1
0
mirror of https://github.com/openSUSE/osc.git synced 2024-11-14 08:16:15 +01:00
github.com_openSUSE_osc/osc/checker.py

128 lines
3.0 KiB
Python
Raw Normal View History

import base64
import os
from tempfile import mkdtemp
from shutil import rmtree
class KeyError(Exception):
2010-02-27 20:11:15 +01:00
def __init__(self, key, *args):
super().__init__()
2010-02-27 20:11:15 +01:00
self.args = args
self.key = key
2022-09-12 13:43:10 +02:00
2010-02-27 20:11:15 +01:00
def __str__(self):
2022-09-12 13:43:10 +02:00
return '' + self.key + ' :' + ' '.join(self.args)
class Checker:
2010-02-27 20:11:15 +01:00
def __init__(self):
import rpm
2010-02-27 20:11:15 +01:00
self.dbdir = mkdtemp(prefix='oscrpmdb')
self.imported = {}
rpm.addMacro('_dbpath', self.dbdir)
self.ts = rpm.TransactionSet()
self.ts.initDB()
self.ts.openDB()
self.ts.setVSFlags(0)
2022-09-12 13:43:10 +02:00
# self.ts.Debug(1)
2010-02-27 20:11:15 +01:00
2022-08-29 15:32:41 +02:00
def readkeys(self, keys=None):
import rpm
2022-08-29 15:32:41 +02:00
keys = keys or []
2010-02-27 20:11:15 +01:00
rpm.addMacro('_dbpath', self.dbdir)
for key in keys:
try:
self.readkey(key)
except KeyError as e:
print(e)
if not self.imported:
raise KeyError('', "no key imported")
2010-02-27 20:11:15 +01:00
import rpm
2010-02-27 20:11:15 +01:00
rpm.delMacro("_dbpath")
# python is an idiot
2010-02-27 20:11:15 +01:00
# def __del__(self):
# self.cleanup()
def cleanup(self):
self.ts.closeDB()
rmtree(self.dbdir)
def readkey(self, file):
if file in self.imported:
return
fd = open(file)
2010-02-27 20:11:15 +01:00
line = fd.readline()
if line and line[0:14] == "-----BEGIN PGP":
line = fd.readline()
while line and line != "\n":
line = fd.readline()
if not line:
raise KeyError(file, "not a pgp public key")
else:
raise KeyError(file, "not a pgp public key")
key = ''
line = fd.readline()
crc = None
2010-02-27 20:11:15 +01:00
while line:
if line[0:12] == "-----END PGP":
break
line = line.rstrip()
2022-08-31 12:05:33 +02:00
if line[0] == '=':
crc = line[1:]
line = fd.readline()
break
else:
key += line
line = fd.readline()
2010-02-27 20:11:15 +01:00
fd.close()
if not line or line[0:12] != "-----END PGP":
raise KeyError(file, "not a pgp public key")
# TODO: compute and compare CRC, see RFC 2440
2010-02-27 20:11:15 +01:00
bkey = base64.b64decode(key)
r = self.ts.pgpImportPubkey(bkey)
if r != 0:
raise KeyError(file, "failed to import pubkey")
self.imported[file] = 1
def check(self, pkg):
# avoid errors on non rpm
if pkg[-4:] != '.rpm':
return
2013-07-04 14:24:29 +02:00
fd = None
try:
fd = os.open(pkg, os.O_RDONLY)
hdr = self.ts.hdrFromFdno(fd)
finally:
if fd is not None:
os.close(fd)
2022-09-12 13:43:10 +02:00
if __name__ == "__main__":
2010-02-27 20:11:15 +01:00
import sys
keyfiles = []
pkgs = []
for arg in sys.argv[1:]:
if arg[-4:] == '.rpm':
pkgs.append(arg)
else:
keyfiles.append(arg)
checker = Checker()
try:
checker.readkeys(keyfiles)
for pkg in pkgs:
checker.check(pkg)
except Exception as e:
2010-02-27 20:11:15 +01:00
checker.cleanup()
raise e
# vim: sw=4 et