forked from rpm-software-management/rpmlint
-
Notifications
You must be signed in to change notification settings - Fork 0
/
SignatureCheck.py
54 lines (43 loc) · 1.7 KB
/
SignatureCheck.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# -*- coding: utf-8 -*-
#############################################################################
# File : SignatureCheck.py
# Package : rpmlint
# Author : Frederic Lepied
# Created on : Thu Oct 7 17:06:14 1999
# Purpose : check the presence of a PGP signature.
#############################################################################
import re
import AbstractCheck
from Filter import addDetails, printError
import Pkg
class SignatureCheck(AbstractCheck.AbstractCheck):
pgp_regex = re.compile(r"pgp|gpg", re.IGNORECASE)
unknown_key_regex = re.compile(r"\(MISSING KEYS:(?:\([^)]+\))?\s+([^\)]+)\)")
def __init__(self):
AbstractCheck.AbstractCheck.__init__(self, "SignatureCheck")
def check(self, pkg):
res = pkg.checkSignature()
if not res or res[0] != 0:
if res and res[1]:
kres = SignatureCheck.unknown_key_regex.search(res[1])
else:
kres = None
if kres:
printError(pkg, "unknown-key", kres.group(1))
else:
Pkg.warn("Error checking signature of %s: %s" %
(pkg.filename, res[1]))
else:
if not SignatureCheck.pgp_regex.search(res[1]):
printError(pkg, "no-signature")
# Create an object to enable the auto registration of the test
check = SignatureCheck()
addDetails(
'no-signature',
'''You have to include your pgp or gpg signature in your package.
For more information on signatures, please refer to www.gnupg.org.''',
'unknown-key',
'''The package was signed, but with an unknown key.
See the rpm --import option for more information.''',
)
# SignatureCheck.py ends here