- raw from PLD

[tld-ftp-admin.git] / bin / pfa-checksign

#!/usr/bin/env python
# vi: encoding=utf-8 ts=8 sts=4 sw=4 et

import sys, os
import getopt
sys.path.insert(0, os.environ['HOME']+'/pld-ftp-admin/modules')
import ftptree
import getpass
from common import checkdir
import ftpio
from config import sign_key
from sign import is_signed, signpkgs

try:
    opts, args = getopt.getopt(sys.argv[1:], '')
except getopt.GetoptError:
    print >>sys.stderr, "ERR: options error"
    print >>sys.stderr, "checksign.py tree package1 [package2...]"
    sys.exit(1)

if len(args) < 1:
    print >>sys.stderr, "ERR: missing tree name"
    print >>sys.stderr, "checksign.py tree package1 [package2...]"
    sys.exit(1)

if sign_key == None:
    print >>sys.stderr, "ERR: sign_key not defined in config"
    sys.exit(1)

treename = args[0]
packages = args[1:]

checkdir(treename)

ftpio.connect('sign')

if not ftpio.lock(treename, True):
    print >>sys.stderr, "ERR: %s tree already locked" % treename
    sys.exit(1)

files = []
try:
    if len(packages) < 1:
        loadall = True
    else:
        loadall = False

    # if no files specified, grab whole tree contents
    tree = ftptree.FtpTree(treename, loadall = loadall)
    if loadall:
        # this is hack, should be a param, not access private .loadedpkgs element
        tree.mark4moving(tree.loadedpkgs)
    else:
        tree.mark4moving(packages)

except ftptree.SomeError:
    # In case of problems we need to unlock the tree before exiting
    ftpio.unlock(treename)
    sys.exit(1)

ftpio.unlock(treename)

print "Checking signatures of %d packages" % len(tree.loadedpkgs)
sign = []
for pkg in tree.marked4moving:
    unsigned = 0
    for file in pkg.rpmfiles():
        if not is_signed(file):
            unsigned += 1

    if unsigned != 0:
        print '%s: %d files NOT signed' % (pkg.nvr, unsigned)
    else:
        print '%s signed' % pkg.nvr

sys.exit(0)