[OE-core] [PATCH] rpm-5.4.14: disable external key server
rongqing.li at windriver.com
rongqing.li at windriver.com
Fri Jun 26 06:57:21 UTC 2015
From: yzhu1 <yanjun.zhu at windriver.com>
When rpm makes header verification, rpm will send request to the
extern server, this is a potential risk.
Signed-off-by: yzhu1 <yanjun.zhu at windriver.com>
---
.../rpm-macros.in-disable-external-key-server.patch | 21 +++++++++++++++++++++
meta/recipes-devtools/rpm/rpm_5.4.14.bb | 1 +
2 files changed, 22 insertions(+)
create mode 100644 meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch
diff --git a/meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch b/meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch
new file mode 100644
index 0000000..206f258
--- /dev/null
+++ b/meta/recipes-devtools/rpm/rpm/rpm-macros.in-disable-external-key-server.patch
@@ -0,0 +1,21 @@
+disable external key server
+
+Upstream-Status: Pending
+
+When rpm makes header verification, rpm will send request to the
+extern server, this is a potential risk.
+
+Signed-off-by: yzhu1 <yanjun.zhu at windriver.com>
+--- a/macros/macros.in
++++ b/macros/macros.in
+@@ -546,8 +546,8 @@ $_arbitrary_tags_tests Foo:Bar
+ # Horowitz Key Protocol server configuration
+ #
+ #%_hkp_keyserver hkp://keys.n3npq.net
+-%_hkp_keyserver hkp://pool.sks-keyservers.net
+-%_hkp_keyserver_query %{_hkp_keyserver}/pks/lookup?op=get&search=
++#%_hkp_keyserver hkp://pool.sks-keyservers.net
++#%_hkp_keyserver_query %{_hkp_keyserver}/pks/lookup?op=get&search=
+
+
+ %_nssdb_path /etc/pki/nssdb
diff --git a/meta/recipes-devtools/rpm/rpm_5.4.14.bb b/meta/recipes-devtools/rpm/rpm_5.4.14.bb
index 75b1ae2..666a68e 100644
--- a/meta/recipes-devtools/rpm/rpm_5.4.14.bb
+++ b/meta/recipes-devtools/rpm/rpm_5.4.14.bb
@@ -92,6 +92,7 @@ SRC_URI = "http://www.rpm5.org/files/rpm/rpm-5.4/rpm-5.4.14-0.20131024.src.rpm;e
file://rpm-realpath.patch \
file://0001-using-poptParseArgvString-to-parse-the-_gpg_check_pa.patch \
file://no-ldflags-in-pkgconfig.patch \
+ file://rpm-macros.in-disable-external-key-server.patch \
"
# Uncomment the following line to enable platform score debugging
--
1.9.1
More information about the Openembedded-core
mailing list