diff --git a/bin/debexpo_worker.py b/bin/debexpo_worker.py
index 44c08179ba31ddd42c5a0233e8cae5999f537d1f..ff3284f288844cc4c71bbaaf88c0c804efa978a5 100755
--- a/bin/debexpo_worker.py
+++ b/bin/debexpo_worker.py
@@ -1,4 +1,4 @@
-#! /usr/bin/python
+#! /usr/bin/env python
# -*- coding: utf-8 -*-
#
# debexpo_worker.py — Worker task
diff --git a/bin/key_importer.py b/bin/key_importer.py
index b4f0b908da540ebc184c8ff03874004b29c81420..745978149359ea50e7ff8d81f41dc4018991a830 100755
--- a/bin/key_importer.py
+++ b/bin/key_importer.py
@@ -1,4 +1,4 @@
-#! /usr/bin/python
+#! /usr/bin/env python
# -*- coding: utf-8 -*-
#
# key_importer.py — Regenerate the mentors keyring from scratch
diff --git a/debexpo/config/routing.py b/debexpo/config/routing.py
index 229dd6db31a10226f96db8481560d12e1d94f5f3..01a809e2bebfd44a2e365d17914611ae96e87461 100644
--- a/debexpo/config/routing.py
+++ b/debexpo/config/routing.py
@@ -88,7 +88,7 @@ def make_map(config):
map.connect('all-packages', '/packages', controller='packages', action='index')
map.connect('packages-uploader', '/packages/uploader/{id}', controller='packages', action='uploader')
#map.connect('/packages/{action}/{id}', controller='packages', action='index', id=None)
- #map.connect('packages_filter_feed', '/packages/{filter}/{id}/feed', controller='packages', action='feed')
+ map.connect('packages_filter_feed', '/packages/{filter}/{id}/feed', controller='packages', action='feed')
#map.connect('packages_feed', '/packages/feed', controller='packages', action='feed')
map.connect('qa', '/qa', controller='index', action='qa')
diff --git a/debexpo/controllers/packages.py b/debexpo/controllers/packages.py
index 57f32fda846d18d5308deb5841a470b475c0e4c0..f12e50074bc30055c18d8664c2327feedee45a29 100644
--- a/debexpo/controllers/packages.py
+++ b/debexpo/controllers/packages.py
@@ -161,7 +161,7 @@ class PackagesController(BaseController):
desc += '
'
- if item.needs_sponsor:
+ if item.needs_sponsor == constants.PACKAGE_NEEDS_SPONSOR_YES:
desc += _('Uploader is currently looking for a sponsor.')
else:
desc += _('Uploader is currently not looking for a sponsor.')
diff --git a/debexpo/lib/gnupg.py b/debexpo/lib/gnupg.py
index 0aba4a96097f2e5df30d3bd61862ab0259cdf1e5..5e3a732ffc9ceef59fe11713ad3b259ed3c31436 100644
--- a/debexpo/lib/gnupg.py
+++ b/debexpo/lib/gnupg.py
@@ -75,6 +75,28 @@ class GnuPG(object):
"""Returns true if the gpg binary is not installed or not executable."""
return self.gpg_path is None
+ def extract_key_data(self,key,attribute):
+ """
+ Returns the attribute of a given GPG public key.
+ Attribute can be one of "keyid" or "keystrength"
+ """
+ try:
+ if attribute == "keyid":
+ r = key.split("/")[1]
+ elif attribute == "keystrength":
+ r = int(key.split("/")[0][:-1])
+ elif attribute == "keytype":
+ r = key.split("/")[0][-1:]
+ else:
+ raise AttributeError
+ if not r:
+ raise AttributeError
+ return r
+ except (AttributeError, IndexError):
+ log.error("Failed to extract key data from gpg output: '%s'"
+ % key)
+
+
def extract_key_id(self, key):
"""
Returns the key id only of a given GPG public key, e.g.:
@@ -84,14 +106,29 @@ class GnuPG(object):
``key``
A public key output as given by gpg(1)
"""
- try:
- r = key.split("/")[1]
- if not r:
- raise AttributeError
- return r
- except (AttributeError, IndexError):
- log.error("Failed to extract key only id from gpg output: '%s'"
- % key)
+ return self.extract_key_data(key, "keyid")
+
+ def extract_key_strength(self, key):
+ """
+ Returns the key strength only of a given GPG public key, e.g.:
+
+ 1024D/355304E4 -> 1024
+
+ ``key``
+ A public key output as given by gpg(1)
+ """
+ return self.extract_key_data(key, "keystrength")
+
+ def extract_key_type(self, key):
+ """
+ Returns the key strength only of a given GPG public key, e.g.:
+
+ 1024D/355304E4 -> D
+
+ ``key``
+ A public key output as given by gpg(1)
+ """
+ return self.extract_key_data(key, "keytype")
def parse_key_id(self, key, email = None):
"""
diff --git a/debexpo/lib/validators.py b/debexpo/lib/validators.py
index 921fa3ba8adcfd62a8af885b4f4e4c1f1ebde169..e8ca244d796f3c3ec755a4701d79a2eab59cb706 100644
--- a/debexpo/lib/validators.py
+++ b/debexpo/lib/validators.py
@@ -83,6 +83,24 @@ class GpgKey(formencode.validators.FieldStorageUploadConverter):
log.error("Failed to parse GPG key")
raise formencode.Invalid(_('Invalid GPG key'), value, c)
+ """
+ Minimum Key Strength Check.
