5 Gentoo-keys - gkeyldap/actions.py
7 Primary api interface module
9 @copyright: 2012 by Brian Dolbec <dol-sen@gentoo.org>
10 @license: GNU GPL2, see COPYING for details.
16 from gkeys.config import GKEY, KEYID, LONGKEYID, FINGERPRINT
17 from gkeys.seed import Seeds
18 from gkeyldap.search import (LdapSearch, UID, gkey2ldap_map, gkey2SEARCH)
28 Avialable_Actions = ['ldapsearch', 'updateseeds']
31 def get_key_ids(key, info):
32 '''Small utility function to return only keyid (short)
35 @param key: string, the key length desired
36 @param info: list of keysid's to process
37 @return list of the desired key length id's
41 if x.startswith('0x'):
42 mylen = KEY_LEN[key] + 2
50 class Actions(object):
53 def __init__(self, config, output=None, logger=None):
58 self.fingerprint_re = re.compile('[0-9A-Fa-f]{40}')
61 def ldapsearch(self, args):
63 self.logger.info("Search...establishing connection")
64 self.output("Search...establishing connection")
66 self.logger.info("Aborting Search...Connection failed")
67 self.output("Aborting Search...Connection failed")
69 self.logger.debug("MAIN: _action_ldapsearch; args = %s" % str(args))
70 x, target, search_field = self.get_args(args)
71 results = l.search(target, search_field)
72 devs = l.result2dict(results, gkey2ldap_map[x])
73 for dev in sorted(devs):
74 self.output(dev, devs[dev])
75 self.output("============================================")
76 self.output("Total number of devs in results:", len(devs))
77 self.logger.info("============================================")
78 self.logger.info("Total number of devs in results: %d" % len(devs))
82 def updateseeds(self, args):
83 self.logger.info("Beginning ldap search...")
84 self.output("Beginning ldap search...")
87 self.output("Aborting Update...Connection failed")
88 self.logger.info("Aborting Update...Connection failed")
90 results = l.search('*', UID)
91 info = l.result2dict(results, 'uid')
93 "MAIN: _action_updateseeds; got results :) converted to info")
94 if not self.create_seedfile(info):
95 self.logger.error("Dev seed file update failure: "
96 "Original seed file is intact & untouched.")
97 filename = self.config['dev-seedfile']
98 old = filename + '.old'
100 self.output("Backing up existing file...")
101 self.logger.info("Backing up existing file...")
102 if os.path.exists(old):
104 "MAIN: _action_updateseeds; Removing 'old' seed file: %s"
107 if os.path.exists(filename):
109 "MAIN: _action_updateseeds; Renaming current seed file to: "
111 os.rename(filename, old)
113 "MAIN: _action_updateseeds; Renaming '.new' seed file to: %s"
115 os.rename(filename + '.new', filename)
118 self.output("Developer Seed file updated")
122 def create_seedfile(self, devs):
123 self.output("Creating seeds from ldap data...")
124 filename = self.config['dev-seedfile'] + '.new'
125 self.seeds = Seeds(filename)
127 for dev in sorted(devs):
128 if devs[dev]['gentooStatus'][0] not in ['active']:
130 #self.logger.debug("create_seedfile, dev = "
131 # "%s, %s" % (str(dev), str(devs[dev])))
132 keyinfo = self.build_gkeylist(devs[dev])
134 new_gkey = GKEY._make(keyinfo)
135 self.seeds.add(new_gkey)
137 self.output("Total number of seeds created:", count)
138 self.output("Seeds created...saving file: %s" % filename)
139 self.logger.info("Total number of seeds created: %d" % count)
140 self.logger.info("Seeds created...saving file: %s" % filename)
141 return self.seeds.save()
146 for x in ['nick', 'name', 'gpgkey', 'fingerprint', 'status']:
148 target = getattr(args, x)
149 search_field = gkey2SEARCH[x]
151 return (x, target, search_field)
155 def build_gkeydict(self, info):
157 for x in GKEY._fields:
158 field = gkey2ldap_map[x]
162 # strip errant line feeds
