config/debian/extensions.py

   1 import sys, os
   2
   3 import daklib.extensions
   4 from daklib.extensions import replace_dak_function
   5
   6 @replace_dak_function("process-unchecked", "check_signed_by_key")
   7 def check_signed_by_key(oldfn):
   8     changes = dak_module.changes
   9     reject = dak_module.reject
  10
  11     if changes["source"] == "dpkg":
  12         fpr = changes["fingerprint"]
  13         (uid, uid_name) = dak_module.lookup_uid_from_fingerprint(fpr)
  14         if fpr == "5906F687BD03ACAD0D8E602EFCF37657" or uid == "iwj":
  15             reject("Upload blocked due to hijack attempt 2008/03/19")
  16
  17             # NB: 1.15.0, 1.15.2 signed by this key targetted at unstable
  18             #     have been made available in the wild, and should remain
  19             #     blocked until Debian's dpkg has revved past those version
  20             #     numbers
  21
  22     oldfn()
  23
  24