diff options
author | jstanley <jstanley@spacewalk.jds2001.org> | 2009-07-20 14:21:25 -0400 |
---|---|---|
committer | jstanley <jstanley@spacewalk.jds2001.org> | 2009-07-20 14:21:25 -0400 |
commit | fa6c8b292dc2102fb87d0730bf47ff8ad68cbb8a (patch) | |
tree | cdfc552a7b102b0a9c006955c53ccee939e35671 /key_checker.py | |
parent | 96a7e78a9bdee5419f827f257a98e740369c7214 (diff) | |
download | keychecker-fa6c8b292dc2102fb87d0730bf47ff8ad68cbb8a.tar.gz keychecker-fa6c8b292dc2102fb87d0730bf47ff8ad68cbb8a.tar.xz keychecker-fa6c8b292dc2102fb87d0730bf47ff8ad68cbb8a.zip |
Rename to key_checker.py, refactor matching, add -m for machine parseable output
Diffstat (limited to 'key_checker.py')
-rw-r--r-- | key_checker.py | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/key_checker.py b/key_checker.py new file mode 100644 index 0000000..2130837 --- /dev/null +++ b/key_checker.py @@ -0,0 +1,73 @@ +#!/usr/bin/python +import rpm, rpmUtils.miscutils, sys +from optparse import OptionParser + +ts=rpm.TransactionSet() +pubkeys={} +pubkeys['unknown'] = 'Unknown signing key' + +def buildKeyList(): + keys = ts.dbMatch(rpm.RPMTAG_NAME, 'gpg-pubkey') + for hdr in keys: + pubkeys[hdr[rpm.RPMTAG_VERSION]]=hdr[rpm.RPMTAG_SUMMARY][4:].rsplit('<',1)[0].rstrip() +def getPkgNevra(hdr): + if hdr[rpm.RPMTAG_EPOCH]: + return '%s-%s:%s-%s.%s' % ( hdr[rpm.RPMTAG_NAME], hdr[rpm.RPMTAG_EPOCH], + hdr[rpm.RPMTAG_VERSION], hdr[rpm.RPMTAG_RELEASE], + hdr[rpm.RPMTAG_ARCH]) + else: + return '%s-%s-%s.%s' % ( hdr[rpm.RPMTAG_NAME], hdr[rpm.RPMTAG_VERSION], + hdr[rpm.RPMTAG_RELEASE], hdr[rpm.RPMTAG_ARCH] ) +def getSig(hdr): + if hdr[rpm.RPMTAG_DSAHEADER]: + keyid = rpmUtils.miscutils.getSigInfo(hdr)[1][2][16:] + try: + return (getPkgNevra(hdr), pubkeys[keyid]) + except KeyError: + return (getPkgNevra(hdr), pubkeys['unknown']) + else: + return (getPkgNevra(hdr), 'unsigned') +def getPkg(name=None): + if name: + mi=ts.dbMatch(rpm.RPMTAG_NAME, name) + else: + mi=ts.dbMatch() + exists = False + for hdr in mi: + exists = True + if hdr[rpm.RPMTAG_NAME] == 'gpg-pubkey': continue + nevra, key = getSig(hdr) + pkgs[key].append(nevra) + if not exists: + sys.stderr.write('No such package %s\n' % name) + +if __name__ == '__main__': + usage = '%prog [options] pkg1 pkg2...' + parser = OptionParser(usage) + parser.add_option('-m', '--machine-readable', action='store_true', + dest='mr', help='Produce machine readable output') + options, args = parser.parse_args() + buildKeyList() + pkgs = {} + for keyname in pubkeys.itervalues(): + pkgs[keyname] = [] + pkgs['unAsigned'] = [] + if len(args) != 0: + for pkg in args: + getPkg(pkg) + else: + getPkg() + if options.mr: + for pkg in pkgs.iteritems(): + if pkg[1]: + for pkginstance in pkg[1]: + print '%s,%s' % (pkginstance, pkg[0]) + else: + for pkg in pkgs.iteritems(): + if pkg[1]: + print pkg[0] + print '-' * len(pkg[0]) + for pkginstance in pkg[1]: + print pkginstance + print + |