Gentoo Archives: gentoo-commits

From: Brian Dolbec <dolsen@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/gentoo-keys:master commit in: gkeys/gkeys/
Date: Wed, 31 Dec 2014 21:34:39
Message-Id: 1419975746.9ee49f508de378f6b7a366d8c9dba062e2be3f24.dolsen@gentoo.org@gentoo
1 commit: 9ee49f508de378f6b7a366d8c9dba062e2be3f24
2 Author: Brian Dolbec <dolsen <AT> gentoo <DOT> org>
3 AuthorDate: Sun Dec 28 00:25:24 2014 +0000
4 Commit: Brian Dolbec <dolsen <AT> gentoo <DOT> org>
5 CommitDate: Tue Dec 30 21:42:26 2014 +0000
6 URL: http://sources.gentoo.org/gitweb/?p=proj/gentoo-keys.git;a=commit;h=9ee49f50
7
8 gkeys/actions.py: Add auto-search capability to verify
9
10 If verification fails with NO_PUBKEY, it then does a search for the correct verification keyring to verify with.
11
12 ---
13 gkeys/gkeys/actions.py | 86 ++++++++++++++++++++++++++++++++++----------------
14 1 file changed, 59 insertions(+), 27 deletions(-)
15
16 diff --git a/gkeys/gkeys/actions.py b/gkeys/gkeys/actions.py
17 index 4a4f0eb..b92f3a2 100644
18 --- a/gkeys/gkeys/actions.py
19 +++ b/gkeys/gkeys/actions.py
20 @@ -659,14 +659,15 @@ class Actions(object):
21 pass
22
23
24 - def verify(self, args):
25 - '''File verification action'''
26 - connector_output = {
27 - 'info': self.logger.debug,
28 - 'error': self.logger.error,
29 - 'kwargs-info': {},
30 - 'kwargs-error': {},
31 - }
32 + def verify(self, args, messages=None):
33 + '''File verification action
34 +
35 + @ param args: argparse.parse_args instance
36 + @param messages: list, private internal option used for recursion only
37 + '''
38 + if messages == None:
39 + messages = []
40 +
41 if not args.filename:
42 return (False, ['Please provide a signed file.'])
43 if not args.category:
44 @@ -677,10 +678,24 @@ class Actions(object):
45 keys = handler.load_category(args.category)
46 if not keys:
47 return (False, ['No installed keys found, try installkey action.'])
48 + key = handler.seeds.nick_search(args.nick)
49 + if not key:
50 + messages.append("Failed to find nick: %s in %s category"
51 + % (args.nick, args.category))
52 + args.category = self.config.get_key('verify-keyring')
53 + args.nick = self.config.get_key('verify-nick')
54 + return self.verify(args, messages)
55 +
56 keyrings = self.config.get_key('keyring')
57 catdir = os.path.join(keyrings, args.category)
58 self.logger.debug("ACTIONS: verify; catdir = %s" % catdir)
59 self.gpg = GkeysGPG(self.config, catdir)
60 + return self._verify(args, handler, key, messages)
61 +
62 +
63 + def _verify(self, args, handler, key, messages=None):
64 + if messages == None:
65 + messages = []
66 filepath, signature = args.filename, args.signature
67 timestamp_path = None
68 isurl = success = verified = False
69 @@ -715,7 +730,7 @@ class Actions(object):
70 self.logger.debug("ACTIONS: verify; local file %s" % filepath)
71 success = os.path.isfile(filepath)
72 if not success:
73 - messages = ["File %s cannot be retrieved." % filepath]
74 + messages.append("File %s cannot be retrieved." % filepath)
75 else:
76 if not signature:
77 EXTENSIONS = ['.sig', '.asc', 'gpg','.gpgsig']
78 @@ -735,26 +750,36 @@ class Actions(object):
79 break
80 else:
81 sig_path = signature
82 - messages = []
83 self.logger.info("Verifying file...")
84 verified = False
85 - key = keys.nick_search(args.nick)
86 - if not key:
87 - messages.append("Failed to find nick: %s in %s category"
88 - % (args.nick, args.category))
89 - return (False, messages)
90 results = self.gpg.verify_file(key, sig_path, filepath)
91 keyid = key.keyid[0]
92 (valid, trust) = results.verified
93 if valid:
94 verified = True
95 - messages = ["Verification succeeded.: %s" % (filepath),
96 + messages.extend(["Verification succeeded.: %s" % (filepath),
97 "Key info...............: %s <%s>, %s"
98 - % ( key.name, key.nick, keyid)]
99 + % ( key.name, key.nick, keyid)])
100 else:
101 - messages = ["Verification failed..... %s:" % (filepath),
102 - "Key info................: %s <%s>, %s"
103 - % ( key.name, key.nick, keyid)]
104 + messages.extend(["Verification failed....: %s" % (filepath),
105 + "Key info...............: %s <%s>, %s"
106 + % ( key.name, key.nick, keyid)])
107 + has_no_pubkey, s_keyid = results.no_pubkey
108 + if has_no_pubkey:
109 + messages.append("Auto-searching for key.: %s" % s_keyid)
110 + # reset all but keyid and pass thru data
111 + args.keyid = s_keyid
112 + args.keydir = None
113 + args.fingerprint = None
114 + args.exact = False
115 + args.category = None
116 + args.nick = None
117 + args.name = None
118 + args.all = False
119 + keys = self.key_search(args, data_only=True)
120 + args.category = list(keys)[0]
121 + args.nick = keys[args.category][0].nick
122 + return self.verify(args, messages)
123 return (verified, messages)
124
125
126 @@ -847,7 +872,7 @@ class Actions(object):
127 return (True, ['Completed'])
128
129
130 - def key_search(self, args):
131 + def key_search(self, args, data_only=False):
132 '''Search for a key's seed field in the installed keys db'''
133 handler = SeedHandler(self.logger, self.config)
134 results = {}
135 @@ -866,14 +891,21 @@ class Actions(object):
136 results[cat].extend(found)
137 else:
138 results[cat] = found
139 - msgs = []
140 + keys = {}
141 for cat in results:
142 - msgs.append("Category: %s" % cat)
143 - seen = []
144 + keys[cat] = []
145 for result in results[cat]:
146 - if result and result.nick not in seen:
147 + if result and result.nick not in keys[cat]:
148 if isinstance(result, GKEY):
149 - seen.append(result)
150 - msgs.append(seen)
151 + keys[cat].append(result)
152 + if data_only:
153 + del found, cat, result, handler
154 + return keys
155 + msgs = []
156 + for cat in list(keys):
157 + msgs.append("Category: %s" % cat)
158 + for result in keys[cat]:
159 + msgs.append(result)
160 + del keys, found, cat, result, handler
161 return (True, msgs)