- #!/usr/bin/env python
-# -*- mode: python -*-
+# Copyright (c) 1999-2001 Jason Gunthorpe <jgg@debian.org>
+# Copyright (c) 2005 Joey Schulze <joey@infodrom.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
# GPG issues -
# - gpgm with a status FD being fed keymaterial and other interesting
# pgp2 encrypting mode.
import string, mimetools, multifile, sys, StringIO, os, tempfile, re;
-import rfc822, time, fcntl, FCNTL, anydbm
+import rfc822, time, fcntl, anydbm
# General GPG options
GPGPath = "gpg"
-GPGBasicOptions = ["--no-options","--batch","--load-extension","rsa",\
- "--no-default-keyring","--always-trust"];
+# "--load-extension","rsa",
+GPGBasicOptions = [
+ "--no-options",
+ "--batch",
+ "--no-default-keyring",
+ "--secret-keyring", "/dev/null",
+ "--always-trust"];
GPGKeyRings = [];
GPGSigOptions = ["--output","-"];
GPGSearchOptions = ["--dry-run","--with-colons","--fingerprint"];
Output = "-----BEGIN PGP SIGNED MESSAGE-----\r\n";
# Semi-evil hack to get the proper hash type inserted in the message
if Msg.getparam('micalg') != None:
- Output = Output + "Hash: %s\r\n"%(string.upper(Msg.getparam('micalg')[4:]));
+ Output = Output + "Hash: MD5,SHA1,%s\r\n"%(string.upper(Msg.getparam('micalg')[4:]));
Output = Output + "\r\n";
- Output = Output + string.replace(Signed.getvalue(),"\n---","\n- ---") + Signature;
+ Output = Output + string.replace(Signed.getvalue(),"\n-","\n- -") + Signature;
return (Output,1);
else:
if Paranoid == 0:
Why = "Unable to verify signature, signing key missing.";
# Expired signature
- if Split[1] == "SIGEXPIRED":
+ if Split[1] == "SIGEXPIRED" or Split[1] == "EXPSIG":
GoodSig = 0;
Why = "Signature has expired";
# Revoked key
- if Split[1] == "KEYREVOKED":
+ if Split[1] == "KEYREVOKED" or Split[1] == "REVKEYSIG":
GoodSig = 0;
Why = "Signing key has been revoked";
# ValidSig has the key finger print
if Split[1] == "VALIDSIG":
- KeyFinger = Split[2];
+ # Use the fingerprint of the primary key when available
+ if len(Split) >= 12:
+ KeyFinger = Split[11];
+ else:
+ KeyFinger = Split[2];
# Reopen the stream as a readable stream
Text = Res[2].read();
Owner = "";
KeyID = "";
Hits = {};
+
+ dir = os.path.expanduser("~/.gnupg")
+ if not os.path.isdir(dir):
+ os.mkdir(dir, 0700)
+
try:
Strm = os.popen(string.join(Args," "),"r");
class ReplayCache:
def __init__(self,Database):
self.Lock = open(Database + ".lock","w",0600);
- fcntl.flock(self.Lock.fileno(),FCNTL.LOCK_EX);
+ fcntl.flock(self.Lock.fileno(),fcntl.LOCK_EX);
self.DB = anydbm.open(Database,"c",0600);
self.CleanCutOff = CleanCutOff;
self.AgeCutOff = AgeCutOff;