Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libjcat for openSUSE:Factory checked
in at 2024-01-30 18:23:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libjcat (Old)
and /work/SRC/openSUSE:Factory/.libjcat.new.1815 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libjcat"
Tue Jan 30 18:23:53 2024 rev:14 rq:1142253 version:0.2.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/libjcat/libjcat.changes 2024-01-12
23:45:01.709723245 +0100
+++ /work/SRC/openSUSE:Factory/.libjcat.new.1815/libjcat.changes
2024-01-30 18:23:54.918695703 +0100
@@ -1,0 +2,8 @@
+Mon Jan 22 07:46:55 UTC 2024 - Dominique Leuenberger <dims...@opensuse.org>
+
+- Update to version 0.2.1:
+ + Do not dedupe sig and sig-of-checksum when loading.
+ + Fix the installed tests.
+ + Show the sig-of-checksum results clearer on the CLI.
+
+-------------------------------------------------------------------
Old:
----
libjcat-0.2.0.tar.gz
New:
----
libjcat-0.2.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libjcat.spec ++++++
--- /var/tmp/diff_new_pack.LjnVm2/_old 2024-01-30 18:23:55.678723122 +0100
+++ /var/tmp/diff_new_pack.LjnVm2/_new 2024-01-30 18:23:55.682723266 +0100
@@ -19,7 +19,7 @@
%define sover 1
Name: libjcat
-Version: 0.2.0
+Version: 0.2.1
Release: 0
Summary: Library for reading and writing gzip-compressed JSON catalog
files
License: LGPL-2.1-or-later
++++++ libjcat-0.2.0.tar.gz -> libjcat-0.2.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libjcat-0.2.0/NEWS new/libjcat-0.2.1/NEWS
--- old/libjcat-0.2.0/NEWS 2024-01-02 11:14:30.000000000 +0100
+++ new/libjcat-0.2.1/NEWS 2024-01-20 16:28:52.000000000 +0100
@@ -1,3 +1,12 @@
+Version 0.2.1
+~~~~~~~~~~~~~
+Released: 2024-01-20
+
+Bugfixes:
+ - Do not dedupe sig and sig-of-checksum when loading (Richard Hughes)
+ - Fix the installed tests (Mario Limonciello)
+ - Show the sig-of-checksum results clearer on the CLI (Richard Hughes)
+
Version 0.2.0
~~~~~~~~~~~~~
Released: 2024-01-02
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libjcat-0.2.0/README.md new/libjcat-0.2.1/README.md
--- old/libjcat-0.2.0/README.md 2024-01-02 11:14:30.000000000 +0100
+++ new/libjcat-0.2.1/README.md 2024-01-20 16:28:52.000000000 +0100
@@ -157,6 +157,11 @@
firmware.bin:
PASSED pkcs7: O=ACME Corp.,CN=ACME CA
+NOTE: Only JCat v2.0.0 and newer supports the *checksum of the payload*
functionality, and you
+should also add signatures **without** using `--target` if you need to support
older versions.
+Additionally, older JCat versions deduplicate the blobs by just the blob kind,
so you want to make
+sure that the signature added with `--target` is added **before** the
signature added without.
+
Testing
=======
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libjcat-0.2.0/RELEASE new/libjcat-0.2.1/RELEASE
