Project

Profile

Help

Issue #9350

gpgkey value created for .repo file wrongly has two slashes after hostname; fails to verify signature

Added by jxsxs about 1 month ago. Updated 24 days ago.

Status:
MODIFIED
Priority:
Normal
Assignee:
Sprint/Milestone:
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Sprint 105
Quarter:
Q4-2021

Description

Noticed when adding and installing a repo build with pulp.

"Error: Failed to download metadata for repo 'mycompany-2.x-rhel-8': repomd.xml GPG signature verification error: Bad GPG signature "

Looking at the repo config


[mycompany-2.x-rhel-8]
enabled=1
baseurl=https://download.mycompany.com/2.x-rhel-8/
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://download.mycompany.com//2.x-rhel-8/repodata/repomd.xml.key
                        notice       ^^

It seems to be constructed here: https://github.com/pulp/pulp_rpm/blob/c29fe23ccb01bb9b148a38f450fe2ede4703bae3/pulp_rpm/app/models/repository.py#L442-449

versionmap:

    core: 3.14.4
    rpm: 3.14.1
    file: 1.8.2
    deb: 2.14.1
    container: 2.8.0

Related issues

Copied to RPM Support - Backport #9429: Backport #9350 "gpgkey value created for .repo file wrongly has two slashes after hostname; fails to verify signature" to 3.14.zCLOSED - CURRENTRELEASE

<a title="Actions" class="icon-only icon-actions js-contextmenu" href="#">Actions</a>

Associated revisions

Revision f5300246 View on GitHub
Added by dalley 24 days ago

Fixes edge case where gpg key location in .repo file is invalid

closes: #9350 https://pulp.plan.io/issues/9350

History

#1 Updated by dalley about 1 month ago

  • Subject changed from gpgkey value wrongly has two slashes after hostname; fails to verify signature to gpgkey value created for .repo file wrongly has two slashes after hostname; fails to verify signature
  • Triaged changed from No to Yes
  • Sprint set to Sprint 105
  • Quarter set to Q4-2021

#2 Updated by dalley about 1 month ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to dalley

#3 Updated by dalley about 1 month ago

  • Sprint/Milestone set to 3.14.4

#4 Updated by dalley about 1 month ago

Can you show your configuration of the distribution, and the repository? My first attempt to reproduce is unsuccessful

gpgkey=http://pulp3-source-fedora34.localhost.example.com/pulp/content/7bb2aa32-2bfc-4b6a-8a1c-0a6ffa51b7dc/repodata/repomd.xml.key

#5 Updated by dannysauer 25 days ago

We have an empty prefix; rather than using the default /pulp, we serve from the server root. It looks to me like that empty variable might result in two adjacent slashes after the hostname when the path is reconstructed.

#6 Updated by dalley 25 days ago

That is helpful context, thanks.

#7 Updated by dalley 24 days ago

  • Sprint/Milestone changed from 3.14.4 to 3.16.0

#8 Updated by dalley 24 days ago

  • Copied to Backport #9429: Backport #9350 "gpgkey value created for .repo file wrongly has two slashes after hostname; fails to verify signature" to 3.14.z added

#9 Updated by dalley 24 days ago

I'm guessing that CONTENT_PREFIX is not actually empty, but a lone "/", as shown in the 2nd example?

In [2]: foo("origin", "", "base", "key")                                                            
Out[2]: 'origin/base/key'

In [3]: foo("origin", "/", "base", "key")                                                           
Out[3]: 'origin//base/key'

In [4]: foo("origin", "prefix", "base", "key")                                                      
Out[4]: 'origin/prefix/base/key'

In [5]: foo("origin", "/prefix/", "base", "key")                                                    
Out[5]: 'origin/prefix/base/key'

In [6]: foo("origin", "prefix/", "base", "key")                                                     
Out[6]: 'origin/prefix/base/key'

#10 Updated by pulpbot 24 days ago

  • Status changed from ASSIGNED to POST

#11 Updated by dalley 24 days ago

  • Status changed from POST to MODIFIED

Please register to edit this issue

Also available in: Atom PDF