Date: Fri, 23 May 2014 09:57:50 +0700 (NOVT) From: Victor Sudakov <sudakov@sibptus.ru> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/190129: pkg 1.3 does not recognize repository public key Message-ID: <201405230257.s4N2voJQ022748@admin.sibptus.tomsk.ru> Resent-Message-ID: <201405230300.s4N300HV003928@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 190129 >Category: ports >Synopsis: pkg 1.3 does not recognize repository public key >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri May 23 03:00:00 UTC 2014 >Closed-Date: >Last-Modified: >Originator: Victor Sudakov >Release: FreeBSD 9.2-RELEASE-p6 i386 >Organization: SibPTUS >Environment: System: FreeBSD svn.sibptus.ru 9.2-RELEASE-p6 FreeBSD 9.2-RELEASE-p6 #0: Tue May 13 08:14:56 UTC 2014 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 >Description: I have a local repository signed with a public key. After switching from pkg 1.2 to pkg 1.3 on a client machine, pkg does not recongize the repository key any more. The error message is "RSA_verify:bad signature". Client machines with pkg 1.2 still work with this repo and this key. pkg: http://svn.sibptus.ru/packages/freebsd:9:x86:32/meta.txz: Not Found pkg: repository repo-sibptus has no meta file, use default settings digests.txz 100% 8556 8.6kB/s 00:00 pkg: -----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyJRgYhiVFCz/xF3vPGmY 9tuvVRHSy4OO/bfNTeR5LgkovL2qBpKZJt9RQT2/DHiFZ++7g34DXRgo4KsfCtL5 fxTrRZnohcYnWVetp23g0Fk6HrXhCzN7hNH4X7SsB7A5K/ixBE1URNdi6fBF7aq2 /FHdVFPJWcdj6STLB7TZ+eitdrjQManSQjQYU9OV62Bhob5Iyz8u/Nca8g3CbyjB pCytz2+ci/WRBBQcblKL0bsqEiS/Y5YTxC6pxVt5rNgXsZr2/QjIXoBYzqO0Uv0e qS7+Eqne5/ujhsf6t7bAXFIYL4hOHCAVAg2khM6VSH8R+D3HeS9gN6EkqCopbSng sBsynxtM9R7IlvsCrVGCQjhJFCOjFqo4azdHwxzdlz5oWDIcD9msnf6t9CSXMraR K2iH3sXqzMatTPUPmnscGMTlD4OY0tuy7k6RUUEljcQz4A+2rjApDAGe4eduuMQf ZkNzu4C8qACniDYOrU+3Z9it+J0ZP6tSbp9OZe0mD+Li5POJf0r0/o44M0v9jJP2 X213UzmWb3lNtsK226pz+ii26NxglgW1WxS8tmIIr/5byrxyJL+A4mxL3YEgrMO7 DgQPMyZfLw+USXzRsjxP+0wQeL9JEpPk8lB8QMajNP1eZTYlB88KAqwTgWWZFGAP xSHALhNbgvOpU1REXPnZE/MCAwEAAQ== -----END PUBLIC KEY----- : error:04077068:rsa routines:RSA_verify:bad signature pkg: Invalid signature, removing repository. pkg: Unable to find catalogs # >How-To-Repeat: Upgrade pkg to 1.3 and try to use a repo signed with a PUBKEY. >Fix: None that I know of. Disabling PUBKEY check is a workaround. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201405230257.s4N2voJQ022748>