Bug#859007: marked as done (unblock: rpm/4.12.0.2+dfsg1-2)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Thu, 30 Mar 2017 19:31:00 +0000
with message-id <b4885206-c49e-7e23-2ed0-71f2eae89af9@thykier.net>
and subject line Re: Bug#859007: unblock: rpm/4.12.0.2+dfsg1-2
has caused the Debian Bug report #859007,
regarding unblock: rpm/4.12.0.2+dfsg1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
859007: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859007
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: rpm/4.12.0.2+dfsg1-2
• From: Michal Čihař <nijel@debian.org>
• Date: Wed, 29 Mar 2017 15:36:18 +0200
• Message-id: <[🔎] 149079457810.14360.15950013342413426975.reportbug@nutt.cihar.com>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Please unblock package rpm

Honestly I'm not sure the reason is good enough, but keeping the
decision on you.

It fixes confusing interaction with gpg2 on rpmsign - rpmsign asks for
passphrase which is not used at all. See #858998 (normal severity) for
more details.

It was fixed by backporting upstream patch (while removing API changes
this has introduced upstream), debdiff is attached.

unblock rpm/4.12.0.2+dfsg1-2

- -- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=cs_CZ.UTF-8, LC_CTYPE=cs_CZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEh+Zzr4P2w6DDRMjD9KoinU1YwkUFAljbuFEACgkQ9KoinU1Y
wkXzwQ/+J8eswH1VSGV+FU5W/k0oJMZmugLciOp2CsayFmDolI9Now90cDzuuY7v
rdroWo44L2vdfvO3NA2IH/PsMeFMZ0+10daSJtIvOjSWKUYSCC+tMQ+OZq/wqzli
jUzetRVOLlTfFU3BFbNccBh76e5ehVb4qHZa7e7sCYaCjZTUb2B3jxbFLAIXAnqY
N7l0303S0AazDfpMJEmuYitbGEhrvFnIfVpl4r4+AkIcGpFZ8TGCgjqNOaICKvmK
kOk3/HtYtFOBdNlV6lMzntdsG2KjMHB8vUCDAkgJvjftg/ijXJ63nt3velqOHOWO
Xk6iuQQdeynT2wYis1qfq82kgu1VBEuRCi62M44nqRtIRQ1xqznhaiXXFzhFpMIR
g/zti/rM+VsFOhOgrfs0kwkNlGhmEn30JogJYmAnyoVzvUt3IZ+hQ+bj3Epw6Byi
Ruq27cdgcibSunjwdm/OJeK+Xk2bubaZ/AHBVkmNs0uJBJKveAbG5yI07gVdlFFE
zvrWixSfrm90f+hKNy8ybKdwTQOtk7JW1j8zAWfh1MF+SYJoYwz4F6Nxr9pO5OFl
tqWTQtwHDsBD0Qq4fh3R9yHwpIEXnAFaXA1Z2h5sim9V2v0yfinRWUwniSNqTgOo
jkOJdvhWOdp/kCp84T0/iW9w7PE7dOQpnw4IF52zEYp9iLAlMxk=
=4vJS
-----END PGP SIGNATURE-----