+ """
+ requiredkeystrength = int(config['debexpo.gpg_minkeystrength'])
+ keystrength = self.gnupg.extract_key_strength(self.key_id())
+ keytype = self.gnupg.extract_key_type(self.key_id())
+
+ if keytype == 'R':
+ if keystrength < requiredkeystrength:
+ log.debug("Key strength unacceptable in Debian Keyring")
+ raise formencode.Invalid(_('Key strength unacceptable in Debian Keyring. The minimum required key strength is %s bits.' % str(requiredkeystrength)), value, c)
+ elif keytype == 'E' and keystrength == 256:
+ # ECDSA keys have a fixed size.
+ pass
+ else:
+ log.debug("Key type unacceptable in Debian Keyring")
+ raise formencode.Invalid(_('Key type unacceptable in Debian Keyring. It must be RSA or ECDSA.'), value, c)
+
return formencode.validators.FieldStorageUploadConverter._to_python(self, value, c)
def key_id(self):
diff --git a/debexpo/plugins/closedbugs.py b/debexpo/plugins/closedbugs.py
index 6f552d2630469831e0fdef31349e662d2b078a34..7a5c877429ae66406bc7faebcb6088d77baec451 100644
--- a/debexpo/plugins/closedbugs.py
+++ b/debexpo/plugins/closedbugs.py
@@ -104,7 +104,7 @@ class ClosedBugsPlugin(BasePlugin):
name = data["raw"][bug]['package']
data["bugs"][name].append((bug, data["raw"][bug]["subject"], data["raw"][bug]["severity"]))
- if not (data["raw"][bug]['source'] == self.changes["Source"] or name == "wnpp"):
+ if not (self.changes["Source"] in data["raw"][bug]['source'].split(', ') or name == "wnpp"):
data["errors"].append('Bug #%s does not belong to this package' % bug)
severity = max(severity, constants.PLUGIN_SEVERITY_ERROR)
diff --git a/debexpo/tests/__init__.py b/debexpo/tests/__init__.py
index 6940bfc457bf2cbf886565f08b25ea15defde3d2..2d7e26ed1e802ba6e37e7ae0b34fd0827a6639b4 100644
--- a/debexpo/tests/__init__.py
+++ b/debexpo/tests/__init__.py
@@ -59,6 +59,9 @@ from webtest import TestApp
import pylons.test
from debexpo.model import meta, import_all_models
from debexpo.model.users import User
+from debexpo.model.packages import Package
+from debexpo.model.package_versions import PackageVersion
+from debexpo.model.source_packages import SourcePackage
from debexpo.model.user_upload_key import UserUploadKey
from debexpo.model.user_countries import UserCountry
@@ -143,3 +146,64 @@ class TestController(TestCase):
"""
meta.session.query(User).filter(User.email=='email@example.com').delete()
meta.session.commit()
+
+ def _setup_example_package(self):
+ """Add an example package.
+
+ The example package with name ``testpackage`` is added to
+ the database.
+
+ This method may be used in the setUp method of derived test
+ classes.
+ """
+ user = meta.session.query(User).filter(
+ User.email == 'email@example.com').one()
+
+ if not user:
+ raise Exception('Example user must be created before the package')
+
+ package = Package(name='testpackage', user=user,
+ description='a test package')
+ meta.session.add(package)
+
+ package_version = PackageVersion(
+ package=package,
+ version='1.0-1',
+ maintainer='Test User ',
+ section='Admin',
+ distribution='unstable',
+ qa_status=0,
+ component='main',
+ priority='optional',
+ closes='',
+ uploaded=datetime.now())
+ meta.session.add(package_version)
+ meta.session.add(SourcePackage(package_version=package_version))
+ meta.session.commit()
+
+ def _remove_example_package(self):
+ """Remove the example package.
+
+ This method removes the example package created in
+ _setup_example_package.
+
+ This method must be used in the tearDown method of derived
+ test classes that use _setup_example_package.
