rpm/pgpdecodeearly.diff

Also decode early for PGP sigtags, which are actually header+payload
RSA signatures. Without this patch, verification of a package
that has just a header+payload RSA signature but no header-only RSA
signature fails.

Already in rpm-4.4.7.

--- ./lib/rpmchecksig.c.orig	2005-12-14 20:54:39.000000000 +0000
+++ ./lib/rpmchecksig.c	2006-03-21 18:00:22.000000000 +0000
@@ -801,7 +805,7 @@ int rpmVerifySignatures(QVA_t qva, rpmts
 	sigp = rpmtsSignature(ts);
 
 	/* XXX RSA needs the hash_algo, so decode early. */
-	if (sigtag == RPMSIGTAG_RSA) {
+	if (sigtag == RPMSIGTAG_RSA || sigtag == RPMSIGTAG_PGP) {
 	    xx = headerGetEntry(sigh, sigtag, &sigtype, &sig, &siglen);
 	    xx = pgpPrtPkts(sig, siglen, dig, 0);
 	    sig = headerFreeData(sig, sigtype);
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/rpm?expand=0&rev=1 2006-12-19 00:17:44 +01:00			`Also decode early for PGP sigtags, which are actually header+payload`
			`RSA signatures. Without this patch, verification of a package`
			`that has just a header+payload RSA signature but no header-only RSA`
			`signature fails.`

			`Already in rpm-4.4.7.`

			`--- ./lib/rpmchecksig.c.orig 2005-12-14 20:54:39.000000000 +0000`
			`+++ ./lib/rpmchecksig.c 2006-03-21 18:00:22.000000000 +0000`
			`@@ -801,7 +805,7 @@ int rpmVerifySignatures(QVA_t qva, rpmts`
			`sigp = rpmtsSignature(ts);`

			`/* XXX RSA needs the hash_algo, so decode early. */`
			`- if (sigtag == RPMSIGTAG_RSA) {`
			`+ if (sigtag == RPMSIGTAG_RSA \|\| sigtag == RPMSIGTAG_PGP) {`
			`xx = headerGetEntry(sigh, sigtag, &sigtype, &sig, &siglen);`
			`xx = pgpPrtPkts(sig, siglen, dig, 0);`
			`sig = headerFreeData(sig, sigtype);`