summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
authormingli.yu@windriver.com <mingli.yu@windriver.com>2016-07-20 16:51:34 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-07-26 08:56:29 +0100
commitf02f0edeaabb7b5c437dfb7a4bf174fe29ab5a87 (patch)
treeffd6f59769984c4c4afb4f566a5a975359a58d88 /meta
parent2f6bbc7006f2b34ab533d3582f28323330c7195d (diff)
downloadpoky-f02f0edeaabb7b5c437dfb7a4bf174fe29ab5a87.tar.gz
python-smartpm: add support to check signatures
RPMv5 has removed support for _RPMVSF_NOSIGNATURES, the flag can be replaced with a flags set: "RPMVSF_NODSAHEADER|RPMVSF_NORSAHEADER|RPMVSF_NODSA RPMVSF_NORSA" (From OE-Core rev: 5c0c1b8a64643ad7130b17b5dfce9cecffa6d962) Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-devtools/python/python-smartpm/smartpm-rpm5-nodig.patch59
-rw-r--r--meta/recipes-devtools/python/python-smartpm/smartpm-rpm5-support-check-signatures.patch112
-rw-r--r--meta/recipes-devtools/python/python-smartpm_git.bb2
3 files changed, 113 insertions, 60 deletions
diff --git a/meta/recipes-devtools/python/python-smartpm/smartpm-rpm5-nodig.patch b/meta/recipes-devtools/python/python-smartpm/smartpm-rpm5-nodig.patch
deleted file mode 100644
index fefb29a666..0000000000
--- a/meta/recipes-devtools/python/python-smartpm/smartpm-rpm5-nodig.patch
+++ /dev/null
@@ -1,59 +0,0 @@
1RPM5 has removed support for RPMVSF_NOSIGNATURES
2
3Patch smart to no longer use this flag
4
5Upstream-Status: Pending
6
7Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
8
9diff --git a/smart/backends/rpm/base.py b/smart/backends/rpm/base.py
10--- a/smart/backends/rpm/base.py
11+++ b/smart/backends/rpm/base.py
12@@ -63,11 +63,11 @@ def getTS(new=False):
13 if sysconf.get("rpm-dbpath"):
14 rpm.addMacro('_dbpath', "/" + sysconf.get("rpm-dbpath"))
15 getTS.ts = rpm.ts(getTS.root)
16- if not sysconf.get("rpm-check-signatures", False):
17- if hasattr(rpm, '_RPMVSF_NOSIGNATURES'):
18- getTS.ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
19- else:
20- raise Error, _("rpm requires checking signatures")
21+ #if not sysconf.get("rpm-check-signatures", False):
22+ # if hasattr(rpm, '_RPMVSF_NOSIGNATURES'):
23+ # getTS.ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
24+ # else:
25+ # raise Error, _("rpm requires checking signatures")
26 rpm_dbpath = sysconf.get("rpm-dbpath", "var/lib/rpm")
27 dbdir = rpm_join_dbpath(getTS.root, rpm_dbpath)
28 if not os.path.isdir(dbdir):
29@@ -89,11 +89,11 @@ def getTS(new=False):
30 if sysconf.get("rpm-dbpath"):
31 rpm.addMacro('_dbpath', "/" + sysconf.get("rpm-dbpath"))
32 ts = rpm.ts(getTS.root)
33- if not sysconf.get("rpm-check-signatures", False):
34- if hasattr(rpm, '_RPMVSF_NOSIGNATURES'):
35- ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
36- else:
37- raise Error, _("rpm requires checking signatures")
38+ #if not sysconf.get("rpm-check-signatures", False):
39+ # if hasattr(rpm, '_RPMVSF_NOSIGNATURES'):
40+ # ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
41+ # else:
42+ # raise Error, _("rpm requires checking signatures")
43 return ts
44 else:
45 return getTS.ts
46diff --git a/smart/plugins/yumchannelsync.py b/smart/plugins/yumchannelsync.py
47--- a/smart/plugins/yumchannelsync.py
48+++ b/smart/plugins/yumchannelsync.py
49@@ -56,8 +56,8 @@ def _getreleasever():
50
51 rpmroot = sysconf.get("rpm-root", "/")
52 ts = rpmUtils.transaction.initReadOnlyTransaction(root=rpmroot)
53- if hasattr(rpm, '_RPMVSF_NOSIGNATURES') and hasattr(rpm, '_RPMVSF_NODIGESTS'):
54- ts.pushVSFlags(~(rpm._RPMVSF_NOSIGNATURES|rpm._RPMVSF_NODIGESTS))
55+ #if hasattr(rpm, '_RPMVSF_NOSIGNATURES') and hasattr(rpm, '_RPMVSF_NODIGESTS'):
56+ # ts.pushVSFlags(~(rpm._RPMVSF_NOSIGNATURES|rpm._RPMVSF_NODIGESTS))
57 releasever = None
58 # HACK: we're hard-coding the most used distros, will add more if needed
59 idx = ts.dbMatch('provides', 'fedora-release')
diff --git a/meta/recipes-devtools/python/python-smartpm/smartpm-rpm5-support-check-signatures.patch b/meta/recipes-devtools/python/python-smartpm/smartpm-rpm5-support-check-signatures.patch
new file mode 100644
index 0000000000..4067a90a08
--- /dev/null
+++ b/meta/recipes-devtools/python/python-smartpm/smartpm-rpm5-support-check-signatures.patch
@@ -0,0 +1,112 @@
1From 5b79e28bd70a0ec5b34c5ff19b66cbbdd1e48835 Mon Sep 17 00:00:00 2001
2From: Haiqing Bai <Haiqing.Bai@windriver.com>
3Date: Fri, 18 Mar 2016 13:34:07 +0800
4Subject: [PATCH] Make smartpm to support check signatures of rpmv5.
