Hello community,
here is the log from the commit of package linuxrc for openSUSE:Factory checked in at 2017-12-08 12:55:04
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/linuxrc (Old)
and /work/SRC/openSUSE:Factory/.linuxrc.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "linuxrc"
Fri Dec 8 12:55:04 2017 rev:251 rq:548561 version:5.1.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/linuxrc/linuxrc.changes 2017-12-03 10:07:44.767369057 +0100
+++ /work/SRC/openSUSE:Factory/.linuxrc.new/linuxrc.changes 2017-12-08 12:55:07.446590873 +0100
@@ -1,0 +2,8 @@
+Tue Dec 5 08:59:00 UTC 2017 - wfeldt@opensuse.org
+
+- merge gh#openSUSE/linuxrc#160
+- read digests also from CHECKSUMS file
+- adjust date
+- 5.1.1
+
+--------------------------------------------------------------------
Old:
----
linuxrc-5.1.0.tar.xz
New:
----
linuxrc-5.1.1.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ linuxrc.spec ++++++
--- /var/tmp/diff_new_pack.CdwC4O/_old 2017-12-08 12:55:08.714545080 +0100
+++ /var/tmp/diff_new_pack.CdwC4O/_new 2017-12-08 12:55:08.718544936 +0100
@@ -17,7 +17,7 @@
Name: linuxrc
-Version: 5.1.0
+Version: 5.1.1
Release: 0
Summary: SUSE Installation Program
License: GPL-3.0+
++++++ linuxrc-5.1.0.tar.xz -> linuxrc-5.1.1.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/linuxrc-5.1.0/VERSION new/linuxrc-5.1.1/VERSION
--- old/linuxrc-5.1.0/VERSION 2017-11-27 14:35:21.000000000 +0100
+++ new/linuxrc-5.1.1/VERSION 2017-12-05 09:59:00.000000000 +0100
@@ -1 +1 @@
-5.1.0
+5.1.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/linuxrc-5.1.0/changelog new/linuxrc-5.1.1/changelog
--- old/linuxrc-5.1.0/changelog 2017-11-27 14:35:21.000000000 +0100
+++ new/linuxrc-5.1.1/changelog 2017-12-05 09:59:00.000000000 +0100
@@ -1,3 +1,8 @@
+2017-12-05: 5.1.1
+ - merge gh#openSUSE/linuxrc#160
+ - read digests also from CHECKSUMS file
+ - adjust date
+
2017-11-27: 5.1.0
- merge gh#openSUSE/linuxrc#159
- try harder to find a suitable network interface (bsc#1068336)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/linuxrc-5.1.0/file.c new/linuxrc-5.1.1/file.c
--- old/linuxrc-5.1.0/file.c 2017-11-27 14:35:21.000000000 +0100
+++ new/linuxrc-5.1.1/file.c 2017-12-05 09:59:00.000000000 +0100
@@ -6,6 +6,8 @@
*
*/
+#define _GNU_SOURCE /* getline */
+
#include
#include
#include
@@ -2705,3 +2707,35 @@
slist_free(repo);
}
+
+/*
+ * Parse CHECKSUMS file.
+ *
+ * Add digest info to config.digests.list.
