From fcde2249671d00a4174eb93d04cafac66be7d6a1 Mon Sep 17 00:00:00 2001 From: law Date: Tue, 7 Apr 2015 18:42:52 +0300 Subject: [PATCH] Fix addsign check to skip PUBKEYS addition --- rpm-5.4.10-fix-addsign-check.patch | 20 ++++++++++++++++++++ rpm.spec | 4 ++++ 2 files changed, 24 insertions(+) create mode 100644 rpm-5.4.10-fix-addsign-check.patch diff --git a/rpm-5.4.10-fix-addsign-check.patch b/rpm-5.4.10-fix-addsign-check.patch new file mode 100644 index 0000000..bdc1a4a --- /dev/null +++ b/rpm-5.4.10-fix-addsign-check.patch @@ -0,0 +1,20 @@ +diff -ur rpm-5.4.10/build/pack.c rpm-5.4.10.new/build/pack.c +--- rpm-5.4.10/build/pack.c 2012-05-20 00:24:58.000000000 +0400 ++++ rpm-5.4.10.new/build/pack.c 2015-04-07 17:54:36.410943594 +0300 +@@ -649,7 +649,7 @@ + char buf[BUFSIZ]; + Header h; + Header sigh = NULL; +- int addsig = 0; ++ int addsig = (passPhrase && passPhrase[0]); + int isSource; + rpmRC rc = RPMRC_OK; + size_t nbr; +@@ -859,7 +859,6 @@ + (void) rpmAddSignature(sigh, sigtarget, RPMSIGTAG_MD5, passPhrase); + + sigtag = RPMSIGTAG_GPG; +- addsig = (passPhrase && passPhrase[0]); + + if (addsig) { + rpmlog(RPMLOG_NOTICE, _("Generating signature: %d\n"), sigtag); diff --git a/rpm.spec b/rpm.spec index f566aa0..d834542 100644 --- a/rpm.spec +++ b/rpm.spec @@ -492,6 +492,9 @@ Patch513: rpm-5.4.10-payload-no-hashed-inode.patch # KDE5 support in find_lang Patch514: rpm-5.4.10-find-lang-kde5.patch +# Fix addsign check to skip PUBKEYS addition (to ensure reproducibility) +Patch515: rpm-5.4.10-fix-addsign-check.patch + BuildRequires: autoconf >= 2.57 BuildRequires: bzip2-devel BuildRequires: automake >= 1.8 @@ -904,6 +907,7 @@ This package contains the RPM API documentation generated in HTML format. %patch512 -p1 -b .hardlink-segfault-fix %patch513 -p1 -b .payload-no-hashed-inode %patch514 -p1 -b .kde5-find-lang +%patch515 -p1 -b .fix-addsign-check #required by P55, P80, P81, P94.. ./autogen.sh