5
6The original support for 'rpm-check-signatures' has been
7disabled for the RPMv5 does not support '_RPMVSF_NOSIGNATURES'
8now. This fix replaces the '_RPMVSF_NOSIGNATURES' with
9rpm VS flags set:RPMVSF_NODSAHEADER|RPMVSF_NORSAHEADER|
10RPMVSF_NODSA|RPMVSF_NORSA.
11
12Upstream-Status: Pending
13Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
14---
15 smart/backends/rpm/base.py | 43 +++++++++++++++++++++++++++++++----------
16 smart/backends/rpm/pm.py | 2 +-
17 smart/plugins/yumchannelsync.py | 5 +++--
18 3 files changed, 37 insertions(+), 13 deletions(-)
19
20diff --git a/smart/backends/rpm/base.py b/smart/backends/rpm/base.py
21index 85f4d49..dbd6165 100644
22--- a/smart/backends/rpm/base.py
23+++ b/smart/backends/rpm/base.py
24@@ -63,11 +63,23 @@ def getTS(new=False):
25 if sysconf.get("rpm-dbpath"):
26 rpm.addMacro('_dbpath', "/" + sysconf.get("rpm-dbpath"))
27 getTS.ts = rpm.ts(getTS.root)
28- if not sysconf.get("rpm-check-signatures", False):
29- if hasattr(rpm, '_RPMVSF_NOSIGNATURES'):
30- getTS.ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
31- else:
32- raise Error, _("rpm requires checking signatures")
33+
34+ # _RPMVSF_NOSIGNATURES is not supported in RPMv5, so here uses
35+ # RPMVSF_NODSAHEADER|RPMVSF_NORSAHEADER|RPMVSF_NODSA|RPMVSF_NORSA
36+ # to replace '_RPMVSF_NOSIGNATURES' to continue to support check
37+ # rpm signatures
38+
39+ #if not sysconf.get("rpm-check-signatures", False):
40+ # if hasattr(rpm, '_RPMVSF_NOSIGNATURES'):
41+ # getTS.ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
42+ # else:
43+ # raise Error, _("rpm requires checking signatures")
44+ if sysconf.get("rpm-check-signatures") == False:
45+ getTS.ts.setVSFlags(rpm.RPMVSF_NODSAHEADER|rpm.RPMVSF_NORSAHEADER|\
46+ rpm.RPMVSF_NODSA|rpm.RPMVSF_NORSA)
47+ else:
48+ getTS.ts.setVSFlags(0)
49+
50 rpm_dbpath = sysconf.get("rpm-dbpath", "var/lib/rpm")
51 dbdir = rpm_join_dbpath(getTS.root, rpm_dbpath)
52 if not os.path.isdir(dbdir):
53@@ -89,11 +101,22 @@ def getTS(new=False):
54 if sysconf.get("rpm-dbpath"):
55 rpm.addMacro('_dbpath', "/" + sysconf.get("rpm-dbpath"))
56 ts = rpm.ts(getTS.root)
57- if not sysconf.get("rpm-check-signatures", False):
58- if hasattr(rpm, '_RPMVSF_NOSIGNATURES'):
59- ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
60- else:
61- raise Error, _("rpm requires checking signatures")
62+
63+ # _RPMVSF_NOSIGNATURES is not supported in RPMv5, so here uses
64+ # RPMVSF_NODSAHEADER|RPMVSF_NORSAHEADER|RPMVSF_NODSA|RPMVSF_NORSA
65+ # to replace '_RPMVSF_NOSIGNATURES' to continue to support check
66+ # rpm signatures
67+
68+ #if not sysconf.get("rpm-check-signatures", False):
69+ # if hasattr(rpm, '_RPMVSF_NOSIGNATURES'):
70+ # ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
71+ # else:
72+ # raise Error, _("rpm requires checking signatures")
