From e637fdd8c22cdd25c97f74e1104592aa3da0bd5b Mon Sep 17 00:00:00 2001 From: Panu Matilainen Date: Apr 23 2020 14:26:58 +0000 Subject: Only read through payload on verify if actually needed If none of our verify items ranges over the payload, then why bother? To do this, add an internal rpmvs API to get it's range, and use that to decide whether trip over the payload is needed or not. In addition, the payload digest tag needs to be grabbed outside of the condition to avoid depending on other values. The details including RPMVSF_NEEDPAYLOAD will be handled internally to rpmvs which makes it actually nicer code-wise too. --- diff --git a/lib/rpmchecksig.c b/lib/rpmchecksig.c index 6bc6a61..3df456f 100644 --- a/lib/rpmchecksig.c +++ b/lib/rpmchecksig.c @@ -187,11 +187,11 @@ rpmRC rpmpkgRead(struct rpmvs_s *vs, FD_t fd, /* Finalize header range */ rpmvsFiniRange(vs, RPMSIG_HEADER); - /* Unless disabled, read the payload, generating digest(s) on the fly. */ - if (!(rpmvsFlags(vs) & RPMVSF_NEEDPAYLOAD)) { - /* Fish interesting tags from the main header. This is a bit hacky... */ - rpmvsAppendTag(vs, blob, RPMTAG_PAYLOADDIGEST); + /* Fish interesting tags from the main header. This is a bit hacky... */ + rpmvsAppendTag(vs, blob, RPMTAG_PAYLOADDIGEST); + /* If needed and not explicitly disabled, read the payload as well. */ + if (rpmvsRange(vs) & RPMSIG_PAYLOAD) { /* Initialize digests ranging over the payload only */ rpmvsInitRange(vs, RPMSIG_PAYLOAD); diff --git a/lib/rpmvs.c b/lib/rpmvs.c index 622e480..0d475af 100644 --- a/lib/rpmvs.c +++ b/lib/rpmvs.c @@ -396,6 +396,18 @@ void rpmvsFiniRange(struct rpmvs_s *sis, int range) } } +int rpmvsRange(struct rpmvs_s *vs) +{ + int range = 0; + for (int i = 0; i < vs->nsigs; i++) { + if (rpmsinfoDisabled(&vs->sigs[i], vs->vsflags)) + continue; + range |= vs->sigs[i].range; + } + + return range; +} + static int sinfoCmp(const void *a, const void *b) { const struct rpmsinfo_s *sa = a; diff --git a/lib/rpmvs.h b/lib/rpmvs.h index b27d9a6..a836d5c 100644 --- a/lib/rpmvs.h +++ b/lib/rpmvs.h @@ -76,6 +76,9 @@ RPM_GNUC_INTERNAL void rpmvsFiniRange(struct rpmvs_s *sis, int range); RPM_GNUC_INTERNAL +int rpmvsRange(struct rpmvs_s *vs); + +RPM_GNUC_INTERNAL int rpmvsVerify(struct rpmvs_s *sis, int type, rpmsinfoCb cb, void *cbdata);