Bug 113635 - up2date GPG signature verification failure
Summary: up2date GPG signature verification failure
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: up2date
Version: 4.0
Hardware: athlon
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Adrian Likins
QA Contact: Fanny Augustin
URL: not applicable :: error on system level
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-01-15 23:47 UTC by Robby Fokkens
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

(edit)
Clone Of:
(edit)
Last Closed: 2004-09-02 16:11:06 UTC


Attachments (Terms of Use)

Description Robby Fokkens 2004-01-15 23:47:37 UTC
Description of problem:
using up2date under DEMO entitlement without problems. after changing 
to UPDATE entitlement, up2date immediately started to have problems 
with GPG signature verification and fails.

verified hardwareclock/systemtime: OK

sample of error message follows:
(1)
root@saturn [~]# up2date kernel
Fetching package list for channel: redhat-linux-i386-9...
########################################
Fetching Obsoletes list for channel: redhat-linux-i386-9...
########################################
Fetching rpm headers...
########################################
Testing package set / solving RPM inter-dependencies...
########################################
error: rpmts_HdrFromFdno: MD5 digest: BAD Expected
(18c8bc03d58a5b30d39ce5615d87f1d1) != 
(1352b56afea89196d43a19be79a4c16c)
kernel-2.4.20-28.9.athlon.r SSL exception (104, 'Connection reset by 
peer')rem.
SSL exception (-1, 'Unexpected EOF'), 00:03:03 rem.
error: rpmts_HdrFromFdno: V3 DSA signature: BAD, key ID db42a60e
The package kernel-2.4.20-28.9 does not have a valid GPG signature.
It has been tampered with or corrupted.  Aborting...
************ GPG VERIFICATION ERROR ****************
The package kernel-2.4.20-28.9 failed its gpg signature verification. 
This means the package is corrupt.
****************************************************

(2)
root@saturn [~]# up2date kernel
Fetching package list for channel: redhat-linux-i386-9...
########################################
Fetching Obsoletes list for channel: redhat-linux-i386-9...
########################################
Fetching rpm headers...
########################################
Testing package set / solving RPM inter-dependencies...
########################################
error: rpmts_HdrFromFdno: MD5 digest: BAD Expected
(18c8bc03d58a5b30d39ce5615d87f1d1) != 
(47ed7942cd5a4cb01a4c3cfdf4068a56)
kernel-2.4.20-28.9.athlon.r SSL exception (104, 'Connection reset by 
peer')rem.
SSL exception (-1, 'Unexpected EOF'), 00:12:31 rem.
error: rpmts_HdrFromFdno: V3 DSA signature: BAD, key ID db42a60e
The package kernel-2.4.20-28.9 does not have a valid GPG signature.
It has been tampered with or corrupted.  Aborting...
************ GPG VERIFICATION ERROR ****************
The package kernel-2.4.20-28.9 failed its gpg signature verification. 
This means the package is corrupt.
****************************************************

-/-
system is using WHM 8.5.1 cPanel 8.5.3-S3 -- RedHat - WHM X v2.1.1 

Version-Release number of selected component (if applicable):
up2date-3.1.23.2-1

How reproducible:
using up2date

Steps to Reproduce:
1. using up2date
2.
3.
  
Actual results:
GPG signature verification failure

Expected results:
sucessfull termination

Additional info:
-none-


Note You need to log in before you can comment on or make changes to this bug.