The GPG subprocess may not open the named pipe that we create for feeding it the package to sign (such as when the key is expired, as seen in the linked bug), in which case RPM hangs up for the user due to the blocking open(2) call on that pipe.
The fix is easy: just register an empty SIGCHLD handler to force open(2) unblock if the child process happens to terminate while we wait for it to open the pipe for reading. This commit also adds an error message "gpg terminated prematurely" to vaguely indicate that something went wrong, which is probably the best we can do without jumping through hoops. In the case of an expired key, GPG is very cryptic and only says "Unusable secret key". More info seems to be available via the --status-fd option (e.g. the KEYEXPIRED message [1]) which we could theoretically parse, however that would make things a bit too complicated and brittle. It's really your turn, GPG, to improve the error message here. [1] https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob_plain;f=doc/DETAILS You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/938 -- Commit Summary -- * Stop blocking when GPG process dies prematurely (RhBug:1746353) -- File Changes -- M sign/rpmgensig.c (25) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/938.patch https://github.com/rpm-software-management/rpm/pull/938.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/938
_______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
