aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-core/swupd-server
diff options
context:
space:
mode:
authorJoshua Lock <joshua.g.lock@intel.com>2016-03-21 09:20:33 +0000
committerJoshua Lock <joshua.g.lock@intel.com>2016-03-21 10:56:10 +0000
commitdf44edae341e9bd98e4c0feb423b25e32df8ac50 (patch)
tree49453e8bdeab5b6eddcd2921f00949fbb0b94c47 /recipes-core/swupd-server
parent001a585e4a8867111885f3530eefa1fa81db6587 (diff)
downloadmeta-swupd-df44edae341e9bd98e4c0feb423b25e32df8ac50.tar.gz
meta-swupd-df44edae341e9bd98e4c0feb423b25e32df8ac50.tar.bz2
meta-swupd-df44edae341e9bd98e4c0feb423b25e32df8ac50.zip
swupd-server: always use xattrs when calculating hashes
Backport a patch from swupd-server upstream to ensure that xattrs are always used when calculating file hashes. This is the behaviour swupd-client expects. Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Diffstat (limited to 'recipes-core/swupd-server')
-rw-r--r--recipes-core/swupd-server/swupd-server/0006-Always-use-xattrs-when.patch32
-rw-r--r--recipes-core/swupd-server/swupd-server_2.53.bb1
2 files changed, 33 insertions, 0 deletions
diff --git a/recipes-core/swupd-server/swupd-server/0006-Always-use-xattrs-when.patch b/recipes-core/swupd-server/swupd-server/0006-Always-use-xattrs-when.patch
new file mode 100644
index 0000000..ddc8603
--- /dev/null
+++ b/recipes-core/swupd-server/swupd-server/0006-Always-use-xattrs-when.patch
@@ -0,0 +1,32 @@
+From 71e2abe1af2a8760701923071413da1314e44f4c Mon Sep 17 00:00:00 2001
+From: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
+Date: Fri, 19 Feb 2016 18:52:45 +0200
+Subject: [PATCH] Always use xattrs when calculating file hashes
+
+Currently swupd-client includes xattrs to hash sums of all files.
+Therefore in order to avoid relaxing security and to prevent
+`swupd verify` from reporting hash mismatches for updated files
+it's better to include xattrs to hashes for all files.
+
+Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
+
+Upstream-Status: Accepted (v3.1.0+)
+
+---
+ src/manifest.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/manifest.c b/src/manifest.c
+index 38d386b..dcda18d 100644
+--- a/src/manifest.c
++++ b/src/manifest.c
+@@ -788,7 +788,8 @@ bool compute_hash_with_xattrs(const char *filename)
+ return true;
+ }
+
+- return false;
++ /* Currently swupd-client includes xattrs to hash sums of all files */
++ return true;
+ }
+
+ /* Returns 0 == success, -1 == failure */
diff --git a/recipes-core/swupd-server/swupd-server_2.53.bb b/recipes-core/swupd-server/swupd-server_2.53.bb
index ebe32da..a57f2cf 100644
--- a/recipes-core/swupd-server/swupd-server_2.53.bb
+++ b/recipes-core/swupd-server/swupd-server_2.53.bb
@@ -12,6 +12,7 @@ SRC_URI = "\
file://0003-Add-configure-option-to-re-enable-config-files-in-ma.patch \
file://0004-Fix-regression-that-introduced-a-directory-named.patch \
file://0005-xattrs.c-Avoid-freeing-dangling-pointers.patch \
+ file://0006-Always-use-xattrs-when.patch \
"
SRC_URI[md5sum] = "14f25677b5a4f0b33785910b03860939"