From fdaa9115fb20d4af49ce8407b5785096c66ecf6c Mon Sep 17 00:00:00 2001
From: yzhu1 <yanjun.zhu@windriver.com>
Date: Wed, 8 Jul 2015 11:30:57 +0800
Subject: rpm: disable external key server

When RPM experiences a signed package, with a signature that it does NOT know.
By default it will send the -fingerprint- (and only the 16 digit fingerprint)
to an external HKP server, trying to get the key down.

This is probably not a reasonable default behavior for the system to do,
instead it should simply fail the key lookup.  If someone wants to enable the
HKP server it's easy enough to do by enabling the necessary macros.

Signed-off-by: yzhu1 <yanjun.zhu@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-devtools/rpm/rpm_5.4.14.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-devtools/rpm/rpm_5.4.14.bb')

diff --git a/meta/recipes-devtools/rpm/rpm_5.4.14.bb b/meta/recipes-devtools/rpm/rpm_5.4.14.bb
index 2e17a91137..bff0687e6c 100644
--- a/meta/recipes-devtools/rpm/rpm_5.4.14.bb
+++ b/meta/recipes-devtools/rpm/rpm_5.4.14.bb
@@ -94,6 +94,7 @@ SRC_URI = "http://www.rpm5.org/files/rpm/rpm-5.4/rpm-5.4.14-0.20131024.src.rpm;e
 	   file://no-ldflags-in-pkgconfig.patch \
 	   file://rpm-lua-fix-print.patch \
 	   file://rpm-check-rootpath-reasonableness.patch \
+	   file://rpm-macros.in-disable-external-key-server.patch \
 	  "
 
 # Uncomment the following line to enable platform score debugging
-- 
cgit 1.2.3-korg