[Rpm-maint] [PATCH] Fix signfiles issue with shrinking sigh

Lubos Kardos lkardos at redhat.com
Mon Aug 17 14:52:19 UTC 2015


Hi Fin,

after applying this patch when somebody will delete a package signature from
a package, then the whole package will be  always re-written no matter if
"--signfiles" is defined on the command line. This is a regression, previously
it was possible to remove a signature from a package without re-writing
the whole package.

Besides that, this fix doesn't fix all issues. Try to sign an unsigned package
generated with rpm-4.11 (packages have no RPMSIGTAG_RESERVEDSPACE tag) or try
to set macro %{__gpg_reserved_space} to greater value than default 4096 before
signing a package. You will encounter the problem with headerRead().

There are two solutions for this problem:
- move "origSigSize = headerSizeof(...)" above the includeFileSignatures(...)"
  and calculate the size of RPMSIGTAG_RESERVEDSPACE in includeFileSignatures()
  properly or

- don't put RPMSIGTAG_RESERVEDSPACE into signature header created in
  includeFileSignatures()

Lubos

----- Original Message -----
> From: "Fionnuala Gunter" <fionnuala.gunter at gmail.com>
> To: rpm-maint at lists.rpm.org
> Cc: "Mimi Zohar" <zohar at linux.vnet.ibm.com>, "Lubos Kardos" <lkardos at redhat.com>
> Sent: Friday, August 14, 2015 4:31:10 PM
> Subject: [PATCH] Fix signfiles issue with shrinking sigh
> 
> Hi Lubos,
> 
> We found an issue with adding file signatures to some prebuilt rpms. This
> patch fixes the bug, please apply.
> 
> Thanks,
> Fin
> 


More information about the Rpm-maint mailing list