rpms
/
librepo
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: rpms:i10cs
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c-beta
rpms:c8-beta
rpms:i9c-beta
rpms:c9-beta
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9
..
compare: rpms:c9
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c-beta
rpms:c8-beta
rpms:i9c-beta
rpms:c9-beta
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9

No commits in common. 'i10cs' and 'c9' have entirely different histories.
i10cs ... c9

5 changed files with 38 additions and 246 deletions
Show Stats

2
.gitignore vendored
Unescape View File

@ -1 +1 @@
SOURCES/librepo-1.18.0.tar.gz SOURCES/librepo-1.14.5.tar.gz

2
.librepo.metadata
Unescape View File

@ -1 +1 @@
93b90217a5baf96ba1232cced6189ba0df5798f5 SOURCES/librepo-1.18.0.tar.gz fa072a20718ae6af54a65d53b1c9686a730400bf SOURCES/librepo-1.14.5.tar.gz

31
SOURCES/0001-Use-rpm-sequoia-on-RHEL-10.patch
Unescape View File

@ -1,31 +0,0 @@
From f94e05110f5d670c71624c18cb479083c3ae3e51 Mon Sep 17 00:00:00 2001
From: Yaakov Selkowitz <yselkowi@redhat.com>
Date: Mon, 8 Jul 2024 11:28:30 -0400
Subject: [PATCH] Use rpm-sequoia on RHEL 10+
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RHEL 10 also has a sufficiently new RPM with rpm-sequoia enabled.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
librepo.spec | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/librepo.spec b/librepo.spec
index 25dc741..62035dc 100644
--- a/librepo.spec
+++ b/librepo.spec
@@ -8,7 +8,7 @@
%bcond_without zchunk
%endif
-%if 0%{?fedora} >= 39
+%if 0%{?fedora} >= 39 || 0%{?rhel} >= 10
%bcond_with use_gpgme
%bcond_with use_selinux
%else
--
2.45.2

69
SOURCES/0002-Fix-a-memory-leak-in-select_next_target.patch
Unescape View File

@ -1,69 +0,0 @@
From 3c85711f35b987bd0ce17dd0fbaa0d9f2521c444 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Thu, 11 Jul 2024 15:40:03 +0200
Subject: [PATCH] Fix a memory leak in select_next_target()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If a next target URL was found (non-NULL full_url) and then a transfer was
canceled or an off-line mode was requested, full_url string was not freed and a
memory leaked.
Discovered with Covscan:
16. librepo-1.18.0/librepo/downloader.c:891:13: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
17. librepo-1.18.0/librepo/downloader.c:891:13: var_assign: Assigning: "full_url" = storage returned from "g_strdup_inline(target->target->path)".
22. librepo-1.18.0/librepo/downloader.c:919:9: noescape: Resource "full_url" is not freed or pointed-to in "lr_is_local_path".
24. librepo-1.18.0/librepo/downloader.c:924:13: noescape: Assuming resource "full_url" is not freed or pointed-to as ellipsis argument to "g_debug".
28. librepo-1.18.0/librepo/downloader.c:956:17: leaked_storage: Variable "full_url" going out of scope leaks the storage it points to.
# 954| "and no local URL is available",
# 955| target->target->path);
# 956|-> return FALSE;
# 957| }
# 958| }
16. librepo-1.18.0/librepo/downloader.c:891:13: alloc_fn: Storage is returned from allocation function "g_strdup_inline".
17. librepo-1.18.0/librepo/downloader.c:891:13: var_assign: Assigning: "full_url" = storage returned from "g_strdup_inline(target->target->path)".
22. librepo-1.18.0/librepo/downloader.c:919:9: noescape: Resource "full_url" is not freed or pointed-to in "lr_is_local_path".
24. librepo-1.18.0/librepo/downloader.c:924:13: noescape: Assuming resource "full_url" is not freed or pointed-to as ellipsis argument to "g_debug".
27. librepo-1.18.0/librepo/downloader.c:946:21: leaked_storage: Variable "full_url" going out of scope leaks the storage it points to.
# 944| g_set_error(err, LR_DOWNLOADER_ERROR, LRE_CBINTERRUPTED,
# 945| "Interrupted by LR_CB_ERROR from end callback");
# 946|-> return FALSE;
# 947| }
# 948| }
This patch fixes it.
The bug was introduced in 1.7.14 version
(08e4810fcdd753ce4728bd88b252f7b3d34b2cdb commit).
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
librepo/downloader.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/librepo/downloader.c b/librepo/downloader.c
index 364c0af..40dbeb2 100644
--- a/librepo/downloader.c
+++ b/librepo/downloader.c
@@ -943,6 +943,7 @@ select_next_target(LrDownload *dd,
"from end callback", __func__);
g_set_error(err, LR_DOWNLOADER_ERROR, LRE_CBINTERRUPTED,
"Interrupted by LR_CB_ERROR from end callback");
+ g_free(full_url);
return FALSE;
}
}
@@ -953,6 +954,7 @@ select_next_target(LrDownload *dd,
"Cannot download %s: Offline mode is specified "
"and no local URL is available",
target->target->path);
+ g_free(full_url);
return FALSE;
}
}
--
2.45.2

