diff --git a/macros.in b/macros.in index ca67b8ee8e..f38e776540 100644 --- a/macros.in +++ b/macros.in @@ -619,27 +619,26 @@ Supplements: (%{name} = %{version}-%{release} and langpacks-%{1})\ #============================================================================== # ---- OpenPGP signature macros. # Macro(s) to hold the arguments passed to the cmd implementing package -# signing. Expansion result is parsed by popt, so be sure to use +# signing. Input path passed as the first argument, output as second. +# Expansion result is parsed by popt, so be sure to use # %{shescape} where needed. # %__gpg @__GPG@ -%__gpg_sign_cmd %{shescape:%{__gpg}} \ +%__gpg_sign_cmd() %{shescape:%{__gpg}} \ --no-verbose --no-armor --no-secmem-warning \ %{?_gpg_path:--homedir %{shescape:%{_gpg_path}}} \ %{?_gpg_digest_algo:--digest-algo=%{_gpg_digest_algo}} \ %{?_gpg_sign_cmd_extra_args} \ %{?_openpgp_sign_id:-u %{shescape:%{_openpgp_sign_id}}} \ - -sbo %{shescape:%{?__signature_filename}} \ - %{?__plaintext_filename:-- %{shescape:%{__plaintext_filename}}} + -sbo %{shescape:%{2}} -- %{shescape:%{1}} %__sq @__SQ@ -%__sq_sign_cmd %{shescape:%{__sq}} \ +%__sq_sign_cmd() %{shescape:%{__sq}} \ sign \ %{?_sq_path:--homedir %{shescape:%{_sq_path}}} \ %{?_openpgp_sign_id:--signer-key %{_openpgp_sign_id}} \ %{?_sq_sign_cmd_extra_args} \ - --binary --detached --output %{shescape:%{?__signature_filename}} \ - %{?__plaintext_filename:-- %{shescape:%{__plaintext_filename}}} + --binary --detached --output %{shescape:%{2}} -- %{shescape:%{1}} %__openpgp_sign_cmd %{expand:%{__%{_openpgp_sign}_sign_cmd}} diff --git a/sign/rpmgensig.cc b/sign/rpmgensig.cc index 5d6455cb7b..baaa4fedc4 100644 --- a/sign/rpmgensig.cc +++ b/sign/rpmgensig.cc @@ -29,6 +29,7 @@ #include "rpmlead.hh" #include "signature.hh" +#include "rpmmacro_internal.hh" #include "rpmvs.hh" #include "debug.h" @@ -192,22 +193,22 @@ static char ** signCmd(const char *sigfile) { int argc = 0; char **argv = NULL; + auto mctx = rpm::macros(); + auto [ ign, name ] = mctx.expand({"__", "%{_openpgp_sign}", "_sign_cmd"}); + const char * const margs[] = { "-", sigfile, NULL }; - rpmPushMacro(NULL, "__plaintext_filename", NULL, "-", -1); - rpmPushMacro(NULL, "__signature_filename", NULL, sigfile, -1); - - char *cmd = rpmExpand("%{?__openpgp_sign_cmd}", NULL); - - rpmPopMacro(NULL, "__plaintext_filename"); - rpmPopMacro(NULL, "__signature_filename"); + auto [ rc, cmd ] = mctx.expand_this(name, (ARGV_const_t)margs, 0); + if (rc) { + rpmlog(RPMLOG_ERR, _("Expanding signing macro %s failed\n"), + name.c_str()); + return NULL; + } - if (poptParseArgvString(cmd, &argc, (const char ***)&argv) < 0 || argc < 2) { - rpmlog(RPMLOG_ERR, _("Invalid sign command: %s\n"), cmd); + if (poptParseArgvString(cmd.c_str(), &argc, (const char ***)&argv) < 0 || argc < 2) { + rpmlog(RPMLOG_ERR, _("Invalid sign command: %s\n"), cmd.c_str()); argv = _free(argv); } - free(cmd); - return argv; }