+ *
+ * File format: lines with
+ * SHA256 FILENAME
+ */
+void file_parse_checksums(char *file)
+{
+ FILE *fh;
+ char *buf = NULL;
+ size_t buf_size = 0;
+ char sha256[65], name[256];
+ slist_t *sl_digest;
+
+ if(!(fh = fopen(file, "r"))) return;
+
+ while(getline(&buf, &buf_size, fh) > 0) {
+ if(sscanf(buf, "%64s %255s", sha256, name) == 2) {
+ sl_digest = slist_append(&config.digests.list, slist_new());
+ strprintf(&sl_digest->key, "sha256 %s", sha256);
+ str_copy(&sl_digest->value, name);
+ }
+ }
+
+ free(buf);
+
+ fclose(fh);
+}
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/linuxrc-5.1.0/file.h new/linuxrc-5.1.1/file.h
--- old/linuxrc-5.1.0/file.h 2017-11-27 14:35:21.000000000 +0100
+++ new/linuxrc-5.1.1/file.h 2017-12-05 09:59:00.000000000 +0100
@@ -107,4 +107,5 @@
void get_ide_options(void);
slist_t *file_parse_xmllike(char *name, char *tag);
void file_parse_repomd(char *file);
+void file_parse_checksums(char *file);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/linuxrc-5.1.0/linuxrc.c new/linuxrc-5.1.1/linuxrc.c
--- old/linuxrc-5.1.0/linuxrc.c 2017-11-27 14:35:21.000000000 +0100
+++ new/linuxrc-5.1.1/linuxrc.c 2017-12-05 09:59:00.000000000 +0100
@@ -894,7 +894,7 @@
if (config.linemode)
putchar('\n');
printf(
- "\n>>> %s installation program v" LXRC_FULL_VERSION " (c) 1996-2016 SUSE LLC <<<\n",
+ "\n>>> %s installation program v" LXRC_FULL_VERSION " (c) 1996-2017 SUSE LLC <<<\n",
config.product
);
if (config.linemode)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/linuxrc-5.1.0/linuxrc_repo.md new/linuxrc-5.1.1/linuxrc_repo.md
--- old/linuxrc-5.1.0/linuxrc_repo.md 2017-11-27 14:35:21.000000000 +0100
+++ new/linuxrc-5.1.1/linuxrc_repo.md 2017-12-05 09:59:00.000000000 +0100
@@ -79,12 +79,19 @@
Lets see how to avoid this.
-### 2.1. solving the digest problem
+### 2.1. getting file digests
-As there's no longer a `content` file, linuxrc needs to get the digests in
-some other way. Fortunately it parses `content` just like any other config
-file, so you can simply copy it into linuxrc's config directory and add that
-to the initrd.
+There is no longer a `content` file. Instead, there is now a `CHECKSUMS`
+file (with sligthly different format) containing sha256 digests of
+repository files.
+
+`CHECKSUMS` must be signed (detached signature in `CHECKSUMS.ASC`).
+
+linuxrc gets the digests from two locations:
+- a `content` file included in the initrd at installation system build time (placed directly into linuxrc's config directory)
+- `CHECKSUMS` from the repo location
+
+To include `content` in the initrd in a place linuxrc finds it, do something like:
```sh
mkdir -p /tmp/foo/etc/linuxrc.d
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/linuxrc-5.1.0/url.c new/linuxrc-5.1.1/url.c
--- old/linuxrc-5.1.0/url.c 2017-11-27 14:35:21.000000000 +0100
+++ new/linuxrc-5.1.1/url.c 2017-12-05 09:59:00.000000000 +0100
@@ -2178,9 +2178,10 @@
if(!config.keepinstsysconfig) {
config.digests.failed = 0;
- // check for '/content' or '/repodata/repomd.xml' as indication we have a suse repo
- // 'content' must be validly signed (we parse it), 'repomd.xml' not (we just check its presence)
- // zenworks has a different approach ('settings.txt') - they don't have a repo
+ // Check for '/content' resp. '/repodata/repomd.xml' as indication we
+ // have a SUSE repo.
+ // The file must be validly signed (because we parse it).
+ // zenworks has a different approach ('settings.txt') - they don't have a repo.
strprintf(&buf, "/%s", config.zen ? config.zenconfig : "content");
strprintf(&buf2, "file:%s", buf);
@@ -2206,6 +2207,15 @@
config.repomd = 1;
file_parse_repomd("/repomd.xml");
+
+ // download CHECKSUMS ...
+ read_failed = url_read_file(
+ url, NULL, "/CHECKSUMS", "/CHECKSUMS", NULL,
+ URL_FLAG_NODIGEST + (config.secure ? URL_FLAG_CHECK_SIG : 0)
+ );
+
+ // ... and parse it
+ if(!read_failed) file_parse_checksums("/CHECKSUMS");
}
if(!config.sig_failed && util_check_exist(buf)) {