+ """
+ package = meta.session.query(
+ Package).filter(Package.name == 'testpackage').first()
+ if not package:
+ return
+
+ package_version = meta.session.query(
+ PackageVersion).filter(
+ PackageVersion.package == package).first()
+
+ package_source = meta.session.query(
+ SourcePackage).filter(
+ SourcePackage.package_version == package_version).first()
+
+ meta.session.delete(package_source)
+ meta.session.delete(package_version)
+ meta.session.delete(package)
+ meta.session.commit()
diff --git a/debexpo/tests/functional/test_my.py b/debexpo/tests/functional/test_my.py
index 336eea96eac29648cb55782594c255e14ed44e7b..5a07f1eb17b64a743599a61d79d3d7b86f3e03be 100644
--- a/debexpo/tests/functional/test_my.py
+++ b/debexpo/tests/functional/test_my.py
@@ -10,37 +10,19 @@ import shutil
class TestMyController(TestController):
_GPGKEY = """-----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.10 (GNU/Linux)
-
-mQENBEwmV4wBCADCbdBf65H0r13XfVVncCc9pW7XkDYuKD8locXY48IdKVQRKK97
-lJUZv7Ys/nx1QTTux/S7ldhQS2Op4pA86uEQOnynmM2S5uePIslbkRKGnfcfUYdE
-9Ij7S0+ZIafr2MUdehFLuPhCH9ddepA5rSLfgVfMAUpwyZ+/VZOCxczLntOWhTqH
-xcN4aHJ7M6EXixH4uOe+hL2PeNw1LGN/ESXgEsPuJkYnKQb6XYFGFb08WyiJ7AXZ
-JMuajajTw626U2rsqoi4HNHFifGm3K2+htR5V9gStdF7CxmCAgGyQ+/vhqMAv6zv
-HLWWLbSIUOftAT6zHcu/DI9yWESe1WH6hayBABEBAAG0HVRlc3QgdXNlciA8ZW1h
-aWxAZXhhbXBsZS5jb20+iQE4BBMBAgAiBQJMJleMAhsDBgsJCAcDAgYVCAIJCgsE
-FgIDAQIeAQIXgAAKCRAKG4hEZ1gmHq1kCACOmW8SuVYSDIhAHWmlA9Ch4QIPsCMt
-9FazOHN72Gr1gB8rdUJ0qGzkOiP349sjSPqVfHz9NX830ng2QvFl0hiVCdtUlERn
-ijgBUGu0nPIpZH0UskWVXthndL3twmGtfIxwzsZEWeOrmRg24q4PMBqIOA1SNowk
-Ck14LkmR65Ds9a/KS23Mnd5YoH+NDB5fABXU0vgdn6il9tJhYYJPSvssj0AoF620
-h9VAJ+/qpCNxmIZBa6NhDcyOoFg0i5nPo4qJRx7e1KmApGjFdW9c/Rz8pBD3v5iQ
-dfkC6NRhQVoWMzVPv7RiDuC0Ig7ub1QZ8waSNDW2uwLLqwM9bRNmedY2uQENBEwm
-V4wBCACw8DO6P7tVTaYlhqffAPMpJE6O9yjqz+3LDJCXJhPD+js8y5P/6i8QA80K
-F2jXpphp+d/iqMbIpp+p2w2OpoF6mbc/Frf3Jjx+4pL5lwWzoicdGvxdjDeXYmCc
-zI9AxderVEh4sokN9B6i/1dG9EOpkkbQ+gt9xP1Wbc4oi+03TvjEA1s+nToEkSgy
-dk2Xg69IgRBGyP8+x/Yzi5pWZrfGES0/Ui6+hfiJY6fYcLnW3mWFuJ9DZdx0JRmY
-mKqzorfmnHqYkUcJEKBSP6NjS2A3+SfCyZYBCFkDOZFY1zp7YtDkMTV4/vvSXBdt
-/oZNVztZk8C2n9TQve4My6kPoWfzABEBAAGJAR8EGAECAAkFAkwmV4wCGwwACgkQ
-ChuIRGdYJh64QQf+KXt6/VqrjYymGvKtOdufepJpBIoUehztZxJ+QSe+eL4ttrme
-BPtS964reKahaP8K77rowdBtEdOCXhFc5wLSHTNqsLB2lC3y3pzEotfxa2pyO7jG
-2Boy8TIj5a6ixA1nwEwPgX6RkZwnGCn17wQzTV8y8OV8ei7z/so6VHkndRVOt9O+
-x7HPR7QKPp2p/JtwP6xJUtZgaDKvBpK4rISqv7MiSHljIa4sq7wfdHw8zJ8ZTtYv
-2USGdIn3QtoVRN+fsGzs2rRWK6Cc1AgNqhLgna+qagAq9hB3u52G9tjAlx2MD7yD
-ABRL0EeYuGCJYJRQsw8e8JuRSaVGwfotqkIHtQ==
-=PXiv
------END PGP PUBLIC KEY BLOCK-----
-"""
- _GPG_ID = '2048R/6758261E'
+
+mDMEW9b91RYJKwYBBAHaRw8BAQdAHtUIQWAsmPilu0JDMnLbpPQfT1i3z2IVMoDH
+rhlYkO+0JWRlYmV4cG8gdGVzdGluZyA8ZGViZXhwb0BleGFtcGxlLm9yZz6IkAQT
+FggAOBYhBOF57qTrR+YF2YZjLihiGOfHT5wRBQJb1v3VAhsDBQsJCAcCBhUKCQgL
+AgQWAgMBAh4BAheAAAoJEChiGOfHT5wRdQIBAJ8rciR0e1PaA+LhoTWHaPSgCwvc
+lNFyRk71s75+hRkhAPwPnl6QqGsOa0DyJB5saVcqPCqYFbF1usUWIQnPPRsVC7g4
+BFvW/dUSCisGAQQBl1UBBQEBB0DzrYDCp+OaNFinqKkDWcqftqq/BAFS9lq4de5g
+RNytNAMBCAeIeAQYFggAIBYhBOF57qTrR+YF2YZjLihiGOfHT5wRBQJb1v3VAhsM
+AAoJEChiGOfHT5wRNK8A/115pc8+OwKDy1fGXGX3l0uq1wdfiJreG/9YZddx/JTI
+AQD4ZLpyUg+z6kJ+8YAmHFiOD9Ixv3QVvrfpBwnBVtJZBg==
+=N+9W
+-----END PGP PUBLIC KEY BLOCK-----"""
+ _GPG_ID = '256E/C74F9C11'
def _setup_gpg_env(self):
self.homedir = tempfile.mkdtemp()
diff --git a/debexpo/tests/functional/test_package.py b/debexpo/tests/functional/test_package.py
index ddefddfdc09bea515ced446b49416b6f66396aaf..82147911df87fe28265cc946fd2130c840f643ae 100644
--- a/debexpo/tests/functional/test_package.py
+++ b/debexpo/tests/functional/test_package.py
@@ -19,38 +19,10 @@ class TestPackageController(TestController):
