Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure unique tags in signature header #1570

Open
pmatilai opened this issue Mar 5, 2021 · 4 comments
Open

Ensure unique tags in signature header #1570

pmatilai opened this issue Mar 5, 2021 · 4 comments
Labels
fileformat Matters concerning package (file) format
Projects
RPM v6 format

Comments

@pmatilai
Copy link
Member

pmatilai commented Mar 5, 2021
edited

Currently a bunch of signature tags overlap with the ones in the main header, requiring translation and making eg type checking harder than it should be. These overlaps need to be eliminated and made illegal in v6.

  • RPMSIGTAG_PGP, RPMSIGTAG_GPG (and RPMSIGTAG_PGP5) are no longer created in >= 4.16
  • RPMSIGTAG_MD5 is superceded by payload digest in >= 4.14, just needs to be dropped entirely
  • RPMSIGTAG_SIZE and RPMSIGTAG_PAYLOADSIZE will go away with Default to 64bit size tags in headers #864
  • RPMSIGTAG_RESERVEDSPACE is the only thing left. This needs to be rethought, perhaps borrow an idea from rpm5 where the signature header padding was added as a dribble to the header itself, this padding could also serve the same "reserved space" purpose.
  • RPMSIGTAG_FILESIGNATURES and RPMSIGTAG_FILESIGNATURELENGTH is a different kind of mess, needs to be sorted out nevertheless (make RPMTAG_FILESIGNATURES just an alias for RPMSIGTAG_FILESIGNATURES or something)
@pmatilai pmatilai added the fileformat Matters concerning package (file) format label Mar 5, 2021
@pmatilai pmatilai added this to Todo in RPM v6 format Mar 5, 2021
@pmatilai pmatilai changed the title Ensure unique tags for in signature header Ensure unique tags in signature header Jun 11, 2021
@pmatilai
Copy link
Member Author

(deleted irrelevant discussion)

dralley referenced this issue Dec 20, 2022
@pandnp @lkardos
Add rpmtags for file signatures and their length
b7e9a60 
This patch adds rpmtags for file signatures and their length, so they
can be stored in the package header.

Changelog:
- update rpmtag values (rebase error) - Mimi
- fix test case 0004 - Florian
- update rpmtag values again - Fin

[lkardos@redhat.com: tag numbers was changed in order not to conflict]
Signed-off-by: Lubos Kardos <lkardos@redhat.com>
@dralley dralley mentioned this issue Dec 20, 2022
Open
@dralley dralley mentioned this issue Apr 5, 2023
Open
@dralley
Copy link
Contributor

dralley commented May 13, 2023
edited

RPMSIGTAG_FILESIGNATURES and RPMSIGTAG_FILESIGNATURELENGTH is a different kind of mess, needs to be sorted out nevertheless (make RPMTAG_FILESIGNATURES just an alias for RPMSIGTAG_FILESIGNATURES or something)

I noticed that (most? all?) Fedora 37 packages seem to have RPMTAG_FILESIGNATURES in the signature header (Instead of RPMSIGTAG_FILESIGNATURES), is this part of the mess you're referring to?

(The tag values are not overlapping, RPMTAG_FILESIGNATURES = 5090, RPMSIGTAG_FILESIGNATURES = 274, in this case 5090 is present in the signature header)

I cannot seem to find any reference to that as being a bug or even a relevant commit though. It must have been fixed at some point because Fedora 38 packages don't seem to have this issue. Or maybe the build pipeline changed?

@dralley
Copy link
Contributor

dralley commented Aug 28, 2023

I still haven't been able to track down a cause for ^, do you happen to remember anything?

@pmatilai
Copy link
Member Author

pmatilai commented Apr 4, 2024

The tag conflicts between signature and header are gone as of #3017, what remains is to error out if tags >= 1000 are found in v6 signature header.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
fileformat Matters concerning package (file) format
Projects
RPM
Status: Backlog
RPM v6 format
Status: Todo
RPM v6 format
  
Todo
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dralley @pmatilai