diff --git a/lib/keystore.cc b/lib/keystore.cc index e393341f0a..d464ffad51 100644 --- a/lib/keystore.cc +++ b/lib/keystore.cc @@ -27,30 +27,6 @@ enum { KEYRING_FS = 2, }; -static int keyringAdd(rpmKeyring keyring, rpmPubkey key, const char *name) -{ - int nkeys = 0; - if (rpmKeyringAddKey(keyring, key) == 0) { - nkeys++; - rpmlog(RPMLOG_DEBUG, "added key %s to keyring\n", name); - - int subkeysCount = 0; - rpmPubkey *subkeys = rpmGetSubkeys(key, &subkeysCount); - for (int i = 0; i < subkeysCount; i++) { - rpmPubkey subkey = subkeys[i]; - - if (rpmKeyringAddKey(keyring, subkey) == 0) { - rpmlog(RPMLOG_DEBUG, - "added subkey %d of main key %s to keyring\n", i, name); - nkeys++; - } - rpmPubkeyFree(subkey); - } - free(subkeys); - } - return nkeys; -} - static int rpmtsLoadKeyringFromFiles(rpmts ts, rpmKeyring keyring) { ARGV_t files = NULL; @@ -72,7 +48,10 @@ static int rpmtsLoadKeyringFromFiles(rpmts ts, rpmKeyring keyring) continue; } - nkeys += keyringAdd(keyring, key, *f); + if (rpmKeyringAddKey(keyring, key) == 0) { + rpmlog(RPMLOG_DEBUG, "Loaded key %s\n", *f); + nkeys++; + } rpmPubkeyFree(key); } exit: @@ -183,7 +162,10 @@ static int rpmtsLoadKeyringFromDB(rpmts ts, rpmKeyring keyring) rpmPubkey key = rpmPubkeyNew(pkt, pktlen); if (key) { - nkeys += keyringAdd(keyring, key, nevr); + if (rpmKeyringAddKey(keyring, key) == 0) { + rpmlog(RPMLOG_DEBUG, "Loaded key %s\n", nevr); + nkeys++; + } rpmPubkeyFree(key); } free(pkt); diff --git a/lib/rpmts.cc b/lib/rpmts.cc index 4d2fe079cf..ebaa354e09 100644 --- a/lib/rpmts.cc +++ b/lib/rpmts.cc @@ -291,11 +291,9 @@ rpmRC rpmtxnImportPubkey(rpmtxn txn, const unsigned char * pkt, size_t pktlen) rpmRC rc = RPMRC_FAIL; /* assume failure */ char *lints = NULL; rpmPubkey pubkey = NULL; - rpmPubkey *subkeys = NULL; rpmPubkey oldkey = NULL; - int subkeysCount = 0; rpmKeyring keyring = NULL; - int krc, i; + int krc; if (txn == NULL) return rc; @@ -337,14 +335,10 @@ rpmRC rpmtxnImportPubkey(rpmtxn txn, const unsigned char * pkt, size_t pktlen) rpmPubkeyFree(pubkey); pubkey = mergedkey; } - if ((subkeys = rpmGetSubkeys(pubkey, &subkeysCount)) == NULL) - goto exit; krc = rpmKeyringModify(keyring, pubkey, oldkey ? RPMKEYRING_REPLACE : RPMKEYRING_ADD); if (krc < 0) goto exit; - for (i = 0; i < subkeysCount; i++) - rpmKeyringModify(keyring, subkeys[i], oldkey ? RPMKEYRING_REPLACE : RPMKEYRING_ADD); /* If we dont already have the key, make a persistent record of it */ if (krc == 0) { @@ -356,9 +350,6 @@ rpmRC rpmtxnImportPubkey(rpmtxn txn, const unsigned char * pkt, size_t pktlen) exit: /* Clean up. */ rpmPubkeyFree(pubkey); - for (i = 0; i < subkeysCount; i++) - rpmPubkeyFree(subkeys[i]); - free(subkeys); rpmPubkeyFree(oldkey); rpmKeyringFree(keyring); diff --git a/rpmio/rpmkeyring.cc b/rpmio/rpmkeyring.cc index fcf9fe3218..4ed4facbb9 100644 --- a/rpmio/rpmkeyring.cc +++ b/rpmio/rpmkeyring.cc @@ -134,11 +134,32 @@ int rpmKeyringModify(rpmKeyring keyring, rpmPubkey key, rpmKeyringModifyMode mod break; } if (item != range.second && (mode == RPMKEYRING_DELETE || mode == RPMKEYRING_REPLACE)) { + /* remove subkeys */ + auto it = keyring->keys.begin(); + while (it != keyring->keys.end()) { + if (it->second->primarykey == item->second) { + rpmPubkeyFree(it->second); + it = keyring->keys.erase(it); + } else { + ++it; + } + } rpmPubkeyFree(item->second); keyring->keys.erase(item); rc = 0; } else if ((item == range.second && mode == RPMKEYRING_ADD) || mode == RPMKEYRING_REPLACE) { + int subkeysCount = 0; + rpmPubkey *subkeys = rpmGetSubkeys(key, &subkeysCount); keyring->keys.insert({key->keyid, rpmPubkeyLink(key)}); + rpmlog(RPMLOG_DEBUG, "added key %s to keyring\n", rpmPubkeyFingerprintAsHex(key)); + /* add subkeys */ + for (int i = 0; i < subkeysCount; i++) { + rpmPubkey subkey = subkeys[i]; + keyring->keys.insert({subkey->keyid, subkey}); + rpmlog(RPMLOG_DEBUG, + "added subkey %d of main key %s to keyring\n", i, rpmPubkeyFingerprintAsHex(key)); + } + free(subkeys); rc = 0; }