aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBrian Dolbec <dolsen@gentoo.org>2015-03-21 13:08:26 -0700
committerBrian Dolbec <dolsen@gentoo.org>2015-04-03 17:46:59 -0700
commit3769c4c726ce1aeb58d115063a4db0cf77e76f60 (patch)
treecce38af7e105e0f13a33f61e79ccac26538acdfe
parentportage/manifest.py: whitespace cleanup (diff)
downloadportage-3769c4c726ce1aeb58d115063a4db0cf77e76f60.tar.gz
portage-3769c4c726ce1aeb58d115063a4db0cf77e76f60.tar.bz2
portage-3769c4c726ce1aeb58d115063a4db0cf77e76f60.zip
portage/manifest.py: Add gkeys Manifest gpg sig verification
-rw-r--r--pym/portage/manifest.py25
1 files changed, 18 insertions, 7 deletions
diff --git a/pym/portage/manifest.py b/pym/portage/manifest.py
index 118f1b7b4..86b9b611d 100644
--- a/pym/portage/manifest.py
+++ b/pym/portage/manifest.py
@@ -14,7 +14,7 @@ portage.proxy.lazyimport.lazyimport(globals(),
'portage.checksum:hashfunc_map,perform_multiple_checksums,' + \
'verify_all,_apply_hash_filter,_filter_unaccelarated_hashes',
'portage.repository.config:_find_invalid_path_char',
- 'portage.util:write_atomic',
+ 'portage.util:write_atomic', 'gkeys.gkeysinterface:GkeysInterface',
)
from portage import os
@@ -23,7 +23,8 @@ from portage import _unicode_decode
from portage import _unicode_encode
from portage.exception import DigestException, FileNotFound, \
InvalidDataType, MissingParameter, PermissionDenied, \
- PortageException, PortagePackageException
+ PortageException, PortagePackageException, InvalidSignature, \
+ MissingSignature
from portage.const import (MANIFEST1_HASH_FUNCTIONS, MANIFEST2_HASH_DEFAULTS,
MANIFEST2_HASH_FUNCTIONS, MANIFEST2_IDENTIFIERS, MANIFEST2_REQUIRED_HASH)
from portage.localization import _
@@ -127,7 +128,7 @@ class Manifest(object):
def __init__(self, pkgdir, distdir=None, fetchlist_dict=None,
manifest1_compat=DeprecationWarning, from_scratch=False, thin=False,
allow_missing=False, allow_create=True, hashes=None,
- find_invalid_path_char=None):
+ find_invalid_path_char=None, sign_manifest=True):
""" Create new Manifest instance for package in pkgdir.
Do not parse Manifest file if from_scratch == True (only for internal use)
The fetchlist_dict parameter is required only for generation of
@@ -171,6 +172,8 @@ class Manifest(object):
self.guessType = guessManifestFileType
self.allow_missing = allow_missing
self.allow_create = allow_create
+ self.sign_manifest = sign_manifest
+ self.gkeys = None
def getFullname(self):
""" Returns the absolute path to the Manifest file for this instance """
@@ -331,11 +334,19 @@ class Manifest(object):
def sign(self):
""" Sign the Manifest """
raise NotImplementedError()
-
- def validateSignature(self):
+
+ def validateSignature(self, root):
""" Validate signature on Manifest """
- raise NotImplementedError()
-
+ #raise NotImplementedError()
+ if not self.gkeys:
+ self.gkeys = GkeysInterface('portage', root)
+ is_good, has_sig = self.gkeys.verify_file(self.getFullname())
+ if not has_sig and not self.sign_manifest and not self.allow_missing:
+ raise MissingSignature(self.getFullname())
+ if not is_good and self.sign_manifest:
+ raise InvalidSignature(self.getFullname())
+
+
def addFile(self, ftype, fname, hashdict=None, ignoreMissing=False):
""" Add entry to Manifest optionally using hashdict to avoid recalculation of hashes """
if ftype == "AUX" and not fname.startswith("files/"):