[Rpm-ecosystem] [PATCH v6 05/11] Add support for file signatures to rpmfi and rpmfiles

Lubos Kardos lkardos at redhat.com
Thu Jul 16 14:34:36 UTC 2015



----- Original Message -----
> From: "Mimi Zohar" <zohar at linux.vnet.ibm.com>
> To: rpm-ecosystem at lists.rpm.org
> Cc: fin at linux.vnet.ibm.com, "Fionnuala Gunter" <fionnuala.gunter at gmail.com>
> Sent: Monday, July 6, 2015 8:52:19 PM
> Subject: [Rpm-ecosystem] [PATCH v6 05/11] Add support for file signatures to	rpmfi and rpmfiles
> 
> From: "fin at linux.vnet.ibm.com" <fin at linux.vnet.ibm.com>
> 
> This patch adds file signatures and file signature length to rpmfiles.
> These new members are set in rpmfilesPopulate, and they can be accessed
> with rpmfiFSignature.
> ---
>  lib/rpmfi.c    | 45 ++++++++++++++++++++++++++++++++++++++++++++-
>  lib/rpmfi.h    |  8 ++++++++
>  lib/rpmfiles.h | 10 ++++++++++
>  3 files changed, 62 insertions(+), 1 deletion(-)
> 
> diff --git a/lib/rpmfi.c b/lib/rpmfi.c
> index 86666f7..cb0190a 100644
> --- a/lib/rpmfi.c
> +++ b/lib/rpmfi.c
> @@ -114,7 +114,9 @@ struct rpmfiles_s {
>      struct fingerPrint_s * fps;	/*!< File fingerprint(s). */
>  
>      int digestalgo;		/*!< File digest algorithm */
> +    int signaturelength;	/*!< File signature length */
>      unsigned char * digests;	/*!< File digests in binary. */
> +    unsigned char * signatures; /*!< File signatures in binary. */
>  
>      struct nlinkHash_s * nlinks;/*!< Files connected by hardlinks */
>      rpm_off_t * replacedSizes;	/*!< (TR_ADDED) */
> @@ -569,6 +571,19 @@ char * rpmfiFDigestHex(rpmfi fi, int *algo)
>      return fdigest;
>  }
>  
> +const unsigned char * rpmfilesFSignature(rpmfiles fi, int ix, size_t *len)
> +{
> +	const unsigned char *signature = NULL;
> +
> +	if (fi != NULL && ix >= 0 && ix < rpmfilesFC(fi)) {
> +	     if (fi->signatures != NULL)
> +		signature = fi->signatures + (fi->signaturelength * ix);
> +	     if (len)
> +		*len = fi->signaturelength;
> +	}
> +	return signature;
> +}
> +
>  const char * rpmfilesFLink(rpmfiles fi, int ix)
>  {
>      const char * flink = NULL;
> @@ -1165,6 +1180,7 @@ rpmfiles rpmfilesFree(rpmfiles fi)
>  	fi->flinks = _free(fi->flinks);
>  	fi->flangs = _free(fi->flangs);
>  	fi->digests = _free(fi->digests);
> +	fi->signatures = _free(fi->signatures);
>  	fi->fcaps = _free(fi->fcaps);
>  
>  	fi->cdict = _free(fi->cdict);
> @@ -1379,7 +1395,7 @@ static int rpmfilesPopulate(rpmfiles fi, Header h,
> rpmfiFlags flags)
>      headerGetFlags scareFlags = (flags & RPMFI_KEEPHEADER) ?
>  				HEADERGET_MINMEM : HEADERGET_ALLOC;
>      headerGetFlags defFlags = HEADERGET_ALLOC;
> -    struct rpmtd_s fdigests, digalgo, td;
> +    struct rpmtd_s fdigests, fsignatures, digalgo, td;
>      unsigned char * t;
>  
>      /* XXX TODO: all these should be sanity checked, ugh... */
> @@ -1430,6 +1446,8 @@ static int rpmfilesPopulate(rpmfiles fi, Header h,
> rpmfiFlags flags)
>  	}
>      }
>  
> +    fi->signaturelength = headerGetNumber(h, RPMTAG_FILESIGNATURELENGTH);
> +
>      fi->digests = NULL;
>      /* grab hex digests from header and store in binary format */
>      if (!(flags & RPMFI_NOFILEDIGESTS) &&
> @@ -1450,10 +1468,30 @@ static int rpmfilesPopulate(rpmfiles fi, Header h,
> rpmfiFlags flags)
>  	rpmtdFreeData(&fdigests);
>      }
>  
> +    fi->signatures = NULL;
> +    /* grab hex signatures from header and store in binary format */
> +    if (! (flags & RPMFI_NOFILESIGNATURES) &&
> +	headerGet(h, RPMTAG_FILESIGNATURES, &fsignatures, HEADERGET_MINMEM)) {
> +	const char *fsignature;
> +	fi->signatures = t = xmalloc(rpmtdCount(&fsignatures) *
> fi->signaturelength);
> +
> +	while ((fsignature = rpmtdNextString(&fsignatures))) {
> +	    if (!(fsignature && *fsignature != '\0')) {
fsignature must be evaluated to True. That is the condition of the while loop 
inside which is this code. So we can replace above line with:
if (*fsignature == '\0') {

