2.0-1.x86_64-signed.rpm: -- Header RSA signature: BAD (package tag 268: invalid OpenPGP signature) -+`if test x$PGP = xinternal; then -+ echo ' Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)' -+else -+ echo ' Header RSA signature: BAD (package tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:' -+ echo ' Failed to parse Signature Packet' -+ echo ' because: Signature appears to be created by a non-conformant OpenPGP implementation, see .' -+ echo ' because: Malformed MPI: leading bit is not set: expected bit 1 to be set in 0 (0))' -+fi` - Header SHA256 digest: OK - Header SHA1 digest: OK - Payload SHA256 digest: OK - V4 RSA/SHA256 Signature, key ID 1964c5fc: NOKEY - MD5 digest: OK - /tmp/hello-2.0-1.x86_64-signed.rpm: -- Header RSA signature: BAD (package tag 268: invalid OpenPGP signature) -+`if test x$PGP = xinternal; then -+ echo ' Header RSA signature: BAD (package tag 268: invalid OpenPGP signature)' -+else -+ echo ' Header RSA signature: BAD (package tag 268: invalid OpenPGP signature: Parsing an OpenPGP packet:' -+ echo ' Failed to parse Signature Packet' -+ echo ' because: Signature appears to be created by a non-conformant OpenPGP implementation, see .' -+ echo ' because: Malformed MPI: leading bit is not set: expected bit 1 to be set in 0 (0))' -+fi` - Header SHA256 digest: OK - Header SHA1 digest: OK - Payload SHA256 digest: OK --- -2.40.1 - diff --git a/0001-Enable-large-file-support-on-32-bit-systems-again.patch b/0001-Enable-large-file-support-on-32-bit-systems-again.patch deleted file mode 100644 index 818f110..0000000 --- a/0001-Enable-large-file-support-on-32-bit-systems-again.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 2df8008d22b58f87fe665de0fa8c5bbeb4b4a3d8 Mon Sep 17 00:00:00 2001 -From: Michal Domonkos -Date: Wed, 17 May 2023 12:39:47 +0200 -Subject: [PATCH] Enable large file support on 32-bit systems again - -Replace 32-bit sizes in types like off_t with 64-bits when building on -32-bit architectures, to enable large file support there. - -This fixes a nasty regression introduced in the cmake transition. As -autotools would set this flag to 64 automatically for us, applications -linking against librpm (such as libdnf, librepo, libsolv or drpm) are -already adapted to that and are also building with the value of 64 -(explicitly, we never exported this flag through pkg-config ourselves). -However, us suddenly expecting 32-bits in those types on 32-bit systems -can blow up badly e.g. in functions that take an off_t parameter, like -Fseek(). - -There perhaps aren't that many low-level users of librpm but drpm is one -such example where exactly this happens when built against our current -master. It calls headerRead(), leading to Fseek() which receives a -64-bit offset parameter where it expects a 32-bit one, thus silently -overwriting the following parameter from 1 to 0 (SEEK_CUR to SEEK_SET) -which messes up the whole reading sequence in drpm's rpm_read(), -producing a failure in drpm's test suite that doesn't make any sense at -first sight. - -While at it, also export the flag through pkg-config so that anyone -linking against librpm is now guaranteed to work correctly even if they -don't set the flag themselves (kudos to Petr Pisar for suggesting this). ---- - CMakeLists.txt | 1 + - rpm.pc.in | 2 +- - 2 files changed, 2 insertions(+), 1 deletion(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index