180
SPECS/librepo.spec
Unescape View File

@ -8,53 +8,27 @@
%bcond_without zchunk %bcond_without zchunk
%endif %endif
%if 0%{?fedora} >= 39 || 0%{?rhel} >= 10
%bcond_with use_gpgme
%bcond_with use_selinux
%else
%bcond_without use_gpgme
%bcond_without use_selinux
%endif
# Needs to match how gnupg2 is compiled
%bcond_with run_gnupg_user_socket
%if %{with use_gpgme} && %{with use_selinux}
%global need_selinux 1
%else
%global need_selinux 0
%endif
%global dnf_conflict 2.8.8 %global dnf_conflict 2.8.8
Name: librepo Name: librepo
Version: 1.18.0 Version: 1.14.5
Release: 3%{?dist} Release: 1%{?dist}
Summary: Repodata downloading library Summary: Repodata downloading library
License: LGPL-2.1-or-later License: LGPLv2+
URL: https://github.com/rpm-software-management/librepo URL: https://github.com/rpm-software-management/librepo
Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
Patch1: 0001-Use-rpm-sequoia-on-RHEL-10.patch
Patch2: 0002-Fix-a-memory-leak-in-select_next_target.patch
BuildRequires: cmake BuildRequires: cmake
BuildRequires: gcc BuildRequires: gcc
BuildRequires: check-devel BuildRequires: check-devel
BuildRequires: doxygen BuildRequires: doxygen
BuildRequires: pkgconfig(glib-2.0) >= 2.66 BuildRequires: pkgconfig(glib-2.0) >= 2.28
%if %{with use_gpgme}
BuildRequires: gpgme-devel BuildRequires: gpgme-devel
%else
BuildRequires: pkgconfig(rpm) >= 4.18.0
%endif
BuildRequires: libattr-devel BuildRequires: libattr-devel
BuildRequires: libcurl-devel >= %{libcurl_version} BuildRequires: libcurl-devel >= %{libcurl_version}
BuildRequires: pkgconfig(libxml-2.0) BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(libcrypto) BuildRequires: pkgconfig(libcrypto)
%if %{need_selinux}
BuildRequires: pkgconfig(libselinux)
%endif
BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(openssl)
%if %{with zchunk} %if %{with zchunk}
BuildRequires: pkgconfig(zck) >= 0.9.11 BuildRequires: pkgconfig(zck) >= 0.9.11
@ -68,9 +42,6 @@ metadata.
%package devel %package devel
Summary: Repodata downloading library Summary: Repodata downloading library
Requires: %{name}%{?_isa} = %{version}-%{release} Requires: %{name}%{?_isa} = %{version}-%{release}
%if %{with zchunk}
Requires: zchunk-devel%{?_isa}
%endif
%description devel %description devel
Development files for librepo. Development files for librepo.
@ -95,11 +66,7 @@ Python 3 bindings for the librepo library.
%autosetup -p1 %autosetup -p1
%build %build
%cmake \ %cmake %{!?with_zchunk:-DWITH_ZCHUNK=OFF}
-DWITH_ZCHUNK=%{?with_zchunk:ON}%{!?with_zchunk:OFF} \
-DUSE_GPGME=%{?with_use_gpgme:ON}%{!?with_use_gpgme:OFF} \
-DUSE_RUN_GNUPG_USER_SOCKET=%{?with_run_gnupg_user_socket:ON}%{!?with_run_gnupg_user_socket:OFF} \
-DENABLE_SELINUX=%{?need_selinux:ON}%{!?need_selinux:OFF}
%cmake_build %cmake_build
%check %check
@ -129,122 +96,47 @@ Python 3 bindings for the librepo library.
%{python3_sitearch}/%{name}/ %{python3_sitearch}/%{name}/
%changelog %changelog
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.18.0-3 * Mon Jul 25 2022 Lukas Hrazky <lhrazky@redhat.com> - 1.14.5-1
- Bump release for October 2024 mass rebuild: - Update to 1.14.5
Resolves: RHEL-64018 - Detailed error message when using non-existing TMPDIR (RhBug:2019993)
* Fri Oct 25 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1.18.0-2
- Rebuilt for MSVSphere 10
* Mon Jul 15 2024 Petr Pisar <ppisar@redhat.com> - 1.18.0-2
- Use librpmio instead of gpgme for handling PGP keys (RHEL-47106)
- Fix a memory leak in select_next_target() (RHEL-35699)
* Tue Jul 02 2024 Evan Goode <egoode@redhat.com> - 1.18.0-1
- Update to 1.18.0 (RHEL-35699)
- API: Add LRO_USERNAME and LRO_PASSWORD options
- Add a private dependency on zck to librepo.pc if zchunk support is enabled
- Hash cache: Improved work with extended file attributes
- Improve performance of large number of package downloads
- Fix error handling, Fix examples and build them
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.17.1-2
- Bump release for June 2024 mass rebuild
* Tue Mar 26 2024 Jan Kolarik <jkolarik@redhat.com> - 1.17.1-1
- Update to 1.17.1 (RHEL-38831)
- gpg_gpgme.c: fix build errors with older gcc
- Change header files to match a configured ABI regarding a zchunk support
- Fix building zchunk code if zchunk is enabled
- Fix compiler warnings
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.17.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.17.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Oct 18 2023 Jan Kolarik <jkolarik@redhat.com> - 1.17.0-1
