From b705f385e866ea81ddba10e6621e6c1ae7848856 Mon Sep 17 00:00:00 2001
From: Laurent Bachelier <laurent@bachelier.name>
Date: Sun, 29 Jan 2012 17:42:28 +0100
Subject: [PATCH] Add support for signing repository files

---
 .../applications/weboobrepos/weboobrepos.py   | 27 +++++++++++++++++--
 1 file changed, 25 insertions(+), 2 deletions(-)

diff --git a/weboob/applications/weboobrepos/weboobrepos.py b/weboob/applications/weboobrepos/weboobrepos.py
index bcce31d8..655095b7 100644
--- a/weboob/applications/weboobrepos/weboobrepos.py
+++ b/weboob/applications/weboobrepos/weboobrepos.py
@@ -102,6 +102,7 @@ class WeboobRepos(ReplApplication):
         r.build_index(source_path, index_file)
 
         if r.signed:
+            sigfiles = [r.KEYRING]
             gpg = self._find_gpg()
             if not gpg:
                 raise Exception('Unable to find the gpg executable.')
@@ -120,8 +121,8 @@ class WeboobRepos(ReplApplication):
                     subprocess.check_call([gpg,
                         '--quiet',
                         '--no-default-keyring',
-                        '--keyring', krname,
-                        '--import', keypath])
+                        '--keyring', os.path.realpath(krname),
+                        '--import', os.path.realpath(keypath)])
                 # Does not make much sense in our case
                 if os.path.exists(krname+'~'):
                     os.remove(krname+'~')
@@ -135,6 +136,8 @@ class WeboobRepos(ReplApplication):
 
         for name, module in r.modules.iteritems():
             tarname = os.path.join(repo_path, '%s.tar.gz' % name)
+            if r.signed:
+                sigfiles.append(os.path.basename(tarname))
             module_path = os.path.join(source_path, name)
             if os.path.exists(tarname):
                 tar_mtime = int(datetime.fromtimestamp(os.path.getmtime(tarname)).strftime('%Y%m%d%H%M'))
@@ -152,6 +155,26 @@ class WeboobRepos(ReplApplication):
             if os.path.exists(icon_path):
                 shutil.copy(icon_path, os.path.join(repo_path, '%s.png' % name))
 
+        if r.signed:
+            for filename in sigfiles:
+                filepath = os.path.realpath(os.path.join(repo_path, filename))
+                sigpath = filepath+'.sig'
+                file_mtime = int(os.path.getmtime(filepath))
+                if os.path.exists(sigpath):
+                    sig_mtime = int(os.path.getmtime(sigpath))
+                if not os.path.exists(sigpath) or sig_mtime < file_mtime:
+                    print 'Signing %s' % filename
+                    if os.path.exists(sigpath):
+                        os.remove(sigpath)
+                    subprocess.check_call([gpg,
+                        '--quiet',
+                        '--detach-sign',
+                        '--output', sigpath,
+                        '--sign', filepath])
+                    os.utime(sigpath, (file_mtime, file_mtime))
+            print 'Signatures are up to date'
+
+
     @staticmethod
     def _find_gpg():
         if os.getenv('GPG_EXECUTABLE'):