diff options
Diffstat (limited to 'meta')
| -rw-r--r-- | meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch | 27 | ||||
| -rw-r--r-- | meta/recipes-devtools/rpm/rpm_5.4.14.bb | 1 |
2 files changed, 28 insertions, 0 deletions
diff --git a/meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch b/meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch new file mode 100644 index 0000000000..07a0cfa300 --- /dev/null +++ b/meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch @@ -0,0 +1,27 @@ +disable external key server + +Upstream-Status: Pending + +When RPM experiences a signed package, with a signature that it does NOT know. +By default it will send the -fingerprint- (and only the 16 digit fingerprint) to +an external HKP server, trying to get the key down. + +This is probably not a reasonable default behavior for the system to do, instead +it should simply fail the key lookup. If someone wants to enable the HKP server +it's easy enough to do by enabling the necessary macros. + +Signed-off-by: yzhu1 <yanjun.zhu@windriver.com> +Signed-off-by: Mark Hatle <mark.hatle@windriver.com> +--- a/macros/macros.in ++++ b/macros/macros.in +@@ -546,8 +546,8 @@ $_arbitrary_tags_tests Foo:Bar + # Horowitz Key Protocol server configuration + # + #%_hkp_keyserver hkp://keys.n3npq.net +-%_hkp_keyserver hkp://pool.sks-keyservers.net +-%_hkp_keyserver_query %{_hkp_keyserver}/pks/lookup?op=get&search= ++#%_hkp_keyserver hkp://pool.sks-keyservers.net ++#%_hkp_keyserver_query %{_hkp_keyserver}/pks/lookup?op=get&search= + + + %_nssdb_path /etc/pki/nssdb diff --git a/meta/recipes-devtools/rpm/rpm_5.4.14.bb b/meta/recipes-devtools/rpm/rpm_5.4.14.bb index 2e17a91137..bff0687e6c 100644 --- a/meta/recipes-devtools/rpm/rpm_5.4.14.bb +++ b/meta/recipes-devtools/rpm/rpm_5.4.14.bb @@ -94,6 +94,7 @@ SRC_URI = "http://www.rpm5.org/files/rpm/rpm-5.4/rpm-5.4.14-0.20131024.src.rpm;e file://no-ldflags-in-pkgconfig.patch \ file://rpm-lua-fix-print.patch \ file://rpm-check-rootpath-reasonableness.patch \ + file://rpm-macros.in-disable-external-key-server.patch \ " # Uncomment the following line to enable platform score debugging |