| 1 |
commit: c49715693d6602895021ff66a917bb9edc736d31 |
| 2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Thu Feb 1 11:56:25 2018 +0000 |
| 4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Mon Feb 5 18:41:41 2018 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=c4971569 |
| 7 |
|
| 8 |
rsync: Load and update keys early |
| 9 |
|
| 10 |
Load and update keys early to avoid delaying failures post rsync. Any |
| 11 |
failure will prevent verification from happening, and presumably most of |
| 12 |
the users will prefer fixing it and trying to sync again. For that case, |
| 13 |
it is better to perform the task before actual rsync to avoid |
| 14 |
unnecessarily rsyncing twice. |
| 15 |
|
| 16 |
Reviewed-by: Zac Medico <zmedico <AT> gentoo.org> |
| 17 |
|
| 18 |
pym/portage/sync/modules/rsync/rsync.py | 103 ++++++++++++++++++-------------- |
| 19 |
1 file changed, 57 insertions(+), 46 deletions(-) |
| 20 |
|
| 21 |
diff --git a/pym/portage/sync/modules/rsync/rsync.py b/pym/portage/sync/modules/rsync/rsync.py |
| 22 |
index 5c0b53f9e..dc4674548 100644 |
| 23 |
--- a/pym/portage/sync/modules/rsync/rsync.py |
| 24 |
+++ b/pym/portage/sync/modules/rsync/rsync.py |
| 25 |
@@ -110,7 +110,33 @@ class RsyncSync(NewBase): |
| 26 |
level=logging.WARNING, noiselevel=-1) |
| 27 |
self.verify_jobs = None |
| 28 |
|
| 29 |
+ openpgp_env = None |
| 30 |
+ if self.verify_metamanifest and gemato is not None: |
| 31 |
+ # Use isolated environment if key is specified, |
| 32 |
+ # system environment otherwise |
| 33 |
+ if self.repo.sync_openpgp_key_path is not None: |
| 34 |
+ openpgp_env = gemato.openpgp.OpenPGPEnvironment() |
| 35 |
+ else: |
| 36 |
+ openpgp_env = gemato.openpgp.OpenPGPSystemEnvironment() |
| 37 |
+ |
| 38 |
try: |
| 39 |
+ # Load and update the keyring early. If it fails, then verification |
| 40 |
+ # will not be performed and the user will have to fix it and try again, |
| 41 |
+ # so we may as well bail out before actual rsync happens. |
| 42 |
+ if openpgp_env is not None and self.repo.sync_openpgp_key_path is not None: |
| 43 |
+ try: |
| 44 |
+ out.einfo('Using keys from %s' % (self.repo.sync_openpgp_key_path,)) |
| 45 |
+ with io.open(self.repo.sync_openpgp_key_path, 'rb') as f: |
| 46 |
+ openpgp_env.import_key(f) |
| 47 |
+ out.ebegin('Refreshing keys from keyserver') |
| 48 |
+ openpgp_env.refresh_keys() |
| 49 |
+ out.eend(0) |
| 50 |
+ except GematoException as e: |
| 51 |
+ writemsg_level("!!! Manifest verification impossible due to keyring problem:\n%s\n" |
| 52 |
+ % (e,), |
| 53 |
+ level=logging.ERROR, noiselevel=-1) |
| 54 |
+ return (1, False) |
| 55 |
+ |
| 56 |
# Real local timestamp file. |
| 57 |
self.servertimestampfile = os.path.join( |
| 58 |
self.repo.location, "metadata", "timestamp.chk") |
| 59 |
@@ -299,52 +325,36 @@ class RsyncSync(NewBase): |
| 60 |
level=logging.ERROR, noiselevel=-1) |
| 61 |
exitcode = 127 |
| 62 |
else: |
| 63 |
- # Use isolated environment if key is specified, |
| 64 |
- # system environment otherwise |
| 65 |
- if self.repo.sync_openpgp_key_path is not None: |
| 66 |
- openpgp_env_cls = gemato.openpgp.OpenPGPEnvironment |
| 67 |
- else: |
| 68 |
- openpgp_env_cls = gemato.openpgp.OpenPGPSystemEnvironment |
| 69 |
- |
| 70 |
try: |
| 71 |
- with openpgp_env_cls() as openpgp_env: |
| 72 |
