diff options
Diffstat (limited to 'backend')
-rwxr-xr-x | backend/magiback | 7 | ||||
-rwxr-xr-x | backend/raw_write.py | 90 |
2 files changed, 18 insertions, 79 deletions
diff --git a/backend/magiback b/backend/magiback index 49162b3..c65b3a3 100755 --- a/backend/magiback +++ b/backend/magiback @@ -38,9 +38,6 @@ class Isodumper(raw_write.Dumper): <arg type='s' name='label' direction='in'/> <arg type='s' name='key' direction='in'/> </method> - <method name='get_sum'> - <arg type='s' name='source' direction='in'/> - </method> <method name='end'> <arg type='b' name='success' direction='out'/> <arg type='s' name='message' direction='out'/> @@ -121,10 +118,6 @@ class Isodumper(raw_write.Dumper): def progress(self): return self._progress - def get_sum(self, source): - self.key_thread = threading.Thread(target=self._get_sum, args=(source,)) - self.key_thread.start() - def check_write(self, target, source): if hasattr(self, 'key_thread'): self.key_thread.join() diff --git a/backend/raw_write.py b/backend/raw_write.py index 03405bd..7891b43 100755 --- a/backend/raw_write.py +++ b/backend/raw_write.py @@ -27,7 +27,6 @@ import gettext import hashlib import io import logging -import datetime ########### # imports # ########### @@ -37,8 +36,6 @@ import sys import time from subprocess import Popen, PIPE -import gnupg - class Dumper(object): @@ -126,62 +123,6 @@ class Dumper(object): self.finished.set() return - def _get_sum(self, source): - self.return_state = False - self.signature_checked = FalseS - logging.debug("Starting getting sum") - # Check if the sum file has a valid signature - gpg = gnupg.GPG() - gpg.encoding = 'utf-8' - # Use Mageia public key - mageia_keyid = "835E41F4EDCA7A90" - self.sum_type = 'sha3' - sig_file = "{}.{}.gpg".format(source, self.sum_type) - self.source_file = "{}.{}".format(source, self.sum_type) - keys_list = gpg.list_keys() - key_present = False - for entry in keys_list: - if (mageia_keyid == entry['keyid']): - if entry['expires'] and (datetime.datetime.now().timestamp() > float(entry['expires'])): - logging.info("Mageia key expired, reloading") - else: - logging.info("Mageia key already present") - key_present = True - break - try: - if not key_present: - gpg.recv_keys('pool.sks-keyservers.net', mageia_keyid) - self.sum_check_searched = True - with open(sig_file, 'rb') as g: - self.signature_found = True - verified = gpg.verify_file(g, close_file=False) - if verified: - self.signature_checked = True - logging.debug("signature checked") - g.close() - else: - g.seek(0) - verified = gpg.verify_file(g, self.source_file) - if verified: - self.signature_checked = True - logging.debug("Detached signature is OK") - else: - self.signature_checked = False - logging.warning("Signature is false") - except Exception as e: - self.signature_found = False - logging.error(str(e)) - logging.info(_("Signature file {} not found\n" + _("or key expired")).format(sig_file)) - try: - # Look for sum files in the same directory as source - with open(self.source_file,'r') as fs: - # Read the sum in the file - self.sum_check=(fs.readline()).split()[0] - self.sum_file = True - except: - logging.info(_("Sum file {} not found\n").format(self.source_file)) - self.sum_file = False - def _check_write(self, target, source): logging.debug("Start checking") self.return_message = "" @@ -207,25 +148,30 @@ class Dumper(object): sha512func.update(block) sha512sumcalc=sha512func.hexdigest().upper() #f.close() + self.sum_check = "" + sum_type = "sha3" + sum_file = f"{source}.{sum_type}" + try: + # Look for sum files in the same directory as source + with open(sum_file,'r') as fs: + # Read the sum in the file + self.sum_check=(fs.readline()).split()[0] + self.sum_file = True + except: + logging.info(_("Sum file {} not found\n").format(sum_file)) + self.sum_file = False self.return_state = True - if self.signature_found and not self.signature_checked: - #, keep the pourcent, this is the place for source file name - self.return_message = _('Invalid signature for %s')%self.source_file - self.return_state = False + #if self.signature_found and not self.signature_checked: + ##, keep the pourcent, this is the place for source file name + #self.return_message = _('Invalid signature for %s')%self.source_file + #self.return_state = False if (self.sum_check == "") : # Can't get stored sum self.return_message += _('SHA3 sum: {}').format(sha512sumcalc) # compare the sums elif (sha512sumcalc == self.sum_check) : - if self.signature_checked and self.signature_found: + #if self.signature_checked and self.signature_found: #, keep the bracket, this is the place for sum type - self.return_message +="\n" + _("The {} sum check is OK and the sum is signed").format(self.sum_type) - else : - if self.signature_found: - self.return_message +="\n" + _("The validation of the GPG signature failed !") + "\n" + _("The integrity of the ISO image could not be verified.") - self.return_state = False - else: - #, keep the bracket, this is the place for sum type - self.return_message +="\n" + _("The {} sum check is OK but the signature can't be found").format(self.sum_type) + self.return_message +="\n" + _("The {} sum check is OK").format(sum_type) else: self.return_message +="\n" + _("/!\\The computed and stored sums don't match") self.return_state = False |