rpm: fix the rpm addsign function

(From OE-Core rev: d382c1541bec301468119268f4940ae15c326b1c) (From OE-Core rev: 1a7c242d29b657f3ba2bd629535ef7d833b5b118) Signed-off-by: Roy.Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-21 03:32:12 +02:00 · 2014-11-12 09:54:56 +08:00
parent a4814ac1b0
commit 3d101b429d
2 changed files with 49 additions and 0 deletions
--- a/meta/recipes-devtools/rpm/rpm/0001-using-poptParseArgvString-to-parse-the-_gpg_check_pa.patch
+++ b/meta/recipes-devtools/rpm/rpm/0001-using-poptParseArgvString-to-parse-the-_gpg_check_pa.patch
@@ -0,0 +1,48 @@
+From 64851c6622aff64787a9fcea26cccde183b7c743 Mon Sep 17 00:00:00 2001
+From: "Roy.Li" <rongqing.li@windriver.com>
+Date: Tue, 11 Nov 2014 16:28:22 +0800
+Subject: [PATCH] using poptParseArgvString to parse the
+ _gpg_check_password_cmd
+
+Upstream-Status: Pending
+
+Both __gpg_check_password_cmd and __gpg_sign_cmd include "%{_gpg_name}", but
+strace shows that gpg_name has a quote when run _gpg_check_password,
+but not when run __gpg_sign_cmd; for example, if gpg_name is "tester"
+
+    execve("/usr/bin/gpg", ["gpg", "--batch", "--no-verbose",
+    "--passphrase-fd", "3", "-u", "\"tester\"", "-so", "-"], [/* 20 vars */]) = 0
+
+    execve("/usr/bin/gpg", ["gpg", "--batch", "--no-verbose", "--no-armor",
+    "--passphrase-fd", "3", "--no-secmem-warning", "-u", "tester", "-sbo"..,) = 0
+
+it can be fixed by removing the quote around %{gpg_name} when define
+__gpg_check_password_cmd in macros/macros, like below, but if gpg_name includes
+space, it will not work.
+
+     %__gpg_check_password_cmd       %{__gpg} \
+        gpg --batch --no-verbose --passphrase-fd 3 -u %{_gpg_name} -so -
+
+The poptParseArgvString function is used to parse _gpg_sign_cmd, so using
+poptParseArgvString to parse __gpg_check_password_cmd to fix this issue.
+
+Signed-off-by: Roy.Li <rongqing.li@windriver.com>
+---
+ rpmdb/signature.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/rpmdb/signature.c b/rpmdb/signature.c
+index c35e0ab..016e8d1 100644
+--- a/rpmdb/signature.c
+++ b/rpmdb/signature.c
+@@ -529,7 +529,7 @@ int rpmCheckPassPhrase(const char * passPhrase)
+		(void) setenv("GNUPGHOME", gpg_path, 1);
+
+	    cmd = rpmExpand("%{?__gpg_check_password_cmd}", NULL);
+-	    rc = argvSplit(&av, cmd, NULL);
+	    rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
+	    if (!rc)
+		rc = execve(av[0], (char *const *)av+1, environ);
+
+--
+1.9.1
--- a/meta/recipes-devtools/rpm/rpm_5.4.14.bb
+++ b/meta/recipes-devtools/rpm/rpm_5.4.14.bb
@@ -94,6 +94,7 @@ SRC_URI = "http://www.rpm5.org/files/rpm/rpm-5.4/rpm-5.4.14-0.20131024.src.rpm;e
 	   file://rpm-disable-Wno-override-init.patch \
 	   file://rpmqv_cc_b_gone.patch \
 	   file://rpm-realpath.patch \
+	   file://0001-using-poptParseArgvString-to-parse-the-_gpg_check_pa.patch \
 	  "

 # Uncomment the following line to enable platform score debugging