diff options
Diffstat (limited to 'extra/coadde/db-list-unsigned-packages.py')
| -rwxr-xr-x | extra/coadde/db-list-unsigned-packages.py | 96 | 
1 files changed, 0 insertions, 96 deletions
| diff --git a/extra/coadde/db-list-unsigned-packages.py b/extra/coadde/db-list-unsigned-packages.py deleted file mode 100755 index 80cff51..0000000 --- a/extra/coadde/db-list-unsigned-packages.py +++ /dev/null @@ -1,96 +0,0 @@ -#!/usr/bin/env python3 -# Copyright (C) 2012  Michał Masłowski  <mtjm@mtjm.eu> -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program.  If not, see <http://www.gnu.org/licenses/>. - - -""" -Output a list of repo/package-name-and-version pairs representing -unsigned packages in the database at standard input of repo named in -the first argument and specified for architectures listed in the -following arguments (usually the one of the database or any, default -is to list all). - -If the --keyset argument is passed, print the key fingerprint of every -signed package. -""" - - -import base64 -import subprocess -import sys -import tarfile - - -def main(): -    """Do the job.""" -    check_keys = False -    if "--keyset" in  sys.argv: -        sys.argv.remove("--keyset") -        check_keys = True -    repo = sys.argv[1] -    pkgarches = frozenset(name.encode("utf-8") for name in sys.argv[2:]) -    packages = [] -    keys = [] -    with tarfile.open(fileobj=sys.stdin.buffer) as archive: -        for entry in archive: -            if entry.name.endswith("/desc"): -                content = archive.extractfile(entry) -                skip = False -                is_arch = False -                key = None -                for line in content: -                    if is_arch: -                        is_arch = False -                        if pkgarches and line.strip() not in pkgarches: -                            skip = True  # different architecture -                            break -                    if line == b"%PGPSIG%\n": -                        skip = True  # signed -                        key = b"" -                        if check_keys: -                            continue -                        else: -                            break -                    if line == b"%ARCH%\n": -                        is_arch = True -                        continue -                    if key is not None: -                        if line.strip(): -                            key += line.strip() -                        else: -                            break -                if check_keys and key: -                    key_binary = base64.b64decode(key) -                    keys.append(key_binary) -                    packages.append(repo + "/" + entry.name[:-5]) -                if skip: -                    continue -                print(repo + "/" + entry.name[:-5]) -    if check_keys and keys: -        # We have collected all signed package names in packages and -        # all keys in keys.  Let's now ask gpg to list all signatures -        # and find which keys made them. -        packets = subprocess.check_output(("gpg", "--list-packets"), -                                          input=b"".join(keys)) -        i = 0 -        for line in packets.decode("latin1").split("\n"): -            if line.startswith(":signature packet:"): -                keyid = line[line.index("keyid ") + len("keyid "):] -                print(packages[i], keyid) -                i += 1 - - -if __name__ == "__main__": -    main() | 
