| 1 |
commit: c87ffff6633693275ca5bbb67f81102bd2838123 |
| 2 |
Author: Brian Dolbec <dolsen <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Mon Apr 20 17:43:45 2015 +0000 |
| 4 |
Commit: Brian Dolbec <dolsen <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sat May 30 23:25:13 2015 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/gentoo-keys.git/commit/?id=c87ffff6 |
| 7 |
|
| 8 |
gkeys-ldap: Remove keyid/longkeyid from ldap search info |
| 9 |
|
| 10 |
gkeys-ldap/gkeyldap/actions.py | 42 ++++-------------------------------------- |
| 11 |
gkeys-ldap/gkeyldap/config.py | 5 +---- |
| 12 |
2 files changed, 5 insertions(+), 42 deletions(-) |
| 13 |
|
| 14 |
diff --git a/gkeys-ldap/gkeyldap/actions.py b/gkeys-ldap/gkeyldap/actions.py |
| 15 |
index 9558ed0..9d7a231 100644 |
| 16 |
--- a/gkeys-ldap/gkeyldap/actions.py |
| 17 |
+++ b/gkeys-ldap/gkeyldap/actions.py |
| 18 |
@@ -142,7 +142,7 @@ class Actions(object): |
| 19 |
|
| 20 |
@staticmethod |
| 21 |
def get_args(args): |
| 22 |
- for attr in ['nick', 'name', 'gpgkey', 'fingerprint', 'status']: |
| 23 |
+ for attr in ['nick', 'name', 'fingerprint', 'status']: |
| 24 |
if attr: |
| 25 |
target = getattr(args, attr) |
| 26 |
search_field = gkey2SEARCH[attr] |
| 27 |
@@ -162,7 +162,7 @@ class Actions(object): |
| 28 |
% (info['uid'][0], info['cn'][0])) |
| 29 |
self.logger.debug(' MISSING or EMPTY LDAP field ' + |
| 30 |
'[%s] GPGKey field [%s]' % (field, attr)) |
| 31 |
- if attr in ['fingerprint', 'keyid', 'longkeyid']: |
| 32 |
+ if attr in ['fingerprint']: |
| 33 |
keyid_missing = True |
| 34 |
else: |
| 35 |
is_good = False |
| 36 |
@@ -172,15 +172,11 @@ class Actions(object): |
| 37 |
if is_good: |
| 38 |
if keyinfo['fingerprint']: # fingerprints exist check |
| 39 |
is_ok = self._check_fingerprint_integrity(info, keyinfo) |
| 40 |
- is_match = self._check_id_fingerprint_match(info, keyinfo) |
| 41 |
- if not is_ok or not is_match: |
| 42 |
+ if not is_ok: |
| 43 |
is_good = False |
| 44 |
if is_good: |
| 45 |
# some developers add lowercase fingerprints |
| 46 |
keyinfo['fingerprint'] = [key.upper() for key in keyinfo['fingerprint']] |
| 47 |
- # drop keyid and longkeyid |
| 48 |
- keyinfo.pop('keyid', None) |
| 49 |
- keyinfo.pop('longkeyid', None) |
| 50 |
keyinfo['keys'] = keyinfo['fingerprint'] |
| 51 |
keyinfo['uid'] = ["%s <%s@g.o>" % (info['cn'][0], info['uid'][0])] |
| 52 |
return keyinfo |
| 53 |
@@ -200,11 +196,7 @@ class Actions(object): |
| 54 |
values = info[field] |
| 55 |
# strip errant line feeds |
| 56 |
values = [y.strip('\n') for y in values] |
| 57 |
- # separate out short/long key id's |
| 58 |
- if values and attr in ['keyid', 'longkeyid']: |
| 59 |
- if len(get_key_ids(attr, values)): |
| 60 |
- keyid_found = True |
| 61 |
- elif values and attr in ['fingerprint']: |
| 62 |
+ if values and attr in ['fingerprint']: |
| 63 |
values = [v.replace(' ', '') for v in values] |
