From patchwork Wed Jul 6 18:39:16 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mattias Backman X-Patchwork-Id: 2498 Return-Path: X-Original-To: patchwork@peony.canonical.com Delivered-To: patchwork@peony.canonical.com Received: from fiordland.canonical.com (fiordland.canonical.com [91.189.94.145]) by peony.canonical.com (Postfix) with ESMTP id 4D1052413B for ; Wed, 6 Jul 2011 18:39:21 +0000 (UTC) Received: from mail-qw0-f52.google.com (mail-qw0-f52.google.com [209.85.216.52]) by fiordland.canonical.com (Postfix) with ESMTP id 1D749A18514 for ; Wed, 6 Jul 2011 18:39:21 +0000 (UTC) Received: by mail-qw0-f52.google.com with SMTP id 8so136685qwb.11 for ; Wed, 06 Jul 2011 11:39:20 -0700 (PDT) Received: by 10.229.102.98 with SMTP id f34mr6836750qco.42.1309977559269; Wed, 06 Jul 2011 11:39:19 -0700 (PDT) X-Forwarded-To: linaro-patchwork@canonical.com X-Forwarded-For: patch@linaro.org linaro-patchwork@canonical.com Delivered-To: patches@linaro.org Received: by 10.229.48.135 with SMTP id r7cs87135qcf; Wed, 6 Jul 2011 11:39:18 -0700 (PDT) Received: by 10.68.10.103 with SMTP id h7mr10253996pbb.211.1309977557776; Wed, 06 Jul 2011 11:39:17 -0700 (PDT) Received: from adelie.canonical.com (adelie.canonical.com [91.189.90.139]) by mx.google.com with ESMTP id q14si44303935wfk.78.2011.07.06.11.39.17; Wed, 06 Jul 2011 11:39:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of bounces@canonical.com designates 91.189.90.139 as permitted sender) client-ip=91.189.90.139; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of bounces@canonical.com designates 91.189.90.139 as permitted sender) smtp.mail=bounces@canonical.com Received: from loganberry.canonical.com ([91.189.90.37]) by adelie.canonical.com with esmtp (Exim 4.71 #1 (Debian)) id 1QeX0G-0005Lk-Dp for ; Wed, 06 Jul 2011 18:39:16 +0000 Received: from loganberry.canonical.com (localhost [127.0.0.1]) by loganberry.canonical.com (Postfix) with ESMTP id 67BCA2E8067 for ; Wed, 6 Jul 2011 18:39:16 +0000 (UTC) MIME-Version: 1.0 X-Launchpad-Project: linaro-image-tools X-Launchpad-Branch: ~linaro-image-tools/linaro-image-tools/trunk X-Launchpad-Message-Rationale: Subscriber X-Launchpad-Branch-Revision-Number: 360 X-Launchpad-Notification-Type: branch-revision To: Linaro Patch Tracker From: noreply@launchpad.net Subject: [Branch ~linaro-image-tools/linaro-image-tools/trunk] Rev 360: Merge lp:~mabac/linaro-image-tools/chdir-for-hashverify; use location of hash file as working dir... Message-Id: <20110706183916.10312.7058.launchpad@loganberry.canonical.com> Date: Wed, 06 Jul 2011 18:39:16 -0000 Reply-To: noreply@launchpad.net Sender: bounces@canonical.com Errors-To: bounces@canonical.com Precedence: bulk X-Generated-By: Launchpad (canonical.com); Revision="13376"; Instance="initZopeless config overlay" X-Launchpad-Hash: 52594a6c26af66983a96a2634ce68cdd358c32d9 Merge authors: Mattias Backman (mabac) Related merge proposals: https://code.launchpad.net/~mabac/linaro-image-tools/chdir-for-hashverify/+merge/65221 proposed by: Mattias Backman (mabac) review: Approve - James Westby (james-w) ------------------------------------------------------------ revno: 360 [merge] committer: Mattias Backman branch nick: linaro-image-tools timestamp: Wed 2011-06-22 08:50:29 +0200 message: Merge lp:~mabac/linaro-image-tools/chdir-for-hashverify; use location of hash file as working dir when verifying sha1sums of hwpacks. modified: linaro-media-create linaro_image_tools/cmd_runner.py linaro_image_tools/tests/test_pyflakes.py linaro_image_tools/tests/test_utils.py linaro_image_tools/utils.py --- lp:linaro-image-tools https://code.launchpad.net/~linaro-image-tools/linaro-image-tools/trunk You are subscribed to branch lp:linaro-image-tools. To unsubscribe from this branch go to https://code.launchpad.net/~linaro-image-tools/linaro-image-tools/trunk/+edit-subscription === modified file 'linaro-media-create' --- linaro-media-create 2011-06-17 12:47:16 +0000 +++ linaro-media-create 2011-06-21 09:16:28 +0000 @@ -22,7 +22,6 @@ import os import sys import tempfile -import subprocess from linaro_image_tools import cmd_runner @@ -43,7 +42,11 @@ unpack_binary_tarball, ) from linaro_image_tools.media_create import get_args_parser -from linaro_image_tools.utils import ensure_command, is_arm_host +from linaro_image_tools.utils import ( + ensure_command, + is_arm_host, + verify_file_integrity, + ) # Just define the global variables TMP_DIR = None @@ -105,15 +108,9 @@ ensure_required_commands(args) sig_file_list = args.hwpacksigs[:] - verified_files = [] if args.binarysig is not None: sig_file_list.append(args.binarysig) - for