commit: 9ecc173ca9dfa1b22af86ba9412c6f6777cbb54b
Author: Brian Dolbec <dolsen <AT> gentoo <DOT> org>
AuthorDate: Wed Jan 28 21:30:04 2015 +0000
Commit: Brian Dolbec <dolsen <AT> gentoo <DOT> org>
CommitDate: Sat Jan 31 04:40:29 2015 +0000
URL:
http://sources.gentoo.org/gitweb/?p=proj/gentoo-keys.git;a=commit;h=9ecc173c
gkeys: Fix verify -F logic for inline sigs
---
gkeys/gkeys/actions.py | 115 ++++++++++++++++++++++++++-----------------------
gkeys/gkeys/lib.py | 2 +-
2 files changed, 62 insertions(+), 55 deletions(-)
diff --git a/gkeys/gkeys/actions.py b/gkeys/gkeys/actions.py
index 16dbb26..dfc9f09 100644
--- a/gkeys/gkeys/actions.py
+++ b/gkeys/gkeys/actions.py
@@ -755,71 +755,78 @@ class Actions(object):
_unicode("ACTIONS: verify; timestamp path: %s") %
timestamp_path)
success, signedfile, timestamp = fetcher.fetch_file(
url, filepath, timestamp_path)
+ if not success:
+ messages.append(_unicode("File %s cannot be retrieved.") %
filepath)
+ else:
+ if not signature:
+ EXTENSIONS = ['.sig', '.asc', 'gpg','.gpgsig']
+ success_fetch = False
+ for ext in EXTENSIONS:
+ sig_path = filepath + ext
+ if isurl:
+ signature = url + ext
+ self.logger.debug(
+ _unicode("ACTIONS: verify; fetching %s
signature ")
+ % signature)
+ success_fetch, sig, timestamp =
fetcher.fetch_file(signature, sig_path)
+ if success_fetch:
+ break
+ else:
+ signature = None
else:
filepath = os.path.abspath(filepath)
self.logger.debug(
_unicode("ACTIONS: verify; local file %s") % filepath)
success = os.path.isfile(filepath)
- if not success:
- messages.append(_unicode("File %s cannot be retrieved.") %
filepath)
- else:
if not signature:
EXTENSIONS = ['.sig', '.asc', 'gpg','.gpgsig']
success_fetch = False
for ext in EXTENSIONS:
sig_path = filepath + ext
- if isurl:
- signature = url + ext
- self.logger.debug(
- _unicode("ACTIONS: verify; fetching %s signature ")
- % signature)
- success_fetch, sig, timestamp =
fetcher.fetch_file(signature, sig_path)
- else:
- signature = filepath + ext
- signature = os.path.abspath(signature)
- self.logger.debug(
- _unicode("ACTIONS: verify; checking %s signature ")
- % signature)
- success_fetch = os.path.isfile(signature)
- if success_fetch:
+ sig_path = os.path.abspath(sig_path)
+ self.logger.debug(
+ _unicode("ACTIONS: verify; checking %s signature ")
+ % sig_path)
+ success_sig = os.path.isfile(sig_path)
+ if success_sig:
break
- else:
- sig_path = signature
- self.logger.info("Verifying file...")
- verified = False
- results = self.gpg.verify_file(key, sig_path, filepath)
- keyid = key.keyid[0]
- (valid, trust) = results.verified
- if valid:
- verified = True
- messages.extend(
- [_unicode("Verification succeeded.: %s") % (filepath),
- _unicode("Key info...............: %s <%s>, %s")
- % ( key.name, key.nick, keyid),
- _unicode(" category, nick.....: %s %s")
- % (args.category, args.nick)])
- else:
- messages.extend(
- [_unicode("Verification failed....: %s") % (filepath),
- _unicode("Key info...............: %s <%s>, %s")
- % ( key.name, key.nick, keyid)])
- has_no_pubkey, s_keyid = results.no_pubkey
- if has_no_pubkey:
- messages.append(
- _unicode("Auto-searching for key.: 0x%s") % s_keyid)
- # reset all but keyid and pass thru data
- args.keyid = s_keyid
- args.keydir = None
- args.fingerprint = None
- args.exact = False
- args.category = None
- args.nick = None
- args.name = None
- args.all = False
- keys = self.key_search(args, data_only=True)
- args.category = list(keys)[0]
- args.nick = keys[args.category][0].nick
- return self.verify(args, messages)
+ else:
+ sig_path = None
+ self.logger.info("Verifying file...")
+ verified = False
+ results = self.gpg.verify_file(key, sig_path, filepath)
+ keyid = key.keyid[0]
+ (valid, trust) = results.verified
+ if valid:
+ verified = True
+ messages.extend(
+ [_unicode("Verification succeeded.: %s") % (filepath),
+ _unicode("Key info...............: %s <%s>, %s")
+ % ( key.name, key.nick, keyid),
+ _unicode(" category, nick.....: %s %s")
+ % (args.category, args.nick)])
+ else:
+ messages.extend(
+ [_unicode("Verification failed....: %s") % (filepath),
+ _unicode("Key info...............: %s <%s>, %s")
+ % ( key.name, key.nick, keyid)])
+ has_no_pubkey, s_keyid = results.no_pubkey
+ if has_no_pubkey:
+ messages.append(
+ _unicode("Auto-searching for key.: 0x%s") % s_keyid)
+ # reset all but keyid and pass thru data
+ args.keyid = s_keyid
+ args.keydir = None
+ args.fingerprint = None
+ args.exact = False
+ args.category = None
+ args.nick = None
+ args.name = None
+ args.all = False
+ keys = self.key_search(args, data_only=True)
+ args.category = list(keys)[0]
+ args.nick = keys[args.category][0].nick
+ return self.verify(args, messages)
return (verified, messages)
diff --git a/gkeys/gkeys/lib.py b/gkeys/gkeys/lib.py
index 4ae534d..9687c24 100644
--- a/gkeys/gkeys/lib.py
+++ b/gkeys/gkeys/lib.py
@@ -311,7 +311,7 @@ class GkeysGPG(GPG):
results = self.runGPG(task='verify',
inputfile=[signature,filepath])
else:
self.set_keydir(gkey.keydir, 'decrypt', reset=True)
- self.logger.debug("** Calling runGPG with Running 'gpg %s
--decrypt %s and %s'"
+ self.logger.debug("** Calling runGPG with Running 'gpg %s
--decrypt %s'"
% (' '.join(self.config['tasks']['decrypt']), filepath))
results = self.runGPG(task='decrypt', inputfile=filepath)
keyid = gkey.keyid[0]
