[Rpm-maint] [rpm-software-management/rpm] Fail to check signature (#270)

Panu Matilainen notifications at github.com
Tue Nov 28 11:54:33 UTC 2017

There's now another similar bug at https://bugzilla.redhat.com/show_bug.cgi?id=1514190, Intel signed packages in that case as well, with the same problem: the actual signature is placed outside signature header immutable region. I'm not aware of any rpm.org version doing that. @anselmolsm - any news on that front?

@n3npq , as for the original report on the rpm5 built capsule package: the "offending" tag is RPMSIGTAG_PADDING and I was about to ask why it is outside the immutable region, but looking at the code it doesn't seem to be intentional:

    /* Reallocate the signature header into one contiguous region. */
    sigh = headerReload(sigh, RPMTAG_HEADERSIGNATURES);


        he->tag = (rpmTag) RPMSIGTAG_PADDING;
        he->t = RPM_BIN_TYPE;
        he->p.ui8p = b;
        he->c = nb;
        xx = headerPut(sigh, he, HEADERGET_SIGHEADER);
        sigh = headerReload(sigh, RPMTAG_HEADERSIGNATURES);
So it seems the second headerReload() fails to pull the padding tag into the region, for whatever reason.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20171128/4be14660/attachment-0001.html>

More information about the Rpm-maint mailing list