From 7fdfda0004fc4bc18c2f4316b27f564809c67672 Mon Sep 17 00:00:00 2001 From: Papoteur Date: Tue, 9 Mar 2021 19:36:48 +0100 Subject: Reload Mageia's key when it is expired --- backend/raw_write.py | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/backend/raw_write.py b/backend/raw_write.py index 508a9ae..2fa6fff 100755 --- a/backend/raw_write.py +++ b/backend/raw_write.py @@ -27,6 +27,7 @@ import gettext import hashlib import io import logging +import datetime ########### # imports # ########### @@ -137,11 +138,18 @@ class Dumper(object): self.sum_type = 'sha3' sig_file = "{}.{}.gpg".format(source, self.sum_type) self.source_file = "{}.{}".format(source, self.sum_type) + keys_list = gpg.list_keys() + key_present = False + for entry in keys_list: + if (mageia_keyid == entry['keyid']): + if entry['expires'] and (datetime.datetime.now().timestamp() > float(entry['expires'])): + logging.info("Mageia key expired, reloading") + else: + logging.info("Mageia key already present") + key_present = True + break try: - keys_list = gpg.list_keys() - if mageia_keyid in [entry['keyid'] for entry in keys_list]: - logging.info("Mageia key already present") - else: + if not key_present: gpg.recv_keys('pool.sks-keyservers.net', mageia_keyid) self.sum_check_searched = True with open(sig_file, 'rb') as g: @@ -159,10 +167,11 @@ class Dumper(object): logging.debug("Detached signature is OK") else: self.signature_checked = False - logging.debug("Signature is false") - except: + logging.warning("Signature is false") + except Exception as e: self.signature_found = False - logging.info(_("Signature file {} not found\n").format(sig_file)) + logging.error(str(e)) + logging.info(_("Signature file {} not found\n" + _("or key expired")).format(sig_file)) try: # Look for sum files in the same directory as source with open(self.source_file,'r') as fs: @@ -197,7 +206,7 @@ class Dumper(object): block = f.read(b-ncuts*1024) sha512func.update(block) sha512sumcalc=sha512func.hexdigest().upper() - f.close() + #f.close() self.return_state = True if self.signature_found and not self.signature_checked: #, keep the pourcent, this is the place for source file name -- cgit v1.2.1