search

msys2 / msys2-pacman

A friendly fork of https://gitlab.archlinux.org/pacman/pacman
GNU General Public License v2.0
21 stars 12 forks source link

pacman 6 fails to handle DB signatures if they get redirected to a different basename #4

Closed lazka closed 2 years ago

lazka commented 3 years ago

pacman fails to sync DB signatures:

$ curl -I https://mirror.msys2.org/mingw/clang32/clang32.db.sig
HTTP/2 302
cache-control: private, no-cache
content-type: text/html; charset=utf-8
date: Wed, 16 Jun 2021 19:06:06 GMT
link: <https://repo.msys2.org/mingw/clang32/clang32.db.tar.gz.sig>; rel=duplicate; pri=1; geo=de
location: https://mirror.yandex.ru/mirrors/msys2/mingw/clang32/clang32.db.tar.gz.sig
server: Mirrorbits/v0.5.1-31-geeea0e0-dirty

This makes pacman write out a "clang32.db.tar.gz.sig" file and then it errors out because it can't find "clang32.db.sig"

debug: ucrt64.db: url is https://mirror.msys2.org/mingw/ucrt64/ucrt64.db
debug: ucrt64.db: maxsize 134217728
debug: ucrt64.db: opened tempfile for download: /var/lib/pacman/sync/ucrt64.db.part (wb)
debug: ucrt64.db: curl returned result 0 from transfer
debug: ucrt64.db: response code 200
debug: ucrt64.db.tar.gz.sig: url is https://repo.msys2.org/mingw/ucrt64/ucrt64.db.tar.gz.sig
debug: ucrt64.db.tar.gz.sig: maxsize 16384
debug: ucrt64.db.tar.gz.sig: opened tempfile for download: /var/lib/pacman/sync/ucrt64.db.tar.gz.sig.part (wb)
debug: ucrt64.db.tar.gz.sig: curl returned result 0 from transfer
debug: ucrt64.db.tar.gz.sig: response code 200
...
debug: "/var/lib/pacman/sync/ucrt64.db.sig" is not readable: No such file or directory
debug: sig path /var/lib/pacman/sync/ucrt64.db.sig could not be opened
debug: got error 43 at _alpm_gpgme_checksig (../lib/libalpm/signing.c: 593) : missing PGP signature
debug: missing required signature
error: ucrt64: missing required signature
debug: failed to validate db: ucrt64

worked with 5.2:

debug: url: https://mirror.msys2.org/mingw/clang64/clang64.db
debug: maxsize: 134217728
debug: opened tempfile for download: /var/lib/pacman/sync/clang64.db.part (wb)
downloading clang64.db...
debug: curl returned error 0 from transfer
debug: response code: 200
debug: url: https://mirror.msys2.org/mingw/clang64/clang64.db.sig
debug: maxsize: 16384
debug: opened tempfile for download: /var/lib/pacman/sync/clang64.db.sig.part (wb)
downloading clang64.db.sig...
debug: curl returned error 0 from transfer
debug: response code: 200
debug: checking signature for /var/lib/pacman/sync/clang64.db
debug: 1 signatures returned
debug: fingerprint: 5F944B027F7FE2091985AA2EFA11531AA0AA7F57
lazka commented 3 years ago

This did work with pacman 5

Two things to do:

lazka commented 3 years ago

pacman bug filed here: https://bugs.archlinux.org/task/71274

jeremyd2019 commented 3 years ago

Proposed upstream patch: https://lists.archlinux.org/pipermail/pacman-dev/2021-June/025231.html

jeremyd2019 commented 3 years ago

Looks like this was pushed: https://gitlab.archlinux.org/pacman/pacman/-/commit/0147de169a2abd193699957d4e76aec522901fd2

lazka commented 2 years ago

fixed in 6.0.1