[Yum-devel] [PATCH 1/4] - add default 'has_sig' and 'valid_sig' keys to the keyinfo dicts - if the thing we get back is valid gpg but has no sigs then sigs will be an empty list :( - make sure we handle that correctly - when we're checking a deta

tim.lauridsen at gmail.com tim.lauridsen at gmail.com
Mon Dec 27 17:54:51 UTC 2010


On Thu, Dec 23, 2010 at 8:51 PM, Seth Vidal <skvidal at fedoraproject.org>wrote:

> ---
>  yum/misc.py |   14 ++++++++++++--
>  1 files changed, 12 insertions(+), 2 deletions(-)
>
> diff --git a/yum/misc.py b/yum/misc.py
> index 4fa5ed9..7dffe70 100644
> --- a/yum/misc.py
> +++ b/yum/misc.py
> @@ -431,6 +431,8 @@ def getgpgkeyinfo(rawkey, multiple=False):
>             'timestamp': key.public_key.timestamp,
>             'fingerprint' : key.public_key.fingerprint,
>             'raw_key' : key.raw_key,
> +            'has_sig' : False,
> +            'valid_sig': False,
>         }
>
>         # Retrieve the timestamp from the matching signature packet
> @@ -542,8 +544,14 @@ def valid_detached_sig(sig_file, signed_file,
> gpghome=None):
>     if gpghome and os.path.exists(gpghome):
>         os.environ['GNUPGHOME'] = gpghome
>
> -    sig = open(sig_file, 'r')
> -    signed_text = open(signed_file, 'r')
> +    if hasattr(sig_file, 'read'):
> +        sig = sig_file
> +    else:
> +        sig = open(sig_file, 'r')
> +    if hasattr(signed_file, 'read'):
> +        signed_text = signed_file
> +    else:
> +        signed_text = open(signed_file, 'r')
>     plaintext = None
>     ctx = gpgme.Context()
>
> @@ -552,6 +560,8 @@ def valid_detached_sig(sig_file, signed_file,
> gpghome=None):
>     except gpgme.GpgmeError, e:
>         return False
>     else:
> +        if not sigs:
> +            return False
>         # is there ever a case where we care about a sig beyond the first
> one?
>         thissig = sigs[0]
>         if not thissig:
> --
> 1.7.2.3
>
> _______________________________________________
> Yum-devel mailing list
> Yum-devel at lists.baseurl.org
> http://lists.baseurl.org/mailman/listinfo/yum-devel
>

ACK
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.baseurl.org/pipermail/yum-devel/attachments/20101227/ffa6b0cc/attachment.html>


More information about the Yum-devel mailing list