X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=userdir_gpg.py;h=ab192c7f95d290b21d7828b07e0933c9d29fee5d;hb=d3d5dd5a3fc470f834f5f021cf86ebfede644fcf;hp=6319d583e59e7645b376bf3fa83a758f526bede5;hpb=701528fc8153f150dae52787cca172d8ab4f4bfb;p=mirror%2Fuserdir-ldap.git diff --git a/userdir_gpg.py b/userdir_gpg.py index 6319d58..ab192c7 100644 --- a/userdir_gpg.py +++ b/userdir_gpg.py @@ -1,5 +1,19 @@ - #!/usr/bin/env python -# -*- mode: python -*- +# Copyright (c) 1999-2001 Jason Gunthorpe +# Copyright (c) 2005 Joey Schulze +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. # GPG issues - # - gpgm with a status FD being fed keymaterial and other interesting @@ -13,13 +27,17 @@ # pgp2 encrypting mode. import string, mimetools, multifile, sys, StringIO, os, tempfile, re; -import rfc822, time, fcntl, FCNTL, anydbm +import rfc822, time, fcntl, anydbm # General GPG options GPGPath = "gpg" # "--load-extension","rsa", -GPGBasicOptions = ["--no-options","--batch", - "--no-default-keyring","--always-trust"]; +GPGBasicOptions = [ + "--no-options", + "--batch", + "--no-default-keyring", + "--secret-keyring", "/dev/null", + "--always-trust"]; GPGKeyRings = []; GPGSigOptions = ["--output","-"]; GPGSearchOptions = ["--dry-run","--with-colons","--fingerprint"]; @@ -350,12 +368,12 @@ def GPGCheckSig(Message): Why = "Unable to verify signature, signing key missing."; # Expired signature - if Split[1] == "SIGEXPIRED": + if Split[1] == "SIGEXPIRED" or Split[1] == "EXPSIG": GoodSig = 0; Why = "Signature has expired"; # Revoked key - if Split[1] == "KEYREVOKED": + if Split[1] == "KEYREVOKED" or Split[1] == "REVKEYSIG": GoodSig = 0; Why = "Signing key has been revoked"; @@ -371,7 +389,11 @@ def GPGCheckSig(Message): # ValidSig has the key finger print if Split[1] == "VALIDSIG": - KeyFinger = Split[2]; + # Use the fingerprint of the primary key when available + if len(Split) >= 12: + KeyFinger = Split[11]; + else: + KeyFinger = Split[2]; # Reopen the stream as a readable stream Text = Res[2].read(); @@ -407,6 +429,11 @@ def GPGKeySearch(SearchCriteria): Owner = ""; KeyID = ""; Hits = {}; + + dir = os.path.expanduser("~/.gnupg") + if not os.path.isdir(dir): + os.mkdir(dir, 0700) + try: Strm = os.popen(string.join(Args," "),"r"); @@ -462,7 +489,7 @@ def TemplateSubst(Map,Template): class ReplayCache: def __init__(self,Database): self.Lock = open(Database + ".lock","w",0600); - fcntl.flock(self.Lock.fileno(),FCNTL.LOCK_EX); + fcntl.flock(self.Lock.fileno(),fcntl.LOCK_EX); self.DB = anydbm.open(Database,"c",0600); self.CleanCutOff = CleanCutOff; self.AgeCutOff = AgeCutOff;