particle-os/debian-koji
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix checking signed files

Browse source 
Rpms which are signed with unknown key would raise an error. Ignore
checking of signing key validity.
This commit is contained in:
Tomas Kopecek 2020-06-02 10:43:22 +02:00
parent 3d698be2a7
commit f69824041d
1 changed files with 4 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
koji/__init__.py
View file

@ -1773,7 +1773,7 @@ def downloadFile(url, path=None, fo=None):
"""
if not fo:
fo = open(path, "wb")
fo = open(path, "w+b")
resp = request_with_retry().get(url, stream=True)
try:
@ -1829,13 +1829,15 @@ def _check_rpm_file(fo):
"""Check that the open file appears to be an rpm"""
# TODO: trap exception and raise something with more infomation
ts = rpm.TransactionSet()
# for basic validity we can ignore sigs as there needn't be public keys installed
ts.setVSFlags(rpm._RPMVSF_NOSIGNATURES)
try:
hdr = ts.hdrFromFdno(fo.fileno())
except rpm.error as ex:
raise GenericError("rpm's header can't be extracted: %s (rpm error: %s)" %
(fo.name, ', '.join(ex.args)))
try:
rpm.TransactionSet().hdrCheck(hdr.unload())
ts.hdrCheck(hdr.unload())
except rpm.error as ex:
raise GenericError("rpm's header can't be checked: %s (rpm error: %s)" %
(fo.name, ', '.join(ex.args)))