Issue #9350
closedgpgkey value created for .repo file wrongly has two slashes after hostname; fails to verify signature
Description
Noticed when adding and installing a repo build with pulp.
"Error: Failed to download metadata for repo 'mycompany-2.x-rhel-8': repomd.xml GPG signature verification error: Bad GPG signature "
Looking at the repo config
[mycompany-2.x-rhel-8]
enabled=1
baseurl=https://download.mycompany.com/2.x-rhel-8/
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://download.mycompany.com//2.x-rhel-8/repodata/repomd.xml.key
notice ^^
It seems to be constructed here: https://github.com/pulp/pulp_rpm/blob/c29fe23ccb01bb9b148a38f450fe2ede4703bae3/pulp_rpm/app/models/repository.py#L442-449
versionmap:
core: 3.14.4
rpm: 3.14.1
file: 1.8.2
deb: 2.14.1
container: 2.8.0
Related issues
Updated by dalley over 3 years ago
- Subject changed from gpgkey value wrongly has two slashes after hostname; fails to verify signature to gpgkey value created for .repo file wrongly has two slashes after hostname; fails to verify signature
- Triaged changed from No to Yes
- Sprint set to Sprint 105
- Quarter set to Q4-2021
Updated by dalley over 3 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to dalley
Updated by dalley over 3 years ago
Can you show your configuration of the distribution, and the repository? My first attempt to reproduce is unsuccessful
Updated by dannysauer about 3 years ago
We have an empty prefix; rather than using the default /pulp, we serve from the server root. It looks to me like that empty variable might result in two adjacent slashes after the hostname when the path is reconstructed.
Updated by dalley about 3 years ago
- Sprint/Milestone changed from 3.14.4 to 3.16.0
Updated by dalley about 3 years ago
- Copied to Backport #9429: Backport #9350 "gpgkey value created for .repo file wrongly has two slashes after hostname; fails to verify signature" to 3.14.z added
Updated by dalley about 3 years ago
I'm guessing that CONTENT_PREFIX is not actually empty, but a lone "/", as shown in the 2nd example?
In [2]: foo("origin", "", "base", "key")
Out[2]: 'origin/base/key'
In [3]: foo("origin", "/", "base", "key")
Out[3]: 'origin//base/key'
In [4]: foo("origin", "prefix", "base", "key")
Out[4]: 'origin/prefix/base/key'
In [5]: foo("origin", "/prefix/", "base", "key")
Out[5]: 'origin/prefix/base/key'
In [6]: foo("origin", "prefix/", "base", "key")
Out[6]: 'origin/prefix/base/key'
Updated by pulpbot about 3 years ago
- Status changed from ASSIGNED to POST
Added by dalley about 3 years ago
Updated by dalley about 3 years ago
- Status changed from POST to MODIFIED
Applied in changeset f53002466efd809e1d49f2b0f8c6fb12ea344293.
Updated by pulpbot about 3 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
Fixes edge case where gpg key location in .repo file is invalid
closes: #9350 https://pulp.plan.io/issues/9350