diff options
Diffstat (limited to 'recipes-core/swupd-server/swupd-server')
-rw-r--r-- | recipes-core/swupd-server/swupd-server/0006-Always-use-xattrs-when.patch | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/recipes-core/swupd-server/swupd-server/0006-Always-use-xattrs-when.patch b/recipes-core/swupd-server/swupd-server/0006-Always-use-xattrs-when.patch new file mode 100644 index 0000000..ddc8603 --- /dev/null +++ b/recipes-core/swupd-server/swupd-server/0006-Always-use-xattrs-when.patch @@ -0,0 +1,32 @@ +From 71e2abe1af2a8760701923071413da1314e44f4c Mon Sep 17 00:00:00 2001 +From: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com> +Date: Fri, 19 Feb 2016 18:52:45 +0200 +Subject: [PATCH] Always use xattrs when calculating file hashes + +Currently swupd-client includes xattrs to hash sums of all files. +Therefore in order to avoid relaxing security and to prevent +`swupd verify` from reporting hash mismatches for updated files +it's better to include xattrs to hashes for all files. + +Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com> + +Upstream-Status: Accepted (v3.1.0+) + +--- + src/manifest.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/manifest.c b/src/manifest.c +index 38d386b..dcda18d 100644 +--- a/src/manifest.c ++++ b/src/manifest.c +@@ -788,7 +788,8 @@ bool compute_hash_with_xattrs(const char *filename) + return true; + } + +- return false; ++ /* Currently swupd-client includes xattrs to hash sums of all files */ ++ return true; + } + + /* Returns 0 == success, -1 == failure */ |