diff options
| -rw-r--r-- | DistUpgrade/DistUpgradeViewGtk.py | 1 | ||||
| -rw-r--r-- | SoftwareProperties/SoftwareProperties.py | 2 | ||||
| -rw-r--r-- | UpdateManager/DistUpgradeFetcher.py | 48 | ||||
| -rw-r--r-- | UpdateManager/MetaRelease.py | 8 |
4 files changed, 43 insertions, 16 deletions
diff --git a/DistUpgrade/DistUpgradeViewGtk.py b/DistUpgrade/DistUpgradeViewGtk.py index 7298b31e..2f7e3fed 100644 --- a/DistUpgrade/DistUpgradeViewGtk.py +++ b/DistUpgrade/DistUpgradeViewGtk.py @@ -230,6 +230,7 @@ class DistUpgradeViewGtk(DistUpgradeView,SimpleGladeApp): "files ~/dist-upgrade.log and ~/dist-upgrade-apt.log " "in your report. The upgrade aborts now. "), "\n".join(lines)) + sys.exit(1) def create_terminal(self, arg1,arg2,arg3,arg4): " helper to create a vte terminal " diff --git a/SoftwareProperties/SoftwareProperties.py b/SoftwareProperties/SoftwareProperties.py index 1c6963a0..0e892182 100644 --- a/SoftwareProperties/SoftwareProperties.py +++ b/SoftwareProperties/SoftwareProperties.py @@ -486,7 +486,7 @@ class SoftwareProperties(SimpleGladeApp): _("Error importing selected file"), _("The selected file may not be a GPG key file " \ "or it might be corrupt.")) - self.reload_keyslist() + self.reload_keyslist() def remove_key_clicked(self, widget): selection = self.treeview2.get_selection() diff --git a/UpdateManager/DistUpgradeFetcher.py b/UpdateManager/DistUpgradeFetcher.py index 7af32865..676f064b 100644 --- a/UpdateManager/DistUpgradeFetcher.py +++ b/UpdateManager/DistUpgradeFetcher.py @@ -91,7 +91,19 @@ class DistUpgradeFetcher(object): return False return True - def authenticate(self, file, signature, keyring='/etc/apt/trusted.gpg'): + def authenticate(self): + if self.new_dist.upgradeToolSig: + f = self.tmpdir+"/"+os.path.basename(self.new_dist.upgradeTool) + sig = self.tmpdir+"/"+os.path.basename(self.new_dist.upgradeToolSig) + print "authenticate '%s' against '%s' " % (f,sig) + if not self.gpgauthenticate(f, sig): + return False + + # we may return False here by default if we want to make a sig + # mandatory + return True + + def gpgauthenticate(self, file, signature, keyring='/etc/apt/trusted.gpg'): """ authenticated a file against a given signature, if no keyring is given use the apt default keyring """ @@ -101,6 +113,7 @@ class DistUpgradeFetcher(object): proc = gpg.run(['--verify', signature, file], create_fhs=['status','logger','stderr']) gpgres = proc.handles['status'].read() + proc.wait() if "VALIDSIG" in gpgres: return True return False @@ -140,23 +153,32 @@ class DistUpgradeFetcher(object): # now download the tarball with the upgrade script self.tmpdir = tmpdir = tempfile.mkdtemp() os.chdir(tmpdir) + + # turn debugging on here (if required) + #apt_pkg.Config.Set("Debug::Acquire::http","1") + + progress = GtkProgress.GtkFetchProgress(self.parent, + _("Downloading the upgrade " + "tool"), + _("The upgrade tool will " + "guide you through the " + "upgrade process.")) + fetcher = apt_pkg.GetAcquire(progress) + + if self.new_dist.upgradeToolSig != None: + uri = self.new_dist.upgradeToolSig + af = apt_pkg.GetPkgAcqFile(fetcher,uri, descr=_("Upgrade tool signature")) if self.new_dist.upgradeTool != None: - progress = GtkProgress.GtkFetchProgress(self.parent, - _("Downloading the upgrade " - "tool"), - _("The upgrade tool will " - "guide you through the " - "upgrade process.")) - fetcher = apt_pkg.GetAcquire(progress) self.uri = self.new_dist.upgradeTool af = apt_pkg.GetPkgAcqFile(fetcher,self.uri, descr=_("Upgrade tool")) if fetcher.Run() != fetcher.ResultContinue: return False return True + return False def runDistUpgrader(self): #print "runing: %s" % script - os.execv(script,[]) + os.execv(self.script,[]) def cleanup(self): # cleanup @@ -185,10 +207,10 @@ class DistUpgradeFetcher(object): print "verify failed" self.cleanup() return - #if not self.authenticate(distUpgradeTar, distUpgradeSig): - # print "authenticate failed" - # self.cleanup() - # return + if not self.authenticate(): + print "authenticate failed" + self.cleanup() + return self.runDistUpgrader() diff --git a/UpdateManager/MetaRelease.py b/UpdateManager/MetaRelease.py index cd56970f..fde705bb 100644 --- a/UpdateManager/MetaRelease.py +++ b/UpdateManager/MetaRelease.py @@ -38,12 +38,13 @@ class Dist(object): self.supported = supported self.releaseNotesURI = None self.upgradeTool = None + self.upgradeToolSig = None class MetaRelease(gobject.GObject): # some constants - #METARELEASE_URI = "http://changelogs.ubuntu.com/meta-release" - METARELEASE_URI = "http://people.ubuntu.com/~mvo/dist-upgrader/meta-release-test.save" + METARELEASE_URI = "http://changelogs.ubuntu.com/meta-release" + #METARELEASE_URI = "http://people.ubuntu.com/~mvo/dist-upgrader/meta-release-test2" METARELEASE_FILE = "/var/lib/update-manager/meta-release" __gsignals__ = { @@ -73,6 +74,7 @@ class MetaRelease(gobject.GObject): if res != 0: sys.stderr.write("lsb_release returned exitcode: %i\n" % res) dist = string.strip(p.stdout.readline()) + #dist = "breezy" return dist def check(self): @@ -107,6 +109,8 @@ class MetaRelease(gobject.GObject): dist.releaseNotesURI = index_tag.Section["ReleaseNotes"] if index_tag.Section.has_key("UpgradeTool"): dist.upgradeTool = index_tag.Section["UpgradeTool"] + if index_tag.Section.has_key("UpgradeToolSignature"): + dist.upgradeToolSig = index_tag.Section["UpgradeToolSignature"] dists.append(dist) if name == current_dist_name: current_dist = dist |