Bug 70366
Summary: | --checksig, no key, corrupted key# output | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] Red Hat Public Beta | Reporter: | Michael Schwendt <bugs.michael> | ||||
Component: | rpm | Assignee: | Jeff Johnson <jbj> | ||||
Status: | CLOSED RAWHIDE | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | limbo | ||||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | i386 | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2002-08-02 17:51:23 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 67218 | ||||||
Attachments: |
|
Description
Michael Schwendt
2002-07-31 20:37:10 UTC
WORKSFORME, rpm-4.1-0.63: bash$ rpm --checksig mm-* mm-1.1.3-8.i386.rpm: md5 (GPG) NOT OK (MISSING KEYS: GPG#db42a60e) mm-devel-1.1.3-8.i386.rpm: md5 (GPG) NOT OK (MISSING KEYS: GPG#db42a60e) But then I can't tell what you have cut and pasted above. "WORKSFORME"? Yeah, probably because you are using a newer version of RPM that I
have reported.
That's one reason why I dislike submitting bug reports sometimes.
Can anything between 0.57 and 0.63 be tracked down as having fixed this bug?
Please verify with:
> Version-Release number of selected component (if applicable):
> 4.1-0.57
What would you suggest as an adequate test? I've already reproduced the problem as WORKSFORME with rpm-4.1-0.63. I have no idea (because of cut-n-paste damage) what problem I'm trying to do a regression on. An adequate test would be to verify my bug report with 4.1-0.57 and then check the changelog of newer versions on whether there was any issue like that. If nothing has been tracked as having fixed this, it might come back later. And in case simple rebuilding of rpm 4.1-0.57 would have helped, too, the proper resolution would be "FIXED". [I'm currently downloading the 4.1-0.63 RPM from Raw Hide to verify the resolution.] WORKSFORME with rpm-4.1-0.57: bash$ sudo rpm -Uvh --oldpackage * warning: popt-1.7-0.57.i386.rpm: Header V3 DSA signature: NOKEY, key ID 897da07a Preparing... ########################################### [100%] 1:popt ########################################### [ 20%] 2:rpm ########################################### [ 40%] 3:rpm-build ########################################### [ 60%] 4:rpm-devel ########################################### [ 80%] 5:rpm-python ########################################### [100%] ... bash$ rpm -Kvv mm* D: Expected size: 15223 = lead(96)+sigs(181)+pad(3)+data(14943) D: Actual size: 15223 D: opening db index /var/lib/rpm/Packages rdonly mode=0x0 D: locked db index /var/lib/rpm/Packages D: opening db index /var/lib/rpm/Pubkeys rdonly mode=0x0 D: ========== DSA pubkey id 219180cddb42a60e mm-1.1.3-8.i386.rpm: MD5 digest: OK (37e09fa1afba30d4c786de4114973abb) V3 DSA signature: BAD, key ID db42a60e D: Expected size: 26766 = lead(96)+sigs(181)+pad(3)+data(26486) D: Actual size: 26766 mm-devel-1.1.3-8.i386.rpm: MD5 digest: OK (a207b10488b2f7008a40cd000b83296c) V3 DSA signature: BAD, key ID db42a60e D: closed db index /var/lib/rpm/Pubkeys D: closed db index /var/lib/rpm/Packages bash$ rpm --version RPM version 4.1 bash$ rpm -q rpm rpm-4.1-0.57 There are no (rpm anyways) pertinent changes since -0.57 Starting to smell like locales are involved, however. Not that the "BAD" signature verification is from having a signed pubkey (that is V4, rpm does not handle V4 OpenPGP keys) installed ATM. I'll look into that and try to come up with a better test-case. First I'll need to recover from the following Raw Hide trap: ;) # rpm -Uvh --oldpackage rpm-4.1-0.57.i386.rpm warning: rpm-4.1-0.57.i386.rpm: Header V3 DSA signature: NOKEY, key ID 897da07a Preparing... ########################################### [100%] package rpm-4.1-0.57 is intended for a i386 architecture Created attachment 68484 [details]
demonstration
Got it, 8 bytes copied, 4 bytes were available, if 5th byte happens to be '\0' it happens to work. Fix should be in rpm-4.1-0.66 when built. Thanks for the patience. The other problem, misidentifying and athlon with CMOV as "i786" is already fixed. You can work around by doing echo "athlon-redhat-linux-gnu" > /etc/rpm/platform Hmmm no I don't got it either, I forgot the hex conversion. FWIW, strstr and stpncpy are being used to scrape the keyid out of an output buffer, all this code is very ick. Ahhh, there it is, stpncpy is not copying the final '\0' Ok, rpm-4.1-0.66 then. :) |