def setUp(self):
self._setup_models()
self._setup_example_user()
- user = meta.session.query(User).filter(
- User.email == 'email@example.com').one()
- package = Package(name='testpackage', user=user,
- description='a test package')
- meta.session.add(package)
- package_version = PackageVersion(
- package=package,
- version='1.0-1',
- maintainer='Test User ',
- section='Admin',
- distribution='unstable',
- qa_status=0,
- component='main',
- priority='optional',
- closes='',
- uploaded=datetime.now())
- meta.session.add(package_version)
- meta.session.add(SourcePackage(package_version=package_version))
- meta.session.commit()
+ self._setup_example_package()
def tearDown(self):
- package = meta.session.query(Package).filter(
- Package.name == 'testpackage').first()
- if package:
- package_versions = meta.session.query(PackageVersion).filter(
- PackageVersion.package == package).all()
- for vers in package_versions:
- meta.session.query(SourcePackage).filter(
- SourcePackage.package_version == vers).delete()
- meta.session.delete(vers)
- meta.session.delete(package)
- meta.session.commit()
+ self._remove_example_package()
self._remove_example_user()
def _test_no_auth(self, action, redirect_login=True):
diff --git a/debexpo/tests/functional/test_packages.py b/debexpo/tests/functional/test_packages.py
index 0c8d1ccf82774dbd89d37b96caf09cd4c6109eed..38afbabf02caea16655c910fd6bee4a780988efb 100644
--- a/debexpo/tests/functional/test_packages.py
+++ b/debexpo/tests/functional/test_packages.py
@@ -1,23 +1,59 @@
from debexpo.tests import *
+from debexpo.lib.constants import PACKAGE_NEEDS_SPONSOR_YES
+from debexpo.model import meta
+from debexpo.model.packages import Package
class TestPackagesController(TestController):
def setUp(self):
self._setup_models()
self._setup_example_user()
+ self._setup_example_package()
def tearDown(self):
+ self._remove_example_package()
self._remove_example_user()
+ def _test_feed_filter(self, filter=None, id=None):
+ response = self.app.get(url(controller='packages', action='feed',
+ filter=filter, id=id))
+ self.assertEquals(200, response.status_int)
+ self.assertEquals('application/rss+xml', response.content_type)
+ self.assertTrue('testpackage 1.0-1' in response.body)
+ return response
+
def test_index(self):
response = self.app.get(url(controller='packages', action='index'))
self.assertEquals(200, response.status_int)
self.assertEquals('text/html', response.content_type)
def test_feed(self):
- response = self.app.get(url(controller='packages', action='feed'))
+ self._test_feed_filter()
+
+ def test_feed_with_sponsor(self):
+ package = meta.session.query(
+ Package).filter(Package.name == 'testpackage').first()
+ package.needs_sponsor = PACKAGE_NEEDS_SPONSOR_YES
+ meta.session.commit()
+ response = self._test_feed_filter()
+ self.assertTrue('Uploader is currently looking for a sponsor.' in response.body)
+
+ def test_feed_section(self):
+ self._test_feed_filter('section', 'Admin')
+
+ def test_feed_uploader(self):
+ self._test_feed_filter('uploader', 'email@example.com')
+
+ def test_feed_wrong_uploader(self):
+ response = self.app.get(url(controller='packages', action='feed',
+ filter='uploader',
+ id='nonexistent@example.com'))
self.assertEquals(200, response.status_int)
self.assertEquals('application/rss+xml', response.content_type)
+ self.assertTrue('testpackage 1.0-1' not in response.body)
+
+ def test_feed_maintainer(self):
+ self._test_feed_filter('maintainer', 'Test User ')
def test_section(self):
response = self.app.get(url(controller='packages', action='section', id='main'))
diff --git a/debexpo/tests/gpg/debian_announcement.gpg.asc b/debexpo/tests/gpg/debian_announcement.gpg.asc
