[packages/rpm] - revert change introduced in 5.4.11/12 that breaks gpg calls; rel 6

baggins baggins at pld-linux.org
Thu Oct 24 09:41:11 CEST 2013


commit 6d1e99c9518b3576f9b2b561246fdc8a09ee5406
Author: Jan Rękorajski <baggins at pld-linux.org>
Date:   Thu Oct 24 09:31:44 2013 +0200

    - revert change introduced in 5.4.11/12 that breaks gpg calls; rel 6
    
    GPG key name/ID passed as cmd to rpmCheckPassPhrase is enclosed in
    doble quotes, while poptParseArgvString cleaned up command line
    before converting to argv list, argvSplit does not, and passes
    gpg name/ID to gpg as "\"XXXXX\"" (doble, escaped quoting),
    thus making it unverifiable;

 rpm-revert-gpg-argv-parsing.patch | 39 +++++++++++++++++++++++++++++++++++++++
 rpm.spec                          |  4 +++-
 2 files changed, 42 insertions(+), 1 deletion(-)
---
diff --git a/rpm.spec b/rpm.spec
index 9c60329..c8deeec 100644
--- a/rpm.spec
+++ b/rpm.spec
@@ -50,7 +50,7 @@ Summary(ru.UTF-8):	Менеджер пакетов от RPM
 Summary(uk.UTF-8):	Менеджер пакетів від RPM
 Name:		rpm
 Version:	5.4.13
-Release:	5
+Release:	6
 License:	LGPL v2.1
 Group:		Base
 # http://rpm5.org/files/rpm/rpm-5.4/rpm-5.4.13-0.20130819.src.rpm
@@ -166,6 +166,7 @@ Patch76:	%{name}-revert-debugedit-breakage.patch
 Patch77:	%{name}-lua-expat.patch
 Patch78:	%{name}-double_check_unpackaged_subdirs.patch
 Patch79:	%{name}-rpmspec.patch
+Patch80:	%{name}-revert-gpg-argv-parsing.patch
 
 # Patches imported from Mandriva
 
@@ -914,6 +915,7 @@ Dokumentacja API RPM-a oraz przewodniki w formacie HTML generowane ze
 %patch77 -p0
 %patch78 -p1
 %patch79 -p1
+%patch80 -p1
 
 %patch1000 -p1
 %patch1001 -p1
diff --git a/rpm-revert-gpg-argv-parsing.patch b/rpm-revert-gpg-argv-parsing.patch
new file mode 100644
index 0000000..a3d0d62
--- /dev/null
+++ b/rpm-revert-gpg-argv-parsing.patch
@@ -0,0 +1,39 @@
+diff -urN rpm-5.4.10/rpmdb/signature.c rpm-5.4.12/rpmdb/signature.c
+--- rpm-5.4.10/rpmdb/signature.c	2012-04-17 01:43:35.000000000 +0200
++++ rpm-5.4.12/rpmdb/signature.c	2013-06-28 18:42:13.000000000 +0200
+@@ -12,7 +12,6 @@
+ #include <rpmmacro.h>	/* XXX for rpmGetPath() */
+ #include <rpmhkp.h>
+ #include <rpmku.h>
+-#include <argv.h>
+ 
+ #include <rpmtag.h>
+ #include "rpmdb.h"
+@@ -503,7 +504,7 @@
+ 
+     if (!(pid = fork())) {
+ 	const char * cmd;
+-	ARGV_t av;
++	char *const *av;
+ 	int fdno;
+ 
+ 	xx = close(STDIN_FILENO);
+@@ -528,16 +529,13 @@
+   		(void) setenv("GNUPGHOME", gpg_path, 1);
+ 
+ 	    cmd = rpmExpand("%{?__gpg_check_password_cmd}", NULL);
+-	    rc = argvSplit(&av, cmd, NULL);
++	    rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
+ 	    if (!rc)
+-		rc = execve(av[0], (char *const *)av+1, environ);
++		rc = execve(av[0], av+1, environ);
+ 
+ 	    rpmlog(RPMLOG_ERR, _("Could not exec %s: %s\n"), "gpg",
+ 			strerror(errno));
+-	    cmd = _free(cmd);
+-	    gpg_path = _free(gpg_path);
+ 	}
+-	av = argvFree(av);
+     }
+ 
+     pw = rpmkuPassPhrase(passPhrase);
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/rpm.git/commitdiff/6d1e99c9518b3576f9b2b561246fdc8a09ee5406



More information about the pld-cvs-commit mailing list