Mercurial > hg
annotate hgext/gpg.py @ 1618:ff339dd21976
Renamed c, a, d, u to modified, added, removed, unknown for users of changes()
author | Thomas Arendsen Hein <thomas@intevation.de> |
---|---|
date | Thu, 12 Jan 2006 13:35:09 +0100 |
parents | 347c44611348 |
children | 0690d0f202e1 |
rev | line source |
---|---|
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
1 import os, tempfile, binascii, errno |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
2 from mercurial import util |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
3 from mercurial import node as hgnode |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
4 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
5 class gpg: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
6 def __init__(self, path, key=None): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
7 self.path = path |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
8 self.key = (key and " --local-user \"%s\"" % key) or "" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
9 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
10 def sign(self, data): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
11 gpgcmd = "%s --sign --detach-sign%s" % (self.path, self.key) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
12 return util.filter(data, gpgcmd) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
13 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
14 def verify(self, data, sig): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
15 """ returns of the good and bad signatures""" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
16 try: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
17 fd, sigfile = tempfile.mkstemp(prefix="hggpgsig") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
18 fp = os.fdopen(fd, 'wb') |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
19 fp.write(sig) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
20 fp.close() |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
21 fd, datafile = tempfile.mkstemp(prefix="hggpgdata") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
22 fp = os.fdopen(fd, 'wb') |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
23 fp.write(data) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
24 fp.close() |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
25 gpgcmd = "%s --logger-fd 1 --status-fd 1 --verify \"%s\" \"%s\"" % (self.path, sigfile, datafile) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
26 #gpgcmd = "%s --status-fd 1 --verify \"%s\" \"%s\"" % (self.path, sigfile, datafile) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
27 ret = util.filter("", gpgcmd) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
28 except: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
29 for f in (sigfile, datafile): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
30 try: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
31 if f: os.unlink(f) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
32 except: pass |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
33 raise |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
34 keys = [] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
35 key, fingerprint = None, None |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
36 err = "" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
37 for l in ret.splitlines(): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
38 # see DETAILS in the gnupg documentation |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
39 # filter the logger output |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
40 if not l.startswith("[GNUPG:]"): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
41 continue |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
42 l = l[9:] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
43 if l.startswith("ERRSIG"): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
44 err = "error while verifying signature" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
45 break |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
46 elif l.startswith("VALIDSIG"): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
47 # fingerprint of the primary key |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
48 fingerprint = l.split()[10] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
49 elif (l.startswith("GOODSIG") or |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
50 l.startswith("EXPSIG") or |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
51 l.startswith("EXPKEYSIG") or |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
52 l.startswith("BADSIG")): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
53 if key is not None: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
54 keys.append(key + [fingerprint]) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
55 key = l.split(" ", 2) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
56 fingerprint = None |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
57 if err: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
58 return err, [] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
59 if key is not None: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
60 keys.append(key + [fingerprint]) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
61 return err, keys |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
62 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
63 def newgpg(ui, **opts): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
64 gpgpath = ui.config("gpg", "cmd", "gpg") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
65 gpgkey = opts.get('key') |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
66 if not gpgkey: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
67 gpgkey = ui.config("gpg", "key", None) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
68 return gpg(gpgpath, gpgkey) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
69 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
70 def check(ui, repo, rev): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
71 """verify all the signatures there may be for a particular revision""" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
72 mygpg = newgpg(ui) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
73 rev = repo.lookup(rev) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
74 hexrev = hgnode.hex(rev) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
75 keys = [] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
76 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
77 def addsig(fn, ln, l): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
78 if not l: return |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
79 n, v, sig = l.split(" ", 2) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
80 if n == hexrev: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
81 data = node2txt(repo, rev, v) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
82 sig = binascii.a2b_base64(sig) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
83 err, k = mygpg.verify(data, sig) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
84 if not err: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
85 keys.append((k, fn, ln)) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
86 else: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
87 ui.warn("%s:%d %s\n" % (fn, ln , err)) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
88 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
89 fl = repo.file(".hgsigs") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
90 h = fl.heads() |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
91 h.reverse() |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
92 # read the heads |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
93 for r in h: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
94 ln = 1 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
95 for l in fl.read(r).splitlines(): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
96 addsig(".hgsigs|%s" % hgnode.short(r), ln, l) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
97 ln +=1 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
98 try: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
99 # read local signatures |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
100 ln = 1 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
