1 |
commit: 9ee49f508de378f6b7a366d8c9dba062e2be3f24 |
2 |
Author: Brian Dolbec <dolsen <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Dec 28 00:25:24 2014 +0000 |
4 |
Commit: Brian Dolbec <dolsen <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Dec 30 21:42:26 2014 +0000 |
6 |
URL: http://sources.gentoo.org/gitweb/?p=proj/gentoo-keys.git;a=commit;h=9ee49f50 |
7 |
|
8 |
gkeys/actions.py: Add auto-search capability to verify |
9 |
|
10 |
If verification fails with NO_PUBKEY, it then does a search for the correct verification keyring to verify with. |
11 |
|
12 |
--- |
13 |
gkeys/gkeys/actions.py | 86 ++++++++++++++++++++++++++++++++++---------------- |
14 |
1 file changed, 59 insertions(+), 27 deletions(-) |
15 |
|
16 |
diff --git a/gkeys/gkeys/actions.py b/gkeys/gkeys/actions.py |
17 |
index 4a4f0eb..b92f3a2 100644 |
18 |
--- a/gkeys/gkeys/actions.py |
19 |
+++ b/gkeys/gkeys/actions.py |
20 |
@@ -659,14 +659,15 @@ class Actions(object): |
21 |
pass |
22 |
|
23 |
|
24 |
- def verify(self, args): |
25 |
- '''File verification action''' |
26 |
- connector_output = { |
27 |
- 'info': self.logger.debug, |
28 |
- 'error': self.logger.error, |
29 |
- 'kwargs-info': {}, |
30 |
- 'kwargs-error': {}, |
31 |
- } |
32 |
+ def verify(self, args, messages=None): |
33 |
+ '''File verification action |
34 |
+ |
35 |
+ @ param args: argparse.parse_args instance |
36 |
+ @param messages: list, private internal option used for recursion only |
37 |
+ ''' |
38 |
+ if messages == None: |
39 |
+ messages = [] |
40 |
+ |
41 |
if not args.filename: |
42 |
return (False, ['Please provide a signed file.']) |
43 |
if not args.category: |
44 |
@@ -677,10 +678,24 @@ class Actions(object): |
45 |
keys = handler.load_category(args.category) |
46 |
if not keys: |
47 |
return (False, ['No installed keys found, try installkey action.']) |
48 |
+ key = handler.seeds.nick_search(args.nick) |
49 |
+ if not key: |
50 |
+ messages.append("Failed to find nick: %s in %s category" |
51 |
+ % (args.nick, args.category)) |
52 |
+ args.category = self.config.get_key('verify-keyring') |
53 |
+ args.nick = self.config.get_key('verify-nick') |
54 |
+ return self.verify(args, messages) |
55 |
+ |
56 |
keyrings = self.config.get_key('keyring') |
57 |
catdir = os.path.join(keyrings, args.category) |
58 |
self.logger.debug("ACTIONS: verify; catdir = %s" % catdir) |
59 |
self.gpg = GkeysGPG(self.config, catdir) |
60 |
+ return self._verify(args, handler, key, messages) |
61 |
+ |
62 |
+ |
63 |
+ def _verify(self, args, handler, key, messages=None): |
64 |
+ if messages == None: |
65 |
+ messages = [] |
66 |
filepath, signature = args.filename, args.signature |
67 |
timestamp_path = None |
68 |
isurl = success = verified = False |
69 |
@@ -715,7 +730,7 @@ class Actions(object): |
70 |
self.logger.debug("ACTIONS: verify; local file %s" % filepath) |
71 |
success = os.path.isfile(filepath) |
72 |
if not success: |
73 |
- messages = ["File %s cannot be retrieved." % filepath] |
74 |
+ messages.append("File %s cannot be retrieved." % filepath) |
75 |
else: |
76 |
if not signature: |
77 |
