RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Ralf S. Engelschall
Root: /v/rpm/cvs Email: r...@rpm5.org
Module: rpm Date: 18-Apr-2009 18:41:59
Branch: HEAD Handle: 2009041816415701
Modified files:
rpm CHANGES VENDOR
rpm/lib poptALL.c
rpm/rpmio macro.c poptIO.c rpmlua.c
Log:
RPM_VENDOR_OPENPKG: stick with local RPM sanity checking for reasonable
warning messages. The reason simply is: POPT >= 1.15 contains the
poptSaneFile() function which is equivalent to rpmSecuritySaneFile().
And POPT >= 1.15 also contains a poptReadConfigFiles() which returns
POPT_ERROR_BADCONFIG in case poptSaneFile() says a file is not
sane. This is all fine from a raw sanity checking point of view.
Unfortunately, in the error reporting it is absolutely vital to know
_WHICH_ file is considered insecure. Until POPT provides an error
reporting callback or other means for RPM to provide again reasonable
warning messages, we stick with the RPM sanity checking code. So, this
is not because OpenPKG is using POPT < 1.15, but because we need proper
warning messages!
Summary:
Revision Changes Path
1.2945 +1 -0 rpm/CHANGES
2.69 +18 -0 rpm/VENDOR
2.126 +2 -1 rpm/lib/poptALL.c
2.228 +4 -2 rpm/rpmio/macro.c
1.49 +2 -3 rpm/rpmio/poptIO.c
2.72 +2 -1 rpm/rpmio/rpmlua.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/CHANGES
============================================================================
$ cvs diff -u -r1.2944 -r1.2945 CHANGES
--- rpm/CHANGES 17 Apr 2009 22:42:11 -0000 1.2944
+++ rpm/CHANGES 18 Apr 2009 16:41:57 -0000 1.2945
@@ -1,5 +1,6 @@
5.2a4 -> 5.2b1:
+ - rse: RPM_VENDOR_OPENPKG: stick with local RPM sanity checking for
reasonable warning messages
- jbj: js: simplify the embedding to the JSAPI examples, not the js
shell.
- jbj: ficl: capture stdout from ficl vm.
- jbj: ficl: wire-up %post -p <ficl>.
@@ .
patch -p0 <<'@@ .'
Index: rpm/VENDOR
============================================================================
$ cvs diff -u -r2.68 -r2.69 VENDOR
--- rpm/VENDOR 6 Apr 2009 00:21:20 -0000 2.68
+++ rpm/VENDOR 18 Apr 2009 16:41:58 -0000 2.69
@@ -423,6 +423,24 @@
just ignored.
________________________________________________________________________
+ Change: stick-with-rpm-file-sanity-checking
+ Purpose: Use file sanity checking code of RPM instead of POPT
+ Reason: POPT >= 1.15 contains the poptSaneFile() function which
+ is equivalent to rpmSecuritySaneFile(). And POPT >=
+ 1.15 also contains a poptReadConfigFiles() which
+ returns POPT_ERROR_BADCONFIG in case poptSaneFile()
+ says a file is not sane. This is all fine from a
+ raw sanity checking point of view. Unfortunately,
+ in the error reporting it is absolutely vital to
+ know _WHICH_ file is considered insecure. Until
+ POPT provides an error reporting callback or other
+ means for RPM to provide again reasonable warning
+ messages, we stick with the RPM sanity checking
+ code. So, this is not because OpenPKG is using
+ POPT < 1.15, but because we need proper warning
+ messages!
