[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r25288 - in gnunet-update/src: gnunet_update tests
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r25288 - in gnunet-update/src: gnunet_update tests |
|
Date: |
Thu, 6 Dec 2012 12:35:00 +0100 |
Author: harsha
Date: 2012-12-06 12:35:00 +0100 (Thu, 06 Dec 2012)
New Revision: 25288
Modified:
gnunet-update/src/gnunet_update/install.py
gnunet-update/src/gnunet_update/util.py
gnunet-update/src/tests/test_util.py
Log:
fix 2678: Download and add our SSH-key to local GPG keyring
Modified: gnunet-update/src/gnunet_update/install.py
===================================================================
--- gnunet-update/src/gnunet_update/install.py 2012-12-06 10:37:14 UTC (rev
25287)
+++ gnunet-update/src/gnunet_update/install.py 2012-12-06 11:35:00 UTC (rev
25288)
@@ -117,7 +117,17 @@
if pgp_sign_key is None:
print "PGP key fingerprint is missing in configuration"
sys.exit (0)
-
+ # If key is not present in the user's GPG key ring; import it automatically
+ if not util.gpg_key_exists(pgp_sign_key):
+ print "We are about to download and install a GPG key with
fingerprint: " + pgp_sign_key
+ print "Press [Y] to proceed or any other key to abort"
+ ch = util.getch()
+ if ch is None:
+ sys.exit(0)
+ if ch not in ['Y', 'y']:
+ sys.exit(0)
+ if util.gpg_import_key(pgp_sign_key[-8:]) is not 0:
+ sys.exit(0)
metadata = util.verify_metadata(args[0], pgp_sign_key)
if metadata is None:
sys.exit(2)
Modified: gnunet-update/src/gnunet_update/util.py
===================================================================
--- gnunet-update/src/gnunet_update/util.py 2012-12-06 10:37:14 UTC (rev
25287)
+++ gnunet-update/src/gnunet_update/util.py 2012-12-06 11:35:00 UTC (rev
25288)
@@ -179,6 +179,10 @@
detached=True)
metadata_sig_fd.close()
metadata_fd.close()
+ if sig is None:
+ print "Signature not verified"
+ shutil.rmtree(temp_dir)
+ return None
if sig[0].status is not None:
print "Error verifying the signature of metadata: " + sig[0].status[2]
shutil.rmtree(temp_dir)
@@ -312,3 +316,69 @@
print member_obj.name + "<-->" + member_obj.hash
exit(-1)
if installed_files is not None: installed_files.append(member_obj)
+
+
+def gpg_key_exists(fpr):
+ """
+ Returns True if a key with the given fingerprint exists in the user's key
+ ring; False otherwise
+
+ fpr: The fingerprint of the key to check
+ """
+ ctx = gpgme.Context()
+ keyitr = ctx.keylist()
+ found = False
+ fpr = fpr.replace(' ','')
+ for key in keyitr:
+ for subkey in key.subkeys:
+ if subkey.fpr == fpr:
+ found = True
+ return found
+
+
+def gpg_import_key(keyid):
+ """
+ Returns 0 if a key with the given id is successfully imported into the GPG
+ keyring; any other value otherwise.
+
+ keyid: The id of the key which has to be imported
+ """
+ keyid = keyid.replace(' ','')
+ print "Importing key: " + keyid
+ try:
+ ret = subprocess.call(["gpg", "--keyserver", "hkp://keys.gnupg.net",
+ "--recv-keys", keyid])
+ except OSError as (errno, errstr):
+ print "Error while running `gpg --recv-keys " + keyid + "': " + errstr
+ return -1
+ return ret
+
+# From
http://love-python.blogspot.de/2010/03/getch-in-python-get-single-character.html
+import sys
+import termios
+import fcntl
+
+def getch():
+ """Returns a character read from stdin like UNIX-style getch() function"""
+ fd = sys.stdin.fileno()
+ oldterm = termios.tcgetattr(fd)
+ newattr = termios.tcgetattr(fd)
+ newattr[3] = newattr[3] & ~termios.ICANON & ~termios.ECHO
+ termios.tcsetattr(fd, termios.TCSANOW, newattr)
+ oldflags = fcntl.fcntl(fd, fcntl.F_GETFL)
+ fcntl.fcntl(fd, fcntl.F_SETFL, oldflags | os.O_NONBLOCK)
+ input_ok = False
+ try:
+ while True:
+ try:
+ c = sys.stdin.read(1)
+ input_ok = True
+ break
+ except IOError:
+ pass
+ finally:
+ termios.tcsetattr(fd, termios.TCSAFLUSH, oldterm)
+ fcntl.fcntl(fd, fcntl.F_SETFL, oldflags)
+ if input_ok:
+ return c
+ return None
Modified: gnunet-update/src/tests/test_util.py
===================================================================
--- gnunet-update/src/tests/test_util.py 2012-12-06 10:37:14 UTC (rev
25287)
+++ gnunet-update/src/tests/test_util.py 2012-12-06 11:35:00 UTC (rev
25288)
@@ -127,8 +127,9 @@
import_keys = ['test.pub', 'test.sec']
ctx = gpgme.Context()
for key in import_keys:
- ctx.import_(open(os.path.join(pwd, 'keys/' + key), "rb"))
-
+ for key in import_keys:
+ with open(os.path.join(pwd, 'keys/' + key), "rb") as keyfd:
+ ctx.import_(keyfd)
config = GnunetUpdateConfig()
plaintext = StringIO();
plaintext.write(self.sample_test_data);
@@ -196,5 +197,35 @@
self.assertEqual(sigs[0].wrong_key_usage, False)
shutil.rmtree(temp_gpghome);
+ def test_gpg_key_exists(self):
+ """Test gpg key listing and searching for keys by fingerprint."""
+
+ # Modify GNUNET_UPDATE_HOME path
+ os.environ['GNUNET_UPDATE_HOME'] = os.path.join(pwd,
+
'confs/gnunet-update-home')
+ temp_gpghome = tempfile.mkdtemp(prefix='tmp.gpghome')
+ os.environ['GNUPGHOME'] = temp_gpghome
+ import_keys = ['test.pub', 'test.sec']
+ ctx = gpgme.Context()
+ for key in import_keys:
+ with open(os.path.join(pwd, 'keys/' + key), "rb") as keyfd:
+ ctx.import_(keyfd)
+
self.assertTrue(util.gpg_key_exists('38D65A4C06DB8BF528D6FFA94BE3A0A0D9CA26A1'))
+
self.assertFalse(util.gpg_key_exists('8E681D8A25ABB102AFB54B403B6F8AF143C21F3B'))
+ shutil.rmtree(temp_gpghome);
+
+ def test_import_key (self):
+ """Test gpg key import from a keyserver (Requires a working Internet
+ connection to download the key."""
+ # fingerprint of gnunet-packager key
+ fpr = '8A4ED0A171C25EA34E9DFD41DE57BF3A7C613D78'
+ os.environ['GNUNET_UPDATE_HOME'] = os.path.join(pwd,
+
'confs/gnunet-update-home')
+ temp_gpghome = tempfile.mkdtemp(prefix='tmp.gpghome')
+ os.environ['GNUPGHOME'] = temp_gpghome
+ ret = util.gpg_import_key (fpr[-8:])
+ self.assertEqual(ret, 0)
+ self.assertTrue(util.gpg_key_exists(fpr))
+
if __name__ == '__main__':
unittest.main()
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r25288 - in gnunet-update/src: gnunet_update tests,
gnunet <=