--- old/libjcat-0.2.0/RELEASE 2024-01-02 11:14:30.000000000 +0100
+++ new/libjcat-0.2.1/RELEASE 2024-01-20 16:28:52.000000000 +0100
@@ -2,9 +2,9 @@
1. Write NEWS entries for libjcat in the same format as usual.
-git shortlog 0.1.14.. | grep -i -v trivial | grep -v Merge > NEWS.new
+git shortlog 0.2.0.. | grep -i -v trivial | grep -v Merge > NEWS.new
-Version 0.2.0
+Version 0.2.1
~~~~~~~~~~~~~
Released: 2024-xx-xx
@@ -15,7 +15,7 @@
Commit changes to git:
# MAKE SURE THESE ARE CORRECT
-export release_ver="0.2.0"
+export release_ver="0.2.1"
git commit -a -m "Release libjcat ${release_ver}"
git tag -s -f -m "Release libjcat ${release_ver}" "${release_ver}"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libjcat-0.2.0/data/tests/colorhug/meson.build
new/libjcat-0.2.1/data/tests/colorhug/meson.build
--- old/libjcat-0.2.0/data/tests/colorhug/meson.build 2024-01-02
11:14:30.000000000 +0100
+++ new/libjcat-0.2.1/data/tests/colorhug/meson.build 2024-01-20
16:28:52.000000000 +0100
@@ -4,7 +4,7 @@
'firmware.bin.ed25519',
'firmware.bin.p7b',
],
- install_dir: join_paths(installed_test_bindir, 'colorhug'),
+ install_dir: join_paths(installed_test_datadir, 'colorhug'),
)
if get_option('pkcs7')
@@ -19,7 +19,7 @@
'--infile', '@INPUT@',
'--outfile', '@OUTPUT@'],
install: true,
- install_dir: join_paths(installed_test_bindir, 'colorhug'),
+ install_dir: join_paths(installed_test_datadir, 'colorhug'),
)
# generate self-signed detached signature *of the checksum*
@@ -33,7 +33,7 @@
'--infile', '@INPUT@',
'--outfile', '@OUTPUT@'],
install: true,
- install_dir: join_paths(installed_test_bindir, 'colorhug'),
+ install_dir: join_paths(installed_test_datadir, 'colorhug'),
)
endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libjcat-0.2.0/data/tests/libjcat.test.in
new/libjcat-0.2.1/data/tests/libjcat.test.in
--- old/libjcat-0.2.0/data/tests/libjcat.test.in 2024-01-02
11:14:30.000000000 +0100
+++ new/libjcat-0.2.1/data/tests/libjcat.test.in 2024-01-20
16:28:52.000000000 +0100
@@ -1,3 +1,3 @@
[Test]
Type=session
-Exec=@installed_test_bindir@/jcat-self-test
+Exec=sh -c "G_TEST_SRCDIR=@installed_test_datadir@
G_TEST_BUILDDIR=@installed_test_datadir@ @installed_test_bindir@/jcat-self-test"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libjcat-0.2.0/data/tests/meson.build
new/libjcat-0.2.1/data/tests/meson.build
--- old/libjcat-0.2.0/data/tests/meson.build 2024-01-02 11:14:30.000000000
+0100
+++ new/libjcat-0.2.1/data/tests/meson.build 2024-01-20 16:28:52.000000000
+0100
@@ -1,3 +1,11 @@
+install_data([
+ 'secret.ed25519',
+ 'test.btcheckpoint',
+ 'test.btverifier',
+ ],
+ install_dir: installed_test_datadir,
+)
+
configure_file(
input : 'libjcat.test.in',
output : 'libjcat.test',
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libjcat-0.2.0/data/tests/pki/meson.build
new/libjcat-0.2.1/data/tests/pki/meson.build
--- old/libjcat-0.2.0/data/tests/pki/meson.build 2024-01-02
11:14:30.000000000 +0100
+++ new/libjcat-0.2.1/data/tests/pki/meson.build 2024-01-20
16:28:52.000000000 +0100
@@ -1,8 +1,9 @@
install_data([
'GPG-KEY-Linux-Vendor-Firmware-Service',
'LVFS-CA.pem',
+ 'test.ed25519',
],
- install_dir: join_paths(installed_test_bindir, 'pki'),
+ install_dir: join_paths(installed_test_datadir, 'pki'),
)
# generate certificate
@@ -14,4 +15,6 @@
'--template', pkcs7_config,
'--load-privkey', '@INPUT@',
'--outfile', '@OUTPUT@'],
+ install: true,
+ install_dir: join_paths(installed_test_datadir, 'pki'),
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libjcat-0.2.0/libjcat/jcat-item.c
new/libjcat-0.2.1/libjcat/jcat-item.c
--- old/libjcat-0.2.0/libjcat/jcat-item.c 2024-01-02 11:14:30.000000000
+0100
+++ new/libjcat-0.2.1/libjcat/jcat-item.c 2024-01-20 16:28:52.000000000
+0100
@@ -293,6 +293,7 @@
for (guint i = 0; i < priv->blobs->len; i++) {
JcatBlob *blob_tmp = g_ptr_array_index(priv->blobs, i);
if (jcat_blob_get_kind(blob_tmp) == jcat_blob_get_kind(blob) &&
+ jcat_blob_get_target(blob_tmp) ==
jcat_blob_get_target(blob) &&
g_strcmp0(jcat_blob_get_appstream_id(blob_tmp),
jcat_blob_get_appstream_id(blob)) == 0) {
g_ptr_array_remove(priv->blobs, blob_tmp);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libjcat-0.2.0/libjcat/jcat-self-test.c