diff -Nru rpm-4.12.0.2+dfsg1/debian/changelog rpm-4.12.0.2+dfsg1/debian/changelog
--- rpm-4.12.0.2+dfsg1/debian/changelog	2016-11-10 14:02:04.000000000 +0100
+++ rpm-4.12.0.2+dfsg1/debian/changelog	2017-03-29 15:24:58.000000000 +0200
@@ -1,3 +1,10 @@
+rpm (4.12.0.2+dfsg1-2) unstable; urgency=medium
+
+  * Adjust debian/watch to new upstream website.
+  * Add patch to improve rpmsign behavior with gpgp2 (Closes: #858998).
+
+ -- Michal Čihař <nijel@debian.org>  Wed, 29 Mar 2017 15:24:58 +0200
+
 rpm (4.12.0.2+dfsg1-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru rpm-4.12.0.2+dfsg1/debian/patches/series rpm-4.12.0.2+dfsg1/debian/patches/series
--- rpm-4.12.0.2+dfsg1/debian/patches/series	2016-11-10 14:02:04.000000000 +0100
+++ rpm-4.12.0.2+dfsg1/debian/patches/series	2017-03-29 15:05:43.000000000 +0200
@@ -13,3 +13,4 @@
 fix-python-multiarch-include.patch
 rpm-4.11.2-double-separator-warning.patch
 fix-preun-scriptlet-failing-behaviour.patch
+0bce5fcf270711a2e077fba0fb7c5979ea007eb5.patch
diff -Nru rpm-4.12.0.2+dfsg1/debian/patches/0bce5fcf270711a2e077fba0fb7c5979ea007eb5.patch rpm-4.12.0.2+dfsg1/debian/patches/0bce5fcf270711a2e077fba0fb7c5979ea007eb5.patch
--- rpm-4.12.0.2+dfsg1/debian/patches/0bce5fcf270711a2e077fba0fb7c5979ea007eb5.patch	1970-01-01 01:00:00.000000000 +0100
+++ rpm-4.12.0.2+dfsg1/debian/patches/0bce5fcf270711a2e077fba0fb7c5979ea007eb5.patch	2017-03-29 15:17:39.000000000 +0200
@@ -0,0 +1,334 @@
+From 0bce5fcf270711a2e077fba0fb7c5979ea007eb5 Mon Sep 17 00:00:00 2001
+From: Lubos Kardos <lkardos@redhat.com>
+Date: Tue, 9 Jun 2015 18:06:29 +0200
+Subject: [PATCH] Allow gpg to get passphrase by itself.
+
+Remove rpm asking for passphrase and then passing this passphrase
+to gpg via file descriptor (--passphrase-fd) but provide gpg with
+access to unredirected stdin to get passphrase directly from user.
+
+Remove also macro %__gpg_check_password_cmd because in this new signing
+scheme has no sense. rpm doesn't handle passphrase in any way,
+everything is done in gpg including checking of passphrase.
+
+We did this modification because of changes in gpg behavior. Since
+gpg-2.1 option "--passphrase-fd" doesn't work by default, only when
+it is explicitly allowed in gpg.conf. (rhbz:#1228234)
+---
+ macros.in           |  4 +--
+ python/rpmsmodule.c |  9 +++---
+ rpmsign.c           | 82 +++--------------------------------------------------
+ sign/rpmgensig.c    | 67 +++++++++----------------------------------
+ sign/rpmsign.h      |  3 +-
+ 5 files changed, 23 insertions(+), 142 deletions(-)
+
+--- a/macros.in
++++ b/macros.in
+@@ -531,11 +531,9 @@
+ #	Macro(s) to hold the arguments passed to GPG/PGP for package
+ #	signing and verification.
+ #
+-%__gpg_check_password_cmd	%{__gpg} \
+-	gpg --batch --no-verbose --passphrase-fd 3 -u "%{_gpg_name}" -so -
+ 
+ %__gpg_sign_cmd			%{__gpg} \
+-	gpg --batch --no-verbose --no-armor --passphrase-fd 3 \
++	gpg --no-verbose --no-armor \
+ 	%{?_gpg_digest_algo:--digest-algo %{_gpg_digest_algo}} \
+ 	--no-secmem-warning \
+ 	-u "%{_gpg_name}" -sbo %{__signature_filename} %{__plaintext_filename}
+--- a/rpmsign.c
++++ b/rpmsign.c
+@@ -41,72 +41,6 @@