new file mode 100644
index 0000000000000000000000000000000000000000..ee88ea973ce7ac1a98f8cf80a5db5ac0a1121afe
--- /dev/null
+++ b/debexpo/tests/gpg/debian_announcement.gpg.asc
@@ -0,0 +1,112 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+
+Fellow Linuxers,
+
+This is just to announce the imminent completion of a brand-new Linux release,
+which I'm calling the Debian Linux Release. This is a release that I have put
+together basically from scratch; in other words, I didn't simply make some
+changes to SLS and call it a new release. I was inspired to put together this
+release after running SLS and generally being dissatisfied with much of it,
+and after much altering of SLS I decided that it would be easier to start
+from scratch. The base system is now virtually complete (though I'm still
+looking around to make sure that I grabbed the most recent sources for
+everything), and I'd like to get some feedback before I add the "fancy" stuff.
+
+Please note that this release is not yet completed and may not be for several
+more weeks; however, I thought I'd post now to perhaps draw a few people out
+of the woodwork. Specifically, I'm looking for:
+
+ 1) someone who will eventually be willing to allow me to upload the
+ release to their anonymous ftp-site. Please contact me.
+ Be warned that it will be rather large :)
+
+ 2) comments, suggestions, advice, etc. from the Linux community. This
+ is your chance to suggest specific packages, series, or
+ anything you'd like to see part of the final release.
+
+Don't assume that because a package is in SLS that it will necessarily be
+included in the Debian release! Things like ls and cat are a given, but if
+there's anything that's in SLS that you couldn't live without please let me
+know!
+
+I'd also like suggestions for specific features for the release. For example,
+a friend of mine here suggested that undesired packages should be selected
+BEFORE the installation procedure begins so the installer doesn't have to
+babysit the installation. Suggestions along that line are also welcomed.
+
+What will make this release better than SLS? This:
+
+ 1) Debian will be sleeker and slimmer. No more multiple binaries and
+ manpages.
+ 2) Debian will contain the most up-to-date of everything. The system
+ will be easy to keep up-to-date with a 'upgrading' script in
+ the base system which will allow complete integration of
+ upgrade packages.
+ 3) Debian will contain a installation procedure that doesn't need to
+ be babysat; simply install the basedisk, copy the distribution
+ disks to the harddrive, answer some question about what
+ packages you want or don't want installed, and let the machine
+ install the release while you do more interesting things.
+ 4) Debian will contain a system setup procedure that will attempt to
+ setup and configure everything from fstab to Xconfig.
+ 5) Debian will contain a menu system that WORKS... menu-driven
+ package installation and upgrading utility, menu-driven
+ system setup, menu-driven help system, and menu-driven
+ system administration.
+ 6) Debian will make Linux easier for users who don't have access to the
+ Internet. Currently, users are stuck with whatever comes with
+ SLS. Non-Internet users will have the option of receiving
+ periodic upgrade packages to apply to their system. They will
+ also have the option of selecting from a huge library of
+ additional packages that will not be included in the base
+ system. This library will contain packages like the S3
+ X-server, nethack and Seyon; basically packages that you and I
+ can ftp but non-netters cannot access.
