# This file is part of the Mageia project # Copyright (C) 2011 Damien Lallement # (C) 2011 Romain D'Alverny # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Library General Public # License as published by the Free Software Foundation; either # version 2 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Library General Public License for more details. # # You should have received a copy of the GNU Library General Public License # along with this library; see the file COPYING.LIB. If not, write to # the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, # Boston, MA 02110-1301, USA. # # # TODO check pubkeys FIXME this looks like a mess. # This function get the path of the pubkeys # use Test::Most; use File::Basename; use Tools; my ($image_path) = @ARGV; my $name = basename($image_path); my %info = Tools::parse_mageia_iso_name($name); bail_on_fail; my $url; my $path; my $pubkey = 1; my $media; system "ls /media/iso_check/i586/media/ > temp_media_on_iso.log" if -r "/media/iso_check/i586/media/"; system "ls /media/iso_check/x86_64/media/ >> temp_media_on_iso.log" if -r "/media/iso_check/x86_64/media/"; ok -r "temp_media_on_iso.log", "Got a log for media contents"; open(my $file, "temp_media_on_iso.log") if -r "temp_media_on_iso.log"; while ($media = <$file>) { chomp($media); if ($info{arch} ne "dual" && $media ne 'media_info') { $path = "/media/iso_check/" . $info{arch} . "/media/$media/media_info/pubkey"; $url = "pubkey/" . $info{arch} . "-$media-pubkey"; #$url .= "-cooker" if !$finale; $pubkey &= check_key($path, $url, $media, $info{arch}) if -r $path && -r $url; } elsif ($media ne 'media_info') { foreach my $arch ("i586", "x86_64") { $path = "/media/iso_check/$arch/media/$media/media_info/pubkey"; $url = "pubkey/$arch-$media-pubkey"; #$url .= "-cooker" if !$finale; -r $path and -r $url and $pubkey &= check_key($path, $url, $media, $arch); } } } -r "temp_media_on_iso.log" and system "rm temp_media_on_iso.log"; #This function get the gpg -a key of the pubkey to compare it sub get_gpg { my ($pubkey) = @_; my $key; my $file; system "gpg -a $pubkey > get_gpg_key.log"; open($file, "get_gpg_key.log"); while (my $a = <$file>) { if (substr($a, 0, 11) eq "pub 1024D/") { $key = substr($a, 11, 8); } } system "rm get_gpg_key.log"; return $key; } #Verification of the pubkey with the original pubkey sub check_key { # sed "s/pub\w1024D/\(.*\) /\1/" my ($iso_file, $ref_file, $media, $arch) = @_; my $unvalid; my $valid = 1; my $file = get_gpg($iso_file); my $sign = `cat $ref_file`; chomp($sign); if ($file eq $sign) { if (member($media, qw(core nonfree))) { note "$arch-$media pubkey is valid.\t\tOK\n" if $arch eq 'i586'; note "$arch-$media pubkey is valid.\t\tOK\n" if $arch eq 'x86_64' && member($media, qw(core nonfree)); note "$arch-$media pubkey is valid.\tOK\n" if $arch eq 'x86_64' && $media eq 'non-free'; } else { note "$arch-$media pubkey is valid.\tOK\n"; } note "$arch-$media pubkey is valid.\n"; return $valid; } else { if (member($media, qw(core))) { note "$arch-$media pubkey isn't valid.\t\tNOK\n"; } else { note "$arch-$media pubkey isn't valid.\tNOK\n"; } note "$arch-$media pubkey isn't valid.\n"; return $unvalid; } return $unvalid; } done_testing();