File: SignatureCheck.py

package info (click to toggle)
rpmlint 1.9-6
  • links: PTS, VCS
  • area: main
  • in suites: sid, stretch
  • size: 22,212 kB
  • ctags: 722
  • sloc: python: 14,926; makefile: 63; sh: 49
file content (55 lines) | stat: -rw-r--r-- 1,754 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# -*- coding: utf-8 -*-
#############################################################################
# File          : SignatureCheck.py
# Package       : rpmlint
# Author        : Frederic Lepied
# Created on    : Thu Oct  7 17:06:14 1999
# Purpose       : check the presence of a PGP signature.
#############################################################################

import re

import AbstractCheck
from Filter import addDetails, printError
import Pkg


class SignatureCheck(AbstractCheck.AbstractCheck):
    pgp_regex = re.compile("pgp|gpg", re.IGNORECASE)
    unknown_key_regex = re.compile("\(MISSING KEYS:(?:\([^)]+\))?\s+([^\)]+)\)")

    def __init__(self):
        AbstractCheck.AbstractCheck.__init__(self, "SignatureCheck")

    def check(self, pkg):
        res = pkg.checkSignature()
        if not res or res[0] != 0:
            if res and res[1]:
                kres = SignatureCheck.unknown_key_regex.search(res[1])
            else:
                kres = None
            if kres:
                printError(pkg, "unknown-key", kres.group(1))
            else:
                Pkg.warn("Error checking signature of %s: %s" %
                         (pkg.filename, res[1]))
        else:
            if not SignatureCheck.pgp_regex.search(res[1]):
                printError(pkg, "no-signature")

# Create an object to enable the auto registration of the test
check = SignatureCheck()

addDetails(
'no-signature',
'''You have to include your pgp or gpg signature in your package.
For more information on signatures, please refer to www.gnupg.org.''',

'unknown-key',
'''The package was signed, but with an unknown key.
See the rpm --import option for more information.''',
)

# SignatureCheck.py ends here

# ex: ts=4 sw=4 et