+ 7) Debian will be extensively documented (more than just a few
+ READMEs).
+ 8) As I put together Debian, I am keeping a meticulous record of
+ where I got everything. This will allow the end-user to
+ not only know where to get the source, but whether or not
+ the most recent version is a part of Debian. This record
+ will help to keep the Debian release as up-to-date as possible.
+ 9) Lots more, but I'll detail later...
+
+Anyway, I'll provide more specifics in a week or so after I receive enough
+replies.
+
+Please, all replies by mail. I'll post a followup. If you wish to discuss
+this in the newsgroup, please don't turn it into a flamewar. :)
+
+Until later,
+
+Ian
+- --
+Ian Murdock Internet: imur...@shell.portal.com
+The Linux Warehouse
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCAAdFiEEuSzBcBIwbfVk7W13FdIOf2r1tSUFAlvXATEACgkQFdIOf2r1
+tSV3uxAApxV+PFe9gP7a7cJJ5nVKvcpLKUom501TSgHnebjoxT32x5S5+/l2Lf6U
+z9w9bQoggbCMF0FwoFQ/qtBJ+loFKDiz1ToZqV7gWNRYR8YxRg867c1JQ780gmBx
+tq44D8UN5IRT6o2NQpmBvkTLyOo3cYScbwUarny1pPPrT+pWcrz5sO3Fw0pcPuJU
+qu4S6kDZHm3sLOvgevhmBgAX5OEeZpJNP/FemV7a2wNVT4+xCwsmzMvyN3kTitKR
+gCoH/n0MyGkgHupI5B6B22WTGIX6ogbSmjH4jUjr8YmRsJHBZkncjEPkGhOU5YeU
+8Mizp+u6Z70N/b/A2fuqmwkA7X24FEZ1Re27V5YU+eF/23kk62LSBxGmr9NEe2eE
+5HxP3+DgdszULs6t1xH9vAuSnCNlxmSNZ6fMJCsggd+mddBIRrZMSAdqgosYW/YD
+qw+ydGPb6P0w6DZQZs0K7p3OB5fKjdLbXn7rl+ut70chkMtAkRvH5jYlC+QaPjmN
+vwYGwv1PZPaOsIaCM8a2OzpzqePF+NFDAg0wa5gr7sxaBeMgtvwwCe2+Ufq1JY6R
+X7/ubU4/LKouiUvUlkx94ywzMMUu3jT5h0YKcpFNSYIdYDryKphKsfShkPL99Hc3
+xuMqR6HFZmCFLPxNue5/i/yycAAfXecXr3ZcoYVMIUl50NV7OuqIdAQBFggAHRYh
+BOF57qTrR+YF2YZjLihiGOfHT5wRBQJb1wExAAoJEChiGOfHT5wRGV0A/3WvXKec
+IJBQxGQt9tevYll6yPV7+fKeAWxzblL4YIM6APYgmWXfitzvt7hxmJrS5+cpMd9A
+w75HtceAxeuhvK4IiQEzBAEBCAAdFiEEd8cUFd1/c7yHLW6GLs8+zl3EJqcFAlvX
+ATEACgkQLs8+zl3EJqfuGAgAm7hctCl4Ol4UYaeD7RQrObX0l/GTYZTI28ffyXal
++C+oo98ifVLlnyIat3GRib3bP8U4fz8440E4UClUrPiMUfUHMff+3rNvWnXzTeQj
+IqsfMycrq4cQNpLQU05H7/z4pzfDg1yY3/J92BJL+OAbO2K13pVd6/fW3rZK+H0E
+htd0mj512QNH0lzIcUx2dp+4VTyRPlda+zbBn2bJaphLMkmAV2cfnRQ4xDjqNxGk
+XKTRAtAi6oqZDskYYJoIf4UrdWzQrNE7MgDsmr/eGy/0wG5cSbuintuBoonc7agb
+lefymg6+MlgapLm45sptAgjy//nWGRbGO2pYttWEZiHWcQ==
+=VDty
+-----END PGP SIGNATURE-----
diff --git a/debexpo/tests/gpg/pubring.gpg b/debexpo/tests/gpg/pubring.gpg
new file mode 100644
index 0000000000000000000000000000000000000000..881e9ee9ecf51f9f86b37d5da76b2f2049b7c141
Binary files /dev/null and b/debexpo/tests/gpg/pubring.gpg differ
diff --git a/debexpo/tests/gpg/pubring_with_355304E4.gpg b/debexpo/tests/gpg/pubring_with_355304E4.gpg
deleted file mode 100644