- Update to 1.17.0
- lr_gpg_check_signature: Forward PGP error messages from RPM
- PGP: fix: Support importing binary public keys in librpm backend
- PGP: Enable creating a UID directory for GnuGP agent socket in /run/gnupg/user
- PGP: Set a default creation SELinux labels on GnuPG directories
* Wed Sep 20 2023 Adam Williamson <awilliam@redhat.com> - 1.16.0-2
- Rebuild with no changes for Bodhi reasons
* Fri Sep 01 2023 Jan Kolarik <jkolarik@redhat.com> - 1.16.0-1
- Update to 1.16.0
- Implement OpenPGP using librpm API
* Tue Aug 01 2023 Jan Kolarik <jkolarik@redhat.com> - 1.15.2-1
- Update to 1.15.2
- Fixes and optimizations in header files
- Fix lr_gpg_list_keys function when keys are empty
- Update PGP test vectors
- Fix CMake warnings
- Bump glib version
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.15.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jun 14 2023 Python Maint <python-maint@redhat.com> - 1.15.1-3
- Rebuilt for Python 3.12
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.15.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Dec 09 2022 Jaroslav Rohel <jrohel@redhat.com> - 1.15.1-1
- Update to 1.15.1
- Adds API support for waiting on network in an event driven manner (new API function lr_handle_network_wait)
- OpenPGP API extension and fixes (new API functions lr_gpg_*)
- Update license format to "LGPL-2.1-or-later"
* Tue Aug 23 2022 Jaroslav Rohel <jrohel@redhat.com> - 1.14.4-1
- Update to 1.14.4
- Use nanosec precision for timestamp of checksum cache (RhBug:2077864)
- Fix alloc/free mismatches and memory leaks
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.14.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jun 15 2022 Python Maint <python-maint@redhat.com> - 1.14.3-2
- Rebuilt for Python 3.11
* Thu May 05 2022 Jaroslav Rohel <jrohel@redhat.com> - 1.14.3-1
- Update to 1.14.3
- Make error messages about repodata and rpm mismatch more user friendly - Make error messages about repodata and rpm mismatch more user friendly
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.14.2-2 * Mon Jul 25 2022 Lukas Hrazky <lhrazky@redhat.com> - 1.14.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - Fix covscan issues
* Tue Jul 12 2022 Lukas Hrazky <lhrazky@redhat.com> - 1.14.2-2
- Use nanosec precision for timestamp of checksum cache
* Thu Sep 23 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.2-1 * Mon Oct 25 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.2-1
- Update to 1.14.2 - Update to 1.14.2
- Fix covscan warnings and memory leak - Reduce time to load metadata
- Fix resource leaks and memory leaks
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 1.14.1-3 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.14.0-6
- Rebuilt with OpenSSL 3.0.0 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.14.1-2 * Tue Jul 27 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild - Fix issues detected by static analyzers
* Tue Jun 15 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.1-1 * Tue Jul 13 2021 Marek Blaha <mblaha@redhat.com> - 1.14.0-4
- Update to 1.14.1 - Recover from fsync fail on read-only filesystem (RhBug:1981194)
- Recover from fsync fail on read-only filesystem (RhBug:1956361)
- Reduce time to load metadata
- Fix resource leaks
* Thu Jun 03 2021 Python Maint <python-maint@redhat.com> - 1.14.0-2 * Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.14.0-3
- Rebuilt for Python 3.10 - Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Thu Apr 15 2021 Nicola Sella <nsella@redhat.com> - 1.14.0-1 * Fri Apr 30 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.0-2
- Remove build dependency on python3-flask
* Mon Apr 26 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 1.14.0-1
- Update to 1.14.0 - Update to 1.14.0
- Fix: memory leaks - Reposync does not re-download unchanged packages (RhBug:1931904)
- Support multiple checksums in xattr (RhBz:1931904) - Return "calculated" checksum if requested w/caching
- Use macros to access extended attributes - Fixed memory leaks and segfault
- Remove problematic language
- CMake: Set minimum version for curl to 7.52.0 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.13.0-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Mon Mar 01 2021 Nicola Sella <nsella@redhat.com> - 1.13.0-1 * Mon Mar 01 2021 Nicola Sella <nsella@redhat.com> - 1.13.0-1
- Update to 1.13.0 - Update to 1.13.0

Write Preview
Loading…
Cancel
Save