[Rpm-maint] [rpm-software-management/rpm] Fail to check signature (#270)

[Panu Matilainen]

There's now another similar bug at https://bugzilla.redhat.com/show_bug.cgi?id=1514190, Intel signed packages in that case as well, with the same problem: the actual signature is placed outside signature header immutable region. I'm not aware of any rpm.org version doing that. @anselmolsm - any news on that front?

@n3npq , as for the original report on the rpm5 built capsule package: the "offending" tag is RPMSIGTAG_PADDING and I was about to ask why it is outside the immutable region, but looking at the code it doesn't seem to be intentional:

```
    /* Reallocate the signature header into one contiguous region. */
    sigh = headerReload(sigh, RPMTAG_HEADERSIGNATURES);

   [...]

        he->tag = (rpmTag) RPMSIGTAG_PADDING;
        he->t = RPM_BIN_TYPE;
        he->p.ui8p = b;
        he->c = nb;
        xx = headerPut(sigh, he, HEADERGET_SIGHEADER);
        sigh = headerReload(sigh, RPMTAG_HEADERSIGNATURES);
```
So it seems the second headerReload() fails to pull the padding tag into the region, for whatever reason.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/270#issuecomment-347500742
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20171128/4be14660/attachment-0001.html>