1 |
commit: c87ffff6633693275ca5bbb67f81102bd2838123 |
2 |
Author: Brian Dolbec <dolsen <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Apr 20 17:43:45 2015 +0000 |
4 |
Commit: Brian Dolbec <dolsen <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat May 30 23:25:13 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/gentoo-keys.git/commit/?id=c87ffff6 |
7 |
|
8 |
gkeys-ldap: Remove keyid/longkeyid from ldap search info |
9 |
|
10 |
gkeys-ldap/gkeyldap/actions.py | 42 ++++-------------------------------------- |
11 |
gkeys-ldap/gkeyldap/config.py | 5 +---- |
12 |
2 files changed, 5 insertions(+), 42 deletions(-) |
13 |
|
14 |
diff --git a/gkeys-ldap/gkeyldap/actions.py b/gkeys-ldap/gkeyldap/actions.py |
15 |
index 9558ed0..9d7a231 100644 |
16 |
--- a/gkeys-ldap/gkeyldap/actions.py |
17 |
+++ b/gkeys-ldap/gkeyldap/actions.py |
18 |
@@ -142,7 +142,7 @@ class Actions(object): |
19 |
|
20 |
@staticmethod |
21 |
def get_args(args): |
22 |
- for attr in ['nick', 'name', 'gpgkey', 'fingerprint', 'status']: |
23 |
+ for attr in ['nick', 'name', 'fingerprint', 'status']: |
24 |
if attr: |
25 |
target = getattr(args, attr) |
26 |
search_field = gkey2SEARCH[attr] |
27 |
@@ -162,7 +162,7 @@ class Actions(object): |
28 |
% (info['uid'][0], info['cn'][0])) |
29 |
self.logger.debug(' MISSING or EMPTY LDAP field ' + |
30 |
'[%s] GPGKey field [%s]' % (field, attr)) |
31 |
- if attr in ['fingerprint', 'keyid', 'longkeyid']: |
32 |
+ if attr in ['fingerprint']: |
33 |
keyid_missing = True |
34 |
else: |
35 |
is_good = False |
36 |
@@ -172,15 +172,11 @@ class Actions(object): |
37 |
if is_good: |
38 |
if keyinfo['fingerprint']: # fingerprints exist check |
39 |
is_ok = self._check_fingerprint_integrity(info, keyinfo) |
40 |
- is_match = self._check_id_fingerprint_match(info, keyinfo) |
41 |
- if not is_ok or not is_match: |
42 |
+ if not is_ok: |
43 |
is_good = False |
44 |
if is_good: |
45 |
# some developers add lowercase fingerprints |
46 |
keyinfo['fingerprint'] = [key.upper() for key in keyinfo['fingerprint']] |
47 |
- # drop keyid and longkeyid |
48 |
- keyinfo.pop('keyid', None) |
49 |
- keyinfo.pop('longkeyid', None) |
50 |
keyinfo['keys'] = keyinfo['fingerprint'] |
51 |
keyinfo['uid'] = ["%s <%s@g.o>" % (info['cn'][0], info['uid'][0])] |
52 |
return keyinfo |
53 |
@@ -200,11 +196,7 @@ class Actions(object): |
54 |
values = info[field] |
55 |
# strip errant line feeds |
56 |
values = [y.strip('\n') for y in values] |
57 |
- # separate out short/long key id's |
58 |
- if values and attr in ['keyid', 'longkeyid']: |
59 |
- if len(get_key_ids(attr, values)): |
60 |
- keyid_found = True |
61 |
- elif values and attr in ['fingerprint']: |
62 |
+ if values and attr in ['fingerprint']: |
63 |
values = [v.replace(' ', '') for v in values] |
64 |
if 'undefined' in values and attr not in ['keyid', 'longkeyid']: |
65 |
self.logger.error('ERROR in LDAP info for: %s, %s' |
66 |
@@ -242,35 +234,9 @@ class Actions(object): |
67 |
else: |
68 |
gpgkey = 'Missing or Bad fingerprint from LDAP info' |
69 |
is_good = False |
70 |
- #if not keyinfo['longkeyid']: |
71 |
- #self.logger.error('ERROR in ldap info for: %s, %s' |
72 |
- #% (info['uid'][0], info['cn'][0])) |
73 |
- #self.logger.error(' A valid keyid, longkeyid or fingerprint ' |
74 |
- #'was not found for %s : gpgkey = %s' % (info['cn'][0], gpgkey)) |
75 |
- #is_good = False |
76 |
return (keyinfo, is_good) |
77 |
|
78 |
|
79 |
- def _check_id_fingerprint_match(self, info, keyinfo): |
80 |
- # assume it's good until found an error is found |
81 |
- is_good = True |
82 |
- for attr in ['keyid', 'longkeyid']: |
83 |
- # skip blank id field |
84 |
- if not keyinfo[attr]: |
85 |
- continue |
86 |
- for y in keyinfo[attr]: |
87 |
- index = len(y.lstrip('0x')) |
88 |
- if y.lstrip('0x').upper() not in \ |
89 |
- [x[-index:].upper() for x in keyinfo['fingerprint']]: |
90 |
- self.logger.error('ERROR in LDAP info for: %s, %s' |
91 |
- %(info['uid'][0], info['cn'][0])) |
92 |
- self.logger.error(' ' + str(keyinfo)) |
93 |
- self.logger.error(' GPGKey id %s not found in the ' |
94 |
- % y.lstrip('0x') + 'listed fingerprint(s)') |
95 |
- is_good = False |
96 |
- return is_good |
97 |
- |
98 |
- |
99 |
def _check_fingerprint_integrity(self, info, keyinfo): |
100 |
# assume it's good until found an error is found |
101 |
is_good = True |
102 |
|
103 |
diff --git a/gkeys-ldap/gkeyldap/config.py b/gkeys-ldap/gkeyldap/config.py |
104 |
index f7fb837..fe56e78 100644 |
105 |
--- a/gkeys-ldap/gkeyldap/config.py |
106 |
+++ b/gkeys-ldap/gkeyldap/config.py |
107 |
@@ -5,15 +5,13 @@ |
108 |
default_server = ['ldap://ldap%d.gentoo.org' % i for i in xrange(1,5)] |
109 |
# add uid to the results so you don't have to |
110 |
# separate it out of the results tuple[0] value |
111 |
-default_fields = ['uid', 'cn', 'mail', 'gentooStatus', 'gpgkey', 'gpgfingerprint'] |
112 |
+default_fields = ['uid', 'cn', 'mail', 'gentooStatus', 'gpgfingerprint'] |
113 |
default_criteria = 'ou=devs,dc=gentoo,dc=org' |
114 |
|
115 |
# establish a ldap fields to GKEY._fields map |
116 |
gkey2ldap = { |
117 |
'nick': 'uid', |
118 |
'name': 'cn', |
119 |
- 'keyid': 'gpgkey', |
120 |
- 'longkeyid': 'gpgkey', |
121 |
# map the uid to keydir, since we want |
122 |
# dev keydir to be separate from each other |
123 |
'keydir': 'uid', |
124 |
@@ -33,7 +31,6 @@ gkey2SEARCH = { |
125 |
'nick': UID, |
126 |
'name': CN, |
127 |
'status': STATUS, |
128 |
- 'keyid': GPGKEY, |
129 |
'mail': MAIL, |
130 |
'fingerprint': GPGFINGERPRINT, |
131 |
} |