from itertools import chain
from collections import Counter
try:
from lxml import etree
from lxml.etree import ParserError
except (SystemExit, KeyboardInterrupt):
raise
except (ImportError, SystemError, RuntimeError, Exception):
# broken or missing xml support
# https://bugs.python.org/issue14988
msg = ["Please emerge dev-python/lxml in order to use repoman."]
from portage.output import EOutput
out = EOutput()
for line in msg:
out.eerror(line)
sys.exit(1)
# import our initialized portage instance
from repoman._portage import portage
from repoman.metadata import metadata_dtd_uri
from repoman.modules.scan.scanbase import ScanBase
from portage.exception import InvalidAtom
from portage import os
from portage.dep import Atom
from portage.xml.metadata import parse_metadata_use
from .use_flags import USEFlagChecks
metadata_xml_encoding = 'UTF-8'
def verify_head(self):
if (self.repo.module_specific_options.get(
'sync-git-verify-commit-signature', 'false') != 'true'):
return True
if self.repo.sync_openpgp_key_path is not None:
if gemato is None:
writemsg_level(
"!!! Verifying against specified key requires gemato-11.0+ installed\n",
level=logging.ERROR,
noiselevel=-1)
return False
openpgp_env = gemato.openpgp.OpenPGPEnvironment()
else:
openpgp_env = None
try:
out = EOutput()
env = None
if openpgp_env is not None:
try:
out.einfo('Using keys from %s' %
(self.repo.sync_openpgp_key_path, ))
with io.open(self.repo.sync_openpgp_key_path, 'rb') as f:
openpgp_env.import_key(f)
out.ebegin('Refreshing keys from keyserver')
openpgp_env.refresh_keys()
out.eend(0)
except GematoException as e:
writemsg_level(
"!!! Verification impossible due to keyring problem:\n%s\n"
% (e, ),
level=logging.ERROR,
noiselevel=-1)
return (1, False)
env = os.environ.copy()
env['GNUPGHOME'] = openpgp_env.home
rev_cmd = [self.bin_command, "log", "--pretty=format:%G?", "-1"]
try:
status = (portage._unicode_decode(
subprocess.check_output(rev_cmd,
cwd=portage._unicode_encode(
self.repo.location),
env=env)).strip())
except subprocess.CalledProcessError:
return False
if status == 'G': # good signature is good
out.einfo('Trusted signature found on top commit')
return True
elif status == 'U': # untrusted
out.ewarn('Top commit signature is valid but not trusted')
return True
else:
if status == 'B':
expl = 'bad signature'
elif status == 'X':
expl = 'expired signature'
elif status == 'Y':
expl = 'expired key'
elif status == 'R':
expl = 'revoked key'
elif status == 'E':
expl = 'unable to verify signature (missing key?)'
