Bug 115445 - rpm refuses to import keys with harmless blanks, accepted by gpg
Summary: rpm refuses to import keys with harmless blanks, accepted by gpg
Status: CLOSED DEFERRED
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: rpm (Show other bugs)
(Show other bugs)
Version: 3.0
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Jeff Johnson
QA Contact: Mike McLean
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-02-12 16:35 UTC by Pancrazio `ezio' de Mauro
Modified: 2007-11-30 22:07 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-02-12 20:10:45 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
This key is accepted by rpm --import and gpg (1.30 KB, text/plain)
2004-02-12 16:37 UTC, Pancrazio `ezio' de Mauro
no flags Details
This key is rejected by rpm --import but accepted by gpg (1.30 KB, text/plain)
2004-02-12 16:38 UTC, Pancrazio `ezio' de Mauro
no flags Details

Description Pancrazio `ezio' de Mauro 2004-02-12 16:35:06 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5)
Gecko/20031007 Firebird/0.7 StumbleUpon/1.89

Description of problem:
Blank spaces can cause rpm to refuse to import a valid GPG key

Version-Release number of selected component (if applicable):
Verified on rpm-4.2.1-4.4

How reproducible:
Always

Steps to Reproduce:
1. generate a key with gpg --keygen
2. export it with gpg --armor --export KEYID > key.asc
3. verify that rpm accepts it with rpm --import key.asc
4. add a single space in the blank line between the headers and the
actual key
5. verify that rpm rejects it: rpm --import key.asc returns "import
read failed"

Actual Results:  See "Steps to reproduce"

Expected Results:  rpm should strip off unnecessary blanks and accept
the key. Unnecessary blanks are sometimes inserted when the key is
emailed, copy-pasted, etc.

Additional info:
For this specific test case, the relevant code snippet is in
rpmio/rpmpgp.c in function pgpReadPkts

            if (*t != '\n') {
                pstate = 0;
                continue;
            }

i.e. if the empty line between the headers and the key contains just a
newline it is considered valid, otherwise the key is discarded

Comment 1 Pancrazio `ezio' de Mauro 2004-02-12 16:37:29 UTC
Created attachment 97618 [details]
This key is accepted by rpm --import and gpg

Comment 2 Pancrazio `ezio' de Mauro 2004-02-12 16:38:04 UTC
Created attachment 97619 [details]
This key is rejected by rpm --import but accepted by gpg

Comment 3 Jeff Johnson 2004-02-12 20:10:45 UTC
rpm supports only a subset of OpenPGP, you need to generate your
keys correctly.

DEFFERED until whenever, you have known and valid work around.


Note You need to log in before you can comment on or make changes to this bug.