summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta/classes/sign_rpm.bbclass10
-rw-r--r--meta/lib/oe/gpg_sign.py24
2 files changed, 12 insertions, 22 deletions
diff --git a/meta/classes/sign_rpm.bbclass b/meta/classes/sign_rpm.bbclass
index c21e3f09af..a8ea75faaa 100644
--- a/meta/classes/sign_rpm.bbclass
+++ b/meta/classes/sign_rpm.bbclass
@@ -1,8 +1,8 @@
1# Class for generating signed RPM packages. 1# Class for generating signed RPM packages.
2# 2#
3# Configuration variables used by this class: 3# Configuration variables used by this class:
4# RPM_GPG_PASSPHRASE_FILE 4# RPM_GPG_PASSPHRASE
5# Path to a file containing the passphrase of the signing key. 5# The passphrase of the signing key.
6# RPM_GPG_NAME 6# RPM_GPG_NAME
7# Name of the key to sign with. May be key id or key name. 7# Name of the key to sign with. May be key id or key name.
8# RPM_GPG_BACKEND 8# RPM_GPG_BACKEND
@@ -22,8 +22,10 @@ RPM_GPG_BACKEND ?= 'local'
22 22
23 23
24python () { 24python () {
25 if d.getVar('RPM_GPG_PASSPHRASE_FILE', True):
26 raise_sanity_error('RPM_GPG_PASSPHRASE_FILE is replaced by RPM_GPG_PASSPHRASE', d)
25 # Check configuration 27 # Check configuration
26 for var in ('RPM_GPG_NAME', 'RPM_GPG_PASSPHRASE_FILE'): 28 for var in ('RPM_GPG_NAME', 'RPM_GPG_PASSPHRASE'):
27 if not d.getVar(var, True): 29 if not d.getVar(var, True):
28 raise_sanity_error("You need to define %s in the config" % var, d) 30 raise_sanity_error("You need to define %s in the config" % var, d)
29 31
@@ -44,7 +46,7 @@ python sign_rpm () {
44 46
45 signer.sign_rpms(rpms, 47 signer.sign_rpms(rpms,
46 d.getVar('RPM_GPG_NAME', True), 48 d.getVar('RPM_GPG_NAME', True),
47 d.getVar('RPM_GPG_PASSPHRASE_FILE', True)) 49 d.getVar('RPM_GPG_PASSPHRASE', True))
48} 50}
49 51
50do_package_index[depends] += "signing-keys:do_deploy" 52do_package_index[depends] += "signing-keys:do_deploy"
diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py
index e738397880..b83ee86728 100644
--- a/meta/lib/oe/gpg_sign.py
+++ b/meta/lib/oe/gpg_sign.py
@@ -26,32 +26,20 @@ class LocalSigner(object):
26 raise bb.build.FuncFailed('Failed to export gpg public key (%s): %s' % 26 raise bb.build.FuncFailed('Failed to export gpg public key (%s): %s' %
27 (keyid, output)) 27 (keyid, output))
28 28
29 def sign_rpms(self, files, keyid, passphrase_file): 29 def sign_rpms(self, files, keyid, passphrase):
30 """Sign RPM files""" 30 """Sign RPM files"""
31 import pexpect
32 31
33 cmd = self.rpm_bin + " --addsign --define '_gpg_name %s' " % keyid 32 cmd = self.rpm_bin + " --addsign --define '_gpg_name %s' " % keyid
33 cmd += "--define '_gpg_passphrase %s' " % passphrase
34 if self.gpg_bin: 34 if self.gpg_bin:
35 cmd += "--define '%%__gpg %s' " % self.gpg_bin 35 cmd += "--define '%%__gpg %s' " % self.gpg_bin
36 if self.gpg_path: 36 if self.gpg_path:
37 cmd += "--define '_gpg_path %s' " % self.gpg_path 37 cmd += "--define '_gpg_path %s' " % self.gpg_path
38 cmd += ' '.join(files) 38 cmd += ' '.join(files)
39 39
40 # Need to use pexpect for feeding the passphrase 40 status, output = oe.utils.getstatusoutput(cmd)
41 proc = pexpect.spawn(cmd) 41 if status:
42 try: 42 raise bb.build.FuncFailed("Failed to sign RPM packages: %s" % output)
43 proc.expect_exact('Enter pass phrase:', timeout=15)
44 with open(passphrase_file) as fobj:
45 proc.sendline(fobj.readline().rstrip('\n'))
46 proc.expect(pexpect.EOF, timeout=900)
47 proc.close()
48 except pexpect.TIMEOUT as err:
49 bb.error('rpmsign timeout: %s' % err)
50 proc.terminate()
51 if os.WEXITSTATUS(proc.status) or not os.WIFEXITED(proc.status):
52 bb.error('rpmsign failed: %s' % proc.before.strip())
53 raise bb.build.FuncFailed("Failed to sign RPM packages")
54
55 43
56 def detach_sign(self, input_file, keyid, passphrase_file, passphrase=None, armor=True): 44 def detach_sign(self, input_file, keyid, passphrase_file, passphrase=None, armor=True):
57 """Create a detached signature of a file""" 45 """Create a detached signature of a file"""