summaryrefslogtreecommitdiff
path: root/extra/coadde/db-list-unsigned-packages.py
diff options
context:
space:
mode:
Diffstat (limited to 'extra/coadde/db-list-unsigned-packages.py')
-rwxr-xr-xextra/coadde/db-list-unsigned-packages.py96
1 files changed, 0 insertions, 96 deletions
diff --git a/extra/coadde/db-list-unsigned-packages.py b/extra/coadde/db-list-unsigned-packages.py
deleted file mode 100755
index 80cff51..0000000
--- a/extra/coadde/db-list-unsigned-packages.py
+++ /dev/null
@@ -1,96 +0,0 @@
-#!/usr/bin/env python3
-# Copyright (C) 2012 Michał Masłowski <mtjm@mtjm.eu>
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-
-"""
-Output a list of repo/package-name-and-version pairs representing
-unsigned packages in the database at standard input of repo named in
-the first argument and specified for architectures listed in the
-following arguments (usually the one of the database or any, default
-is to list all).
-
-If the --keyset argument is passed, print the key fingerprint of every
-signed package.
-"""
-
-
-import base64
-import subprocess
-import sys
-import tarfile
-
-
-def main():
- """Do the job."""
- check_keys = False
- if "--keyset" in sys.argv:
- sys.argv.remove("--keyset")
- check_keys = True
- repo = sys.argv[1]
- pkgarches = frozenset(name.encode("utf-8") for name in sys.argv[2:])
- packages = []
- keys = []
- with tarfile.open(fileobj=sys.stdin.buffer) as archive:
- for entry in archive:
- if entry.name.endswith("/desc"):
- content = archive.extractfile(entry)
- skip = False
- is_arch = False
- key = None
- for line in content:
- if is_arch:
- is_arch = False
- if pkgarches and line.strip() not in pkgarches:
- skip = True # different architecture
- break
- if line == b"%PGPSIG%\n":
- skip = True # signed
- key = b""
- if check_keys:
- continue
- else:
- break
- if line == b"%ARCH%\n":
- is_arch = True
- continue
- if key is not None:
- if line.strip():
- key += line.strip()
- else:
- break
- if check_keys and key:
- key_binary = base64.b64decode(key)
- keys.append(key_binary)
- packages.append(repo + "/" + entry.name[:-5])
- if skip:
- continue
- print(repo + "/" + entry.name[:-5])
- if check_keys and keys:
- # We have collected all signed package names in packages and
- # all keys in keys. Let's now ask gpg to list all signatures
- # and find which keys made them.
- packets = subprocess.check_output(("gpg", "--list-packets"),
- input=b"".join(keys))
- i = 0
- for line in packets.decode("latin1").split("\n"):
- if line.startswith(":signature packet:"):
- keyid = line[line.index("keyid ") + len("keyid "):]
- print(packages[i], keyid)
- i += 1
-
-
-if __name__ == "__main__":
- main()