EXTENSIONS = ['.sig', '.asc', 'gpg','.gpgsig'] |
78 |
@@ -735,26 +750,36 @@ class Actions(object): |
79 |
break |
80 |
else: |
81 |
sig_path = signature |
82 |
- messages = [] |
83 |
self.logger.info("Verifying file...") |
84 |
verified = False |
85 |
- key = keys.nick_search(args.nick) |
86 |
- if not key: |
87 |
- messages.append("Failed to find nick: %s in %s category" |
88 |
- % (args.nick, args.category)) |
89 |
- return (False, messages) |
90 |
results = self.gpg.verify_file(key, sig_path, filepath) |
91 |
keyid = key.keyid[0] |
92 |
(valid, trust) = results.verified |
93 |
if valid: |
94 |
verified = True |
95 |
- messages = ["Verification succeeded.: %s" % (filepath), |
96 |
+ messages.extend(["Verification succeeded.: %s" % (filepath), |
97 |
"Key info...............: %s <%s>, %s" |
98 |
- % ( key.name, key.nick, keyid)] |
99 |
+ % ( key.name, key.nick, keyid)]) |
100 |
else: |
101 |
- messages = ["Verification failed..... %s:" % (filepath), |
102 |
- "Key info................: %s <%s>, %s" |
103 |
- % ( key.name, key.nick, keyid)] |
104 |
+ messages.extend(["Verification failed....: %s" % (filepath), |
105 |
+ "Key info...............: %s <%s>, %s" |
106 |
+ % ( key.name, key.nick, keyid)]) |
107 |
+ has_no_pubkey, s_keyid = results.no_pubkey |
108 |
+ if has_no_pubkey: |
109 |
+ messages.append("Auto-searching for key.: %s" % s_keyid) |
110 |
+ # reset all but keyid and pass thru data |
111 |
+ args.keyid = s_keyid |
112 |
+ args.keydir = None |
113 |
+ args.fingerprint = None |
114 |
+ args.exact = False |
115 |
+ args.category = None |
116 |
+ args.nick = None |
117 |
+ args.name = None |
118 |
+ args.all = False |
119 |
+ keys = self.key_search(args, data_only=True) |
120 |
+ args.category = list(keys)[0] |
121 |
+ args.nick = keys[args.category][0].nick |
122 |
+ return self.verify(args, messages) |
123 |
return (verified, messages) |
124 |
|
125 |
|
126 |
@@ -847,7 +872,7 @@ class Actions(object): |
127 |
return (True, ['Completed']) |
128 |
|
129 |
|
130 |
- def key_search(self, args): |
131 |
+ def key_search(self, args, data_only=False): |
132 |
'''Search for a key's seed field in the installed keys db''' |
133 |
handler = SeedHandler(self.logger, self.config) |
134 |
results = {} |
135 |
@@ -866,14 +891,21 @@ class Actions(object): |
136 |
results[cat].extend(found) |
137 |
else: |
138 |
results[cat] = found |
139 |
- msgs = [] |
140 |
+ keys = {} |
141 |
for cat in results: |
142 |
- msgs.append("Category: %s" % cat) |
143 |
- seen = [] |
144 |
+ keys[cat] = [] |
145 |
for result in results[cat]: |
146 |
- if result and result.nick not in seen: |
147 |
+ if result and result.nick not in keys[cat]: |
148 |
if isinstance(result, GKEY): |
149 |
- seen.append(result) |
150 |
- msgs.append(seen) |
151 |
+ keys[cat].append(result) |
152 |
+ if data_only: |
153 |
+ del found, cat, result, handler |
154 |
+ return keys |
155 |
+ msgs = [] |
156 |
+ for cat in list(keys): |
157 |
+ msgs.append("Category: %s" % cat) |
158 |
+ for result in keys[cat]: |
159 |
+ msgs.append(result) |
160 |
+ del keys, found, cat, result, handler |
161 |
return (True, msgs) |