b006ed34e..dc28fd547 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -52,6 +52,7 @@ set(CMAKE_SHARED_MODULE_PREFIX "") - set(CMAKE_POSITION_INDEPENDENT_CODE ON) - include(GNUInstallDirs) - add_compile_definitions(_GNU_SOURCE) -+add_definitions(-D_FILE_OFFSET_BITS=64) - - function(makemacros) - set(prefix ${CMAKE_INSTALL_PREFIX}) -diff --git a/rpm.pc.in b/rpm.pc.in -index 46d42e7a3..791303e17 100644 ---- a/rpm.pc.in -+++ b/rpm.pc.in -@@ -11,6 +11,6 @@ URL: @CMAKE_PROJECT_HOMEPAGE_URL@ - Requires: popt - Requires.private: @ZSTD_REQUIRES@ - # Conflicts: --Cflags: -I${includedir} -+Cflags: -I${includedir} -D_FILE_OFFSET_BITS=64 - Libs: -L${libdir} -lrpm -lrpmio - Libs.private: -lpopt -lrt -lpthread @WITH_LZMA_LIB@ @WITH_BZ2_LIB@ @WITH_ZLIB_LIB@ @LUA_LIBS@ --- -2.40.1 - diff --git a/0001-Fix-bzip2-detection.patch b/0001-Fix-bzip2-detection.patch deleted file mode 100644 index b2c37b9..0000000 --- a/0001-Fix-bzip2-detection.patch +++ /dev/null @@ -1,27 +0,0 @@ -From d18d6ce41df4a5887df47a69052a401808aef19f Mon Sep 17 00:00:00 2001 -From: Florian Festi -Date: Mon, 8 May 2023 17:50:21 +0200 -Subject: [PATCH] Fix bzip2 detection - -HAVE_BZLIB_H was not set due to a typo leading to the bz2 support not -being compiled in although the library was detected correctly. ---- - CMakeLists.txt | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 9718505bf..4a5332f4b 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -272,7 +272,7 @@ id0name(UID_0_USER /etc/passwd) - id0name(GID_0_GROUP /etc/group) - - # map module/package findings to config.h --if (${Bzip2_FOUND}) -+if (${BZIP2_FOUND}) - set(HAVE_BZLIB_H 1) - endif() - if (${LIBLZMA_FOUND}) --- -2.40.1 - diff --git a/0001-Fix-undefined-symbols-from-plugins-in-some-circumsta.patch b/0001-Fix-undefined-symbols-from-plugins-in-some-circumsta.patch deleted file mode 100644 index 38d3f0c..0000000 --- a/0001-Fix-undefined-symbols-from-plugins-in-some-circumsta.patch +++ /dev/null @@ -1,28 +0,0 @@ -From acfe252822db37fc9f47c221c4e3ae79a5f0be27 Mon Sep 17 00:00:00 2001 -From: Panu Matilainen -Date: Mon, 22 May 2023 18:19:24 +0300 -Subject: [PATCH] Fix undefined symbols from plugins in some circumstances - -Another bit lost in the cmake transition: plugin linkage to librpm and -librpmio. In rpm itself this doesn't really matter because the running -process supplies the necessary symbols but it's a different story when eg -a Python process uses dlopen()'ed bindings. ---- - plugins/CMakeLists.txt | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/plugins/CMakeLists.txt b/plugins/CMakeLists.txt -index 6768378f9..1ca025868 100644 ---- a/plugins/CMakeLists.txt -+++ b/plugins/CMakeLists.txt -@@ -40,6 +40,7 @@ set(plugindir ${CMAKE_INSTALL_FULL_LIBDIR}/rpm-plugins) - - get_property(plugins DIRECTORY PROPERTY BUILDSYSTEM_TARGETS) - foreach(plugin ${plugins}) -+ target_link_libraries(${plugin} PRIVATE librpmio librpm) - install(TARGETS ${plugin} DESTINATION ${plugindir}) - endforeach() - --- -2.40.1 - diff --git a/0001-Remove-second-share-dir-from-infodir-and-mandir.patch b/0001-Remove-second-share-dir-from-infodir-and-mandir.patch deleted file mode 100644 index bdfc2a7..0000000 --- a/0001-Remove-second-share-dir-from-infodir-and-mandir.