index 576d49973f0083fdfa8427015a5d41ae31232eab..0000000000000000000000000000000000000000
Binary files a/debexpo/tests/gpg/pubring_with_355304E4.gpg and /dev/null differ
diff --git a/debexpo/tests/gpg/signed_by_355304E4.gpg b/debexpo/tests/gpg/signed_by_355304E4.gpg
deleted file mode 100644
index 73293aae937d0f9c46d167898d5493a4954713c7..0000000000000000000000000000000000000000
Binary files a/debexpo/tests/gpg/signed_by_355304E4.gpg and /dev/null differ
diff --git a/debexpo/tests/test_gnupg.py b/debexpo/tests/test_gnupg.py
index cca650a92842846bf54c9a0df9b29c3c02338a6c..de7a37fb9df07d0cac44d8541a27aaf70fe1a56c 100644
--- a/debexpo/tests/test_gnupg.py
+++ b/debexpo/tests/test_gnupg.py
@@ -44,43 +44,21 @@ from debexpo.lib.gnupg import GnuPG
test_gpg_key = \
"""-----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v2.0.9 (GNU/Linux)
-
-mQGiBEMnG4URBADovsaF04fRCsE1w5IHR0YHp2+Zd1Yjd4yo16B/J9nZ5Gj6Swih
-LaWhcjFL+crrP2tk6lKHXR+pYZ7pbm0jit4xAXDA2RQEvqVomps6vZVAQuZGVH57
-7whF0SWrO/XJ7JH68Nk7/8gwz7ISVMlq12pzy+MTFT9216vpahI4h0rv7wCg6Y1K
-RVZUp9sSFZuxJ67+ivoMfUMD/iQD8v2BznLp1XEe0rqQ3LebkGp5uuRWCPWI632e
-wfI+XzNxXvqrQnn6aJ7nRsi65+bPEpz/qjKYsikSCwGMIWa6yTINutYO2ns7Ltez
-y41f73vEdNm+5k4OZ4XB+zTvxoOXrWpl7MWX3O5aulGrB/vnlOTDoqTv+xoNkv2I
-PwoPA/49Lr3Pm1R1rdoEBhsbnYCwBUWtUx4gEcHA45/7Gy0rmqVuCh/sqeWW4nn/
-n8RfCzEDbgfxm8O5jduDkeGsem+AJJ96ERuBWiiVZ6f6rHZRwX3X5rtbGaFB0miY
-48LXBwNvFBu6bcs1LSjjw1H8h5lbcJVaScl2mEn39AXmnHJKk7QlU2VyYWZlaW0g
-WmFuaWtvbGFzIDxzZXJ6YW5AaGVsbHVnLmdyPohhBBMRAgAhBgsJCAcDAgMVAgMD
-FgIBAh4BAheABQJIAJNBBQkMXkW8AAoJEO3CRWI1UwTk7XkAoLCRfv/kVFNq+X2Q
-7E3M8cl8OAJcAKCUBbSr75DtKS9bo6Q0oeK4UkYu3YhbBBMRAgAbBgsJCAcDAgMV
-AgMDFgIBAh4BAheABQJHwhWtAAoJEO3CRWI1UwTkh6MAnibtG603HMtX/fzZfsW0
-hlsVwfGxAKDHyLakJZMm6n6VaLtE96T1UzIDCIhhBBMRAgAhBQJDJxuFBQkFo5qA
-BgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEO3CRWI1UwTkjrwAn0+NVciUYdIhWFnj
-xgCHU8XAJHGwAKDa4PJgjBMUZixcfcikoCOX4lc5WohhBBMRAgAhBgsJCAcDAgMV
-AgMDFgIBAh4BAheABQJIAI9NBQkMXkHIAAoJEO3CRWI1UwTkJDUAoNX3eS0PRlIb
-ZJLLvTrlQxaCgp/3AKC9Uz7oAe4Blw4C55rBgdZs9/9Gg4hGBBARAgAGBQJIE4J5
-AAoJEBVYlEWZ6B2g3yMAoLjneTTHkTD758PjswGiCbfASXmVAJ95tpgA6q5Xwtj5
-sn6tcv403pNOSIhGBBARAgAGBQJIC88zAAoJELdRFAn8Fdvsvq4AoJtlGCZhhRAt
-V0w8/GY+tVYzY4SHAKDRGk6EzJZ4uVHypdXw/aVYD110R4hGBBARAgAGBQJIO/at
-AAoJEJYs2vc7xAgfW4oAnRyYl8uRtkA+njTJb0BFnkEVToYJAKCG3wte5Y68hkoa
-W4y0FEdywhObybkBDQRDJxuHEAQAjonzPvWecBu80Pte8+9J8FFoNc5THXFHhHU+
-mqKNGk7bU4lCeVRM5tvMPJ/dV7+rmKgNF4MJ7MweQwQWpa0GKreB++EgijKUVtsR
-95pskzJbIbwMAMnkZbMIXB/7H8VChjDH6bRtZxROpw80teQK3jE0Gw8H3Aa/ktOl
-nwgfqPMAAwUD/A4y0e7CgWlCrELidCtEp/Z5DMlUJC+weUOZyknJqy3Ng9KgSD4k
-1HxmF46v8YtU/BcC83ijmZzJowa/P/72WDItC5EloPHhNnu/OQ19JPEvIJlPlkAM
