From d382c1541bec301468119268f4940ae15c326b1c Mon Sep 17 00:00:00 2001 From: "Roy.Li" Date: Wed, 12 Nov 2014 09:54:56 +0800 Subject: rpm: fix the rpm addsign function Signed-off-by: Roy.Li Signed-off-by: Ross Burton --- ...arseArgvString-to-parse-the-_gpg_check_pa.patch | 49 ++++++++++++++++++++++ meta/recipes-devtools/rpm/rpm_5.4.14.bb | 1 + 2 files changed, 50 insertions(+) create mode 100644 meta/recipes-devtools/rpm/rpm/0001-using-poptParseArgvString-to-parse-the-_gpg_check_pa.patch diff --git a/meta/recipes-devtools/rpm/rpm/0001-using-poptParseArgvString-to-parse-the-_gpg_check_pa.patch b/meta/recipes-devtools/rpm/rpm/0001-using-poptParseArgvString-to-parse-the-_gpg_check_pa.patch new file mode 100644 index 0000000000..23bc3361d9 --- /dev/null +++ b/meta/recipes-devtools/rpm/rpm/0001-using-poptParseArgvString-to-parse-the-_gpg_check_pa.patch @@ -0,0 +1,49 @@ +From 64851c6622aff64787a9fcea26cccde183b7c743 Mon Sep 17 00:00:00 2001 +From: "Roy.Li" +Date: Tue, 11 Nov 2014 16:28:22 +0800 +Subject: [PATCH] using poptParseArgvString to parse the + _gpg_check_password_cmd + +Upstream-Status: Pending + +Both __gpg_check_password_cmd and __gpg_sign_cmd include "%{_gpg_name}", but +strace shows that gpg_name has a quote when run _gpg_check_password, +but not when run __gpg_sign_cmd; for example, if gpg_name is "tester" + + execve("/usr/bin/gpg", ["gpg", "--batch", "--no-verbose", + "--passphrase-fd", "3", "-u", "\"tester\"", "-so", "-"], [/* 20 vars */]) = 0 + + execve("/usr/bin/gpg", ["gpg", "--batch", "--no-verbose", "--no-armor", + "--passphrase-fd", "3", "--no-secmem-warning", "-u", "tester", "-sbo"..,) = 0 + +it can be fixed by removing the quote around %{gpg_name} when define +__gpg_check_password_cmd in macros/macros, like below, but if gpg_name includes +space, it will not work. + + %__gpg_check_password_cmd %{__gpg} \ + gpg --batch --no-verbose --passphrase-fd 3 -u %{_gpg_name} -so - + +The poptParseArgvString function is used to parse _gpg_sign_cmd, so using +poptParseArgvString to parse __gpg_check_password_cmd to fix this issue. + +Signed-off-by: Roy.Li +--- + rpmdb/signature.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/rpmdb/signature.c b/rpmdb/signature.c +index c35e0ab..016e8d1 100644 +--- a/rpmdb/signature.c ++++ b/rpmdb/signature.c +@@ -529,7 +529,7 @@ int rpmCheckPassPhrase(const char * passPhrase) + (void) setenv("GNUPGHOME", gpg_path, 1); + + cmd = rpmExpand("%{?__gpg_check_password_cmd}", NULL); +- rc = argvSplit(&av, cmd, NULL); ++ rc = poptParseArgvString(cmd, NULL, (const char ***)&av); + if (!rc) + rc = execve(av[0], (char *const *)av+1, environ); + +-- +1.9.1 + diff --git a/meta/recipes-devtools/rpm/rpm_5.4.14.bb b/meta/recipes-devtools/rpm/rpm_5.4.14.bb index 6cd932d5e9..d99a300285 100644 --- a/meta/recipes-devtools/rpm/rpm_5.4.14.bb +++ b/meta/recipes-devtools/rpm/rpm_5.4.14.bb @@ -94,6 +94,7 @@ SRC_URI = "http://www.rpm5.org/files/rpm/rpm-5.4/rpm-5.4.14-0.20131024.src.rpm;e file://rpm-disable-Wno-override-init.patch \ file://rpmqv_cc_b_gone.patch \ file://rpm-realpath.patch \ + file://0001-using-poptParseArgvString-to-parse-the-_gpg_check_pa.patch \ " # Uncomment the following line to enable platform score debugging -- cgit 1.2.3-korg