Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 84701 Details for
Bug 130039
check gpg signature when using emerge-webrsync
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
emerge-webrsync - check gpg signature
emerge-webrsync.diff (text/plain), 2.53 KB, created by
Alon Bar-Lev (RETIRED)
on 2006-04-15 02:33:07 UTC
(
hide
)
Description:
emerge-webrsync - check gpg signature
Filename:
MIME Type:
Creator:
Alon Bar-Lev (RETIRED)
Created:
2006-04-15 02:33:07 UTC
Size:
2.53 KB
patch
obsolete
>--- emerge-webrsync 2006-04-15 12:29:44.000000000 +0300 >+++ emerge-webrsync 2006-04-15 12:29:39.000000000 +0300 >@@ -5,6 +5,12 @@ > # Author: Karl Trygve Kalleberg <karltk@gentoo.org> > # Rewritten from the old, Perl-based emerge-webrsync script > >+# >+# gpg key import >+# KEY_ID=0x7DDAD20D >+# gpg --homedir /etc/portage/gnupg --keyserver subkeys.pgp.net --recv-keys $KEY_ID >+# gpg --homedir /etc/portage/gnupg --edit-key $KEY_ID trust >+ > # If PORTAGE_NICENESS is overriden via the env then it will > # still pass through the portageq call and override properly. > PORTAGE_NICENESS="$(/usr/lib/portage/bin/portageq envvar PORTAGE_NICENESS)" >@@ -21,6 +27,13 @@ USERLAND="$(/usr/lib/portage/bin/portage > DISTDIR="$(/usr/lib/portage/bin/portageq envvar PORTAGE_TMPDIR)/emerge-webrsync" > PORTAGE_INST_UID="$(/usr/lib/portage/bin/portageq envvar PORTAGE_INST_UID)" > PORTAGE_INST_GID="$(/usr/lib/portage/bin/portageq envvar PORTAGE_INST_GID)" >+WEBSYNC_VERIFY_SIGNATURE="$(/usr/lib/portage/bin/portageq envvar WEBSYNC_VERIFY_SIGNATURE)" >+PORTAGE_GPG_HOME="$(/usr/lib/portage/bin/portageq envvar PORTAGE_GPG_HOME)" >+ >+if [ -z "$WEBSYNC_VERIFY_SIGNATURE" ]; then >+ WEBSYNC_VERIFY_SIGNATURE=0 >+fi >+ > if [ ! -d $DISTDIR ] ; then > mkdir -p $DISTDIR > fi >@@ -50,6 +63,17 @@ else > md5_com='true' > fi > >+if [ $WEBSYNC_VERIFY_SIGNATURE != 0 ]; then >+ if type -p gpg > /dev/null; then >+ gpg_com='gpg --homedir "${PORTAGE_GPG_HOME}" --verify ${FILE}.gpgsig ${FILE}' >+ else >+ echo "Cannot find gpg" >+ exit 1 >+ fi >+else >+ gpg_com='true' >+fi >+ > sync_local() { > echo Syncing local tree... > if type -p tarsync &> /dev/null; then >@@ -123,7 +147,7 @@ while (( $attempts < 40 )) ; do > echo " --- No md5sum present on the mirror. (Not yet available.)" > continue > elif [ -s "${FILE}" ]; then >- if eval "$md5_com"; then >+ if eval "$md5_com" && eval "$gpg_com"; then > echo " === snapshot $FILE is correct, using it" > sync_local > echo >@@ -139,10 +163,24 @@ while (( $attempts < 40 )) ; do > URI="${i}/snapshots/$FILE" > rm -f "$FILE" > if (eval "$FETCHCOMMAND $wgetops") && [ -s "$FILE" ]; then >+ URI="${i}/snapshots/$FILE.gpgsig" >+ rm -f "$FILE.gpgsig" >+ >+ if [ $WEBSYNC_VERIFY_SIGNATURE != 0 ]; then >+ if ! (eval "$FETCHCOMMAND $wgetops") || ! [ -s "$FILE.gpgsig" ]; then >+ echo "Cannot download signature for $FILE" >+ continue >+ fi >+ fi >+ > if ! eval "$md5_com"; then > echo "md5 failed on $FILE" > rm ${FILE} > continue >+ elif ! eval "$gpg_com"; then >+ echo "Signature validation failed on $FILE" >+ rm ${FILE} >+ continue > else > sync_local > echo
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=84701">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 130039
:
84701
|
84746
|
84790
|
100677
|
101532
|
115656
|
122073
|
122289
|
122290
|
127051
