commit: c1f231291afa94d9a0020569d8d7da2a7674b7fd
Author: Pavlos Ratis <dastergon <AT> gentoo <DOT> org>
AuthorDate: Mon Jul 28 18:17:18 2014 +0000
Commit: Brian Dolbec <brian.dolbec <AT> gmail <DOT> com>
CommitDate: Mon Jul 28 18:17:18 2014 +0000
URL:
http://sources.gentoo.org/gitweb/?p=proj/gentoo-keys.git;a=commit;h=c1f23129
binary keyring support
Import specified trusted keys to a specified keyring file.
---
etc/gkeys.conf.sample | 3 +++
gkeys/actions.py | 55 +++++++++++++++++++++++++++++++++++++++++----------
gkeys/cli.py | 2 ++
gkeys/config.py | 1 +
gkeys/lib.py | 31 ++++++++++++++++++++++++++++-
5 files changed, 81 insertions(+), 11 deletions(-)
diff --git a/etc/gkeys.conf.sample b/etc/gkeys.conf.sample
index 9f2d8da..a777ab1 100644
--- a/etc/gkeys.conf.sample
+++ b/etc/gkeys.conf.sample
@@ -20,6 +20,9 @@ dev-keydir: %(keysdir)s/devs
# will be stored.
rel-keydir: %(keysdir)s/release
+# keyring: the directory where the official keyring with the specified keys
+# will be exported.
+keyring: %(keysdir)s/keyring
# overlayskeydir: the directory where the overlay keys
# will be stored.
diff --git a/gkeys/actions.py b/gkeys/actions.py
index caa0d7f..5d65552 100644
--- a/gkeys/actions.py
+++ b/gkeys/actions.py
@@ -22,8 +22,8 @@ from gkeys.seedhandler import SeedHandler
from gkeys.config import GKEY
Available_Actions = ['listseed', 'addseed', 'removeseed', 'moveseed',
'fetchseed',
- 'listseedfiles', 'listkey', 'addkey', 'removekey', 'movekey',
- 'installed']
+ 'listseedfiles', 'listkey', 'installkey', 'removekey', 'movekey',
+ 'installed', 'importkey']
class Actions(object):
@@ -69,7 +69,7 @@ class Actions(object):
return ["Provide a nickname, a name and a fingerprint."]
gkey = handler.new(args, checkgkey=True)
if len(gkeys) == 0:
- self.logger.debug("ACTIONS: addkey; now adding gkey: %s" %
str(gkey))
+ self.logger.debug("ACTIONS: installkey; now adding gkey: %s" %
str(gkey))
success = self.seeds.add(getattr(gkey, 'nick'), gkey)
if success:
success = self.seeds.save()
@@ -186,13 +186,13 @@ class Actions(object):
return messages
- def addkey(self, args):
+ def installkey(self, args):
'''Install a key from the seed(s)'''
if not args.nick:
return ["Please provide a nickname or -n *"]
handler = SeedHandler(self.logger, self.config)
kwargs = handler.build_gkeydict(args)
- self.logger.debug("ACTIONS: addkey; kwargs: %s" % str(kwargs))
+ self.logger.debug("ACTIONS: installkey; kwargs: %s" % str(kwargs))
gkey = self.listseed(args)[1]
if gkey:
if gkey and not args.nick == '*' and self.output:
@@ -200,7 +200,7 @@ class Actions(object):
elif gkey and self.output:
self.output(['all'], "\n Installing seeds:")
else:
- self.logger.info("ACTIONS: addkey; "
+ self.logger.info("ACTIONS: installkey; "
"Matching seed entry not found")
if args.nick:
return ["Search failed for: %s" % args.nick]
@@ -211,16 +211,16 @@ class Actions(object):
# get confirmation
# fill in code here
keydir = self.config.get_key(args.seeds + "-keydir")
- self.logger.debug("ACTIONS: addkey; keysdir = %s" % keydir)
+ self.logger.debug("ACTIONS: installkey; keysdir = %s" % keydir)
self.gpg = GkeysGPG(self.config, keydir)
results = {}
failed = []
for key in gkey:
- self.logger.debug("ACTIONS: addkey; adding key:")
+ self.logger.debug("ACTIONS: installkey; adding key:")
self.logger.debug("ACTIONS: " + str(key))
results[key.name] = self.gpg.add_key(key)
for result in results[key.name]:
- self.logger.debug("ACTIONS: addkey; result.failed = " +
+ self.logger.debug("ACTIONS: installkey; result.failed = " +
str(result.failed))
if self.config.options['print_results']:
for result in results[key.name]:
@@ -231,7 +231,7 @@ class Actions(object):
if result.failed:
failed.append(key)
if failed and self.output:
- self.output(failed, "\n Failed to install:")
+ self.output([failed], "\n Failed to install:")
return ["Completed"]
return ["No seeds to search or install"]
@@ -274,6 +274,41 @@ class Actions(object):
pass
+ def importkey(self, args):
+ '''Add a specified key to a specified keyring'''
+ if args.seeds:
+ keydir = self.config.get_key(args.seeds + "-keydir")
+ keyring_dir = self.config.get_key("keyring")
+ self.logger.debug("ACTIONS: importkey; keydir = %s" % keydir)
+ self.gpg = GkeysGPG(self.config, keydir)
+ handler = SeedHandler(self.logger, self.config)
+ gkeys = self.listseed(args)[1]
+ results = {}
+ failed = []
+ print("Importing specified keys to keyring.")