163 values = [y.strip('\n') for y in info[field]]
164 if values and values in ['uid', 'cn' ]:
166 # separate out short/long key id's
167 elif values and x in ['keyid', 'longkeyid']:
168 value = get_key_ids(x, values)
171 if 'undefined' in values:
172 self.logger.error('%s = "undefined" for %s, %s'
173 %(field, info['uid'][0], info['cn'][0]))
181 def build_gkeylist(self, info):
184 keyid_missing = False
185 # assume it's good until found an error is found
187 #self.logger.debug("MAIN: build_gkeylist; info = %s" % str(info))
188 for x in GKEY._fields:
189 field = gkey2ldap_map[x]
194 # strip errant line feeds
195 values = [y.strip('\n') for y in info[field]]
196 if values and field in ['uid', 'cn' ]:
198 # separate out short/long key id's
199 elif values and x in ['keyid', 'longkeyid']:
200 value = get_key_ids(x, values)
203 elif values and x in ['fingerprint']:
204 value = [v.replace(' ', '') for v in values]
207 if 'undefined' in values:
208 self.logger.error('ERROR in ldap info for: %s, %s'
209 %(info['uid'][0],info['cn'][0]))
210 self.logger.error(' %s = "undefined"' %(field))
212 keyinfo.append(value)
214 self.logger.debug('Ldap info for: %s, %s'
215 %(info['uid'][0],info['cn'][0]))
216 self.logger.debug(' MISSING or EMPTY ldap field ' +
217 '[%s] GPGKey field [%s]' %(field, x))
218 if x in ['keyid', 'longkeyid']:
223 if not keyid_found and keyid_missing:
226 fingerprint = info[gkey2ldap_map['fingerprint']]
227 self.logger.debug(' Generate gpgkey, Found ldap fingerprint field')
229 gpgkey = 'Missing fingerprint from ldap info'
230 self.logger.debug(' Generate gpgkey, ldap fingerprint KeyError')
232 values = [y.strip('\n') for y in fingerprint]
233 value = [v.replace(' ', '') for v in values]
234 # assign it to gpgkey to prevent a possible
235 # "gpgkey" undefined error
236 gpgkey = ['0x' + x[-KEY_LEN['longkeyid']:] for x in value]
237 keyinfo[LONGKEYID] = gpgkey
238 self.logger.debug(' Generate gpgkey, NEW keyinfo[LONGKEYID] = %s'
239 % str(keyinfo[LONGKEYID]))
241 gpgkey = 'Missing or Bad fingerprint from ldap info'
243 if not keyinfo[LONGKEYID]:
244 self.logger.error('ERROR in ldap info for: %s, %s'
245 %(info['uid'][0],info['cn'][0]))
246 self.logger.error(' A valid keyid, longkeyid or fingerprint '
247 'was not found for %s : gpgkey = %s' %(info['cn'][0], gpgkey))
250 if keyinfo[FINGERPRINT]: # fingerprints exist check
251 is_ok = self._check_fingerprint_integrity(info, keyinfo)
252 is_match = self._check_id_fingerprint_match(info, keyinfo)
253 if not is_ok or not is_match:
260 def _check_id_fingerprint_match(self, info, keyinfo):
261 # assume it's good until found an error is found
263 for x in [KEYID, LONGKEYID]:
264 # skip blank id field
268 index = len(y.lstrip('0x'))
269 if y.lstrip('0x').upper() not in \
270 [x[-index:].upper() for x in keyinfo[FINGERPRINT]]:
271 self.logger.error('ERROR in ldap info for: %s, %s'
272 %(info['uid'][0],info['cn'][0]))
273 self.logger.error(' ' + str(keyinfo))
274 self.logger.error(' GPGKey id %s not found in the '
275 % y.lstrip('0x') + 'listed fingerprint(s)')
280 def _check_fingerprint_integrity(self, info, keyinfo):
281 # assume it's good until found an error is found
283 for x in keyinfo[FINGERPRINT]:
284 # check fingerprint integrity
286 self.logger.error('ERROR in ldap info for: %s, %s'
287 %(info['uid'][0],info['cn'][0]))
288 self.logger.error(' GPGKey incorrect fingerprint ' +
289 'length (%s) for fingerprint: %s' %(len(x), x))
292 if not self.fingerprint_re.match(x):
293 self.logger.error('ERROR in ldap info for: %s, %s'
294 %(info['uid'][0],info['cn'][0]))
295 self.logger.error(' GPGKey: Non hexadecimal digits in ' +
296 'fingerprint for fingerprint: ' + x)