[packages/rpm.git] / rpm-disable-hmac-verify.patch

--- rpm-5.4.10.orig/lib/verify.c	2012-07-06 17:39:16.000000000 +0200
+++ rpm-5.4.10/lib/verify.c	2012-10-21 19:35:08.610708732 +0200
@@ -261,11 +261,20 @@
 	    unsigned char * fdigest = (unsigned char *)
 			memset(alloca(vf->dlen), 0, vf->dlen);
 	    size_t fsize = 0;
+#if defined(RPM_VENDOR_PLD)
+/*
+ * Disable hmac during digest calculation, since rpm package files contain plain md5sums,
+ * hmac support is useless, see:
+ * http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2012-October/023193.html
+ */
+	    int rc = dodigest(vf->dalgo, vf->fn, fdigest, 0, &fsize);
+#else
 #define	_mask	(RPMVERIFY_FDIGEST|RPMVERIFY_HMAC)
 	    unsigned dflags = (vf->vflags & _mask) == RPMVERIFY_HMAC
 		? 0x2 : 0x0;
 #undef	_mask
 	    int rc = dodigest(vf->dalgo, vf->fn, fdigest, dflags, &fsize);
+#endif
 	    sb.st_size = fsize;
 	    if (rc) {
 		VF_SET(res, READFAIL);
Commit	Line	Data
9158f140 JR	1	--- rpm-5.4.10.orig/lib/verify.c 2012-07-06 17:39:16.000000000 +0200
9158f140 JR	2	+++ rpm-5.4.10/lib/verify.c 2012-10-21 19:35:08.610708732 +0200
9b8655c2	3	@@ -261,11 +261,20 @@
9158f140 JR	4	unsigned char * fdigest = (unsigned char *)
	5	memset(alloca(vf->dlen), 0, vf->dlen);
	6	size_t fsize = 0;
9158f140	7	+#if defined(RPM_VENDOR_PLD)
9b8655c2 JR	8	+/*
	9	+ * Disable hmac during digest calculation, since rpm package files contain plain md5sums,
	10	+ * hmac support is useless, see:
	11	+ * http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2012-October/023193.html
	12	+ */
9158f140 JR	13	+ int rc = dodigest(vf->dalgo, vf->fn, fdigest, 0, &fsize);
	14	+#else
	15	#define _mask (RPMVERIFY_FDIGEST\|RPMVERIFY_HMAC)
	16	unsigned dflags = (vf->vflags & _mask) == RPMVERIFY_HMAC
	17	? 0x2 : 0x0;
	18	#undef _mask
	19	int rc = dodigest(vf->dalgo, vf->fn, fdigest, dflags, &fsize);
	20	+#endif
	21	sb.st_size = fsize;
	22	if (rc) {
	23	VF_SET(res, READFAIL);