Commit a239ddefa90575ce80ed4436beb4005a97e32644 changed rpmpkgVerifySigs() to accept fine-grained vsflags instead of query/verify style nosignature/nodigest hammers, but rpmVerifySignatures() didn't get updated accordingly. This will cause most unexpect behavior (in particular in 4.14.x), for example QUERY_DIGEST which was used for disabling all digest verification was defined as (1 << 19), which happens to be the same as RPMVSF_NORSA which is how it would now be treated. Similarly confusion with VERIFY_SCRIPT becoming RPMVSF_NODSA etc.
Just use the transaction verify flags instead, and mark the qva argument as unused. It's an API change but that's okay in 4.15, and it's also an explicit breakage at compile time (due to those DIGEST/SIGNATURE symbols removal). In 4.14.x this is a regression but can be fixed within the API. You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/747 -- Commit Summary -- * Fix rpmVerifySignatures() passing garbage as verify flags in rpm >= 4.14 -- File Changes -- M lib/rpmchecksig.c (3) M lib/rpmcli.h (2) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/747.patch https://github.com/rpm-software-management/rpm/pull/747.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/747
_______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