- if self.repo.sync_openpgp_key_path is not None: |
| 73 |
- out.einfo('Using keys from %s' % (self.repo.sync_openpgp_key_path,)) |
| 74 |
- with io.open(self.repo.sync_openpgp_key_path, 'rb') as f: |
| 75 |
- openpgp_env.import_key(f) |
| 76 |
- out.ebegin('Refreshing keys from keyserver') |
| 77 |
- openpgp_env.refresh_keys() |
| 78 |
- out.eend(0) |
| 79 |
- |
| 80 |
- # we always verify the Manifest signature, in case |
| 81 |
- # we had to deal with key revocation case |
| 82 |
- m = gemato.recursiveloader.ManifestRecursiveLoader( |
| 83 |
- os.path.join(self.repo.location, 'Manifest'), |
| 84 |
- verify_openpgp=True, |
| 85 |
- openpgp_env=openpgp_env, |
| 86 |
- max_jobs=self.verify_jobs) |
| 87 |
- if not m.openpgp_signed: |
| 88 |
- raise RuntimeError('OpenPGP signature not found on Manifest') |
| 89 |
- |
| 90 |
- ts = m.find_timestamp() |
| 91 |
- if ts is None: |
| 92 |
- raise RuntimeError('Timestamp not found in Manifest') |
| 93 |
- |
| 94 |
- out.einfo('Manifest timestamp: %s UTC' % (ts.ts,)) |
| 95 |
- out.einfo('Valid OpenPGP signature found:') |
| 96 |
- out.einfo('- primary key: %s' % ( |
| 97 |
- m.openpgp_signature.primary_key_fingerprint)) |
| 98 |
- out.einfo('- subkey: %s' % ( |
| 99 |
- m.openpgp_signature.fingerprint)) |
| 100 |
- out.einfo('- timestamp: %s UTC' % ( |
| 101 |
- m.openpgp_signature.timestamp)) |
| 102 |
- |
| 103 |
- # if nothing has changed, skip the actual Manifest |
| 104 |
- # verification |
| 105 |
- if not local_state_unchanged: |
| 106 |
- out.ebegin('Verifying %s' % (self.repo.location,)) |
| 107 |
- m.assert_directory_verifies() |
| 108 |
- out.eend(0) |
| 109 |
+ # we always verify the Manifest signature, in case |
| 110 |
+ # we had to deal with key revocation case |
| 111 |
+ m = gemato.recursiveloader.ManifestRecursiveLoader( |
| 112 |
+ os.path.join(self.repo.location, 'Manifest'), |
| 113 |
+ verify_openpgp=True, |
| 114 |
+ openpgp_env=openpgp_env, |
| 115 |
+ max_jobs=self.verify_jobs) |
| 116 |
+ if not m.openpgp_signed: |
| 117 |
+ raise RuntimeError('OpenPGP signature not found on Manifest') |
| 118 |
+ |
| 119 |
+ ts = m.find_timestamp() |
| 120 |
+ if ts is None: |
| 121 |
+ raise RuntimeError('Timestamp not found in Manifest') |
| 122 |
+ |
| 123 |
+ out.einfo('Manifest timestamp: %s UTC' % (ts.ts,)) |
| 124 |
+ out.einfo('Valid OpenPGP signature found:') |
| 125 |
+ out.einfo('- primary key: %s' % ( |
| 126 |
+ m.openpgp_signature.primary_key_fingerprint)) |
| 127 |
+ out.einfo('- subkey: %s' % ( |
| 128 |
+ m.openpgp_signature.fingerprint)) |
| 129 |
+ out.einfo('- timestamp: %s UTC' % ( |
| 130 |
+ m.openpgp_signature.timestamp)) |
| 131 |
+ |
| 132 |
+ # if nothing has changed, skip the actual Manifest |
| 133 |
+ # verification |
| 134 |
+ if not local_state_unchanged: |
| 135 |
+ out.ebegin('Verifying %s' % (self.repo.location,)) |
| 136 |
+ m.assert_directory_verifies() |
| 137 |
+ out.eend(0) |
| 138 |
except GematoException as e: |
| 139 |
writemsg_level("!!! Manifest verification failed:\n%s\n" |
| 140 |
% (e,), |
| 141 |
@@ -353,7 +363,8 @@ class RsyncSync(NewBase): |
| 142 |
|
| 143 |
return (exitcode, updatecache_flg) |
| 144 |
finally: |
| 145 |
- pass |
| 146 |
+ if openpgp_env is not None: |
| 147 |
+ openpgp_env.close() |
| 148 |
|
| 149 |
|
| 150 |
def _process_exitcode(self, exitcode, syncuri, out, maxretries): |
Archives