+ for gkey in gkeys:
+ self.logger.debug("ACTIONS: importkey; adding key: %s",
gkey.name)
+ results[gkey.name] = self.gpg.add_key(gkey)
+ if self.config.options['print_results']:
+ for result in results[gkey.name]:
+ print("key desired:", gkey.name, ", key added:",
+ result.username, ", succeeded:",
+ not result.failed, ", fingerprint:",
result.fingerprint)
+ self.logger.debug("stderr_out: " +
str(result.stderr_out))
+ if result.failed:
+ self.logger.debug("ACTIONS: importkey;
result.failed = " + str(result.failed))
+ failed.append(gkey)
+ if not results[gkey.name][0].failed:
+ print("Importing: ", gkey.name)
+ self.logger.debug("ACTIONS: importkey; importing key: %s",
gkey.name)
+ keyring = os.path.join(keyring_dir,args.keyring + '.gpg')
+ self.gpg.add_to_keyring(gkey, keydir, keyring)
+ if failed and self.output:
+ self.output([failed], "\n Failed to install:")
+ return ["Completed."]
+ return ["No seeds to search or install"]
+
+
def installed(self, args):
'''Lists the installed key directories'''
if args.seeds:
diff --git a/gkeys/cli.py b/gkeys/cli.py
index 3df3435..c8d5be7 100644
--- a/gkeys/cli.py
+++ b/gkeys/cli.py
@@ -70,6 +70,8 @@ class Main(object):
help='The logging level to set for the logfile')
parser.add_argument('-f', '--fingerprint', dest='fingerprint',
default=None,
help='The fingerprint of the the key')
+ parser.add_argument('-k', '--keyring', dest='keyring',
default='trusted_keyring',
+ help='The name of the keyring to use')
parser.add_argument('-n', '--nick', dest='nick', default=None,
help='The nick associated with the the key')
parser.add_argument('-N', '--name', dest='name', nargs='*',
diff --git a/gkeys/config.py b/gkeys/config.py
index b75d562..6b9888e 100644
--- a/gkeys/config.py
+++ b/gkeys/config.py
@@ -73,6 +73,7 @@ class GKeysConfig(GPGConfig):
self.defaults['keysdir'] = path([self.root, EPREFIX,
'/var/gentoo/gkeys'])
self.defaults['dev-keydir'] = '%(keysdir)s/devs'
self.defaults['rel-keydir'] = '%(keysdir)s/release'
+ self.defaults['keyring'] = '%(keysdir)s/keyring'
self.defaults['overlays-keydir'] = '%(keysdir)s/overlays'
self.defaults['logdir'] = '%(keysdir)s/logs'
# local directory to scan for seed files installed via ebuild, layman
diff --git a/gkeys/lib.py b/gkeys/lib.py
index 3861012..4d150bb 100644
--- a/gkeys/lib.py
+++ b/gkeys/lib.py
@@ -20,6 +20,7 @@ with gentoo-keys specific convienience functions.
from __future__ import print_function
+from os.path import abspath, pardir
from os.path import join as pjoin
from pyGPG.gpg import GPG
@@ -60,7 +61,7 @@ class GkeysGPG(GPG):
return
- def set_keyring(self, keyring, task, reset=True):
+ def set_keyring(self, keyring, task, importkey=False, reset=True):
'''Sets the keyring to use as well as related task options
'''
logger.debug("keydir: %s, keyring: %s" % (self.keydir, keyring))
@@ -69,6 +70,11 @@ class GkeysGPG(GPG):
# --keyring file | Note that this adds a keyring to the current list.
# If the intent is to use the specified keyring alone,
# use --keyring along with --no-default-keyring.
+ if importkey:
+ task_value = ['--import-options', 'import-clean']
+ self.config.options['tasks'][task].extend(task_value)
+ parent_dir = abspath(pjoin(keyring, pardir))
+ ensure_dirs(parent_dir)
task_value = ['--no-default-keyring', '--keyring', keyring]
self.config.options['tasks'][task].extend(task_value)
logger.debug("set_keyring: New task options: %s"
%str(self.config.options['tasks'][task]))
@@ -87,6 +93,29 @@ class GkeysGPG(GPG):
return
+ def add_to_keyring(self, gkey, keydir, keyring):
+ '''Add the specified key to the specified keyring
+
+ @param gkey: GKEY namedtuple with
+ (name, keyid/longkeyid, keydir, fingerprint)
+ @param keydir: path with the specified keydir
+ @param keyring: string with the specified keyring
+ '''
+ self.set_keydir(keydir, 'import', reset=True)
+ self.set_keyring(keyring, 'import', importkey=True, reset=False)
+ results = []
+ logger.debug("LIB: import_to_keyring; name: " + gkey.name)
+ logger.debug("** Calling runGPG with Running: gpg %s --import' for: %s"
+ % (' '.join(self.config.get_key('tasks', 'import')),
+ gkey.name))
+ pubring_path = pjoin(self.keydir, gkey.keydir, 'pubring.gpg')
+ result = self.runGPG(task='import', inputfile=pubring_path)
+ logger.info('GPG return code: ' + str(result.returncode))
+ results.append(result)
+ print(result.stderr_out)
+ return results
+
+
def add_key(self, gkey):
'''Add the specified key to the specified keydir
