From c685f627d1dae75f527f4a43245ea8acdbab7292 Mon Sep 17 00:00:00 2001
From: Bartek Szady <bszx@bszx.eu>
Date: Fri, 26 Mar 2021 19:24:37 +0100
Subject: [PATCH] VfyLevel can't contain RPMSIG_SIGNATURE_TYPE when VfyFlags
 contain RPMVSF_MASK_NOSIGNATURES otherwise rpmVerifySignatures will fail

---
 poldek.spec            |  5 ++++-
 verify-signature.patch | 16 ++++++++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100644 verify-signature.patch

diff --git a/poldek.spec b/poldek.spec
index 4d2d5f5..5a2d858 100644
--- a/poldek.spec
+++ b/poldek.spec
@@ -25,7 +25,7 @@
 %define		ver_rpm		5.4.10
 %endif
 
-%define		rel	6
+%define		rel	7
 Summary:	RPM packages management helper tool
 Summary(hu.UTF-8):	RPM csomagkezelÃ©st segÃ­tÅ eszkÃ¶z
 Summary(pl.UTF-8):	Pomocnicze narzÄdzie do zarzÄdzania pakietami RPM
@@ -67,6 +67,7 @@ Patch12:	rpm4-rpmvercmp.patch
 Patch13:	trurlib-shared.patch
 Patch14:	rpm4-script-req-workaround.patch
 Patch15:	skip-buildid-obsoletes.patch
+Patch16:	verify-signature.patch
 URL:		http://poldek.pld-linux.org/
 BuildRequires:	%{db_pkg}-devel >= %{ver_db}
 BuildRequires:	autoconf >= 2.63
@@ -79,6 +80,7 @@ BuildRequires:	gettext-tools >= 0.11.5
 BuildRequires:	libgomp-devel
 BuildRequires:	libtool
 BuildRequires:	libxml2-devel >= 2
+BuildRequires:	lua54-devel
 BuildRequires:	ncurses-devel
 BuildRequires:	openssl-devel >= 0.9.7d
 BuildRequires:	pcre-devel
@@ -258,6 +260,7 @@ cd trurlib
 cd ..
 %patch14 -p1
 %patch15 -p1
+%patch16 -p1
 
 %{__rm} doc/poldek.info
 %{__rm} m4/libtool.m4 m4/lt*.m4
diff --git a/verify-signature.patch b/verify-signature.patch
new file mode 100644
index 0000000..f676de8
--- /dev/null
+++ b/verify-signature.patch
@@ -0,0 +1,16 @@
+diff -up poldek-0.42.2/pkgfetch.c._orig poldek-0.42.2/pkgfetch.c
+diff -up poldek-0.42.2/pm/rpmorg/signature.c._orig poldek-0.42.2/pm/rpmorg/signature.c
+--- poldek-0.42.2/pm/rpmorg/signature.c._orig	2021-03-19 15:02:55.589828096 +0100
++++ poldek-0.42.2/pm/rpmorg/signature.c	2021-03-20 18:02:34.286105414 +0100
+@@ -177,6 +177,11 @@ static int do_verify_signature(const cha
+     if (fdt != NULL && Ferror(fdt) == 0) {
+         ts = rpmtsCreate();
+         rpmtsSetVfyFlags(ts, vfyflags);
++	if ((flags & (PKGVERIFY_PGP | PKGVERIFY_GPG)) == 0) {
++	    int vfylevel = rpmtsVfyLevel(ts);
++	    vfylevel &= ~RPMSIG_SIGNATURE_TYPE;
++	    rpmtsSetVfyLevel(ts, vfylevel);
++	}
+         rc = rpmVerifySignatures(&qva, ts, fdt, n_basenam(path));
+         rpmtsFree(ts);
+ 
-- 
2.44.0