Red Hat Bugzilla – Bug 147959
hdrFromFdno fails with NOKEY
Last modified: 2014-01-21 17:51:15 EST
Description of problem: hdrFromFdno now fails on NOKEY, however it doesn't set the hdr so if you wanted to have a policy in rpm python application of ignoring key checking you can't inspect the error type. Version-Release number of selected component (if applicable): rpm-4.4.1-0.22 How reproducible: Always Steps to Reproduce: rpm -E '%_hkp_keyserver' %{unknown_macro} generate key not imported to rpmdb/erase your signing key from rpmdb rpm --resign simple-1.0-1.noarch.rpm run test script #!/usr/bin/python import rpm,os,sys ts = rpm.ts() f = os.open("simple-1.0-1.noarch.rpm", os.O_RDONLY) h = ts.hdrFromFdno(f) os.close(f) Actual results: warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 831ffbca Traceback (most recent call last): File "testrpm.py", line 8, in ? h = ts.hdrFromFdno(f) _rpm.error: public key not available Expected results: Works or definable policy with NOKEY handling Additional info:
Is ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES) not sufficient here?
Disabling keyserver lookup is probably the easiest fix. used addMacro method to define %_hkp_keyserver %{nil} ts.setVSFlags() is sufficient only until the method goes away so that rpm has a globally enforcing, not application specific, signature checking policy.