73+ if sysconf.get("rpm-check-signatures") == False:
74+ ts.setVSFlags(rpm.RPMVSF_NODSAHEADER|rpm.RPMVSF_NORSAHEADER|\
75+ rpm.RPMVSF_NODSA|rpm.RPMVSF_NORSA)
76+ else:
77+ ts.setVSFlags(0)
78 return ts
79 else:
80 return getTS.ts
81diff --git a/smart/backends/rpm/pm.py b/smart/backends/rpm/pm.py
82index b57a844..7b651b5 100644
83--- a/smart/backends/rpm/pm.py
84+++ b/smart/backends/rpm/pm.py
85@@ -180,7 +180,7 @@ class RPMPackageManager(PackageManager):
86 fd = os.open(path, os.O_RDONLY)
87 try:
88 h = ts.hdrFromFdno(fd)
89- if sysconf.get("rpm-check-signatures", False):
90+ if sysconf.get("rpm-check-signatures", True):
91 if get_public_key(h) == '(none)':
92 raise rpm.error('package is not signed')
93 except rpm.error, e:
94diff --git a/smart/plugins/yumchannelsync.py b/smart/plugins/yumchannelsync.py
95index f8107e6..2dc5482 100644
96--- a/smart/plugins/yumchannelsync.py
97+++ b/smart/plugins/yumchannelsync.py
98@@ -56,8 +56,9 @@ def _getreleasever():
99
100 rpmroot = sysconf.get("rpm-root", "/")
101 ts = rpmUtils.transaction.initReadOnlyTransaction(root=rpmroot)
102- if hasattr(rpm, '_RPMVSF_NOSIGNATURES') and hasattr(rpm, '_RPMVSF_NODIGESTS'):
103- ts.pushVSFlags(~(rpm._RPMVSF_NOSIGNATURES|rpm._RPMVSF_NODIGESTS))
104+ #_RPMVSF_NOSIGNATURES is not supported in RPMv5
105+ #if hasattr(rpm, '_RPMVSF_NOSIGNATURES') and hasattr(rpm, '_RPMVSF_NODIGESTS'):
106+ # ts.pushVSFlags(~(rpm._RPMVSF_NOSIGNATURES|rpm._RPMVSF_NODIGESTS))
107 releasever = None
108 # HACK: we're hard-coding the most used distros, will add more if needed
109 idx = ts.dbMatch('provides', 'fedora-release')
110--
1111.9.1
112
diff --git a/meta/recipes-devtools/python/python-smartpm_git.bb b/meta/recipes-devtools/python/python-smartpm_git.bb
index d9fb271228..81e45b7aff 100644
--- a/meta/recipes-devtools/python/python-smartpm_git.bb
+++ b/meta/recipes-devtools/python/python-smartpm_git.bb
@@ -13,7 +13,6 @@ SRCNAME = "smart"
13 13
14SRC_URI = "\ 14SRC_URI = "\
15 git://github.com/smartpm/smart.git \ 15 git://github.com/smartpm/smart.git \
16 file://smartpm-rpm5-nodig.patch \
17 file://smart-recommends.patch \ 16 file://smart-recommends.patch \
18 file://smart-channelsdir.patch \ 17 file://smart-channelsdir.patch \
19 file://smart-rpm-transaction-failure-check.patch \ 18 file://smart-rpm-transaction-failure-check.patch \
@@ -25,6 +24,7 @@ SRC_URI = "\
25 file://smart-cache.py-getPackages-matches-name-version.patch \ 24 file://smart-cache.py-getPackages-matches-name-version.patch \
26 file://smart-channel-remove-all.patch \ 25 file://smart-channel-remove-all.patch \
27 file://smart-locale.patch \ 26 file://smart-locale.patch \
27 file://smartpm-rpm5-support-check-signatures.patch \
28 " 28 "
29 29
30SRCREV = "407a7eca766431257dcd1da15175cc36a1bb22d0" 30SRCREV = "407a7eca766431257dcd1da15175cc36a1bb22d0"