[Yum-devel] [PATCH 1/4] - add default 'has_sig' and 'valid_sig' keys to the keyinfo dicts - if the thing we get back is valid gpg but has no sigs then sigs will be an empty list :( - make sure we handle that correctly - when we're checking a detached signature sometimes we don't care about keeping the detached signature around so accept an object that can be read()
Seth Vidal
skvidal at fedoraproject.org
Thu Dec 23 19:51:04 UTC 2010
---
yum/misc.py | 14 ++++++++++++--
1 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/yum/misc.py b/yum/misc.py
index 4fa5ed9..7dffe70 100644
--- a/yum/misc.py
+++ b/yum/misc.py
@@ -431,6 +431,8 @@ def getgpgkeyinfo(rawkey, multiple=False):
'timestamp': key.public_key.timestamp,
'fingerprint' : key.public_key.fingerprint,
'raw_key' : key.raw_key,
+ 'has_sig' : False,
+ 'valid_sig': False,
}
# Retrieve the timestamp from the matching signature packet
@@ -542,8 +544,14 @@ def valid_detached_sig(sig_file, signed_file, gpghome=None):
if gpghome and os.path.exists(gpghome):
os.environ['GNUPGHOME'] = gpghome
- sig = open(sig_file, 'r')
- signed_text = open(signed_file, 'r')
+ if hasattr(sig_file, 'read'):
+ sig = sig_file
+ else:
+ sig = open(sig_file, 'r')
+ if hasattr(signed_file, 'read'):
+ signed_text = signed_file
+ else:
+ signed_text = open(signed_file, 'r')
plaintext = None
ctx = gpgme.Context()
@@ -552,6 +560,8 @@ def valid_detached_sig(sig_file, signed_file, gpghome=None):
except gpgme.GpgmeError, e:
return False
else:
+ if not sigs:
+ return False
# is there ever a case where we care about a sig beyond the first one?
thissig = sigs[0]
if not thissig:
--
1.7.2.3
More information about the Yum-devel
mailing list