aboutsummaryrefslogtreecommitdiffstats
path: root/backend
diff options
context:
space:
mode:
authorPapoteur <papoteur@mageia.org>2018-10-19 09:01:16 +0200
committerPapoteur <papoteur@mageia.org>2018-10-19 09:01:16 +0200
commit0835bde83d98dc26912de3d5025d516667a07798 (patch)
tree76c55aa0ad8d8f22e6150aeb043317972bccb55f /backend
parentae4851d5496d3bd2e7cf86cabda0eb37d0553dc2 (diff)
downloadisodumper-0835bde83d98dc26912de3d5025d516667a07798.tar
isodumper-0835bde83d98dc26912de3d5025d516667a07798.tar.gz
isodumper-0835bde83d98dc26912de3d5025d516667a07798.tar.bz2
isodumper-0835bde83d98dc26912de3d5025d516667a07798.tar.xz
isodumper-0835bde83d98dc26912de3d5025d516667a07798.zip
Separate getting key and checking signature in a thread
Review the logic of checking
Diffstat (limited to 'backend')
-rwxr-xr-xbackend/magiback10
-rwxr-xr-xbackend/raw_write.py43
2 files changed, 36 insertions, 17 deletions
diff --git a/backend/magiback b/backend/magiback
index 7c56253..904afcf 100755
--- a/backend/magiback
+++ b/backend/magiback
@@ -36,6 +36,9 @@ class Isodumper(raw_write.Dumper):
<arg type='s' name='target' direction='in'/>
<arg type='s' name='source' direction='in'/>
</method>
+ <method name='get_sum'>
+ <arg type='s' name='source' direction='in'/>
+ </method>
<method name='end'>
<arg type='b' name='success' direction='out'/>
<arg type='s' name='message' direction='out'/>
@@ -61,6 +64,9 @@ class Isodumper(raw_write.Dumper):
self.return_message = ""
self.authorized_sender_read = set()
self.authorized_sender_write = set()
+ self.sum_check = ""
+ self.sum_check_searched = False
+ self.signature_checked = False
def do_write(self,source, target, size, dbus_context):
self.finished.clear()
@@ -99,6 +105,10 @@ class Isodumper(raw_write.Dumper):
print("Unmounting")
return self._do_unmount([device])
+ def get_sum(self, source):
+ key_thread = threading.Thread(target=self._get_sum, args=(source,))
+ key_thread.start()
+
def check_write(self,target, source):
self.thread = threading.Thread(target=self._check_write, args=(target, source,))
self.thread.start()
diff --git a/backend/raw_write.py b/backend/raw_write.py
index 40dc99b..d9a5a19 100755
--- a/backend/raw_write.py
+++ b/backend/raw_write.py
@@ -146,35 +146,42 @@ class Dumper(object):
print(message)
return not bool(retcode), message
- def _check_write(self, target, source):
+ def _get_sum(self, source):
self.return_state = False
self.return_message = ""
- b = os.path.getsize(source)
# Check if the sum file has a valid signature
- signature_checked = False
gpg = gnupg.GPG()
gpg.encoding = 'utf-8'
# Use Mageia public key
sig_file = source +'.sha512.gpg'
- sumcheck = ""
try:
gpg.recv_keys('pgp.mit.edu', 'EDCA7A90')
+ self.sum_check_searched = True
with open(sig_file, 'rb') as g:
+ self.signature_found = True
verified = gpg.verify_file(g)
if verified.valid:
- signature_checked = True
- # Look for sum files in the same directory as source
- fs=open(source+'.sha512','r')
- # Read the sum in the file
- sumcheck=(fs.readline()).split()[0]
+ self.signature_checked = True
+ logging.debug("signature checked")
else:
- self.return_message = _('Invalid signature for %s.sha512')%source
- self.return_state = True
- self.finished.set()
- return
+ self.signature_checked = False
except:
+ self.signature_found = False
self.return_message = _("Signature file {} not found\n").format(sig_file)
-
+ try:
+ # Look for sum files in the same directory as source
+ with open(source+'.sha512','r') as fs:
+ # Read the sum in the file
+ self.sum_check=(fs.readline()).split()[0]
+ self.sum_file = True
+ except:
+ self.return_message = _("Sum SHA512 file {} not found\n").format(source+'.sha512')
+ self.sum_file = False
+
+ def _check_write(self, target, source):
+ self.return_state = False
+ self.return_message = ""
+ b = os.path.getsize(source)
# Compute the sum from the written device
steps=list(range(0, b+1, int(b/100)))
steps.append(b)
@@ -195,11 +202,13 @@ class Dumper(object):
sha512func.update(block)
sha512sumcalc=sha512func.hexdigest()
f.close()
- if (sumcheck == "") :
+ if self.signature_found and not self.signature_checked:
+ self.return_message = _('Invalid signature for %s.sha512')%source
+ if (self.sum_check == "") :
self.return_message += _('SHA512 sum: {}').format(sha512sumcalc)
# compare the sums
- elif (sha512sumcalc == sumcheck) :
- if signature_checked:
+ elif (sha512sumcalc == self.sum_check) :
+ if self.signature_checked:
self.return_message += _("The sha512 sum check is OK and the sum is signed")
else :
self.return_message += _("The sha512 sum check is OK but the signature can't be found")