1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
# This file is part of the Mageia project
# Copyright (C) 2011 Damien Lallement <dams@mageia.org>
# (C) 2011 Romain D'Alverny <rda@mageia.org>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Library General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Library General Public License for more details.
#
# You should have received a copy of the GNU Library General Public License
# along with this library; see the file COPYING.LIB. If not, write to
# the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
#
# TODO check pubkeys FIXME this looks like a mess.
# This function get the path of the pubkeys
#
use Test::Most;
use File::Basename;
use Tools;
my ($image_path) = @ARGV;
my $name = basename($image_path);
my %info = Tools::parse_mageia_iso_name($name);
bail_on_fail;
my $url;
my $path;
my $pubkey = 1;
my $media;
system "ls /media/iso_check/i586/media/ > temp_media_on_iso.log" if -r "/media/iso_check/i586/media/";
system "ls /media/iso_check/x86_64/media/ >> temp_media_on_iso.log" if -r "/media/iso_check/x86_64/media/";
ok -r "temp_media_on_iso.log", "Got a log for media contents";
open(my $file, "temp_media_on_iso.log") if -r "temp_media_on_iso.log";
while ($media = <$file>) {
chomp($media);
if ($info{arch} ne "dual" && $media ne 'media_info') {
$path = "/media/iso_check/" . $info{arch} . "/media/$media/media_info/pubkey";
$url = "pubkey/" . $info{arch} . "-$media-pubkey";
#$url .= "-cooker" if !$finale;
$pubkey &= check_key($path, $url, $media, $info{arch}) if -r $path && -r $url;
}
elsif ($media ne 'media_info') {
foreach my $arch ("i586", "x86_64") {
$path = "/media/iso_check/$arch/media/$media/media_info/pubkey";
$url = "pubkey/$arch-$media-pubkey";
#$url .= "-cooker" if !$finale;
-r $path and -r $url and $pubkey &= check_key($path, $url, $media, $arch);
}
}
}
-r "temp_media_on_iso.log" and system "rm temp_media_on_iso.log";
#This function get the gpg -a key of the pubkey to compare it
sub get_gpg {
my ($pubkey) = @_;
my $key;
my $file;
system "gpg -a $pubkey > get_gpg_key.log";
open($file, "get_gpg_key.log");
while (my $a = <$file>) {
if (substr($a, 0, 11) eq "pub 1024D/") {
$key = substr($a, 11, 8);
}
}
system "rm get_gpg_key.log";
return $key;
}
#Verification of the pubkey with the original pubkey
sub check_key { # sed "s/pub\w1024D/\(.*\) /\1/"
my ($iso_file, $ref_file, $media, $arch) = @_;
my $unvalid;
my $valid = 1;
my $file = get_gpg($iso_file);
my $sign = `cat $ref_file`;
chomp($sign);
if ($file eq $sign) {
if (member($media, qw(core nonfree))) {
note "$arch-$media pubkey is valid.\t\tOK\n" if $arch eq 'i586';
note "$arch-$media pubkey is valid.\t\tOK\n" if $arch eq 'x86_64' && member($media, qw(core nonfree));
note "$arch-$media pubkey is valid.\tOK\n" if $arch eq 'x86_64' && $media eq 'non-free';
} else {
note "$arch-$media pubkey is valid.\tOK\n";
}
note "$arch-$media pubkey is valid.\n";
return $valid;
} else {
if (member($media, qw(core))) {
note "$arch-$media pubkey isn't valid.\t\tNOK\n";
} else {
note "$arch-$media pubkey isn't valid.\tNOK\n";
}
note "$arch-$media pubkey isn't valid.\n";
return $unvalid;
}
return $unvalid;
}
done_testing();
|