> +		memset(t, 0, fi->signaturelength);
> +		t += fi->signaturelength;
> +		continue;
> +	    }
> +	    for (int j = 0; j < fi->signaturelength; j++, t++, fsignature += 2)
> +		*t = (rnibble(fsignature[0]) << 4) | rnibble(fsignature[1]);
> +	}
> +	rpmtdFreeData(&fsignatures);
> +    }
> +
>      /* XXX TR_REMOVED doesn;t need fmtimes, frdevs, finodes */
>      if (!(flags & RPMFI_NOFILEMTIMES))
>  	_hgfi(h, RPMTAG_FILEMTIMES, &td, scareFlags, fi->fmtimes);
>      if (!(flags & RPMFI_NOFILERDEVS))
> +
Insertion of empty line.

>  	_hgfi(h, RPMTAG_FILERDEVS, &td, scareFlags, fi->frdevs);
>      if (!(flags & RPMFI_NOFILEINODES)) {
>  	_hgfi(h, RPMTAG_FILEINODES, &td, scareFlags, fi->finodes);
> @@ -1728,6 +1766,11 @@ const unsigned char * rpmfiFDigest(rpmfi fi, int
> *algo, size_t *len)
>      return rpmfilesFDigest(fi->files, fi ? fi->i : -1, algo, len);
>  }
>  
> +const unsigned char * rpmfiFSignature(rpmfi fi, size_t *len)
> +{
> +    return rpmfilesFSignature(fi->files, fi ? fi->i : -1, len);
> +}
> +
>  uint32_t rpmfiFDepends(rpmfi fi, const uint32_t ** fddictp)
>  {
>      return rpmfilesFDepends(fi->files,  fi ? fi->i : -1, fddictp);
> diff --git a/lib/rpmfi.h b/lib/rpmfi.h
> index 1752b71..6a00a14 100644
> --- a/lib/rpmfi.h
> +++ b/lib/rpmfi.h
> @@ -183,6 +183,14 @@ const unsigned char * rpmfiFDigest(rpmfi fi, int *algo,
> size_t *diglen);
>  char * rpmfiFDigestHex(rpmfi fi, int *algo);
>  
>  /** \ingroup rpmfi
> + * Return current file (binary) signature of file info set iterator.
> + * @param fi		file info set iterator
> + * @retval siglen	signature length (pass NULL to ignore)
> + * @return		current file signature, NULL on invalid
> + */
> +const unsigned char * rpmfiFSignature(rpmfi fi, size_t *siglen);
> +
> +/** \ingroup rpmfi
>   * Return current file (binary) md5 digest from file info set iterator.
>   * @deprecated		Use rpmfiFDigest() instead
>   * @param fi		file info set iterator
> diff --git a/lib/rpmfiles.h b/lib/rpmfiles.h
> index 8a9de31..27fe493 100644
> --- a/lib/rpmfiles.h
> +++ b/lib/rpmfiles.h
> @@ -116,6 +116,7 @@ enum rpmfiFlags_e {
>      RPMFI_NOFILECOLORS		= (1 << 15),
>      RPMFI_NOFILEVERIFYFLAGS	= (1 << 16),
>      RPMFI_NOFILEFLAGS		= (1 << 17),
> +    RPMFI_NOFILESIGNATURES	= (1 << 18),
>  };
>  
>  typedef rpmFlags rpmfiFlags;
> @@ -428,6 +429,15 @@ rpm_mode_t rpmfilesFMode(rpmfiles fi, int ix);
>  const unsigned char * rpmfilesFDigest(rpmfiles fi, int ix, int *algo, size_t
>  *len);
>  
>  /** \ingroup rpmfiles
> + * Return file (binary) digest of file info set.
> + * @param fi            file info set
> + * @param ix            file index
> + * @retval siglen       signature length (pass NULL to ignore)
> + * @return              file signature, NULL on invalid
> + */
> +const unsigned char * rpmfilesFSignature(rpmfiles fi, int ix, size_t *len);
> +
> +/** \ingroup rpmfiles
>   * Return file rdev from file info set.
>   * @param fi		file info set
>   * @param ix		file index
> --
> 2.1.0
> 
> _______________________________________________
> Rpm-ecosystem mailing list
> Rpm-ecosystem at lists.rpm.org
> http://lists.rpm.org/mailman/listinfo/rpm-ecosystem
> 


More information about the Rpm-ecosystem mailing list