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 33702961f45567a599bc0f0dac055604dc204fb1 Mon Sep 17 00:00:00 2001 -From: Florian Festi -Date: Tue, 2 May 2023 09:03:50 +0200 -Subject: [PATCH] Remove second share/ dir from infodir and mandir - -cmake variables and the derived macros. - -CMAKE_INSTALL_INFODIR and CMAKE_INSTALL_MANDIR already include the -datarootdir. So just prepending the prefix is sufficient. ---- - CMakeLists.txt | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 230d18d1f..9718505bf 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -67,8 +67,8 @@ function(makemacros) - set(libdir "\${prefix}/=LIB=") - set(includedir "\${prefix}/${CMAKE_INSTALL_INCLUDEDIR}") - set(oldincludedir "${CMAKE_INSTALL_FULL_OLDINCLUDEDIR}") -- set(infodir "\${datarootdir}/${CMAKE_INSTALL_INFODIR}") -- set(mandir "\${datarootdir}/${CMAKE_INSTALL_MANDIR}") -+ set(infodir "\${prefix}/${CMAKE_INSTALL_INFODIR}") -+ set(mandir "\${prefix}/${CMAKE_INSTALL_MANDIR}") - set(RUNDIR /run) - - set(acutils --- -2.40.1 - diff --git a/0001-Revert-_smp_build_ncpus-change-to-a-parametric-macro.patch b/0001-Revert-_smp_build_ncpus-change-to-a-parametric-macro.patch deleted file mode 100644 index 664b174..0000000 --- a/0001-Revert-_smp_build_ncpus-change-to-a-parametric-macro.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 673bd62bd3035575f8fad501f1395b09a0f9f8fe Mon Sep 17 00:00:00 2001 -Message-Id: <673bd62bd3035575f8fad501f1395b09a0f9f8fe.1685346662.git.pmatilai@redhat.com> -From: Panu Matilainen -Date: Mon, 29 May 2023 10:34:57 +0300 -Subject: [PATCH] Revert %_smp_build_ncpus change to a parametric macro - (RhBug:2210347) - -Commit a213101bc3af65c860d045c65fb4e2ef7566a4c6 changed %_smp_build_ncpus -into a parametric macro, but this breaks common usage via the Lua macros -table as parametric macros are returned as closures rather than the -expanded value. - -This seems like a design flaw of the macros table, but as an immediate -remedy for the breakage, add another layer of indirection to revert -%_smp_build_ncpus back to a non-parametric macro. - -Fixes %constrain_build macro in Fedora, which ironically is made obsolete by -the change that (unintentionally) broke it. ---- - macros.in | 12 +++++++----- - 1 file changed, 7 insertions(+), 5 deletions(-) - -diff --git a/macros.in b/macros.in -index 5521daba8..4dc6e3ca3 100644 ---- a/macros.in -+++ b/macros.in -@@ -717,21 +717,23 @@ Supplements: (%{name} = %{version}-%{release} and langpacks-%{1})\ - # Macro to fix broken permissions in sources - %_fixperms %{__chmod} -Rf a+rX,u+w,g-w,o-w - --# Maximum number of CPU's to use when building, 0 for unlimited. --#%_smp_ncpus_max 0 -- --%_smp_build_ncpus() %([ -z "$RPM_BUILD_NCPUS" ] \\\ -+%__smp_use_ncpus() %([ -z "$RPM_BUILD_NCPUS" ] \\\ - && RPM_BUILD_NCPUS="%{getncpus %{?1}}"; \\\ - ncpus_max=%{?_smp_ncpus_max}; \\\ - if [ -n "$ncpus_max" ] && [ "$ncpus_max" -gt 0 ] && [ "$RPM_BUILD_NCPUS" -gt "$ncpus_max" ]; then RPM_BUILD_NCPUS="$ncpus_max"; fi; \\\ - echo "$RPM_BUILD_NCPUS";) - -+# Maximum number of CPU's to use when building, 0 for unlimited. -+#%_smp_ncpus_max 0 -+ -+%_smp_build_ncpus %{__smp_use_ncpus:proc} -+ - %_smp_mflags -j${RPM_BUILD_NCPUS} - - # Maximum number of threads to use when building, 0 for unlimited - #%_smp_nthreads_max 0 - --%_smp_build_nthreads %{_smp_build_ncpus:thread} -+%_smp_build_nthreads %{__smp_use_ncpus:thread} - - # Assumed task size of processes and threads in megabytes. - # Used to limit the amount of parallelism based on available memory. --- -2.40.1 - diff --git a/0001-Use-mkdir-p-for-creating-SPECPARTS-dir.patch b/0001-Use-mkdir-p-for-creating-SPECPARTS-dir.patch deleted file mode 100644 index 6b68a53..0000000 --- a/0001-Use-mkdir-p-for-creating-SPECPARTS-dir.