Пример #1
0
        def fetch_feed():
            yield dl.downloaded
            tasks.check(dl.downloaded)

            pending = PendingFeed(feed_url, stream)

            if use_mirror:
                # If we got the feed from a mirror, get the key from there too
                key_mirror = self.feed_mirror + '/keys/'
            else:
                key_mirror = None

            keys_downloaded = tasks.Task(
                pending.download_keys(self.handler,
                                      feed_hint=feed_url,
                                      key_mirror=key_mirror),
                _("download keys for %s") % feed_url)
            yield keys_downloaded.finished
            tasks.check(keys_downloaded.finished)

            iface = iface_cache.get_interface(pending.url)
            if not iface_cache.update_interface_if_trusted(
                    iface, pending.sigs, pending.new_xml):
                blocker = self.handler.confirm_keys(pending,
                                                    self.fetch_key_info)
                if blocker:
                    yield blocker
                    tasks.check(blocker)
                if not iface_cache.update_interface_if_trusted(
                        iface, pending.sigs, pending.new_xml):
                    raise NoTrustedKeys(
                        _("No signing keys trusted; not importing"))
Пример #2
0
		def fetch_feed():
			try:
				yield dl.downloaded
				tasks.check(dl.downloaded)

				pending = PendingFeed(feed_url, stream)

				if use_mirror:
					# If we got the feed from a mirror, get the key from there too
					key_mirror = self.config.mirror + '/keys/'
				else:
					key_mirror = None

				keys_downloaded = tasks.Task(pending.download_keys(self, feed_hint = feed_url, key_mirror = key_mirror), _("download keys for %s") % feed_url)
				yield keys_downloaded.finished
				tasks.check(keys_downloaded.finished)

				dry_run = self.handler.dry_run
				if not self.config.iface_cache.update_feed_if_trusted(pending.url, pending.sigs, pending.new_xml, dry_run = dry_run):
					blocker = self.config.trust_mgr.confirm_keys(pending)
					if blocker:
						yield blocker
						tasks.check(blocker)
					if not self.config.iface_cache.update_feed_if_trusted(pending.url, pending.sigs, pending.new_xml, dry_run = dry_run):
						raise NoTrustedKeys(_("No signing keys trusted; not importing"))
			finally:
				stream.close()
Пример #3
0
        def fetch_feed():
            yield dl.downloaded
            tasks.check(dl.downloaded)

            pending = PendingFeed(feed_url, stream)

            if use_mirror:
                # If we got the feed from a mirror, get the key from there too
                key_mirror = self.feed_mirror + "/keys/"
            else:
                key_mirror = None

            keys_downloaded = tasks.Task(
                pending.download_keys(self.handler, feed_hint=feed_url, key_mirror=key_mirror),
                _("download keys for %s") % feed_url,
            )
            yield keys_downloaded.finished
            tasks.check(keys_downloaded.finished)

            if not iface_cache.update_feed_if_trusted(pending.url, pending.sigs, pending.new_xml):
                blocker = self.handler.confirm_keys(pending, self.fetch_key_info)
                if blocker:
                    yield blocker
                    tasks.check(blocker)
                if not iface_cache.update_feed_if_trusted(pending.url, pending.sigs, pending.new_xml):
                    raise NoTrustedKeys(_("No signing keys trusted; not importing"))
Пример #4
0
        def fetch_feed():
            try:
                yield dl.downloaded
                tasks.check(dl.downloaded)

                pending = PendingFeed(feed_url, stream)

                if use_mirror:
                    # If we got the feed from a mirror, get the key from there too
                    key_mirror = self.config.mirror + '/keys/'
                else:
                    key_mirror = None

                keys_downloaded = tasks.Task(
                    pending.download_keys(self,
                                          feed_hint=feed_url,
                                          key_mirror=key_mirror),
                    _("download keys for %s") % feed_url)
                yield keys_downloaded.finished
                tasks.check(keys_downloaded.finished)

                if not self.config.iface_cache.update_feed_if_trusted(
                        pending.url, pending.sigs, pending.new_xml):
                    blocker = self.config.trust_mgr.confirm_keys(pending)
                    if blocker:
                        yield blocker
                        tasks.check(blocker)
                    if not self.config.iface_cache.update_feed_if_trusted(
                            pending.url, pending.sigs, pending.new_xml):
                        raise NoTrustedKeys(
                            _("No signing keys trusted; not importing"))
            finally:
                stream.close()
Пример #5
0
    def testXMLupdate(self):
        iface_cache = self.config.iface_cache
        trust.trust_db.trust_key('92429807C9853C0744A68B9AAE07828059A53CC1')
        stream = tempfile.TemporaryFile()
        stream.write(data.thomas_key)
        stream.seek(0)
        gpg.import_key(stream)

        iface = iface_cache.get_interface('http://foo')
        src = tempfile.TemporaryFile()
        src.write(data.foo_signed_xml)
        src.seek(0)
        pending = PendingFeed(iface.uri, src)
        assert iface_cache.update_feed_if_trusted(iface.uri, pending.sigs,
                                                  pending.new_xml)

        iface_cache.__init__()
        feed = iface_cache.get_feed('http://foo')
        assert feed.last_modified == 1154850229