-Y3Y26AsoHQBvZJes99XgGQYpm6N7nmJ9yoheAFIII91gVdipLAi//UuniEwEGBEC
-AAwFAkMnG4cFCQWjmoAACgkQ7cJFYjVTBOS3OwCg0XRWVkOp0Fn1htlXyQO1MdAs
-sS0An1yrKagH2JprS2yHBCLXdPcyAY6I
-=VNMB
+
+mDMEW9b91RYJKwYBBAHaRw8BAQdAHtUIQWAsmPilu0JDMnLbpPQfT1i3z2IVMoDH
+rhlYkO+0JWRlYmV4cG8gdGVzdGluZyA8ZGViZXhwb0BleGFtcGxlLm9yZz6IkAQT
+FggAOBYhBOF57qTrR+YF2YZjLihiGOfHT5wRBQJb1v3VAhsDBQsJCAcCBhUKCQgL
+AgQWAgMBAh4BAheAAAoJEChiGOfHT5wRdQIBAJ8rciR0e1PaA+LhoTWHaPSgCwvc
+lNFyRk71s75+hRkhAPwPnl6QqGsOa0DyJB5saVcqPCqYFbF1usUWIQnPPRsVC7g4
+BFvW/dUSCisGAQQBl1UBBQEBB0DzrYDCp+OaNFinqKkDWcqftqq/BAFS9lq4de5g
+RNytNAMBCAeIeAQYFggAIBYhBOF57qTrR+YF2YZjLihiGOfHT5wRBQJb1v3VAhsM
+AAoJEChiGOfHT5wRNK8A/115pc8+OwKDy1fGXGX3l0uq1wdfiJreG/9YZddx/JTI
+AQD4ZLpyUg+z6kJ+8YAmHFiOD9Ixv3QVvrfpBwnBVtJZBg==
+=N+9W
-----END PGP PUBLIC KEY BLOCK-----
"""
-test_gpg_key_id = '1024D/355304E4'
+test_gpg_key_id = '256E/C74F9C11'
class TestGnuPGController(TestCase):
@@ -120,13 +98,13 @@ class TestGnuPGController(TestCase):
def testSignatureVerification(self):
"""
- Verify the signature in the file debexpo/tests/gpg/signed_by_355304E4.
+ Verify the signature in the file debexpo/tests/gpg/debian_announcement.gpg.asc.
"""
gnupg = self._get_gnupg()
self.assertFalse(gnupg.is_unusable())
gpg_data_dir = os.path.join(os.path.dirname(__file__), 'gpg')
- signed_file = os.path.join(gpg_data_dir, 'signed_by_355304E4.gpg')
- pubring = os.path.join(gpg_data_dir, 'pubring_with_355304E4.gpg')
+ signed_file = os.path.join(gpg_data_dir, 'debian_announcement.gpg.asc')
+ pubring = os.path.join(gpg_data_dir, 'pubring.gpg')
assert os.path.exists(signed_file)
assert os.path.exists(pubring)
self.assertTrue(gnupg.verify_sig(signed_file, pubring))
diff --git a/development.ini b/development.ini
index a43360dc88fb1d14b8dadfe3e642ee084909347e..dade2bda9810c8fbec839c89a095e62451721b6e 100644
--- a/development.ini
+++ b/development.ini
@@ -96,8 +96,11 @@ debexpo.gpg_path = /usr/bin/gpg
# Path to the mentors keyring
debexpo.gpg_keyring =
+# Minimum key strength required for the key to be acceptable in Debian keyring.
+debexpo.gpg_minkeystrength = 2048
+
# Cronjobs to run by the Worker task
-debexpo.cronjobs = importcomments importuploads
+debexpo.cronjobs = removeolduploads importuploads
# Extra plugin directory
debexpo.cronjobdir = /tmp
diff --git a/test.ini b/test.ini
index 8170a9af81e2e90fad2697fb78ad44df0bc8036b..e043518d544a425ef2ce396d768a36fe8c805970 100644
--- a/test.ini
+++ b/test.ini
@@ -68,6 +68,8 @@ debexpo.gpg_keyring = /tmp/keyring
debexpo.enable_experimental_code = False
+debexpo.gpg_minkeystrength = 2048
+
[loggers]
keys = root, debexpo