[Rpm-maint] [rpm-software-management/rpm] Implement merging of new key material when importing pubkeys (PR #3083)
Michael Schroeder
notifications at github.com
Mon May 27 13:10:49 UTC 2024
@mlschroe commented on this pull request.
> @@ -229,6 +229,28 @@ char * rpmPubkeyBase64(rpmPubkey key)
return enc;
}
+rpmRC rpmPubkeyMerge(rpmPubkey oldkey, rpmPubkey newkey, rpmPubkey *mergedkeyp)
+{
+ rpmPubkey mergedkey = NULL;
+ uint8_t *mergedpkt = NULL;
+ size_t mergedpktlen = 0;
+ rpmRC rc;
+
+ pthread_rwlock_rdlock(&oldkey->lock);
+ pthread_rwlock_rdlock(&newkey->lock);
+ rc = pgpPubkeyMerge(oldkey->pkt.data(), oldkey->pkt.size(), newkey->pkt.data(), newkey->pkt.size(), &mergedpkt, &mergedpktlen, 0);
+ if (rc == RPMRC_OK && (mergedpktlen != oldkey->pkt.size() || memcmp(mergedpkt, oldkey->pkt.data(), mergedpktlen) != 0)) {
Seems I forgot to press the "Comment" button after I typed my reply...
There was no straightforward option with the RPMRC codes, so I went with the memcmp as a way to detect that nothing was changed. We can certainly hijack a RPMRC code or use a different means
But note that the rpm-sequoia code can also just duplicate the first certificate if the sequoia library returns an "unchanged" status...
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3083#discussion_r1616035375
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/3083/review/2080896175 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20240527/0f390c53/attachment.html>
More information about the Rpm-maint
mailing list