        # mtimes are unreliable because copying often changes them -
        # check that we extract the time from the signature when upgrading
        upstream_dir = basedir.save_cache_path(config_site, 'interfaces')
        cached = os.path.join(upstream_dir, model.escape(feed.url))
        os.utime(cached, None)

        iface_cache.__init__()
        feed = iface_cache.get_feed('http://foo')
        assert feed.last_modified > 1154850229

        src = tempfile.TemporaryFile()
        src.write(data.new_foo_signed_xml)
        src.seek(0)

        pending = PendingFeed(feed.url, src)
        assert iface_cache.update_feed_if_trusted(feed.url, pending.sigs,
                                                  pending.new_xml)

        # Can't 'update' to an older copy
        src = tempfile.TemporaryFile()
        src.write(data.foo_signed_xml)
        src.seek(0)
        try:
            pending = PendingFeed(feed.url, src)
            assert iface_cache.update_feed_if_trusted(feed.url, pending.sigs,
                                                      pending.new_xml)

            assert 0
        except model.SafeException:
            pass
Пример #6
0
	def testCheckSigned(self):
		iface_cache = self.config.iface_cache
		trust.trust_db.trust_key(
			'92429807C9853C0744A68B9AAE07828059A53CC1')
		feed_url = 'http://foo'
		with tempfile.TemporaryFile(mode = 'w+b') as src:
			# Unsigned
			src.write(b"hello")
			src.flush()
			src.seek(0)
			try:
				PendingFeed(feed_url, src)
				assert 0
			except model.SafeException:
				pass

			with tempfile.TemporaryFile(mode = 'w+b') as stream:
				stream.write(data.thomas_key)
				stream.seek(0)

				gpg.import_key(stream)

			# Signed
			src.seek(0)
			src.write(data.foo_signed_xml)
			src.flush()
			src.seek(0)

			pending = PendingFeed(feed_url, src)
			assert iface_cache.update_feed_if_trusted(feed_url, pending.sigs, pending.new_xml)

			self.assertEqual(['http://foo'],
					iface_cache.list_all_interfaces())

			feed = iface_cache.get_feed(feed_url)

			self.assertEqual(1154850229, feed.last_modified)
Пример #7
0
def handle(config, options, args):
    if not args:
        raise UsageError()

    h = config.handler

    for x in args:
        if not os.path.isfile(x):
            raise SafeException(_("File '%s' does not exist") % x)
        logging.info(_("Importing from file '%s'"), x)
        signed_data = file(x)
        data, sigs = gpg.check_stream(signed_data)
        doc = minidom.parseString(data.read())
        uri = doc.documentElement.getAttribute('uri')
        if not uri:
            raise SafeException(
                _("Missing 'uri' attribute on root element in '%s'") % x)
        logging.info(_("Importing information about interface %s"), uri)
        signed_data.seek(0)

        pending = PendingFeed(uri, signed_data)

        def run():
            keys_downloaded = tasks.Task(pending.download_keys(h),
                                         "download keys")
            yield keys_downloaded.finished
            tasks.check(keys_downloaded.finished)
            if not config.iface_cache.update_feed_if_trusted(
                    uri, pending.sigs, pending.new_xml):
                blocker = config.trust_mgr.confirm_keys(pending)
                if blocker:
                    yield blocker
                    tasks.check(blocker)
                if not config.iface_cache.update_feed_if_trusted(
                        uri, pending.sigs, pending.new_xml):
                    raise SafeException(
                        _("No signing keys trusted; not importing"))

        task = tasks.Task(run(), "import feed")

        errors = tasks.wait_for_blocker(task.finished)
        if errors:
            raise SafeException(
                _("Errors during download: ") + '\n'.join(errors))
Пример #8
0
def _import_feed(args):
	from zeroinstall.support import tasks
	from zeroinstall.injector import gpg, handler
	from zeroinstall.injector.iface_cache import PendingFeed
	from xml.dom import minidom
	handler = handler.Handler()

	for x in args:
		if not os.path.isfile(x):
			raise SafeException(_("File '%s' does not exist") % x)
		logging.info(_("Importing from file '%s'"), x)
		signed_data = file(x)
		data, sigs = gpg.check_stream(signed_data)
		doc = minidom.parseString(data.read())
		uri = doc.documentElement.getAttribute('uri')
		if not uri:
			raise SafeException(_("Missing 'uri' attribute on root element in '%s'") % x)
		iface = iface_cache.get_interface(uri)
		logging.info(_("Importing information about interface %s"), iface)
		signed_data.seek(0)

		pending = PendingFeed(uri, signed_data)

		def run():
			keys_downloaded = tasks.Task(pending.download_keys(handler), "download keys")
			yield keys_downloaded.finished
			tasks.check(keys_downloaded.finished)
			if not iface_cache.update_interface_if_trusted(iface, pending.sigs, pending.new_xml):
				blocker = handler.confirm_trust_keys(iface, pending.sigs, pending.new_xml)
				if blocker:
					yield blocker
					tasks.check(blocker)
				if not iface_cache.update_interface_if_trusted(iface, pending.sigs, pending.new_xml):
					raise SafeException(_("No signing keys trusted; not importing"))

		task = tasks.Task(run(), "import feed")

		errors = handler.wait_for_blocker(task.finished)
		if errors:
			raise SafeException(_("Errors during download: ") + '\n'.join(errors))