+     POPT_TABLEEND
+ };
+ 
+-static int checkPassPhrase(const char * passPhrase)
+-{
+-    int passPhrasePipe[2];
+-    int pid, status;
+-    int rc = -1;
+-    int xx;
+-
+-    if (passPhrase == NULL)
+-	return -1;
+-
+-    passPhrasePipe[0] = passPhrasePipe[1] = 0;
+-    if (pipe(passPhrasePipe))
+-	return -1;
+-
+-    pid = fork();
+-    if (pid < 0) {
+-	close(passPhrasePipe[0]);
+-	close(passPhrasePipe[1]);
+-	return -1;
+-    }
+-
+-    if (pid == 0) {
+-	char * cmd, * gpg_path;
+-	char *const *av;
+-	int fdno;
+-
+-	close(STDIN_FILENO);
+-	close(STDOUT_FILENO);
+-	close(passPhrasePipe[1]);
+-	if ((fdno = open("/dev/null", O_RDONLY)) != STDIN_FILENO) {
+-	    xx = dup2(fdno, STDIN_FILENO);
+-	    close(fdno);
+-	}
+-	if ((fdno = open("/dev/null", O_WRONLY)) != STDOUT_FILENO) {
+-	    xx = dup2(fdno, STDOUT_FILENO);
+-	    close(fdno);
+-	}
+-	xx = dup2(passPhrasePipe[0], 3);
+-
+-	unsetenv("MALLOC_CHECK_");
+-	gpg_path = rpmExpand("%{?_gpg_path}", NULL);
+-
+-	if (!rstreq(gpg_path, ""))
+-	    setenv("GNUPGHOME", gpg_path, 1);
+-	
+-	cmd = rpmExpand("%{?__gpg_check_password_cmd}", NULL);
+-	rc = poptParseArgvString(cmd, NULL, (const char ***)&av);
+-	if (xx >= 0 && rc == 0) {
+-	    rc = execve(av[0], av+1, environ);
+-	    fprintf(stderr, _("Could not exec %s: %s\n"), "gpg",
+-			strerror(errno));
+-	}
+-	_exit(EXIT_FAILURE);
+-    }
+-
+-    close(passPhrasePipe[0]);
+-    xx = write(passPhrasePipe[1], passPhrase, strlen(passPhrase));
+-    xx = write(passPhrasePipe[1], "\n", 1);
+-    close(passPhrasePipe[1]);
+-
+-    if (xx >= 0 && waitpid(pid, &status, 0) >= 0)
+-	rc = (WIFEXITED(status) && WEXITSTATUS(status) == 0) ? 0 : 1;
+-
+-    return rc;
+-}
+-
+ /* TODO: permit overriding macro setup on the command line */
+ static int doSign(poptContext optCon)
+ {
+@@ -119,18 +53,10 @@
+ 	goto exit;
+     }
+ 
+-    /* XXX FIXME: eliminate obsolete getpass() usage */
+-    passPhrase = getpass(_("Enter pass phrase: "));
+-    passPhrase = (passPhrase != NULL) ? rstrdup(passPhrase) : NULL;
+-    if (checkPassPhrase(passPhrase) == 0) {
+-	const char *arg;
+-	fprintf(stderr, _("Pass phrase is good.\n"));
+-	rc = 0;
+-	while ((arg = poptGetArg(optCon)) != NULL) {
+-	    rc += rpmPkgSign(arg, NULL, passPhrase);
+-	}
+-    } else {
+-	fprintf(stderr, _("Pass phrase check failed or gpg key expired\n"));
++    const char *arg;
++    rc = 0;
++    while ((arg = poptGetArg(optCon)) != NULL) {
++	rc += rpmPkgSign(arg, NULL, NULL);
+     }
+ 
+ exit:
+--- a/sign/rpmgensig.c
++++ b/sign/rpmgensig.c
+@@ -128,7 +128,7 @@
+ 
+ /*
+  * Validate generated signature and insert to header if it looks sane.
+- * NSS doesn't support everything GPG does. Basic tests to see if the 
++ * NSS doesn't support everything GPG does. Basic tests to see if the
+  * generated signature is something we can use.
+  * Return 0 on success, 1 on failure.
+  */
+@@ -182,10 +182,9 @@
+     return rc;
+ }
+ 
+-static int runGPG(sigTarget sigt, const char *sigfile, const char * passPhrase)
++static int runGPG(sigTarget sigt, const char *sigfile)
+ {
+     int pid = 0, status;
+-    int inpipe[2];
+     int inpipe2[2];
+     FILE * fpipe = NULL;