+ ________________________________________________________________________
+
o Name: RPM4DARWIN
Vendor: RPM for Darwin (Mac OS X)
<http://rpm4darwin.sourceforge.net/>
Representative: Anders F. Bjorklund <a...@users.sourceforge.net>
<a...@rpm5.org>
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/poptALL.c
============================================================================
$ cvs diff -u -r2.125 -r2.126 poptALL.c
--- rpm/lib/poptALL.c 13 Apr 2009 18:07:31 -0000 2.125
+++ rpm/lib/poptALL.c 18 Apr 2009 16:41:58 -0000 2.126
@@ -679,7 +679,8 @@
optCon = poptGetContext(__progname, argc, (const char **)argv,
optionsTable, 0);
/*...@=nullpass =temptr...@*/
-#if !defined(POPT_ERROR_BADCONFIG) /* XXX popt-1.15- retrofit */
+#if defined(RPM_VENDOR_OPENPKG) /* stick-with-rpm-file-sanity-checking */ ||
\
+ !defined(POPT_ERROR_BADCONFIG) /* XXX POPT 1.15 retrofit */
{ char * path_buf = xstrdup(rpmpoptfiles);
char *path;
char *path_next;
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/macro.c
============================================================================
$ cvs diff -u -r2.227 -r2.228 macro.c
--- rpm/rpmio/macro.c 17 Apr 2009 16:10:23 -0000 2.227
+++ rpm/rpmio/macro.c 18 Apr 2009 16:41:58 -0000 2.228
@@ -2193,7 +2193,8 @@
return rc;
}
-#if !defined(POPT_ERROR_BADCONFIG) /* XXX popt-1.15- retrofit */
+#if defined(RPM_VENDOR_OPENPKG) /* stick-with-rpm-file-sanity-checking */ ||
\
+ !defined(POPT_ERROR_BADCONFIG) /* XXX POPT 1.15 retrofit */
int rpmSecuritySaneFile(const char *filename)
{
struct stat sb;
@@ -2596,7 +2597,8 @@
if (fn[0] == '@' /* attention */) {
fn++;
-#if !defined(POPT_ERROR_BADCONFIG) /* XXX popt-1.15- retrofit */
+#if defined(RPM_VENDOR_OPENPKG) /* stick-with-rpm-file-sanity-checking */ ||
\
+ !defined(POPT_ERROR_BADCONFIG) /* XXX POPT 1.15 retrofit */
if (!rpmSecuritySaneFile(fn))
#else
if (!poptSaneFile(fn))
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/poptIO.c
============================================================================
$ cvs diff -u -r1.48 -r1.49 poptIO.c
--- rpm/rpmio/poptIO.c 17 Apr 2009 16:10:23 -0000 1.48
+++ rpm/rpmio/poptIO.c 18 Apr 2009 16:41:58 -0000 1.49
@@ -554,7 +554,8 @@
/*...@=nullpass =temptr...@*/
#ifdef NOTYET
-#if !defined(POPT_ERROR_BADCONFIG) /* XXX popt-1.15- retrofit */
+#if defined(RPM_VENDOR_OPENPKG) /* stick-with-rpm-file-sanity-checking */ ||
\
+ !defined(POPT_ERROR_BADCONFIG) /* XXX POPT 1.15 retrofit */
{ char * path_buf = xstrdup(rpmpoptfiles);
char *path;
char *path_next;
@@ -579,7 +580,6 @@
/* work-off each resulting file from the path element */
for (i = 0; i < ac; i++) {
const char *fn = av[i];
-#if defined(RPM_VENDOR_OPENPKG) /*
security-sanity-check-rpmpopt-and-rpmmacros */
if (fn[0] == '@' /* attention */) {
fn++;
if (!rpmSecuritySaneFile(fn)) {
@@ -587,7 +587,6 @@
continue;
}
}
-#endif
(void)poptReadConfigFile(optCon, fn);
av[i] = _free(av[i]);
}
@@ .
patch -p0 <<'@@ .'
Index: rpm/rpmio/rpmlua.c
============================================================================
$ cvs diff -u -r2.71 -r2.72 rpmlua.c
--- rpm/rpmio/rpmlua.c 11 Apr 2009 16:50:24 -0000 2.71
+++ rpm/rpmio/rpmlua.c 18 Apr 2009 16:41:58 -0000 2.72
@@ -214,7 +214,8 @@
const char *fn = av[i];
if (fn[0] == '@' /* attention */) {
fn++;
-#if !defined(POPT_ERROR_BADCONFIG) /* XXX popt-1.15- retrofit */
+#if defined(RPM_VENDOR_OPENPKG) /* stick-with-rpm-file-sanity-checking */ ||
\
+ !defined(POPT_ERROR_BADCONFIG) /* XXX POPT 1.15 retrofit */
if (!rpmSecuritySaneFile(fn))
#else
if (!poptSaneFile(fn))
@@ .
______________________________________________________________________
RPM Package Manager http://rpm5.org
CVS Sources Repository rpm-cvs@rpm5.org
