-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: N/A
-
Fix Version/s: N/A
-
Component/s: Framework - Module Admin
-
Labels:None
-
Sprint:Sprint 27, Sprint 28, Sprint 29, Sprint 30, Sprint 31, Sprint 32, Sprint 33
-
Bug Tracker:Developer Testing
-
ToDo:
-
Asterisk Version:16.2.1
-
Distro Version:9.12
-
Distro:Self Install Debian
-
Module Fix Version:
FreePPX version : 15.0.16.49
I have tried to sign my own module with my own key, following instructions on the wiki (Requesting a Key to be Signed and Signing your own modules) but I still get “Module has been signed with an invalid key” in the “Module Admin” page and dashboard.
I found this :
Line 691 in www/admin/libraries/BMO/GPG.class.php
{{}}
{{}}
if (isset($out['status'][2]) && preg_match('/NO_PUBKEY (.+)/', $out['status'][2], $keyarr)) {{{}}
{{}}This doesn't work for me. However,
if (isset($out['status'][3]) && preg_match('/NO_PUBKEY (.+)/', $out['status'][3], $keyarr)) {
does work.
$out['status'] is the status returned by the command (only the lines that are prefixed by "[GNUPG:]") :
{{}}
#sudo -u asterisk gpg --status-fd 3 --output - /opt/freepbx/www/admin/modules/droitappels/module.sig
Here are the lines of interest :
[GNUPG:] PLAINTEXT 74 0
[GNUPG:] NEWSIG
[GNUPG:] ERRSIG D7669362454060A6 1 8 01 1586958176 9
[GNUPG:] NO_PUBKEY D7669362454060A6
NO_PUBKEY is in the 4th line, not the 3rd. Therefore "preg_match('/NO_PUBKEY (.+)/', $out['status'][2], $keyarr)" can never be true, and my key is never fetched from any keyserver at all.
You can see the proper way to check if the key needs to be fetched @ line 125 in www/admin/libraries/BMO/GPG.class.php :
{{}}
for($i=1;$i<count($out['status']);$i++) {
if (strpos($out['status'][$i], "[GNUPG:] NO_PUBKEY") === 0) {
// fetch key here
}
}
There may be a problem with my version of GnuPG (2.1.18) I wonder if anyone can show me what version they have and the result of the command line above.
