From 7fdfda0004fc4bc18c2f4316b27f564809c67672 Mon Sep 17 00:00:00 2001
From: Papoteur <papoteur@mageia.org>
Date: Tue, 9 Mar 2021 19:36:48 +0100
Subject: Reload Mageia's key when it is expired

---
 backend/raw_write.py | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)

(limited to 'backend/raw_write.py')

diff --git a/backend/raw_write.py b/backend/raw_write.py
index 508a9ae..2fa6fff 100755
--- a/backend/raw_write.py
+++ b/backend/raw_write.py
@@ -27,6 +27,7 @@ import gettext
 import hashlib
 import io
 import logging
+import datetime
 ###########
 # imports #
 ###########
@@ -137,11 +138,18 @@ class Dumper(object):
         self.sum_type = 'sha3'
         sig_file = "{}.{}.gpg".format(source, self.sum_type)
         self.source_file = "{}.{}".format(source, self.sum_type)
+        keys_list = gpg.list_keys()
+        key_present  = False
+        for entry in keys_list:
+            if (mageia_keyid == entry['keyid']):
+                if entry['expires'] and (datetime.datetime.now().timestamp() > float(entry['expires'])):
+                    logging.info("Mageia key expired, reloading")
+                else:
+                    logging.info("Mageia key already present")
+                    key_present = True
+                break
         try:
-            keys_list = gpg.list_keys()
-            if mageia_keyid in [entry['keyid'] for entry in keys_list]:
-                logging.info("Mageia key already present")
-            else:
+            if not key_present:
                 gpg.recv_keys('pool.sks-keyservers.net', mageia_keyid)
             self.sum_check_searched = True
             with open(sig_file, 'rb') as g:
@@ -159,10 +167,11 @@ class Dumper(object):
                         logging.debug("Detached signature is OK")
                     else:
                         self.signature_checked = False
-                        logging.debug("Signature is false")
-        except:
+                        logging.warning("Signature is false")
+        except Exception as e:
             self.signature_found = False
-            logging.info(_("Signature file {} not found\n").format(sig_file))
+            logging.error(str(e))
+            logging.info(_("Signature file {} not found\n" + _("or key expired")).format(sig_file))
         try:
             # Look for sum files in the same directory as source
             with open(self.source_file,'r') as fs:
@@ -197,7 +206,7 @@ class Dumper(object):
             block = f.read(b-ncuts*1024)
             sha512func.update(block)
             sha512sumcalc=sha512func.hexdigest().upper()
-        f.close()
+        #f.close()
         self.return_state = True
         if self.signature_found and not self.signature_checked:
                 #,  keep the pourcent, this is the place for source file name
-- 
cgit v1.2.1