| 64 |
if 'undefined' in values and attr not in ['keyid', 'longkeyid']: |
| 65 |
self.logger.error('ERROR in LDAP info for: %s, %s' |
| 66 |
@@ -242,35 +234,9 @@ class Actions(object): |
| 67 |
else: |
| 68 |
gpgkey = 'Missing or Bad fingerprint from LDAP info' |
| 69 |
is_good = False |
| 70 |
- #if not keyinfo['longkeyid']: |
| 71 |
- #self.logger.error('ERROR in ldap info for: %s, %s' |
| 72 |
- #% (info['uid'][0], info['cn'][0])) |
| 73 |
- #self.logger.error(' A valid keyid, longkeyid or fingerprint ' |
| 74 |
- #'was not found for %s : gpgkey = %s' % (info['cn'][0], gpgkey)) |
| 75 |
- #is_good = False |
| 76 |
return (keyinfo, is_good) |
| 77 |
|
| 78 |
|
| 79 |
- def _check_id_fingerprint_match(self, info, keyinfo): |
| 80 |
- # assume it's good until found an error is found |
| 81 |
- is_good = True |
| 82 |
- for attr in ['keyid', 'longkeyid']: |
| 83 |
- # skip blank id field |
| 84 |
- if not keyinfo[attr]: |
| 85 |
- continue |
| 86 |
- for y in keyinfo[attr]: |
| 87 |
- index = len(y.lstrip('0x')) |
| 88 |
- if y.lstrip('0x').upper() not in \ |
| 89 |
- [x[-index:].upper() for x in keyinfo['fingerprint']]: |
| 90 |
- self.logger.error('ERROR in LDAP info for: %s, %s' |
| 91 |
- %(info['uid'][0], info['cn'][0])) |
| 92 |
- self.logger.error(' ' + str(keyinfo)) |
| 93 |
- self.logger.error(' GPGKey id %s not found in the ' |
| 94 |
- % y.lstrip('0x') + 'listed fingerprint(s)') |
| 95 |
- is_good = False |
| 96 |
- return is_good |
| 97 |
- |
| 98 |
- |
| 99 |
def _check_fingerprint_integrity(self, info, keyinfo): |
| 100 |
# assume it's good until found an error is found |
| 101 |
is_good = True |
| 102 |
|
| 103 |
diff --git a/gkeys-ldap/gkeyldap/config.py b/gkeys-ldap/gkeyldap/config.py |
| 104 |
index f7fb837..fe56e78 100644 |
| 105 |
--- a/gkeys-ldap/gkeyldap/config.py |
| 106 |
+++ b/gkeys-ldap/gkeyldap/config.py |
| 107 |
@@ -5,15 +5,13 @@ |
| 108 |
default_server = ['ldap://ldap%d.gentoo.org' % i for i in xrange(1,5)] |
| 109 |
# add uid to the results so you don't have to |
| 110 |
# separate it out of the results tuple[0] value |
| 111 |
-default_fields = ['uid', 'cn', 'mail', 'gentooStatus', 'gpgkey', 'gpgfingerprint'] |
| 112 |
+default_fields = ['uid', 'cn', 'mail', 'gentooStatus', 'gpgfingerprint'] |
| 113 |
default_criteria = 'ou=devs,dc=gentoo,dc=org' |
| 114 |
|
| 115 |
# establish a ldap fields to GKEY._fields map |
| 116 |
gkey2ldap = { |
| 117 |
'nick': 'uid', |
| 118 |
'name': 'cn', |
| 119 |
- 'keyid': 'gpgkey', |
| 120 |
- 'longkeyid': 'gpgkey', |
| 121 |
# map the uid to keydir, since we want |
| 122 |
# dev keydir to be separate from each other |
| 123 |
'keydir': 'uid', |
| 124 |
@@ -33,7 +31,6 @@ gkey2SEARCH = { |
| 125 |
'nick': UID, |
| 126 |
'name': CN, |
| 127 |
'status': STATUS, |
| 128 |
- 'keyid': GPGKEY, |
| 129 |
'mail': MAIL, |
| 130 |
'fingerprint': GPGFINGERPRINT, |
| 131 |
} |
Archives