elif status == 'N':
expl = 'no signature'
else:
expl = 'unknown issue'
out.eerror('No valid signature found: %s' % (expl, ))
return False
finally:
if openpgp_env is not None:
openpgp_env.close()
from itertools import chain try: from lxml import etree from lxml.etree import ParserError except (SystemExit, KeyboardInterrupt): raise except (ImportError, SystemError, RuntimeError, Exception): # broken or missing xml support # https://bugs.python.org/issue14988 msg = ["Please emerge dev-python/lxml in order to use repoman."] from portage.output import EOutput out = EOutput() for line in msg: out.eerror(line) sys.exit(1) # import our initialized portage instance from repoman._portage import portage from repoman.metadata import metadata_dtd_uri from repoman.modules.scan.scanbase import ScanBase from portage.exception import InvalidAtom from portage import os from portage.dep import Atom from portage.xml.metadata import parse_metadata_use from .use_flags import USEFlagChecks metadata_xml_encoding = 'UTF-8'
class pkgsys_portage(package_system):
pkgsysname = 'portage'
def __init__(self):
package_system.__init__(self)
self.eout = EOutput()
def begin(self, msg):
self.eout.ebegin(msg)
def end(self, success_ornot):
if success_ornot: self.eout.eend(0)
else: self.eout.eend(1)
def info(self, msg):
self.eout.einfo(msg)
def error(self, msg):
self.eout.eerror(msg)
def init_options(self, options):
options['--portage-distfiles'] = portage.settings['DISTDIR']
options['--portage-dir'] = os.path.join('/usr/local/portage', pypi_dir)
def finalize_options(self, options):
map(lambda diropt: ensure_dir(options[diropt]),
['--portage-distfiles', '--portage-dir'])
def setup_args(self, args):
if args['license'] != None and args['license'] != '':
args['license'] = LicenseConvert(args['name'], args['license'])
elif 'classifiers' in args and args['classifiers'] is not None:
for cfline in args['classifiers']:
cflist = map(lambda cf: cf.strip(), cfline.split('::'))
if len(cflist) == 3 and \
cflist[0] == 'License' and cflist[1] == 'OSI Approved':
args['license'] = LicenseConvert(args['name'], cflist[2])
if args['license'] == '': args['license'] = 'UNKNOWN'
iuse_arr = ['doc'] + args['extras_require'].keys()
args['iuse'] = string.join(iuse_arr)
rdepend = map(lambda dep: DepConvert(dep), args['install_requires'])
args['rdepend'] = string.join(rdepend, '\n\t')
ereq = {}
for k in args['extras_require']:
if args['extras_require'][k] == []: continue
ereq[k] = args['extras_require'][k]
depend = []
if args['name'] != 'setuptools':
depend.append('dev-python/setuptools')
depend.append('doc? ( dev-python/pudge dev-python/buildutils )')
depend.extend(map(lambda extra: '%s? ( %s )' % \
(extra, string.join(map(lambda edep:
DepConvert(edep),
ereq[extra]))),
ereq.keys()))
args['depend'] = string.join(depend, '\n\t')
args['patchlist'] = \
string.join(map(lambda p: 'epatch "${FILESDIR}/%s"' % p,
args['patches']), '\n\t')
# Setup ebuild.
fullname = MakeFullname(args['name'], args['version'])
if 'rev' not in args:
ebuild_fn = '%s.ebuild' % fullname
else:
ebuild_fn = '%s-r%s.ebuild' % (fullname, args['rev'])
ebuild_dir = os.path.join(args['--portage-dir'],
NameConvert(args['name']))
ebuild_path = os.path.join(ebuild_dir, ebuild_fn)
for pkgtype in ['setup.py', 'single.py']:
if args['pkgtype'] == pkgtype:
args['template'] = os.path.join('portage', '%s.tmpl' % pkgtype)
break
if 'template' not in args:
raise RuntimeError, 'Unsupported package type %s' % args['pkgtype']
args['output'] = ebuild_path
args['filedir'] = args['--portage-distfiles']
args['patchdir'] = os.path.join(ebuild_dir, 'files')
def process(self, args):
# Call ebuild ... digest
try:
portage._doebuild_manifest_exempt_depend += 1
pkgdir = os.path.dirname(args['output'])
fetchlist_dict = portage.FetchlistDict(pkgdir, portage.settings,
portage.portdb)
mf = Manifest(pkgdir,
args['--portage-distfiles'],
fetchlist_dict=fetchlist_dict,
manifest1_compat=False)
