Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PGP: Use new librepo PGP API, remove gpgme dependency #1614

Merged
merged 2 commits into from
Aug 17, 2023
Merged

PGP: Use new librepo PGP API, remove gpgme dependency #1614

merged 2 commits into from
Aug 17, 2023

Conversation

jrohel
Copy link
Contributor

@jrohel jrohel commented Aug 16, 2023
edited

Libdnf assumed that librepo internally uses gpgme for PGP keyring. Libdnf used the librepo keyring directly via gpgme instead of using the librepo API. It had to, the librepo API was insufficient.

Librepo in version 1.15.0 extended the PGP API. This commmit uses the extended librepo PGP API and removes libdnf's dependency on gpgme.

This PR is important because a newer librepo may internally use a different PGP implementation than gpgme. For example, this PR rpm-software-management/librepo#275 allows librepo to be compiled without gpgme . Instead of using gpgme, it implements its own PGP keyring and uses the encryption functions from librpm.

The code was backported from libdnf5.

@jan-kolarik jan-kolarik self-assigned this Aug 17, 2023
@jrohel
PGP: Use new librepo PGP API, remove gpgme dependency
c0b52bc 
Libdnf assumed that librepo internally uses gpgme for PGP keyring. Libdnf
used the librepo keyring directly via gpgme instead of using the librepo
API. It had to, the librepo API was insufficient.

Librepo in version 1.15.0 extended the PGP API. This commmit uses
the extended librepo PGP API and removes libdnf's dependency on gpgme.
This is importand because a newer librepo may internally use a different
PGP implementation than gpgme.

The code was backported from libdnf5.
@jrohel
Key: Store "rawKey" as private std::string
0f2183d 
"rawKey" is a string in ASCII-Armor format. It makes sense to store
in std::string rather than converting to vector.

The code was backported from libdnf5.
@jrohel jrohel force-pushed the feature/use_librepo_pgp_api branch from d9a10dd to 0f2183d Compare August 17, 2023 06:10
jan-kolarik
jan-kolarik approved these changes Aug 17, 2023
View reviewed changes
Copy link
Member

@jan-kolarik jan-kolarik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jan-kolarik jan-kolarik merged commit 5b1d034 into rpm-software-management:dnf-4-master Aug 17, 2023
3 checks passed
@cgwalters
Copy link
Collaborator

Are you aware this breaks building on c9s? coreos/rpm-ostree#4545 (comment)

@cgwalters cgwalters mentioned this pull request Aug 22, 2023
Closed
@jrohel
Copy link
Contributor Author

jrohel commented Aug 25, 2023

@cgwalters

Are you aware this breaks building on c9s?

??? Are you building the upstream version of libdnf against the distribution version of librepo in c9s?

In commit message is: "Use new librepo PGP API"
And "Librepo in version 1.15.0 extended the PGP API. This commmit uses the extended librepo PGP API ..."
In other words. This patch cannot work with librepo older than 1.15.0.

@cgwalters
Copy link
Collaborator

??? Are you building the upstream version of libdnf against the distribution version of librepo in c9s?

Yes.

This patch cannot work with librepo older than 1.15.0.

I understand. My question really is: is it a goal of the dnf-4-master branch to continue building against c9s, or not? Are there plans to update librepo there?

If yes, that's fine. If not, then for rpm-ostree we're in a bit of a tricky spot as we may then need to fork. But hopefully this is just a matter of updating librepo.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jan-kolarik jan-kolarik jan-kolarik approved these changes

Assignees

@jan-kolarik jan-kolarik

Labels
ready for review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jrohel @cgwalters @jan-kolarik