Issue #9350: gpgkey value created for .repo file wrongly has two slashes after hostname; fails to verify signature - RPM Support - Pulp

Actions

Send by e-mail Copy link

Issue #9350

closed

gpgkey value created for .repo file wrongly has two slashes after hostname; fails to verify signature

Added by jxsxs over 2 years ago. Updated over 2 years ago.

Status:

CLOSED - CURRENTRELEASE

Priority:

Normal

Assignee:

dalley

Sprint/Milestone:

3.16.0

Start date:

Due date:

Estimated time:

Severity:

2. Medium

Version:

Platform Release:

OS:

Triaged:

Yes

Groomed:

Sprint Candidate:

Tags:

Sprint:

Sprint 105

Quarter:

Q4-2021

Description

Noticed when adding and installing a repo build with pulp.

"Error: Failed to download metadata for repo 'mycompany-2.x-rhel-8': repomd.xml GPG signature verification error: Bad GPG signature "

Looking at the repo config


[mycompany-2.x-rhel-8]
enabled=1
baseurl=https://download.mycompany.com/2.x-rhel-8/
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://download.mycompany.com//2.x-rhel-8/repodata/repomd.xml.key
                        notice       ^^

It seems to be constructed here: https://github.com/pulp/pulp_rpm/blob/c29fe23ccb01bb9b148a38f450fe2ede4703bae3/pulp_rpm/app/models/repository.py#L442-449

versionmap:

    core: 3.14.4
    rpm: 3.14.1
    file: 1.8.2
    deb: 2.14.1
    container: 2.8.0

Related issues

Actions

Copy link

Updated by dalley over 2 years ago

Subject changed from gpgkey value wrongly has two slashes after hostname; fails to verify signature to gpgkey value created for .repo file wrongly has two slashes after hostname; fails to verify signature
Triaged changed from No to Yes
Sprint set to Sprint 105
Quarter set to Q4-2021

Actions

Copy link

Updated by dalley over 2 years ago

Status changed from NEW to ASSIGNED
Assignee set to dalley

Actions

Copy link

Updated by dalley over 2 years ago

Sprint/Milestone set to 3.14.4

Actions

Copy link

Updated by dalley over 2 years ago

Can you show your configuration of the distribution, and the repository? My first attempt to reproduce is unsuccessful

gpgkey=http://pulp3-source-fedora34.localhost.example.com/pulp/content/7bb2aa32-2bfc-4b6a-8a1c-0a6ffa51b7dc/repodata/repomd.xml.key

Actions

Copy link

Updated by dannysauer over 2 years ago

We have an empty prefix; rather than using the default /pulp, we serve from the server root. It looks to me like that empty variable might result in two adjacent slashes after the hostname when the path is reconstructed.

Actions

Copy link

Updated by dalley over 2 years ago

That is helpful context, thanks.

Actions

Copy link

Updated by dalley over 2 years ago

Sprint/Milestone changed from 3.14.4 to 3.16.0

Actions

Copy link

Updated by dalley over 2 years ago

Copied to Backport #9429: Backport #9350 "gpgkey value created for .repo file wrongly has two slashes after hostname; fails to verify signature" to 3.14.z added

Actions

Copy link

Updated by dalley over 2 years ago

I'm guessing that CONTENT_PREFIX is not actually empty, but a lone "/", as shown in the 2nd example?

In [2]: foo("origin", "", "base", "key")                                                            
Out[2]: 'origin/base/key'

In [3]: foo("origin", "/", "base", "key")                                                           
Out[3]: 'origin//base/key'

In [4]: foo("origin", "prefix", "base", "key")                                                      
Out[4]: 'origin/prefix/base/key'

In [5]: foo("origin", "/prefix/", "base", "key")                                                    
Out[5]: 'origin/prefix/base/key'

In [6]: foo("origin", "prefix/", "base", "key")                                                     
Out[6]: 'origin/prefix/base/key'

Actions

Copy link

#10