diff options
Diffstat (limited to 't_install_iso/016_check_pubkey.t')
| -rw-r--r-- | t_install_iso/016_check_pubkey.t | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/t_install_iso/016_check_pubkey.t b/t_install_iso/016_check_pubkey.t new file mode 100644 index 0000000..fc5ffaa --- /dev/null +++ b/t_install_iso/016_check_pubkey.t @@ -0,0 +1,95 @@ +# +# TODO check pubkeys FIXME this looks like a mess. +# This function get the path of the pubkeys +# +use Test::Most; +use File::Basename; +use Tools; + +my ($image_path) = @ARGV; +my $name = basename($image_path); +my %info = Tools::parse_mageia_iso_name($name); + +bail_on_fail; + +my $url; +my $path; +my $pubkey = 1; +my $media; + +system "ls /media/iso_check/i586/media/ > temp_media_on_iso.log" if -r "/media/iso_check/i586/media/"; +system "ls /media/iso_check/x86_64/media/ >> temp_media_on_iso.log" if -r "/media/iso_check/x86_64/media/"; + +ok (-r "temp_media_on_iso.log", "Got a log for media contents"); + +open(my $file, "temp_media_on_iso.log") if -r "temp_media_on_iso.log"; + +while ($media = <$file>) { + chomp($media); + if ($info{"arch"} ne "dual" && $media ne 'media_info') { + $path = "/media/iso_check/" . $info{"arch"} . "/media/$media/media_info/pubkey"; + $url = "pubkey/" . $info{"arch"} . "-$media-pubkey"; + #$url .= "-cooker" if !$finale; + $pubkey &= check_key($path, $url, $media, $info{"arch"}) if -r $path && -r $url; + } + elsif ($media ne 'media_info') { + foreach my $arch ("i586", "x86_64") { + $path = "/media/iso_check/$arch/media/$media/media_info/pubkey"; + $url = "pubkey/$arch-$media-pubkey"; + #$url .= "-cooker" if !$finale; + -r $path and -r $url and $pubkey &= check_key($path, $url, $media, $arch); + } + } +} +-r "temp_media_on_iso.log" and system "rm temp_media_on_iso.log"; + + +#This function get the gpg -a key of the pubkey to compare it +sub get_gpg { + my ($pubkey) = @_; + my $key; + my $file; + system "gpg -a $pubkey > get_gpg_key.log"; + open($file, "get_gpg_key.log"); + while (my $a = <$file>) { + if (substr($a, 0, 11) eq "pub 1024D/") { + $key = substr($a, 11, 8); + } + } + system "rm get_gpg_key.log"; + + return $key; +} + + +#Verification of the pubkey with the original pubkey +sub check_key { # sed "s/pub\w1024D/\(.*\) /\1/" + my ($iso_file, $ref_file, $media, $arch) = @_; + my $unvalid; + my $valid = 1; + my $file = get_gpg($iso_file); + my $sign = `cat $ref_file`; + chomp($sign); + if ($file eq $sign) { + if (member($media, qw(core nonfree))) { + note "$arch-$media pubkey is valid.\t\tOK\n" if $arch eq 'i586'; + note "$arch-$media pubkey is valid.\t\tOK\n" if $arch eq 'x86_64' && member($media, qw(core nonfree)); + note "$arch-$media pubkey is valid.\tOK\n" if $arch eq 'x86_64' && $media eq 'non-free'; + } else { + note "$arch-$media pubkey is valid.\tOK\n"; + } + note "$arch-$media pubkey is valid.\n"; + return $valid; + } else { + if (member($media, qw(core))) { + note "$arch-$media pubkey isn't valid.\t\tNOK\n"; + } else { + note "$arch-$media pubkey isn't valid.\tNOK\n"; + } + note "$arch-$media pubkey isn't valid.\n"; + return $unvalid; + } + return $unvalid; +} + +done_testing(); |