[Pkg-privacy-commits] [monkeysign] 01/01: try to run check-trustdb ourselves
Ximin Luo
infinity0 at moszumanska.debian.org
Sat Aug 22 13:34:17 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a commit to branch dev/trustdb
in repository monkeysign.
commit 629ef070e3563253b01b83d2186992310efcfd0c
Author: Antoine Beaupré <anarcat at koumbit.org>
Date: Thu Oct 16 22:34:02 2014 -0400
try to run check-trustdb ourselves
---
monkeysign/gpg.py | 12 +++++++++++-
monkeysign/ui.py | 9 +++++----
tests/test_ui.py | 1 +
3 files changed, 17 insertions(+), 5 deletions(-)
diff --git a/monkeysign/gpg.py b/monkeysign/gpg.py
index 8507a4c..726cf87 100644
--- a/monkeysign/gpg.py
+++ b/monkeysign/gpg.py
@@ -431,7 +431,7 @@ class Keyring():
self.context.expect(proc.stderr, 'GET_LINE keyedit.prompt')
print >>proc.stdin, 'save'
self.context.expect(proc.stderr, 'GOT_IT')
- return proc.wait() == 0
+ return proc.wait() == 0 and self.check_trustdb()
def sign_key(self, pattern, signall = False, local = False):
"""sign a OpenPGP public key
@@ -542,6 +542,16 @@ class Keyring():
self.context.expect(proc.stderr, 'GOT_IT')
return proc.wait() == 0
+ def check_trustdb(self):
+ """regenerate the trustdb
+
+we run under --no-auto-check-trustdb so we need to call this from time to time ourselves
+"""
+ self.context.call_command(['check-trustdb'])
+ if not self.context.returncode == 0:
+ raise GpgRuntimeError(self.context.returncode, _('check-trustdb failed: %s') % self.context.stderr.split("\n")[-2])
+ return True
+
class TempKeyring(Keyring):
def __init__(self):
"""Override the parent class to generate a temporary GPG home
diff --git a/monkeysign/ui.py b/monkeysign/ui.py
index b19d42d..e5cd4f5 100644
--- a/monkeysign/ui.py
+++ b/monkeysign/ui.py
@@ -273,6 +273,10 @@ work.
keys = self.tmpkeyring.get_keys(self.pattern)
+ self.tmpkeyring.context.call_command(['--check-trustdb'])
+ if not self.tmpkeyring.context.returncode == 0:
+ raise GpgRuntimeError(self.context.returncode, _('decryption failed: %s') % self.context.stderr.split("\n")[-2])
+
self.log(_('found %d keys matching your request') % len(keys))
for key in keys:
@@ -426,10 +430,7 @@ mailto: who to send the mail to (usually similar to recipient, but can be used t
self.tmpkeyring.import_data(keydata)
# prepare for email transport
self.tmpkeyring.context.set_option('armor')
- # this is necessary because we reimport keys from outside our
- # keyring, so gpg doesn't trust them anymore
- # but we know we do, so we ignore the trustdb
- self.tmpkeyring.context.set_option('trust-model', 'always')
+ self.tmpkeyring.context.set_option('no-auto-check-trustdb')
# remove UIDs we don't want to send
self.cleanup_uids()
# cleanup email addresses
diff --git a/tests/test_ui.py b/tests/test_ui.py
index 220ad86..5ffd94e 100755
--- a/tests/test_ui.py
+++ b/tests/test_ui.py
@@ -185,6 +185,7 @@ class EmailFactoryTest(BaseTestCase):
self.assertTrue(self.ui.tmpkeyring.import_data(open(os.path.dirname(__file__) + '/96F47C6A.asc').read()))
self.assertTrue(self.ui.tmpkeyring.import_data(open(os.path.dirname(__file__) + '/96F47C6A-secret.asc').read()))
+ self.ui.tmpkeyring.context.set_option('always-trust')
self.email = EmailFactory(self.ui.tmpkeyring.export_data(self.pattern), self.pattern, 'Antoine Beaupré <anarcat at orangeseeds.org>', 'nobody at example.com', 'nobody at example.com')
def test_cleanup_uids(self):
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/monkeysign.git
More information about the Pkg-privacy-commits
mailing list