Mailinglist Archive: zypp-devel (149 mails)
| < Previous | Next > |
Re: [zypp-devel] libzypp-binding-python: gpgCheck(False) has no effect ?
- From: Michael Andres <ma@xxxxxxx>
- Date: Wed, 3 Sep 2008 15:06:39 +0200
- Message-id: <20080903130639.GA8707@xxxxxxx>
On Wed, Sep 03, Jan-Simon M?ller wrote:
Looking at the zypp code, gpgCheck has no effect ;( I don't see any
location that evaluates the value.
Signature verification may trigger some callbacks, to ask whether to
accept unsigned files, unkown keys, etc. The default to all these
questions is 'NO'.
You want to say 'YES'.
In C++ you'd create a KeyRingReceiver that connects to the callback and
answers the questions as needed. But I don't know if the bindings support
this:
struct KeyRingReceiver : public callback::ReceiveReport<KeyRingReport>
{
KeyRingReceiver()
{ connect(); }
virtual bool askUserToAcceptUnsignedFile( const std::string & file )
{ return true; }
virtual bool askUserToAcceptUnknownKey( const std::string &file,
const std::string &id )
{ return true; }
virtual bool askUserToTrustKey( const PublicKey & key )
{ return true; }
virtual bool askUserToImportKey( const PublicKey & key )
{ return true; }
virtual bool askUserToAcceptVerificationFailed( const std::string & file,
const PublicKey & key )
{ return true; }
};
Without this you need a valid signature.
Do you build libzypp and libzypp-bindings from svn?
I can provide some methods in KeyRing to change the default answers.
I suppose this is easier for the bindings than dealing with callbacks.
--
cu,
Michael Andres
+------------------------------------------------------------------+
Key fingerprint = 2DFA 5D73 18B1 E7EF A862 27AC 3FB8 9E3A 27C6 B0E4
+------------------------------------------------------------------+
Michael Andres YaST Development ma@xxxxxxxxxx
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Maxfeldstrasse 5, D-90409 Nuernberg, Germany, ++49 (0)911 - 740 53-0
+------------------------------------------------------------------+
--
To unsubscribe, e-mail: zypp-devel+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: zypp-devel+help@xxxxxxxxxxxx
Hi and moin moin !
I'm playing again with libzypp/python.
See the test1.py (lots of comments, but i need to remember later :D).
I've a local obs instance mirrored at http://localhost/. The repo is at
http://localhost/software_from_lire/base_factory/
[DIR] Parent Directory -
[DIR] i586/ 03-Jul-2008 13:57 -
[DIR] noarch/ 03-Jul-2008 13:30 -
[DIR] nosrc/ 03-Jul-2008 13:26 -
[DIR] repodata/ 03-Jul-2008 13:57 -
[ ] software_from_lire.repo 03-Jul-2008 13:57 220
[DIR] src/
In the repoinfo I set gpgCheck to False.
If I add this repoinfo it works, but then:
Traceback (most recent call last):myrepomanager.refreshMetadata(myrepoinfo)
File "<stdin>", line 1, in <module>
File "/home/dl9pf/pfx/lib64/python/site-packages/zypp.py", line 1609, in
refreshMetadata
def refreshMetadata(*args): return
_zypp.RepoManager_refreshMetadata(*args)
RuntimeError: History:
- Signature verification failed for repomd.xml
Valid metadata not found at specified URL(s)
Any idea ? What did I miss ?
Looking at the zypp code, gpgCheck has no effect ;( I don't see any
location that evaluates the value.
Signature verification may trigger some callbacks, to ask whether to
accept unsigned files, unkown keys, etc. The default to all these
questions is 'NO'.
You want to say 'YES'.
In C++ you'd create a KeyRingReceiver that connects to the callback and
answers the questions as needed. But I don't know if the bindings support
this:
struct KeyRingReceiver : public callback::ReceiveReport<KeyRingReport>
{
KeyRingReceiver()
{ connect(); }
virtual bool askUserToAcceptUnsignedFile( const std::string & file )
{ return true; }
virtual bool askUserToAcceptUnknownKey( const std::string &file,
const std::string &id )
{ return true; }
virtual bool askUserToTrustKey( const PublicKey & key )
{ return true; }
virtual bool askUserToImportKey( const PublicKey & key )
{ return true; }
virtual bool askUserToAcceptVerificationFailed( const std::string & file,
const PublicKey & key )
{ return true; }
};
Without this you need a valid signature.
Do you build libzypp and libzypp-bindings from svn?
I can provide some methods in KeyRing to change the default answers.
I suppose this is easier for the bindings than dealing with callbacks.
--
cu,
Michael Andres
+------------------------------------------------------------------+
Key fingerprint = 2DFA 5D73 18B1 E7EF A862 27AC 3FB8 9E3A 27C6 B0E4
+------------------------------------------------------------------+
Michael Andres YaST Development ma@xxxxxxxxxx
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Maxfeldstrasse 5, D-90409 Nuernberg, Germany, ++49 (0)911 - 740 53-0
+------------------------------------------------------------------+
--
To unsubscribe, e-mail: zypp-devel+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: zypp-devel+help@xxxxxxxxxxxx
| < Previous | Next > |