diff --git a/0001-Make-the-RHEL-pesign-macro-a-little-better.patch b/0001-Make-the-RHEL-pesign-macro-a-little-better.patch index e3b0d0a..39b72ca 100644 --- a/0001-Make-the-RHEL-pesign-macro-a-little-better.patch +++ b/0001-Make-the-RHEL-pesign-macro-a-little-better.patch @@ -1,7 +1,7 @@ From 2933901ce69d3830e0dad983d20d5d17e8087c75 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 23 Jul 2013 16:58:32 -0400 -Subject: [PATCH 1/8] Make the RHEL %%pesign macro a little better. +Subject: [PATCH 1/9] Make the RHEL %%pesign macro a little better. Use mktemp to avoid clobering anybody's local files, and document the arguments better. diff --git a/0002-Apparently-we-want-documentation-in-a-non-versioned-.patch b/0002-Apparently-we-want-documentation-in-a-non-versioned-.patch index 0ee623b..7239090 100644 --- a/0002-Apparently-we-want-documentation-in-a-non-versioned-.patch +++ b/0002-Apparently-we-want-documentation-in-a-non-versioned-.patch @@ -1,7 +1,7 @@ From 1079f81298d461583851578ad6afb4a130b675e0 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 5 Aug 2013 09:09:46 -0400 -Subject: [PATCH 2/8] Apparently we want documentation in a non-versioned +Subject: [PATCH 2/9] Apparently we want documentation in a non-versioned directory these days. Signed-off-by: Peter Jones diff --git a/0003-Make-the-RHEL-bits-for-macros.pesign-a-bit-cleaner.patch b/0003-Make-the-RHEL-bits-for-macros.pesign-a-bit-cleaner.patch index d2ad484..31b59fa 100644 --- a/0003-Make-the-RHEL-bits-for-macros.pesign-a-bit-cleaner.patch +++ b/0003-Make-the-RHEL-bits-for-macros.pesign-a-bit-cleaner.patch @@ -1,7 +1,7 @@ From c2d54b835ca3db92c9110a2596429710453c2a95 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 6 Aug 2013 12:32:43 -0400 -Subject: [PATCH 3/8] Make the RHEL bits for macros.pesign a bit cleaner. +Subject: [PATCH 3/9] Make the RHEL bits for macros.pesign a bit cleaner. Signed-off-by: Peter Jones --- diff --git a/0004-Include-the-issuer-s-certificate-only-when-available.patch b/0004-Include-the-issuer-s-certificate-only-when-available.patch index 8620609..3dacd8b 100644 --- a/0004-Include-the-issuer-s-certificate-only-when-available.patch +++ b/0004-Include-the-issuer-s-certificate-only-when-available.patch @@ -1,7 +1,7 @@ From 7c25ea77c81e63c88cf1fbeb2fc9baba94bce8b7 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Mon, 4 Mar 2013 16:25:08 +0800 -Subject: [PATCH 4/8] Include the issuer's certificate only when available +Subject: [PATCH 4/9] Include the issuer's certificate only when available When pesign generates a signature, it also includes the issuer's certificate. In SUSE build server, we only import the signer's certificate and pesign diff --git a/0005-Try-harder-to-figure-out-if-this-is-RHEL.patch b/0005-Try-harder-to-figure-out-if-this-is-RHEL.patch index 53ed7d6..52d03df 100644 --- a/0005-Try-harder-to-figure-out-if-this-is-RHEL.patch +++ b/0005-Try-harder-to-figure-out-if-this-is-RHEL.patch @@ -1,7 +1,7 @@ From 39466ae9ed3ce5f78fc20c6e74eb0fb3aa93349e Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Tue, 6 Aug 2013 16:49:06 -0400 -Subject: [PATCH 5/8] Try harder to figure out if this is RHEL. +Subject: [PATCH 5/9] Try harder to figure out if this is RHEL. Signed-off-by: Peter Jones --- diff --git a/0006-Don-t-use-ASCII-mode-for-RHEL-certificate-imports.patch b/0006-Don-t-use-ASCII-mode-for-RHEL-certificate-imports.patch index 578a4ec..79541be 100644 --- a/0006-Don-t-use-ASCII-mode-for-RHEL-certificate-imports.patch +++ b/0006-Don-t-use-ASCII-mode-for-RHEL-certificate-imports.patch @@ -1,7 +1,7 @@ From f8b19278775fe8a5c599b94fcae90b99a781a42b Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 7 Aug 2013 09:06:33 -0400 -Subject: [PATCH 6/8] Don't use ASCII mode for RHEL certificate imports. +Subject: [PATCH 6/9] Don't use ASCII mode for RHEL certificate imports. Signed-off-by: Peter Jones --- diff --git a/0007-Apparently-if-something-goes-wrong-on-the-HSM-we-win.patch b/0007-Apparently-if-something-goes-wrong-on-the-HSM-we-win.patch index 69a5e92..7a0dcef 100644 --- a/0007-Apparently-if-something-goes-wrong-on-the-HSM-we-win.patch +++ b/0007-Apparently-if-something-goes-wrong-on-the-HSM-we-win.patch @@ -1,7 +1,7 @@ From c7318444b811125f26828fd39e8a46de81cd5f86 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 7 Aug 2013 09:13:11 -0400 -Subject: [PATCH 7/8] Apparently if something goes wrong on the HSM, we wind up +Subject: [PATCH 7/9] Apparently if something goes wrong on the HSM, we wind up with 0-size. Handle zero-sized output by erroring in the rpm macro. Eventually we diff --git a/0008-Use-force-when-we-ve-got-a-sattrs-blob-from-mktemp.patch b/0008-Use-force-when-we-ve-got-a-sattrs-blob-from-mktemp.patch index dc4a40c..7a2fc37 100644 --- a/0008-Use-force-when-we-ve-got-a-sattrs-blob-from-mktemp.patch +++ b/0008-Use-force-when-we-ve-got-a-sattrs-blob-from-mktemp.patch @@ -1,7 +1,7 @@ From 5b8950a8cddad1076fb631c4ef6999bfb4f977f8 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Wed, 7 Aug 2013 09:37:33 -0400 -Subject: [PATCH 8/8] Use --force when we've got a sattrs blob from mktemp() +Subject: [PATCH 8/9] Use --force when we've got a sattrs blob from mktemp() Signed-off-by: Peter Jones --- diff --git a/0009-Remove-errant-results-from-signing.patch b/0009-Remove-errant-results-from-signing.patch new file mode 100644 index 0000000..6d50863 --- /dev/null +++ b/0009-Remove-errant-results-from-signing.patch @@ -0,0 +1,26 @@ +From a8f70c0745fcc5b0e522bd3a6ed5871b0eea9397 Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Sat, 10 Aug 2013 10:28:49 -0400 +Subject: [PATCH 9/9] Remove errant results from signing. + +--- + src/macros.pesign | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/macros.pesign b/src/macros.pesign +index a0339fe..8bf47c1 100644 +--- a/src/macros.pesign ++++ b/src/macros.pesign +@@ -49,6 +49,9 @@ + fi \ + fi \ + if [ ! -s %{-o} ]; then \ ++ if [ -e "%{-o*}" ]; then \ ++ rm -f %{-o*} \ ++ fi \ + exit 1 \ + fi ; + +-- +1.8.3.1 +