+     unsigned char buf[BUFSIZ];
+@@ -194,12 +193,6 @@
+     rpm_loff_t size;
+     int rc = 1; /* assume failure */
+ 
+-    inpipe[0] = inpipe[1] = 0;
+-    if (pipe(inpipe) < 0) {
+-	rpmlog(RPMLOG_ERR, _("Couldn't create pipe for signing: %m"));
+-	goto exit;
+-    }
+-
+     inpipe2[0] = inpipe2[1] = 0;
+     if (pipe(inpipe2) < 0) {
+ 	rpmlog(RPMLOG_ERR, _("Couldn't create pipe for signing: %m"));
+@@ -214,9 +207,6 @@
+ 	char *cmd = NULL;
+ 	const char *gpg_path = rpmExpand("%{?_gpg_path}", NULL);
+ 
+-	(void) dup2(inpipe[0], 3);
+-	(void) close(inpipe[1]);
+-
+ 	(void) dup2(inpipe2[0], STDIN_FILENO);
+ 	(void) close(inpipe2[1]);
+ 
+@@ -238,25 +228,9 @@
+     delMacro(NULL, "__plaintext_filename");
+     delMacro(NULL, "__signature_filename");
+ 
+-    (void) close(inpipe[0]);
+-    inpipe[0] = 0;
+     (void) close(inpipe2[0]);
+     inpipe2[0] = 0;
+ 
+-    fpipe = fdopen(inpipe[1], "w");
+-    if (!fpipe) {
+-	rpmlog(RPMLOG_ERR, _("fdopen failed\n"));
+-	goto exit;
+-    }
+-    inpipe[1] = 0;
+-
+-    if (fprintf(fpipe, "%s\n", (passPhrase ? passPhrase : "")) < 0) {
+-	rpmlog(RPMLOG_ERR, _("Could not write to pipe\n"));
+-	goto exit;
+-    }
+-    (void) fclose(fpipe);
+-    fpipe = NULL;
+-
+     fpipe = fdopen(inpipe2[1], "w");
+     if (!fpipe) {
+ 	rpmlog(RPMLOG_ERR, _("fdopen failed\n"));
+@@ -298,20 +272,12 @@
+     }
+ 
+ exit:
+-    if (fpipe)
+-	fclose(fpipe);
+-
+-    if (inpipe[0])
+-	close(inpipe[0]);
+-
+-    if (inpipe[1])
+-	close(inpipe[1]);
+ 
+     if (inpipe2[0])
+-	close(inpipe[0]);
++	close(inpipe2[0]);
+ 
+     if (inpipe2[1])
+-	close(inpipe[1]);
++	close(inpipe2[1]);
+ 
+     if (pid)
+ 	waitpid(pid, &status, 0);
+@@ -328,8 +294,7 @@
+  * @param passPhrase	private key pass phrase
+  * @return		0 on success, 1 on failure
+  */
+-static int makeGPGSignature(Header sigh, int ishdr, sigTarget sigt,
+-			    const char * passPhrase)
++static int makeGPGSignature(Header sigh, int ishdr, sigTarget sigt)
+ {
+     char * sigfile = rstrscat(NULL, sigt->fileName, ".sig", NULL);
+     struct stat st;
+@@ -337,7 +302,7 @@
+     size_t pktlen = 0;
+     int rc = 1; /* assume failure */
+ 
+-    if (runGPG(sigt, sigfile, passPhrase))
++    if (runGPG(sigt, sigfile))
+ 	goto exit;
+ 
+     if (stat(sigfile, &st)) {
+@@ -376,16 +341,15 @@
+     return rc;
+ }
+ 
+-static int rpmGenSignature(Header sigh, sigTarget sigt1, sigTarget sigt2,
+-			    const char * passPhrase)
++static int rpmGenSignature(Header sigh, sigTarget sigt1, sigTarget sigt2)
+ {
+     int ret;
+ 
+-    ret = makeGPGSignature(sigh, 0, sigt1, passPhrase);
++    ret = makeGPGSignature(sigh, 0, sigt1);
+     if (ret)
+ 	goto exit;
+ 
+-    ret = makeGPGSignature(sigh, 1, sigt2, passPhrase);
++    ret = makeGPGSignature(sigh, 1, sigt2);
+     if (ret)
+ 	goto exit;
+ exit:
+@@ -431,21 +395,20 @@
+     return (rc == 0);
+ }
+ 
+-static int replaceSignature(Header sigh, sigTarget sigt1, sigTarget sigt2,
+-			    const char *passPhrase)
++static int replaceSignature(Header sigh, sigTarget sigt1, sigTarget sigt2)
+ {
+     /* Grab a copy of the header so we can compare the result */
+     Header oldsigh = headerCopy(sigh);
+     int rc = -1;
+-    
++
+     /* Nuke all signature tags */
+     deleteSigs(sigh);
+ 
+     /*
+-     * rpmGenSignature() internals parse the actual signing result and 
++     * rpmGenSignature() internals parse the actual signing result and
+      * adds appropriate tags for DSA/RSA.
+      */
+-    if (rpmGenSignature(sigh, sigt1, sigt2, passPhrase) == 0) {
++    if (rpmGenSignature(sigh, sigt1, sigt2) == 0) {
+ 	/* Lets see what we got and whether its the same signature as before */
+ 	rpmTagVal sigtag = headerIsEntry(sigh, RPMSIGTAG_DSA) ?
+ 					RPMSIGTAG_DSA : RPMSIGTAG_RSA;
+@@ -462,10 +425,9 @@
+  * Create/modify elements in signature header.
+  * @param rpm		path to package
+  * @param deleting	adding or deleting signature?
+- * @param passPhrase	passPhrase (ignored when deleting)
+  * @return		0 on success, -1 on error
+  */
+-static int rpmSign(const char *rpm, int deleting, const char *passPhrase)
++static int rpmSign(const char *rpm, int deleting)
+ {
+     FD_t fd = NULL;
+     FD_t ofd = NULL;
+@@ -550,7 +512,7 @@
+ 	sigt2 = sigt1;
+ 	sigt2.size = headerSizeof(h, HEADER_MAGIC_YES);
+ 
+-	res = replaceSignature(sigh, &sigt1, &sigt2, passPhrase);
++	res = replaceSignature(sigh, &sigt1, &sigt2);
+ 	if (res != 0) {
+ 	    if (res == 1) {
+ 		rpmlog(RPMLOG_WARNING,
+@@ -684,7 +646,7 @@
+ 	}
+     }
+ 
+-    rc = rpmSign(path, 0, passPhrase);
++    rc = rpmSign(path, 0);
+ 
+     if (args) {
+ 	if (args->hashalgo) {
+@@ -700,5 +662,5 @@
+ 
+ int rpmPkgDelSign(const char *path)
+ {
+-    return rpmSign(path, 1, NULL);
++    return rpmSign(path, 1);
+ }
diff -Nru rpm-4.12.0.2+dfsg1/debian/watch rpm-4.12.0.2+dfsg1/debian/watch
--- rpm-4.12.0.2+dfsg1/debian/watch	2016-11-10 14:02:04.000000000 +0100
+++ rpm-4.12.0.2+dfsg1/debian/watch	2016-11-17 11:42:24.000000000 +0100
@@ -1,3 +1,4 @@
 version=3
 opts="repacksuffix=+dfsg1,dversionmangle=s/\+dfsg\d*$//" \
-  http://rpm.org/releases/rpm-4.12.x/rpm-([\d\.]+).tar.bz2
+  http://rpm.org/download.html \
+  https://github.com/rpm-software-management/rpm/releases/download/rpm-[\d\.]+-release/rpm-([\d\.]+).tar.bz2

--- End Message ---

--- Begin Message ---

• To: Michal Čihař <nijel@debian.org>, 859007-done@bugs.debian.org
• Subject: Re: Bug#859007: unblock: rpm/4.12.0.2+dfsg1-2
• From: Niels Thykier <niels@thykier.net>
• Date: Thu, 30 Mar 2017 19:31:00 +0000
• Message-id: <b4885206-c49e-7e23-2ed0-71f2eae89af9@thykier.net>
• In-reply-to: <[🔎] 149079457810.14360.15950013342413426975.reportbug@nutt.cihar.com>
• References: <[🔎] 149079457810.14360.15950013342413426975.reportbug@nutt.cihar.com>

Michal Čihař:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Please unblock package rpm
> 
> Honestly I'm not sure the reason is good enough, but keeping the
> decision on you.
> 
> It fixes confusing interaction with gpg2 on rpmsign - rpmsign asks for
> passphrase which is not used at all. See #858998 (normal severity) for
> more details.
> 
> It was fixed by backporting upstream patch (while removing API changes
> this has introduced upstream), debdiff is attached.
> 
> unblock rpm/4.12.0.2+dfsg1-2
> 
> [...]

Unblocked, thanks.

~Niels

--- End Message ---