new/libjcat-0.2.1/libjcat/jcat-self-test.c
--- old/libjcat-0.2.0/libjcat/jcat-self-test.c 2024-01-02 11:14:30.000000000
+0100
+++ new/libjcat-0.2.1/libjcat/jcat-self-test.c 2024-01-20 16:28:52.000000000
+0100
@@ -456,7 +456,7 @@
g_autofree gchar *fn_fail = NULL;
g_autofree gchar *fn_pass = NULL;
g_autofree gchar *fn_sig = NULL;
- g_autofree gchar *pki_dir = NULL;
+ g_autofree gchar *pki_f = NULL;
g_autofree gchar *sig_fn2 = NULL;
g_autoptr(GBytes) blob_sig2 = NULL;
g_autoptr(GBytes) data_fail = NULL;
@@ -470,8 +470,8 @@
/* set up context */
jcat_context_set_keyring_path(context, "/tmp/libjcat-self-test/var");
- pki_dir = g_test_build_filename(G_TEST_DIST, "pki", NULL);
- jcat_context_add_public_keys(context, pki_dir);
+ pki_f = g_test_build_filename(G_TEST_DIST, "pki", "LVFS-CA.pem", NULL);
+ jcat_context_add_public_key(context, pki_f);
/* get engine */
engine = jcat_context_get_engine(context, JCAT_BLOB_KIND_PKCS7, &error);
@@ -865,7 +865,7 @@
JcatResult *result;
g_autofree gchar *fn_pass = NULL;
g_autofree gchar *fn_sig = NULL;
- g_autofree gchar *pki_dir = NULL;
+ g_autofree gchar *pki_f = NULL;
g_autoptr(GBytes) data_fwbin = NULL;
g_autoptr(GBytes) data_sig = NULL;
g_autoptr(GError) error = NULL;
@@ -880,8 +880,8 @@
/* set up context */
jcat_context_set_keyring_path(context, "/tmp");
- pki_dir = g_test_build_filename(G_TEST_BUILT, "pki", NULL);
- jcat_context_add_public_keys(context, pki_dir);
+ pki_f = g_test_build_filename(G_TEST_BUILT, "pki", "test.pem", NULL);
+ jcat_context_add_public_key(context, pki_f);
/* get all engines */
engine_sha256 = jcat_context_get_engine(context, JCAT_BLOB_KIND_SHA256,
&error);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libjcat-0.2.0/libjcat/jcat-tool.c
new/libjcat-0.2.1/libjcat/jcat-tool.c
--- old/libjcat-0.2.0/libjcat/jcat-tool.c 2024-01-02 11:14:30.000000000
+0100
+++ new/libjcat-0.2.1/libjcat/jcat-tool.c 2024-01-20 16:28:52.000000000
+0100
@@ -571,6 +571,7 @@
g_autoptr(GError) error_verify = NULL;
g_autoptr(JcatResult) result = NULL;
g_autoptr(GBytes) blob_source = NULL;
+ g_autoptr(GString) kind_str = g_string_new(NULL);
/* skip */
if (priv->kind != JCAT_BLOB_KIND_UNKNOWN && priv->kind !=
jcat_blob_get_kind(blob))
@@ -587,6 +588,13 @@
blob_source =
g_bytes_ref(jcat_blob_get_data(blob_target));
}
+ g_string_append(kind_str,
jcat_blob_kind_to_string(jcat_blob_get_kind(blob)));
+ if (jcat_blob_get_target(blob) != JCAT_BLOB_KIND_UNKNOWN) {
+ g_string_append_printf(
+ kind_str,
+ "-of-%s",
+
jcat_blob_kind_to_string(jcat_blob_get_target(blob)));
+ }
if (priv->disable_time_checks)
flags |= JCAT_VERIFY_FLAG_DISABLE_TIME_CHECKS;
result = jcat_context_verify_blob(priv->context,
@@ -597,20 +605,16 @@
if (result == NULL) {
if (g_error_matches(error_verify, G_IO_ERROR,
G_IO_ERROR_NOT_FOUND)) {
g_print(" SKIPPED %s: %s\n",
-
jcat_blob_kind_to_string(jcat_blob_get_kind(blob)),
+ kind_str->str,
error_verify->message);
continue;
}
- g_print(" FAILED %s: %s\n",
-
jcat_blob_kind_to_string(jcat_blob_get_kind(blob)),
- error_verify->message);
+ g_print(" FAILED %s: %s\n", kind_str->str,
error_verify->message);
ret = FALSE;
continue;
}
authority = jcat_result_get_authority(result);
- g_print(" PASSED %s: %s\n",
- jcat_blob_kind_to_string(jcat_blob_get_kind(blob)),
- authority != NULL ? authority : "OK");
+ g_print(" PASSED %s: %s\n", kind_str->str, authority != NULL
? authority : "OK");
}
if (!ret) {
g_set_error(error, G_IO_ERROR, G_IO_ERROR_INVALID_DATA,
"Validation failed");
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libjcat-0.2.0/meson.build
new/libjcat-0.2.1/meson.build
--- old/libjcat-0.2.0/meson.build 2024-01-02 11:14:30.000000000 +0100
+++ new/libjcat-0.2.1/meson.build 2024-01-20 16:28:52.000000000 +0100
@@ -1,5 +1,5 @@
project('libjcat', 'c',
- version : '0.2.0',
+ version : '0.2.1',
license : 'LGPL-2.1+',
meson_version : '>=0.56.0',
default_options : ['warning_level=2', 'c_std=c99'],
@@ -159,6 +159,7 @@
gnome = import('gnome')
conf.set('installed_test_bindir', installed_test_bindir)
+conf.set('installed_test_datadir', installed_test_datadir)
conf.set_quoted('PACKAGE_NAME', meson.project_name())
conf.set_quoted('GETTEXT_PACKAGE', meson.project_name())
conf.set_quoted('JCAT_LOCALSTATEDIR', localstatedir)
