Bug 78657

Summary: RFE: Support for OpenPGP v4 signatures used by SuSE.
Product: [Retired] Red Hat Linux Reporter: Ralf Corsepius <corsepiu>
Component: rpmAssignee: Paul Nasrat <nobody+pnasrat>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: barryn, michael
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-06-07 21:29:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
strace of rpm query to mplayer package none

Description Ralf Corsepius 2002-11-27 05:09:59 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Description of problem:
Using rpm --queryformat '%{siggpg:armor}' causes rpm-4.1 to segfault:

# rpm -q -vv --queryformat '%{siggpg:armor}' -p bash-2.05b-5.i386.rpm
D: Expected size:       746649 = lead(96)+sigs(344)+pad(0)+data(746209)
D:   Actual size:       746649
D: opening  db environment /var/lib/rpm/Packages joinenv
D: opening  db index       /var/lib/rpm/Packages rdonly mode=0x0
D: locked   db index       /var/lib/rpm/Packages
D: opening  db index       /var/lib/rpm/Pubkeys rdonly mode=0x0
D:  read h#      35 Header sanity check: OK
D: ========== DSA pubkey id 219180cddb42a60e
D: bash-2.05b-5.i386.rpm: V3 DSA signature: OK, key ID db42a60e
Segmentation fault


Version-Release number of selected component (if applicable): rpm-4.1-1.06

How reproducible:
Always

Steps to Reproduce:
See above.

	

Additional info:
Comment 1 Michael Lee Yohe 2002-11-27 05:48:22 UTC 
This is true for only certain types of RPMs.  For instance, on my system - I
built fetchmail 6.1.0-1 from a Red Hat SRPM.  I receive the following:

$ rpm -q -vv --queryformat '%{siggpg:armor}' -p
/usr/src/redhat/RPMS/i686/fetchmail-6.1.0-1.i686.rpm 
D: Expected size:       540239 = lead(96)+sigs(180)+pad(4)+data(539959)
D:   Actual size:       540239
D: /usr/src/redhat/RPMS/i686/fetchmail-6.1.0-1.i686.rpm: MD5 digest: OK
(e3e1fc770d75b7fe642c13975fe0b62b)
(not base64)

However, if I run the query on a third-party RPM:

$ rpm -q -vv --queryformat '%{siggpg:armor}' -p
/usr/download/mplayer-0.90pre8-1.i686.rpm 
D: Expected size:       908223 = lead(96)+sigs(248)+pad(0)+data(907879)
D:   Actual size:       908223
warning: only V3 signatures can be verified, skipping V4 signature
Segmentation fault

Yet, IBM's Java runtime environment RPM seems to be okay as well:

$ rpm -q -vv --queryformat '%{siggpg:armor}' -p
/usr/download/IBMJava2-JRE-1.3.1-1.0.i386.rpm 
D: Expected size:     19038112 = lead(96)+sigs(100)+pad(4)+data(19037912)
D:   Actual size:     19038080
D: /usr/download/IBMJava2-JRE-1.3.1-1.0.i386.rpm: MD5 digest: OK
(ecd5caf5547eb1ae166b15c3cae65629)
(not base64)

I checked to see what type of RPM the aforementioned packages were:

$ file /usr/src/redhat/RPMS/i686/fetchmail-6.1.0-1.i686.rpm 
fetchmail-6.1.0-1.i686.rpm: RPM v3 bin i386 fetchmail-6.1.0-1

$ file /usr/download/mplayer-0.90pre8-1.i686.rpm
mplayer-0.90pre8-1.i686.rpm: RPM v3 bin i386 mplayer-0.90pre8-1

$ file /usr/download/IBMJava2-JRE-1.3.1-1.0.i386.rpm 
IBMJava2-JRE-1.3.1-1.0.i386.rpm: RPM v3 bin i386 IBMJava2-JRE-1.3.1-1.0

All RPM v3, right?

So...

... attachment of strace of query on mplayer package next ...
Comment 2 Michael Lee Yohe 2002-11-27 05:49:01 UTC 
Created attachment 86664 [details]
strace of rpm query to mplayer package
Comment 3 Jeff Johnson 2002-11-27 20:58:02 UTC 
Can you supply a pointer to the package with the
OpenPGP v4 signature packaet? That'll help me get
the segfault fixed pronot. Thanks.
Comment 4 Michael Lee Yohe 2002-11-27 21:34:10 UTC 
I think I downloaded mplayer from the main mplayer website.  I'll submit an
attachment later on (don't have it on this workstation).
Comment 5 Jeff Johnson 2002-11-27 21:37:06 UTC 
A pointer i(i.e. URL) rather than attachment please, there's
a size limit for bugzilla attachments. And thanks for the help.
Comment 6 Ralf Corsepius 2002-11-27 21:50:01 UTC 
Note: My initial report was referring to original RH-8.0 packages.

Wrt: V4 sigs: Any SuSE-8.0/SuSE-8.1 package will do
ftp://ftp.suse.com/pub/suse/i386/8.1/suse
Comment 7 Jeff Johnson 2002-11-29 14:54:21 UTC 
WORKSFORME with rpm-4.2:
bash$ rpm -Kvv ~/TODO/bash-2.05b-47.i586.rpm 
D: Expected size:       629864 = lead(96)+sigs(188)+pad(4)+data(629576)
D:   Actual size:       629832
only V3 signatures can be verified, skipping V4 signature
/home/devel/jbj/TODO/bash-2.05b-47.i586.rpm:
    MD5 digest: OK (2376c1ed552591501c8216725b1b27be)

The segfault was (my guess) fixed in the "official"
rpm-4.1 release. Try rpm-4.1-9 packages
at ftp://people.redhat.com/test-4.1.

Summary changed to get OpenPGP v4 signatures implemented.
Comment 8 Paul Nasrat 2005-06-07 21:29:15 UTC 
Additional patches from Suse for v4 signatures are in rpm HEAD / rpm 4.4.x branch 

I believe it should all be working there.  Closing.  Please file a new bug or
raise discussion on rpm-devel list
https://lists.dulug.duke.edu/mailman/listinfo/rpm-devel if you still have an issue.