]>
Commit | Line | Data |
---|---|---|
7b5c7734 ER |
1 | #!/usr/bin/env python |
2 | # vi: encoding=utf-8 ts=8 sts=4 sw=4 et | |
3 | ||
4 | import os | |
89b8ea8d | 5 | import sys |
7b5c7734 | 6 | import rpm |
89b8ea8d | 7 | import pexpect |
7b5c7734 ER |
8 | from config import sign_key |
9 | ||
10 | def getSigInfo(hdr): | |
11 | """checks signature from an hdr hand back signature information and/or | |
12 | an error code""" | |
13 | # yum-3.2.22/rpmUtils/miscutils.py | |
14 | ||
15 | string = '%|DSAHEADER?{%{DSAHEADER:pgpsig}}:{%|RSAHEADER?{%{RSAHEADER:pgpsig}}:{%|SIGGPG?{%{SIGGPG:pgpsig}}:{%|SIGPGP?{%{SIGPGP:pgpsig}}:{(none)}|}|}|}|' | |
16 | siginfo = hdr.sprintf(string) | |
17 | if siginfo == '(none)': | |
18 | return None | |
5a666fec | 19 | |
7b5c7734 ER |
20 | return siginfo.split(',')[2].lstrip() |
21 | ||
22 | def is_signed(rpm_file): | |
23 | """Returns rpm information is package signed by the same key""" | |
24 | # http://code.activestate.com/recipes/306705/ | |
25 | ||
26 | if sign_key == None: | |
27 | return None | |
28 | ||
29 | ts = rpm.ts() | |
30 | ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES) | |
31 | fdno = os.open(rpm_file, os.O_RDONLY) | |
32 | hdr = ts.hdrFromFdno(fdno) | |
33 | os.close(fdno) | |
34 | ||
35 | sigid = getSigInfo(hdr) | |
36 | if sigid == None: | |
37 | return None | |
38 | ||
39 | return sign_key == sigid[-len(sign_key):] | |
40 | ||
89b8ea8d | 41 | def signpkgs(files, password): |
7b5c7734 ER |
42 | if not os.path.isfile('/usr/bin/gpg'): |
43 | raise OSError, 'Missing gnupg binary' | |
44 | if not os.path.isfile('/bin/rpm'): | |
45 | raise OSError, 'Missing rpm binary' | |
46 | ||
89b8ea8d AM |
47 | os.putenv('LC_ALL', 'C') |
48 | args = ['--resign', '--define', '_signature gpg', '--define', '_gpg_name ' + sign_key] + files | |
49 | child = pexpect.spawn('/bin/rpm', args) | |
866a153b | 50 | child.logfile_read = sys.stderr |
89b8ea8d AM |
51 | child.expect('Enter pass phrase:', timeout=30) |
52 | child.sendline(password) | |
866a153b | 53 | child.expect(pexpect.EOF, timeout=None) |
89b8ea8d AM |
54 | child.close() |
55 | rc = child.exitstatus | |
7b5c7734 ER |
56 | if rc != 0: |
57 | raise OSError, 'package signing failed' |