Add support for generating a keyring

2012-01-29 15:56:16 +01:00 · 2012-01-29 15:56:16 +01:00 · dd60e65174
commit dd60e65174
parent 22fec7f9e6
4 changed files with 283 additions and 1 deletions
--- a/weboob/applications/weboobrepos/weboobrepos.py
+++ b/weboob/applications/weboobrepos/weboobrepos.py
@ -25,6 +25,7 @@ import tarfile
 import os
 import shutil
 import sys
+import subprocess
 from copy import copy
 from contextlib import closing

@ -100,6 +101,36 @@ class WeboobRepos(ReplApplication):

        r.build_index(source_path, index_file)

+        if r.signed:
+            gpg = self._find_gpg()
+            if not gpg:
+                raise Exception('Unable to find the gpg executable.')
+            krname = os.path.join(repo_path, r.KEYRING)
+            if os.path.exists(krname):
+                kr_mtime = int(datetime.fromtimestamp(os.path.getmtime(krname)).strftime('%Y%m%d%H%M'))
+            if not os.path.exists(krname) or kr_mtime < r.key_update:
+                print 'Generate keyring'
+                # Remove all existing keys
+                if os.path.exists(krname):
+                    os.remove(krname)
+                # Add all valid keys
+                for keyfile in os.listdir(os.path.join(source_path, r.KEYDIR)):
+                    keypath = os.path.join(source_path, r.KEYDIR, keyfile)
+                    subprocess.check_call([gpg,
+                        '--no-default-keyring',
+                        '--keyring', krname,
+                        '--import', keypath])
+                # Does not make much sense in our case
+                if os.path.exists(krname+'~'):
+                    os.remove(krname+'~')
+                if not os.path.exists(krname):
+                    raise Exception('No valid key file found.')
+                kr_mtime = mktime(strptime(str(r.key_update), '%Y%m%d%H%M'))
+                os.utime(krname, (kr_mtime, kr_mtime))
+            else:
+                print 'Keyring is up to date'
+
+
        for name, module in r.modules.iteritems():
            tarname = os.path.join(repo_path, '%s.tar.gz' % name)
            module_path = os.path.join(source_path, name)
@ -119,6 +150,16 @@ class WeboobRepos(ReplApplication):
            if os.path.exists(icon_path):
                shutil.copy(icon_path, os.path.join(repo_path, '%s.png' % name))

+    @staticmethod
+    def _find_gpg():
+        if os.getenv('GPG_EXECUTABLE'):
+            return os.getenv('GPG_EXECUTABLE')
+        paths = os.getenv('PATH', os.defpath).split(os.pathsep)
+        for path in paths:
+            fpath = os.path.join(path, 'gpg')
+            if os.path.exists(fpath) and os.access(fpath, os.X_OK):
+                return fpath
+
    def _archive_excludes(self, filename):
        # Skip *.pyc files in tarballs.
        if filename.endswith('.pyc'):
--- a/weboob/core/repositories.py
+++ b/weboob/core/repositories.py
@ -91,6 +91,8 @@ class RepositoryUnavailable(Exception):

 class Repository(object):
    INDEX = 'modules.list'
+    KEYDIR = '.keys'
+    KEYRING = 'trusted.gpg'

    def __init__(self, url):
        self.url = url
@ -98,6 +100,8 @@ class Repository(object):
        self.update = 0
        self.maintainer = u''
        self.local = None
+        self.signed = False
+        self.key_update = 0

        self.modules = {}

@ -170,6 +174,8 @@ class Repository(object):
            self.name = items['name']
            self.update = int(items['update'])
            self.maintainer = items['maintainer']
+            self.signed = bool(int(items.get('signed', '0')))
+            self.key_update = int(items.get('key_update', '0'))
        except KeyError, e:
            raise RepositoryUnavailable('Missing global parameters in repository: %s' % e)
        except ValueError, e:
@ -203,10 +209,17 @@ class Repository(object):
        print 'Rebuild index'
        self.modules.clear()

+        if os.path.isdir(os.path.join(path, self.KEYDIR)):
+            self.signed = True
+            self.key_update = self.get_tree_mtime(os.path.join(path, self.KEYDIR), True)
+        else:
+            self.signed = False
+            self.key_update = 0
+
        sys.path.append(path)
        for name in sorted(os.listdir(path)):
            module_path = os.path.join(path, name)
-            if not os.path.isdir(module_path) or '.' in name:
+            if not os.path.isdir(module_path) or '.' in name or name == self.KEYDIR:
                continue

            try:
@ -252,6 +265,8 @@ class Repository(object):
        config.set(DEFAULTSECT, 'name', self.name)
        config.set(DEFAULTSECT, 'update', self.update)
        config.set(DEFAULTSECT, 'maintainer', self.maintainer)
+        config.set(DEFAULTSECT, 'signed', int(self.signed))
+        config.set(DEFAULTSECT, 'key_update', self.key_update)
        if private:
            config.set(DEFAULTSECT, 'url', self.url)