X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=daklib%2Futils.py;h=41aa3198990f1f56bffd0af4006346cc29559cfe;hb=9583602d5fa14f016ddf3f09b3ddf2d515e19768;hp=230391a192a2e046b1ead07b38a722182270a279;hpb=5ea129bba83114905c1266b77744eeed8e9bb020;p=dak.git diff --git a/daklib/utils.py b/daklib/utils.py index 230391a1..41aa3198 100644 --- a/daklib/utils.py +++ b/daklib/utils.py @@ -2,7 +2,6 @@ # Utility functions # Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006 James Troup -# $Id: utils.py,v 1.73 2005-03-18 05:24:38 troup Exp $ ################################################################################ @@ -23,7 +22,7 @@ ################################################################################ import codecs, commands, email.Header, os, pwd, re, select, socket, shutil, \ - string, sys, tempfile, traceback + sys, tempfile, traceback import apt_pkg import database @@ -43,6 +42,8 @@ re_taint_free = re.compile(r"^[-+~/\.\w]+$") re_parse_maintainer = re.compile(r"^\s*(\S.*\S)\s*\<([^\>]+)\>") +re_srchasver = re.compile(r"^(\S+)\s+\((\S+)\)$") + changes_parse_error_exc = "Can't parse line in .changes file" invalid_dsc_format_exc = "Invalid .dsc file" nk_format_exc = "Unknown Format: in .changes file" @@ -98,14 +99,6 @@ def our_raw_input(prompt=""): ################################################################################ -def str_isnum (s): - for c in s: - if c not in string.digits: - return 0 - return 1 - -################################################################################ - def extract_component_from_section(section): component = "" @@ -232,6 +225,14 @@ The rules for (signing_rules == 1)-mode are: changes_in.close() changes["filecontents"] = "".join(lines) + if changes.has_key("source"): + # Strip the source version in brackets from the source field, + # put it in the "source-version" field instead. + srcver = re_srchasver.search(changes["source"]) + if srcver: + changes["source"] = srcver.group(1) + changes["source-version"] = srcver.group(2) + if error: raise changes_parse_error_exc, error @@ -617,7 +618,7 @@ argument: orig_filename = filename if filename.endswith(".dak"): - filename = filename[:-6]+".changes" + filename = filename[:-4]+".changes" if not filename.endswith(".changes"): error = "invalid file type; not a changes file" @@ -884,7 +885,7 @@ def process_gpgv_output(status): internal_error += "gpgv status line is malformed (incorrect prefix '%s').\n" % (gnupg) continue args = split[2:] - if keywords.has_key(keyword) and (keyword != "NODATA" and keyword != "SIGEXPIRED"): + if keywords.has_key(keyword) and keyword not in [ "NODATA", "SIGEXPIRED", "KEYEXPIRED" ]: internal_error += "found duplicate status token ('%s').\n" % (keyword) continue else: @@ -903,7 +904,7 @@ on error.""" if not keyserver: keyserver = Cnf["Dinstall::KeyServer"] if not keyring: - keyring = Cnf["Dinstall::GPGKeyring"] + keyring = Cnf.ValueList("Dinstall::GPGKeyring")[0] # Ensure the filename contains no shell meta-characters or other badness if not re_taint_free.match(filename): @@ -938,6 +939,14 @@ on error.""" ################################################################################ +def gpg_keyring_args(keyrings=None): + if not keyrings: + keyrings = Cnf.ValueList("Dinstall::GPGKeyring") + + return " ".join(["--keyring %s" % x for x in keyrings]) + +################################################################################ + def check_signature (sig_filename, reject, data_filename="", keyrings=None, autofetch=None): """Check the signature of a file and return the fingerprint if the signature is valid or 'None' if it's not. The first argument is the @@ -962,7 +971,7 @@ used.""" return None if not keyrings: - keyrings = (Cnf["Dinstall::PGPKeyring"], Cnf["Dinstall::GPGKeyring"]) + keyrings = Cnf.ValueList("Dinstall::GPGKeyring") # Autofetch the signing key if that's enabled if autofetch == None: @@ -975,10 +984,9 @@ used.""" # Build the command line status_read, status_write = os.pipe(); - cmd = "gpgv --status-fd %s" % (status_write) - for keyring in keyrings: - cmd += " --keyring %s" % (keyring) - cmd += " %s %s" % (sig_filename, data_filename) + cmd = "gpgv --status-fd %s %s %s %s" % ( + status_write, gpg_keyring_args(keyrings), sig_filename, data_filename) + # Invoke gpgv on the file (output, status, exit_status) = gpgv_get_status_output(cmd, status_read, status_write) @@ -994,9 +1002,6 @@ used.""" bad = "" # Now check for obviously bad things in the processed output - if keywords.has_key("SIGEXPIRED"): - reject("The key used to sign %s has expired." % (sig_filename)) - bad = 1 if keywords.has_key("KEYREVOKED"): reject("The key used to sign %s has been revoked." % (sig_filename)) bad = 1 @@ -1018,6 +1023,9 @@ used.""" if keywords.has_key("NODATA"): reject("no signature found in %s." % (sig_filename)) bad = 1 + if keywords.has_key("KEYEXPIRED") and not keywords.has_key("GOODSIG"): + reject("The key (0x%s) used to sign %s has expired." % (key, sig_filename)) + bad = 1 if bad: return None