projects
/
mirror
/
userdir-ldap.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Improved admin output
[mirror/userdir-ldap.git]
/
userdir_gpg.py
diff --git
a/userdir_gpg.py
b/userdir_gpg.py
index
1f3b1cb
..
ab192c7
100644
(file)
--- a/
userdir_gpg.py
+++ b/
userdir_gpg.py
@@
-1,4
+1,5
@@
# Copyright (c) 1999-2001 Jason Gunthorpe <jgg@debian.org>
# Copyright (c) 1999-2001 Jason Gunthorpe <jgg@debian.org>
+# Copyright (c) 2005 Joey Schulze <joey@infodrom.org>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@
-26,13
+27,17
@@
# pgp2 encrypting mode.
import string, mimetools, multifile, sys, StringIO, os, tempfile, re;
# pgp2 encrypting mode.
import string, mimetools, multifile, sys, StringIO, os, tempfile, re;
-import rfc822, time, fcntl,
FCNTL,
anydbm
+import rfc822, time, fcntl, anydbm
# General GPG options
GPGPath = "gpg"
# "--load-extension","rsa",
# General GPG options
GPGPath = "gpg"
# "--load-extension","rsa",
-GPGBasicOptions = ["--no-options","--batch",
- "--no-default-keyring","--always-trust"];
+GPGBasicOptions = [
+ "--no-options",
+ "--batch",
+ "--no-default-keyring",
+ "--secret-keyring", "/dev/null",
+ "--always-trust"];
GPGKeyRings = [];
GPGSigOptions = ["--output","-"];
GPGSearchOptions = ["--dry-run","--with-colons","--fingerprint"];
GPGKeyRings = [];
GPGSigOptions = ["--output","-"];
GPGSearchOptions = ["--dry-run","--with-colons","--fingerprint"];
@@
-363,12
+368,12
@@
def GPGCheckSig(Message):
Why = "Unable to verify signature, signing key missing.";
# Expired signature
Why = "Unable to verify signature, signing key missing.";
# Expired signature
- if Split[1] == "SIGEXPIRED":
+ if Split[1] == "SIGEXPIRED"
or Split[1] == "EXPSIG"
:
GoodSig = 0;
Why = "Signature has expired";
# Revoked key
GoodSig = 0;
Why = "Signature has expired";
# Revoked key
- if Split[1] == "KEYREVOKED":
+ if Split[1] == "KEYREVOKED"
or Split[1] == "REVKEYSIG"
:
GoodSig = 0;
Why = "Signing key has been revoked";
GoodSig = 0;
Why = "Signing key has been revoked";
@@
-384,7
+389,11
@@
def GPGCheckSig(Message):
# ValidSig has the key finger print
if Split[1] == "VALIDSIG":
# ValidSig has the key finger print
if Split[1] == "VALIDSIG":
- KeyFinger = Split[2];
+ # Use the fingerprint of the primary key when available
+ if len(Split) >= 12:
+ KeyFinger = Split[11];
+ else:
+ KeyFinger = Split[2];
# Reopen the stream as a readable stream
Text = Res[2].read();
# Reopen the stream as a readable stream
Text = Res[2].read();
@@
-420,6
+429,11
@@
def GPGKeySearch(SearchCriteria):
Owner = "";
KeyID = "";
Hits = {};
Owner = "";
KeyID = "";
Hits = {};
+
+ dir = os.path.expanduser("~/.gnupg")
+ if not os.path.isdir(dir):
+ os.mkdir(dir, 0700)
+
try:
Strm = os.popen(string.join(Args," "),"r");
try:
Strm = os.popen(string.join(Args," "),"r");
@@
-475,7
+489,7
@@
def TemplateSubst(Map,Template):
class ReplayCache:
def __init__(self,Database):
self.Lock = open(Database + ".lock","w",0600);
class ReplayCache:
def __init__(self,Database):
self.Lock = open(Database + ".lock","w",0600);
- fcntl.flock(self.Lock.fileno(),
FCNTL
.LOCK_EX);
+ fcntl.flock(self.Lock.fileno(),
fcntl
.LOCK_EX);
self.DB = anydbm.open(Database,"c",0600);
self.CleanCutOff = CleanCutOff;
self.AgeCutOff = AgeCutOff;
self.DB = anydbm.open(Database,"c",0600);
self.CleanCutOff = CleanCutOff;
self.AgeCutOff = AgeCutOff;