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 021a7d3aaa5458d8956babf0220a3e574a2b8e62 Mon Sep 17 00:00:00 2001 -From: Florian Festi -Date: Wed, 17 May 2023 17:23:59 +0200 -Subject: [PATCH] Use mkdir -p for creating SPECPARTS dir - -to not error out when invoking %setup more than once or shipping the -directory in the sources. ---- - build/parsePrep.c | 2 +- - tests/rpmspec.at | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/build/parsePrep.c b/build/parsePrep.c -index f8e09a8c7..ea8faa953 100644 ---- a/build/parsePrep.c -+++ b/build/parsePrep.c -@@ -274,7 +274,7 @@ static int doSetupMacro(rpmSpec spec, const char *line) - } - - /* mkdir for dynamic specparts */ -- buf = rpmExpand("%{__mkdir} SPECPARTS", NULL); -+ buf = rpmExpand("%{__mkdir_p} SPECPARTS", NULL); - appendBuf(spec, buf, 1); - free(buf); - -diff --git a/tests/rpmspec.at b/tests/rpmspec.at -index 548b4b3cc..564479391 100644 ---- a/tests/rpmspec.at -+++ b/tests/rpmspec.at -@@ -333,7 +333,7 @@ if [ $STATUS -ne 0 ]; then - exit $STATUS - fi - cd 'hello-1.0' --/usr/bin/mkdir SPECPARTS -+/usr/bin/mkdir -p SPECPARTS - /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w . - echo "Patch #0 (hello-1.0-modernize.patch):" - /usr/bin/patch --no-backup-if-mismatch -f -p1 -b --suffix .modernize --fuzz=0 < /build/SOURCES/hello-1.0-modernize.patch --- -2.40.1 - diff --git a/rpm.spec b/rpm.spec index 3d30c6e..ded7e31 100644 --- a/rpm.spec +++ b/rpm.spec @@ -30,9 +30,9 @@ %define rpmhome /usr/lib/rpm -%global rpmver 4.18.90 +%global rpmver 4.18.91 #global snapver rc1 -%global baserelease 10 +%global baserelease 1 %global sover 10 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -148,13 +148,6 @@ rpm-4.18.90-disable-sysusers.patch rpm-4.18.90-weak-user-group.patch # Patches already upstream: # ... -0001-Remove-second-share-dir-from-infodir-and-mandir.patch -0001-Add-pgpVerifySignature2-and-pgpPrtParams2.patch -0001-Fix-bzip2-detection.patch -0001-Enable-large-file-support-on-32-bit-systems-again.patch -0001-Use-mkdir-p-for-creating-SPECPARTS-dir.patch -0001-Fix-undefined-symbols-from-plugins-in-some-circumsta.patch -0001-Revert-_smp_build_ncpus-change-to-a-parametric-macro.patch # These are not yet upstream rpm-4.7.1-geode-i686.patch @@ -569,7 +562,7 @@ fi %files plugin-dbus-announce %{_libdir}/rpm-plugins/dbus_announce.so %{_mandir}/man8/rpm-plugin-dbus-announce.8* -%{_sysconfdir}/dbus-1/system.d/org.rpm.conf +%{_datadir}/dbus-1/system.d/org.rpm.conf %endif %files build-libs @@ -631,6 +624,9 @@ fi %doc %{_defaultdocdir}/rpm/API/ %changelog +* Fri Jun 09 2023 Michal Domonkos - 4.18.91-1 +- Update to 4.19 alpha2 + * Thu Jun 08 2023 Peter Robinson - 4.18.90-10 - Rebuild for ima-evm-utils 1.5 soname bump diff --git a/sources b/sources index 27d14eb..c2b30d5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (rpm-4.18.90.tar.bz2) = 2d1a499fe053c5f3497b0ae4c133ef3b05b4b87e12ee5d349ad8c34dbfaebc20c1b3e6727143c152040ed1e132047bcf95afcbbe4a8cb2c4f91900b536d7821c +SHA512 (rpm-4.18.91.tar.bz2) = e3b3e9f195e16afc0596d31ad7614b8369e2b9c6835cc2739f166772d21ae71714ce99b29fded63843ab7216bb34f1c33bb69c0718383ed4bb3b9058639aa246