mf.create(requiredDistfiles=None,
assumeDistHashesSometimes=True,
assumeDistHashesAlways=True)
mf.write()
finally:
portage._doebuild_manifest_exempt_depend -= 1
def verify_head(self, revision="-1"):
if self.repo.module_specific_options.get(
"sync-git-verify-commit-signature",
"false").lower() not in ("true", "yes"):
return True
if self.repo.sync_openpgp_key_path is not None and gemato is None:
writemsg_level(
"!!! Verifying against specified key requires gemato-14.5+ installed\n",
level=logging.ERROR,
noiselevel=-1,
)
return False
openpgp_env = self._get_openpgp_env(self.repo.sync_openpgp_key_path)
try:
out = EOutput()
env = None
if openpgp_env is not None and self.repo.sync_openpgp_key_path is not None:
try:
out.einfo("Using keys from %s" %
(self.repo.sync_openpgp_key_path, ))
with io.open(self.repo.sync_openpgp_key_path, "rb") as f:
openpgp_env.import_key(f)
self._refresh_keys(openpgp_env)
except (GematoException, asyncio.TimeoutError) as e:
writemsg_level(
"!!! Verification impossible due to keyring problem:\n%s\n"
% (e, ),
level=logging.ERROR,
noiselevel=-1,
)
return False
env = os.environ.copy()
env["GNUPGHOME"] = openpgp_env.home
rev_cmd = [
self.bin_command, "log", "-n1", "--pretty=format:%G?", revision
]
try:
status = portage._unicode_decode(
subprocess.check_output(
rev_cmd,
cwd=portage._unicode_encode(self.repo.location),
env=env,
)).strip()
except subprocess.CalledProcessError:
return False
if status == "G": # good signature is good
out.einfo("Trusted signature found on top commit")
return True
if status == "U": # untrusted
out.ewarn("Top commit signature is valid but not trusted")
return True
if status == "B":
expl = "bad signature"
elif status == "X":
expl = "expired signature"
elif status == "Y":
expl = "expired key"
elif status == "R":
expl = "revoked key"
elif status == "E":
expl = "unable to verify signature (missing key?)"
elif status == "N":
expl = "no signature"
else:
expl = "unknown issue"
out.eerror("No valid signature found: %s" % (expl, ))
return False
finally:
if openpgp_env is not None:
openpgp_env.close()
def verify_head(self, revision='-1'):
if (self.repo.module_specific_options.get(
'sync-git-verify-commit-signature', 'false') != 'true'):
return True
if self.repo.sync_openpgp_key_path is not None:
if gemato is None:
writemsg_level("!!! Verifying against specified key requires gemato-11.0+ installed\n",
level=logging.ERROR, noiselevel=-1)
return False
openpgp_env = gemato.openpgp.OpenPGPEnvironment()
else:
openpgp_env = None
try:
out = EOutput()
env = None
if openpgp_env is not None:
try:
out.einfo('Using keys from %s' % (self.repo.sync_openpgp_key_path,))
with io.open(self.repo.sync_openpgp_key_path, 'rb') as f:
openpgp_env.import_key(f)
out.ebegin('Refreshing keys from keyserver')
openpgp_env.refresh_keys()
out.eend(0)
except GematoException as e:
writemsg_level("!!! Verification impossible due to keyring problem:\n%s\n"
% (e,),
level=logging.ERROR, noiselevel=-1)
return False
env = os.environ.copy()
env['GNUPGHOME'] = openpgp_env.home
rev_cmd = [self.bin_command, "log", "-n1", "--pretty=format:%G?", revision]
try:
status = (portage._unicode_decode(
subprocess.check_output(rev_cmd,
cwd=portage._unicode_encode(self.repo.location),
env=env))
.strip())
except subprocess.CalledProcessError:
return False
if status == 'G': # good signature is good
out.einfo('Trusted signature found on top commit')
return True
elif status == 'U': # untrusted
out.ewarn('Top commit signature is valid but not trusted')
return True
else:
if status == 'B':
expl = 'bad signature'
elif status == 'X':
expl = 'expired signature'
elif status == 'Y':
expl = 'expired key'
elif status == 'R':
expl = 'revoked key'
elif status == 'E':
expl = 'unable to verify signature (missing key?)'
elif status == 'N':
expl = 'no signature'
else:
expl = 'unknown issue'
out.eerror('No valid signature found: %s' % (expl,))
return False
finally:
if openpgp_env is not None:
openpgp_env.close()
