rpm: support customizing gpg command line

Add a new %_gpg_sign_cmd_extra_args macro that allows customizing the
gpg options used when signing rpm packages. This is needed to be able to
sign packages with gpg 2.1 which requires "--pinentry-mode loopback" to
allow non-interactive signing.

[YOCTO #11054]

(From OE-Core rev: 5cbba2c4016ad84a54f83531868aa6e66eef468e)

Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 373a7146d596d27376a003014df0d06f3df5348d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2 files changed, 44 insertions, 0 deletions

diff --git a/meta/recipes-devtools/rpm/rpm/0001-macros-add-_gpg_sign_cmd_extra_args.patch b/meta/recipes-devtools/rpm/rpm/0001-macros-add-_gpg_sign_cmd_extra_args.patch
new file mode 100644
index 0000000000..eb43a87346
--- /dev/null
+++ b/meta/recipes-devtools/rpm/rpm/0001-macros-add-_gpg_sign_cmd_extra_args.patch
@@ -0,0 +1,43 @@
+From fa9726ff69f86d6a87c4c4bd7e3d2881999a872a Mon Sep 17 00:00:00 2001
+From: Markus Lehtonen <markus.lehtonen@linux.intel.com>
+Date: Thu, 23 Feb 2017 11:14:20 +0200
+Subject: [PATCH] macros: add %_gpg_sign_cmd_extra_args
+
+Similar to what rpm4 has. This macro can be used to customize the
+gpg command line options when signing packages. This is needed for
+gpg 2.1 which requires "--pinentry-mode loopback" to allow
+non-interactive signing.
+
+Upstream-Status: Pending
+
+Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
+---
+ macros/macros.in | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/macros/macros.in b/macros/macros.in
+index 8bc5840..fda3c66 100644
+--- a/macros/macros.in
++++ b/macros/macros.in
+@@ -524,7 +524,9 @@ $_arbitrary_tags_tests      Foo:Bar
+ %_gpg_passphrase_way %{?_gpg_passphrase:--passphrase "%{_gpg_passphrase}"}%{!?_gpg_passphrase:--passphrase-fd 3}
+ 
+ %__gpg_check_password_cmd      %{__gpg} \
+-       gpg --batch --no-verbose %{_gpg_passphrase_way} -u "%{_gpg_name}" -so -
++       gpg --batch --no-verbose %{_gpg_passphrase_way} \
++       %{?_gpg_sign_cmd_extra_args:%{_gpg_sign_cmd_extra_args}} \
++       -u "%{_gpg_name}" -so -
+ #%__pgp_check_password_cmd     %{__pgp} \
+ #      pgp +batchmode=on +verbose=0 "%{_pgp_name}" -sf
+ #%__pgp5_check_password_cmd    %{__pgp} \
+@@ -532,6 +534,7 @@ $_arbitrary_tags_tests      Foo:Bar
+ 
+ %__gpg_sign_cmd                        %{__gpg} \
+        gpg --batch --no-verbose --no-armor %{_gpg_passphrase_way}  --no-secmem-warning \
++       %{?_gpg_sign_cmd_extra_args:%{_gpg_sign_cmd_extra_args}} \
+        -u "%{_gpg_name}" -sbo %{__signature_filename} %{__plaintext_filename}
+ #%__pgp_sign_cmd                       %{__pgp} \
+ #      pgp +batchmode=on +verbose=0 +armor=off \
+-- 
+2.10.2
+
diff --git a/meta/recipes-devtools/rpm/rpm_5.4.16.bb b/meta/recipes-devtools/rpm/rpm_5.4.16.bb
index 85eb5fef1e..497af8e055 100644
--- a/meta/recipes-devtools/rpm/rpm_5.4.16.bb
+++ b/meta/recipes-devtools/rpm/rpm_5.4.16.bb
@@ -119,6 +119,7 @@ SRC_URI += " \
            file://gcc6-stdlib.patch \
            file://0001-system.h-query.c-support-nosignature.patch \
            file://rpm-ensure-rpm2cpio-call-rpm-relocation-code.patch \
+           file://0001-macros-add-_gpg_sign_cmd_extra_args.patch \
 "
 
 # OE specific changes