richardphibel / rpms / rpm

Forked from rpms/rpm 2 years ago
Clone
0b2921
From 74766d30b95f1575df8a42d185f2643caa235a8b Mon Sep 17 00:00:00 2001
0b2921
Message-Id: <74766d30b95f1575df8a42d185f2643caa235a8b.1543835412.git.pmatilai@redhat.com>
0b2921
From: Panu Matilainen <pmatilai@redhat.com>
0b2921
Date: Fri, 23 Nov 2018 12:47:27 +0200
0b2921
Subject: [PATCH] Handle unsupported digests the same as disabled ones
0b2921
 (RhBug:1652529)
0b2921
0b2921
A digest type unsupported by the underlying crypto library (whether
0b2921
technically or by configuration) does not mean the digest is invalid,
0b2921
it just cannot be used. Which for the purposes of verification is the
0b2921
same as if that digest didn't exist at all, and that's exactly how we
0b2921
handle digests and signatures disabled by configuration.
0b2921
0b2921
One particular case is FIPS mode which globally disables the use of MD5,
0b2921
which we mishandled prior to this by showing it as OK in verification
0b2921
despite actually not verifying it at all.
0b2921
0b2921
The exact place for handling this case is a bit subtle: the "obvious"
0b2921
place for checking for supported type is in rpmvsInitRange() but this
0b2921
doesn't work because of rpmDigestBundleAddID() return code semantics.
0b2921
The other "obvious" place would be rpmvsVerify(), but by that point
0b2921
we have even more funny cases to consider. So for now, it's actually
0b2921
easiest to check for this in rpmvsFiniRange() even if it's not the
0b2921
most obvious place for doing so. Might want to change the
0b2921
rpmDigestBundleAddID() semantics later, but this makes for a nicer
0b2921
backport (we'll need this in 4.14.x too).
0b2921
---
0b2921
 lib/rpmvs.c | 3 +++
0b2921
 1 file changed, 3 insertions(+)
0b2921
0b2921
diff --git a/lib/rpmvs.c b/lib/rpmvs.c
0b2921
index 7b5b86f8e..622e48011 100644
0b2921
--- a/lib/rpmvs.c
0b2921
+++ b/lib/rpmvs.c
0b2921
@@ -388,6 +388,9 @@ void rpmvsFiniRange(struct rpmvs_s *sis, int range)
0b2921
 
0b2921
 	if (sinfo->range == range && sinfo->rc == RPMRC_OK) {
0b2921
 	    sinfo->ctx = rpmDigestBundleDupCtx(sis->bundle, sinfo->id);
0b2921
+	    /* Handle unsupported digests the same as disabled ones */
0b2921
+	    if (sinfo->ctx == NULL)
0b2921
+		sinfo->rc = RPMRC_NOTFOUND;
0b2921
 	    rpmDigestBundleFinal(sis->bundle, sinfo->id, NULL, NULL, 0);
0b2921
 	}
0b2921
     }
0b2921
-- 
0b2921
2.19.2
0b2921