Commit 661736aa authored by Raphaël Hertzog's avatar Raphaël Hertzog

Replace python3-gpgme with python3-gpg

The former has been abandoned upstream in favor of the latter which is provided directly as part of the gpgme upstream project. Both APIs are relatively close so the port was not very hard. Fixes: #2
parent 9dfcf884
Pipeline #998 passed with stages
in 13 minutes 21 seconds
......@@ -4,7 +4,7 @@ before_script:
- apt-get update
# Runtime dependencies
- apt-get -y install python3-django/stretch-backports
- apt-get -y install python3-requests python3-django-jsonfield python3-django-captcha python3-debian python3-debianbts python3-apt python3-yaml python3-bs4 python3-pyinotify python3-gpgme
- apt-get -y install python3-requests python3-django-jsonfield python3-django-captcha python3-debian python3-debianbts python3-apt python3-yaml python3-bs4 python3-pyinotify python3-gpg
# Test dependencies
- apt-get -y install python3-coverage python3-selenium chromium-driver xvfb python3-pip
# Dependencies to build docs
......
......@@ -14,7 +14,7 @@ Build-Depends: debhelper (>= 10),
python3-django (>= 1:1.11),
python3-django-jsonfield,
python3-django-captcha,
python3-gpgme,
python3-gpg,
python3-requests (>= 2),
python3-yaml,
python3-pyinotify,
......@@ -58,7 +58,7 @@ Depends: ${python3:Depends},
python3-debianbts,
python3-django (>= 1:1.11),
python3-django-jsonfield,
python3-gpgme,
python3-gpg,
python3-requests (>= 2),
python3-yaml,
python3-pyinotify,
......
......@@ -1299,6 +1299,13 @@ class VerifySignatureTest(SimpleTestCase):
# already removed file.
shutil.rmtree(self.TEST_KEYRING_DIRECTORY, ignore_errors=True)
def test_verify_signature_none(self):
"""
Ensure the function does not fail when it's passed None as data
to analyze.
"""
self.assertIsNone(verify_signature(None))
def test_signed_message(self):
"""
Tests extracting the signature from a correctly signed message when the
......
# Copyright 2013 The Distro Tracker Developers
# Copyright 2013-2018 The Distro Tracker Developers
# See the COPYRIGHT file at the top-level directory of this distribution and
# at https://deb.li/DTAuthors
#
......@@ -14,9 +14,8 @@ from django.db import models
from django.conf import settings
import os
import json
import gpgme
import gpg
import datetime
import io
# Re-export some functions
from .email_messages import extract_email_address_from_header # noqa
......@@ -210,29 +209,38 @@ def verify_signature(content):
# The vendor has not provided a keyring
return None
if content is None:
return None
if isinstance(content, str):
content = content.encode('utf-8')
os.environ['GNUPGHOME'] = keyring_directory
ctx = gpgme.Context()
signers = []
# Try to verify the given content
plain = io.BytesIO()
try:
signatures = ctx.verify(io.BytesIO(content), None, plain)
except gpgme.GpgmeError:
return None
with gpg.Context() as ctx:
# Extract signer information
signers = []
for signature in signatures:
key_missing = bool(signature.summary & gpgme.SIGSUM_KEY_MISSING)
# Try to verify the given content
signed_data = gpg.Data()
signed_data.new_from_mem(content)
try:
_, result = ctx.verify(signed_data)
except gpg.errors.BadSignatures:
return []
except gpg.errors.GpgError:
return None
# Extract signer information
for signature in result.signatures:
key_missing = bool(signature.summary &
gpg.constants.SIGSUM_KEY_MISSING)
if key_missing:
continue
if key_missing:
continue
key = ctx.get_key(signature.fpr)
signers.append((key.uids[0].name, key.uids[0].email))
key = ctx.get_key(signature.fpr)
signers.append((key.uids[0].name, key.uids[0].email))
return signers
......
......@@ -101,15 +101,17 @@ class TestCaseHelpersMixin(object):
Imports a key from an ascii armored file located in tests-data/keys/
into Distro Tracker's keyrings/.
"""
import gpgme
import gpg
old = os.environ.get('GNUPGHOME', None)
os.environ['GNUPGHOME'] = settings.DISTRO_TRACKER_KEYRING_DIRECTORY
ctx = gpgme.Context()
file_path = self.get_test_data_path('keys/' + filename)
with open(file_path, 'rb') as key_file:
ctx.import_(key_file)
keydata = gpg.Data()
keydata.new_from_file(file_path)
with gpg.Context() as ctx:
ctx.op_import(keydata)
if old:
os.environ['GNUPGHOME'] = old
......
......@@ -18,7 +18,7 @@ Distro Tracker currently depends on the following Debian packages:
- python3-debian
- python3-debianbts
- python3-apt
- python3-gpgme
- python3-gpg
- python3-yaml
- python3-bs4
- python3-pyinotify
......@@ -28,7 +28,7 @@ Distro Tracker currently depends on the following Debian packages:
Here is the list of required packages for development on Debian Buster::
$ sudo apt install python3-django python3-requests python3-django-jsonfield python3-django-debug-toolbar python3-debian python3-debianbts python3-apt python3-gpgme python3-yaml python3-bs4 python3-pyinotify python3-selenium chromium-driver
$ sudo apt install python3-django python3-requests python3-django-jsonfield python3-django-debug-toolbar python3-debian python3-debianbts python3-apt python3-gpg python3-yaml python3-bs4 python3-pyinotify python3-selenium chromium-driver
.. _database_setup:
......
......@@ -41,7 +41,7 @@ deps =
tests: requests
tests: django_jsonfield
tests: django_debug_toolbar
tests: pygpgme
tests: gpg
tests: PyYAML
tests: python_debian
tests: python_debianbts
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment