summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2017-06-16 09:42:30 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2017-06-16 09:45:04 +0100
commitec7feb9d315f357b9a073425a31b352ec24ddfd9 (patch)
tree215dd118d1cb003f82c51bd5141520204bd09e2c
parent059846662f1ea1c82804cfce5f91afcb2980ec8a (diff)
downloadopenembedded-core-contrib-ec7feb9d315f357b9a073425a31b352ec24ddfd9.tar.gz
openembedded-core-contrib-ec7feb9d315f357b9a073425a31b352ec24ddfd9.tar.bz2
openembedded-core-contrib-ec7feb9d315f357b9a073425a31b352ec24ddfd9.zip
package_ipk: Clean up Source entry in ipk packages
There is the potential for sensitive information to leak through the urls there and removing it brings this into the behavior of the other package backends since filtering it is likely error prone. Since ipks don't appear to be generated at all if we don't set this, set the field to the recipe name used (basename only, no paths). This avoids information leaking. We may want to drop the field if opkg can allow that at a future point but the recipe name is a suitable identifier for now. Reported-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/classes/package_ipk.bbclass6
1 files changed, 2 insertions, 4 deletions
diff --git a/meta/classes/package_ipk.bbclass b/meta/classes/package_ipk.bbclass
index d2ce3b3e17..8e69b5da36 100644
--- a/meta/classes/package_ipk.bbclass
+++ b/meta/classes/package_ipk.bbclass
@@ -57,6 +57,7 @@ def ipk_write_pkg(pkg, d):
outdir = d.getVar('PKGWRITEDIRIPK')
pkgdest = d.getVar('PKGDEST')
+ recipesource = os.path.basename(d.getVar('FILE'))
localdata = bb.data.createCopy(d)
root = "%s/%s" % (pkgdest, pkg)
@@ -205,10 +206,7 @@ def ipk_write_pkg(pkg, d):
ctrlfile.write("Replaces: %s\n" % bb.utils.join_deps(rreplaces))
if rconflicts:
ctrlfile.write("Conflicts: %s\n" % bb.utils.join_deps(rconflicts))
- src_uri = localdata.getVar("SRC_URI").strip() or "None"
- if src_uri:
- src_uri = re.sub("\s+", " ", src_uri)
- ctrlfile.write("Source: %s\n" % " ".join(src_uri.split()))
+ ctrlfile.write("Source: %s\n" % recipesource)
ctrlfile.close()
for script in ["preinst", "postinst", "prerm", "postrm"]: