[pacman-dev] [PATCH 1/2] makepkg: fix signing of source packages
In commit c6b04c04653ba9933fe978829148312e412a9ea7 the signing stage was moved out of fakeroot, and thus into the main control flow instead of create_{,src}package While the function for signing binary packages has logic to build and gpg-sign multiple filenames, the source package never got this special treatment. This would be fine, except it uses the standard variables to set define the filename... like ${fullver}, which is usually set beforehand, but in this case is not. We don't define fullver globally as it's an internal implementation detail, except by sheer coincidence if PKGVERFUNC is false due to improperly guarded code. Result: source packages didn't end up signed. Instead, we raised a logic error: ==> WARNING: Failed to sign package file somepackage-.src.tar.gz. ==> ERROR: An unknown error has occurred. Exiting... Instead, let's just build the version inline, since we only use it once. Reported-by: GaKu999 <g4ku999@gmail.com> Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> --- scripts/makepkg.sh.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index e1e95412..a9e7c691 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1362,7 +1362,7 @@ if (( SOURCEONLY )); then if [[ $SIGNPKG = 'y' ]]; then msg "$(gettext "Signing package...")" - create_signature "$SRCPKGDEST/${pkgbase}-${fullver}${SRCEXT}" + create_signature "$SRCPKGDEST/${pkgbase}-$(get_full_version)${SRCEXT}" fi msg "$(gettext "Source package created: %s")" "$pkgbase ($(date +%c))" -- 2.28.0
We leaked fullver and pkgarch all over the place, and only conditionally unset the other variables. Marking them local is a more proactive solution. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> --- scripts/makepkg.sh.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index a9e7c691..89da3fab 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -869,6 +869,7 @@ install_package() { } check_build_status() { + local fullver pkgarch allpkgbuilt somepkgbuilt if (( ! SPLITPKG )); then fullver=$(get_full_version) pkgarch=$(get_pkg_arch) @@ -911,7 +912,6 @@ check_build_status() { exit $E_ALREADY_BUILT fi fi - unset allpkgbuilt somepkgbuilt fi } -- 2.28.0
On 12/10/20 12:22 pm, Eli Schwartz wrote:
We leaked fullver and pkgarch all over the place, and only conditionally unset the other variables. Marking them local is a more proactive solution.
OK.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> --- scripts/makepkg.sh.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index a9e7c691..89da3fab 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -869,6 +869,7 @@ install_package() { }
check_build_status() { + local fullver pkgarch allpkgbuilt somepkgbuilt if (( ! SPLITPKG )); then fullver=$(get_full_version) pkgarch=$(get_pkg_arch) @@ -911,7 +912,6 @@ check_build_status() { exit $E_ALREADY_BUILT fi fi - unset allpkgbuilt somepkgbuilt fi }
On 10/11/20 10:22 PM, Eli Schwartz wrote:
In commit c6b04c04653ba9933fe978829148312e412a9ea7 the signing stage was moved out of fakeroot, and thus into the main control flow instead of create_{,src}package
Random factoid: 10:47 PM <amcrae> eschwartz: had I seen those patches before? 10:48 PM <eschwartz> no, I wrote them tonight 10:49 PM <amcrae> ok - it seemed familiar 10:49 PM <eschwartz> you previously merged: 10:49 PM <eschwartz> makepkg: when signing packages, report package filename on failure 10:49 PM <eschwartz> libmakepkg/integrity: fix regression that broke --install 10:49 PM <eschwartz> makepkg: avoid false "Signing package(s)" msg when signing is disabled 10:50 PM <eschwartz> good grief 10:50 PM <amcrae> great patch :P 10:50 PM <eschwartz> that commit is the gift that keeps on giving I must say, this patch really was fun. :D How on earth did it manage to have so many edge cases.... Bets on us discovering a 5th problem? -- Eli Schwartz Bug Wrangler and Trusted User
On 12/10/20 12:22 pm, Eli Schwartz wrote:
In commit c6b04c04653ba9933fe978829148312e412a9ea7 the signing stage was moved out of fakeroot, and thus into the main control flow instead of create_{,src}package
While the function for signing binary packages has logic to build and gpg-sign multiple filenames, the source package never got this special treatment. This would be fine, except it uses the standard variables to set define the filename... like ${fullver}, which is usually set beforehand, but in this case is not. We don't define fullver globally as it's an internal implementation detail, except by sheer coincidence if PKGVERFUNC is false due to improperly guarded code.
Result: source packages didn't end up signed. Instead, we raised a logic error:
==> WARNING: Failed to sign package file somepackage-.src.tar.gz.
==> ERROR: An unknown error has occurred. Exiting...
Instead, let's just build the version inline, since we only use it once.
Reported-by: GaKu999 <g4ku999@gmail.com> Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> --- scripts/makepkg.sh.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index e1e95412..a9e7c691 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1362,7 +1362,7 @@ if (( SOURCEONLY )); then
if [[ $SIGNPKG = 'y' ]]; then msg "$(gettext "Signing package...")" - create_signature "$SRCPKGDEST/${pkgbase}-${fullver}${SRCEXT}" + create_signature "$SRCPKGDEST/${pkgbase}-$(get_full_version)${SRCEXT}"
OK.
fi
msg "$(gettext "Source package created: %s")" "$pkgbase ($(date +%c))"
participants (2)
-
Allan McRae
-
Eli Schwartz