1 files changed, 32 insertions, 0 deletions

diff --git a/recipes-core/swupd-server/swupd-server-2.53/0006-Always-use-xattrs-when.patch b/recipes-core/swupd-server/swupd-server-2.53/0006-Always-use-xattrs-when.patch
new file mode 100644
index 0000000..ddc8603
--- /dev/null
+++ b/recipes-core/swupd-server/swupd-server-2.53/0006-Always-use-xattrs-when.patch
@@ -0,0 +1,32 @@
+From 71e2abe1af2a8760701923071413da1314e44f4c Mon Sep 17 00:00:00 2001
+From: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
+Date: Fri, 19 Feb 2016 18:52:45 +0200
+Subject: [PATCH] Always use xattrs when calculating file hashes
+
+Currently swupd-client includes xattrs to hash sums of all files.
+Therefore in order to avoid relaxing security and to prevent
+`swupd verify` from reporting hash mismatches for updated files
+it's better to include xattrs to hashes for all files.
+
+Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
+
+Upstream-Status: Accepted (v3.1.0+)
+
+---
+ src/manifest.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/manifest.c b/src/manifest.c
+index 38d386b..dcda18d 100644
+--- a/src/manifest.c
++++ b/src/manifest.c
+@@ -788,7 +788,8 @@ bool compute_hash_with_xattrs(const char *filename)
+ 		return true;
+ 	}
+ 
+-	return false;
++	/* Currently swupd-client includes xattrs to hash sums of all files */
++	return true;
+ }
+ 
+ /* Returns 0 == success, -1 == failure */