From 8cc01b70e199ba6f50136607e77d89e62fe21a44 Mon Sep 17 00:00:00 2001 From: Zac Medico Date: Fri, 17 Oct 2008 18:52:27 +0000 Subject: [PATCH] Remove support for FEATURES=gpg since it's already disabled and broken anyway. Thanks to DJ Anderson for the suggestion. svn path=/main/trunk/; revision=11698 --- man/make.conf.5 | 3 -- pym/portage/__init__.py | 11 ------- pym/portage/dbapi/porttree.py | 60 +---------------------------------- 3 files changed, 1 insertion(+), 73 deletions(-) diff --git a/man/make.conf.5 b/man/make.conf.5 index 45ad93b0c..a8f93ca1c 100644 --- a/man/make.conf.5 +++ b/man/make.conf.5 @@ -204,9 +204,6 @@ can take a lot of time. Force emerges to always try to fetch files from the \fIPORTAGE_BINHOST\fR. See \fBmake.conf\fR(5) for more information. .TP -.B gpg -Check the signatures of Manifests and make sure they are correct. -.TP .B installsources Install source code into /usr/src/debug/${CATEGORY}/${PF} (also see \fBsplitdebug\fR). This feature works only if debugedit is installed and CFLAGS diff --git a/pym/portage/__init__.py b/pym/portage/__init__.py index f0df5b688..d13c2f7fb 100644 --- a/pym/portage/__init__.py +++ b/pym/portage/__init__.py @@ -107,7 +107,6 @@ try: pickle_read, pickle_write, stack_dictlist, stack_dicts, stack_lists, \ unique_array, varexpand, writedict, writemsg, writemsg_stdout, write_atomic import portage.exception - import portage.gpg import portage.locks import portage.process from portage.process import atexit_register, run_exitfuncs @@ -1642,13 +1641,6 @@ class config(object): # repoman will accept any license self._accept_license = set(["*"]) - if "gpg" in self.features: - if not os.path.exists(self["PORTAGE_GPG_DIR"]) or \ - not os.path.isdir(self["PORTAGE_GPG_DIR"]): - writemsg(colorize("BAD", "PORTAGE_GPG_DIR is invalid." + \ - " Removing gpg from FEATURES.\n"), noiselevel=-1) - self.features.remove("gpg") - if not portage.process.sandbox_capable and \ ("sandbox" in self.features or "usersandbox" in self.features): if self.profile_path is not None and \ @@ -1665,9 +1657,6 @@ class config(object): self.features.remove("usersandbox") self.features.sort() - if "gpg" in self.features: - writemsg(colorize("WARN", "!!! FEATURES=gpg is unmaintained, incomplete and broken. Disabling it."), noiselevel=-1) - self.features.remove("gpg") self["FEATURES"] = " ".join(self.features) self.backup_changes("FEATURES") diff --git a/pym/portage/dbapi/porttree.py b/pym/portage/dbapi/porttree.py index c6268a8ec..19010bc62 100644 --- a/pym/portage/dbapi/porttree.py +++ b/pym/portage/dbapi/porttree.py @@ -11,13 +11,12 @@ from portage.data import portage_gid, secpass from portage.dbapi import dbapi from portage.dep import use_reduce, paren_reduce, dep_getkey, match_from_list from portage.exception import PortageException, \ - UntrustedSignature, SecurityViolation, InvalidSignature, MissingSignature, \ FileNotFound, InvalidDependString, InvalidPackageName from portage.manifest import Manifest from portage.util import ensure_dirs, writemsg from portage.versions import pkgsplit, catpkgsplit, best, ver_regexp -import portage.gpg, portage.checksum +import portage.checksum from portage import eclass_cache, auxdbkeys, doebuild, flatten, \ listdir, dep_expand, eapi_is_supported, key_expand, dep_check, \ @@ -102,22 +101,6 @@ class portdbapi(dbapi): # instance that is passed in. self.doebuild_settings = config(clone=self.mysettings) - self.manifestVerifyLevel = None - self.manifestVerifier = None - self.manifestCache = {} # {location: [stat, md5]} - self.manifestMissingCache = [] - - if "gpg" in self.mysettings.features: - self.manifestVerifyLevel = portage.gpg.EXISTS - if "strict" in self.mysettings.features: - self.manifestVerifyLevel = portage.gpg.MARGINAL - self.manifestVerifier = portage.gpg.FileChecker(self.mysettings["PORTAGE_GPG_DIR"], "gentoo.gpg", minimumTrust=self.manifestVerifyLevel) - elif "severe" in self.mysettings.features: - self.manifestVerifyLevel = portage.gpg.TRUSTED - self.manifestVerifier = portage.gpg.FileChecker(self.mysettings["PORTAGE_GPG_DIR"], "gentoo.gpg", requireSignedRing=True, minimumTrust=self.manifestVerifyLevel) - else: - self.manifestVerifier = portage.gpg.FileChecker(self.mysettings["PORTAGE_GPG_DIR"], "gentoo.gpg", minimumTrust=self.manifestVerifyLevel) - #self.root=settings["PORTDIR"] self.porttree_root = porttree_root if porttree_root: @@ -411,47 +394,6 @@ class portdbapi(dbapi): writemsg("!!! %s\n" % myebuild, noiselevel=1) raise KeyError(mycpv) - myManifestPath = "/".join(myebuild.split("/")[:-1])+"/Manifest" - if "gpg" in self.mysettings.features: - try: - mys = portage.gpg.fileStats(myManifestPath) - if (myManifestPath in self.manifestCache) and \ - (self.manifestCache[myManifestPath] == mys): - pass - elif self.manifestVerifier: - if not self.manifestVerifier.verify(myManifestPath): - # Verification failed the desired level. - raise UntrustedSignature( - "Untrusted Manifest: %(manifest)s" % \ - {"manifest" : myManifestPath}) - - if ("severe" in self.mysettings.features) and \ - (mys != portage.gpg.fileStats(myManifestPath)): - raise SecurityViolation( - "Manifest changed: %(manifest)s" % \ - {"manifest":myManifestPath}) - - except InvalidSignature, e: - if ("strict" in self.mysettings.features) or \ - ("severe" in self.mysettings.features): - raise - writemsg("!!! INVALID MANIFEST SIGNATURE DETECTED: %(manifest)s\n" % {"manifest":myManifestPath}) - except MissingSignature, e: - if ("severe" in self.mysettings.features): - raise - if ("strict" in self.mysettings.features): - if myManifestPath not in self.manifestMissingCache: - writemsg("!!! WARNING: Missing signature in: %(manifest)s\n" % {"manifest":myManifestPath}) - self.manifestMissingCache.insert(0,myManifestPath) - except (OSError, FileNotFound), e: - if ("strict" in self.mysettings.features) or \ - ("severe" in self.mysettings.features): - raise SecurityViolation( - "Error in verification of signatures: " + \ - "%(errormsg)s" % {"errormsg" : str(e)}) - writemsg("!!! Manifest is missing or inaccessable: %(manifest)s\n" % {"manifest":myManifestPath}, - noiselevel=-1) - mydata, st, emtime = self._pull_valid_cache(mycpv, myebuild, mylocation) doregen = mydata is None -- 2.26.2