On Tue, Feb 02, 2016 at 11:11:53AM +0100, Miroslav Suchy wrote:
Dne 2.2.2016 v 10:45 Michael Schroeder napsal(a):
I can do this as well if you guys need it. But what's wrong with v3 signatures? We do v3 because old rpm versions don't understand v4, why do you need v4 sigs?
Because as I stated in original email - recent version of gnupg removed v2 support. The options are still there, but are silently ignored and gnupg create v4 signature.
Well, the easiest way is to just use V3 if files_are_digests is used. I.e. force sig->version to 3 in gpg's write_signature_packets() function.
We can also work around this in the sign binary, but adapting the files_are_digest patch is probably the easiest way.
Which version of rpm cannot handle v4 sigs?
I think the code was fixed in 2005. Dunno what version that was.