sig_file in sig_file_list: - hash_file = sig_file[0:-len('.asc')] - cmd_runner.run(['gpg', '--verify', sig_file]).wait() - sha1sums_out, _ = cmd_runner.run(['sha1sum', '-c', hash_file], - stdout=subprocess.PIPE).communicate() - verified_files.extend(sha1sums_out.replace(': OK', '').splitlines()) + verified_files = verify_file_integrity(sig_file_list) for verified_file in verified_files: print 'Hash verification of file %s OK.' % verified_file === modified file 'linaro_image_tools/cmd_runner.py' --- linaro_image_tools/cmd_runner.py 2011-04-04 10:38:07 +0000 +++ linaro_image_tools/cmd_runner.py 2011-06-21 07:41:30 +0000 @@ -36,7 +36,7 @@ def run(args, as_root=False, chroot=None, stdin=None, stdout=None, - stderr=None): + stderr=None, cwd=None): """Run the given command as a sub process. Return a Popen instance. @@ -60,7 +60,7 @@ as_root = True if as_root and os.getuid() != 0: args = SUDO_ARGS + args - return Popen(args, stdin=stdin, stdout=stdout, stderr=stderr) + return Popen(args, stdin=stdin, stdout=stdout, stderr=stderr, cwd=cwd) class Popen(subprocess.Popen): === modified file 'linaro_image_tools/tests/test_pyflakes.py' --- linaro_image_tools/tests/test_pyflakes.py 2011-05-10 15:43:32 +0000 +++ linaro_image_tools/tests/test_pyflakes.py 2011-06-21 09:18:32 +0000 @@ -29,8 +29,8 @@ (stdout, stderr) = proc.communicate() stdout = stdout.splitlines() stdout.sort() - expected = ["./linaro_image_tools/utils.py:26: redefinition of " - "unused 'CommandNotFound' from line 24" ] + expected = ["./linaro_image_tools/utils.py:27: redefinition of " + "unused 'CommandNotFound' from line 25" ] self.assertEquals(expected, stdout) self.assertEquals('', stderr) === modified file 'linaro_image_tools/tests/test_utils.py' --- linaro_image_tools/tests/test_utils.py 2011-03-24 18:41:59 +0000 +++ linaro_image_tools/tests/test_utils.py 2011-06-21 09:16:28 +0000 @@ -35,12 +35,49 @@ install_package_providing, preferred_tools_dir, UnableToFindPackageProvidingCommand, + verify_file_integrity, ) sudo_args = " ".join(cmd_runner.SUDO_ARGS) +class TestVerifyFileIntegrity(TestCaseWithFixtures): + + filenames_in_shafile = ['verified-file1', 'verified-file2'] + + class MockCmdRunnerPopen(object): + def __call__(self, cmd, *args, **kwargs): + self.returncode = 0 + return self + + def communicate(self, input=None): + self.wait() + return ': OK\n'.join( + TestVerifyFileIntegrity.filenames_in_shafile) + ': OK\n', '' + + def wait(self): + return self.returncode + + def test_verify_files(self): + fixture = self.useFixture(MockCmdRunnerPopenFixture()) + hash_filename = "dummy-file.txt" + signature_filename = hash_filename + ".asc" + verify_file_integrity([signature_filename]) + self.assertEqual( + ['gpg --verify %s' % signature_filename, + 'sha1sum -c %s' % hash_filename], + fixture.mock.commands_executed) + + def test_verify_files_returns_files(self): + self.useFixture(MockSomethingFixture(cmd_runner, 'Popen', + self.MockCmdRunnerPopen())) + hash_filename = "dummy-file.txt" + signature_filename = hash_filename + ".asc" + verified_files = verify_file_integrity([signature_filename]) + self.assertEqual(self.filenames_in_shafile, verified_files) + + class TestEnsureCommand(TestCaseWithFixtures): install_pkg_providing_called = False === modified file 'linaro_image_tools/utils.py' --- linaro_image_tools/utils.py 2011-05-10 15:42:59 +0000 +++ linaro_image_tools/utils.py 2011-06-21 09:16:28 +0000 @@ -19,6 +19,7 @@ import os import platform +import subprocess try: from CommandNotFound import CommandNotFound @@ -28,6 +29,31 @@ from linaro_image_tools import cmd_runner +def verify_file_integrity(sig_file_list): + """Verify a list of signature files. + + The parameter is a list of filenames of gpg signature files which will be + verified using gpg. For each of the files it is assumed that there is an + sha1 hash file with the same file name minus the '.asc' extension. + + Each of the sha1 files will be checked using sha1sums. All files listed in + the sha1 hash file must be found in the same directory as the hash file. + """ + verified_files = [] + for sig_file in sig_file_list: + hash_file = sig_file[0:-len('.asc')] + cmd_runner.run(['gpg', '--verify', sig_file]).wait() + if os.path.dirname(hash_file) == '': + sha_cwd = None + else: + sha_cwd = os.path.dirname(hash_file) + sha1sums_out, _ = cmd_runner.run(['sha1sum', '-c', hash_file], + stdout=subprocess.PIPE, cwd=sha_cwd + ).communicate() + verified_files.extend(sha1sums_out.replace(': OK', '').splitlines()) + return verified_files + + def install_package_providing(command): """Install a package which provides the given command.