diff options
author | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-06-16 09:42:30 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-06-16 09:47:49 +0100 |
commit | 31a9e8d114e23208d074d6e319aa95bbf688e513 (patch) | |
tree | 2ea091d1c62bde046f638f2168b00585cefe2b9a | |
parent | 2bf2ab9fcd12b179c396d2d4b4603b774a37eef6 (diff) | |
download | poky-31a9e8d114e23208d074d6e319aa95bbf688e513.tar.gz |
package_ipk: Clean up Source entry in ipk packages
There is the potential for sensitive information to leak through the urls
there and removing it brings this into the behavior of the other package
backends since filtering it is likely error prone.
Since ipks don't appear to be generated at all if we don't set this, set
the field to the recipe name used (basename only, no paths). This avoids
information leaking. We may want to drop the field if opkg can allow that
at a future point but the recipe name is a suitable identifier for now.
Reported-by: Andrej Valek <andrej.valek@siemens.com>
(From OE-Core rev: ec7feb9d315f357b9a073425a31b352ec24ddfd9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/classes/package_ipk.bbclass | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/meta/classes/package_ipk.bbclass b/meta/classes/package_ipk.bbclass index d2ce3b3e17..8e69b5da36 100644 --- a/meta/classes/package_ipk.bbclass +++ b/meta/classes/package_ipk.bbclass | |||
@@ -57,6 +57,7 @@ def ipk_write_pkg(pkg, d): | |||
57 | 57 | ||
58 | outdir = d.getVar('PKGWRITEDIRIPK') | 58 | outdir = d.getVar('PKGWRITEDIRIPK') |
59 | pkgdest = d.getVar('PKGDEST') | 59 | pkgdest = d.getVar('PKGDEST') |
60 | recipesource = os.path.basename(d.getVar('FILE')) | ||
60 | 61 | ||
61 | localdata = bb.data.createCopy(d) | 62 | localdata = bb.data.createCopy(d) |
62 | root = "%s/%s" % (pkgdest, pkg) | 63 | root = "%s/%s" % (pkgdest, pkg) |
@@ -205,10 +206,7 @@ def ipk_write_pkg(pkg, d): | |||
205 | ctrlfile.write("Replaces: %s\n" % bb.utils.join_deps(rreplaces)) | 206 | ctrlfile.write("Replaces: %s\n" % bb.utils.join_deps(rreplaces)) |
206 | if rconflicts: | 207 | if rconflicts: |
207 | ctrlfile.write("Conflicts: %s\n" % bb.utils.join_deps(rconflicts)) | 208 | ctrlfile.write("Conflicts: %s\n" % bb.utils.join_deps(rconflicts)) |
208 | src_uri = localdata.getVar("SRC_URI").strip() or "None" | 209 | ctrlfile.write("Source: %s\n" % recipesource) |
209 | if src_uri: | ||
210 | src_uri = re.sub("\s+", " ", src_uri) | ||
211 | ctrlfile.write("Source: %s\n" % " ".join(src_uri.split())) | ||
212 | ctrlfile.close() | 210 | ctrlfile.close() |
213 | 211 | ||
214 | for script in ["preinst", "postinst", "prerm", "postrm"]: | 212 | for script in ["preinst", "postinst", "prerm", "postrm"]: |