101 f = repo.opener("localsigs") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
102 for l in f: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
103 addsig("localsigs", ln, l) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
104 ln +=1 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
105 except IOError: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
106 pass |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
107 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
108 if not keys: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
109 ui.write("%s not signed\n" % hgnode.short(rev)) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
110 return |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
111 valid = [] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
112 # warn for expired key and/or sigs |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
113 for k, fn, ln in keys: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
114 prefix = "%s:%d" % (fn, ln) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
115 for key in k: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
116 if key[0] == "BADSIG": |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
117 ui.write("%s Bad signature from \"%s\"\n" % (prefix, key[2])) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
118 continue |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
119 if key[0] == "EXPSIG": |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
120 ui.write("%s Note: Signature has expired" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
121 " (signed by: \"%s\")\n" % (prefix, key[2])) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
122 elif key[0] == "EXPKEYSIG": |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
123 ui.write("%s Note: This key has expired" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
124 " (signed by: \"%s\")\n" % (prefix, key[2])) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
125 valid.append((key[1], key[2], key[3])) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
126 # print summary |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
127 ui.write("%s is signed by:\n" % hgnode.short(rev)) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
128 for keyid, user, fingerprint in valid: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
129 role = getrole(ui, fingerprint) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
130 ui.write(" %s (%s)\n" % (user, role)) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
131 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
132 def getrole(ui, fingerprint): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
133 return ui.config("gpg", fingerprint, "no role defined") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
134 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
135 def sign(ui, repo, *revs, **opts): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
136 """add a signature for the current tip or a given revision""" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
137 mygpg = newgpg(ui, **opts) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
138 sigver = "0" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
139 sigmessage = "" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
140 if revs: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
141 nodes = [repo.lookup(n) for n in revs] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
142 else: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
143 nodes = [repo.changelog.tip()] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
144 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
145 for n in nodes: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
146 hexnode = hgnode.hex(n) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
147 ui.write("Signing %d:%s\n" % (repo.changelog.rev(n), |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
148 hgnode.short(n))) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
149 # build data |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
150 data = node2txt(repo, n, sigver) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
151 sig = mygpg.sign(data) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
152 if not sig: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
153 raise util.Abort("Error while signing") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
154 sig = binascii.b2a_base64(sig) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
155 sig = sig.replace("\n", "") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
156 sigmessage += "%s %s %s\n" % (hexnode, sigver, sig) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
157 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
158 # write it |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
159 if opts['local']: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
160 repo.opener("localsigs", "ab").write(sigmessage) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
161 return |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
162 |
1618
ff339dd21976
Renamed c, a, d, u to modified, added, removed, unknown for users of changes()
Thomas Arendsen Hein <thomas@intevation.de>
parents:
1592
diff
changeset
|
163 for x in repo.changes(): |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
164 if ".hgsigs" in x and not opts["force"]: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
165 raise util.Abort("working copy of .hgsigs is changed " |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
166 "(please commit .hgsigs manually" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
167 "or use --force)") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
168 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
169 repo.wfile(".hgsigs", "ab").write(sigmessage) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
170 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
171 if repo.dirstate.state(".hgsigs") == '?': |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
172 repo.add([".hgsigs"]) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
173 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
174 if opts["no_commit"]: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
175 return |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
176 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
177 message = opts['message'] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
178 if not message: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
179 message = "\n".join(["Added signature for changeset %s" % hgnode.hex(n) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
180 for n in nodes]) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
181 try: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
182 repo.commit([".hgsigs"], message, opts['user'], opts['date']) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
183 except ValueError, inst: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
184 raise util.Abort(str(inst)) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
185 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
186 def node2txt(repo, node, ver): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
187 """map a manifest into some text""" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
188 if ver == "0": |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
189 return "%s\n" % hgnode.hex(node) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
190 else: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
191 util.Abort("unknown signature version") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
192 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
193 cmdtable = { |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
194 "sign": |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
195 (sign, |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
196 [('l', 'local', None, "make the signature local"), |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
197 ('f', 'force', None, "sign even if the sigfile is modified"), |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
198 ('', 'no-commit', None, "do not commit the sigfile after signing"), |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
199 ('m', 'message', "", "commit message"), |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
200 ('d', 'date', "", "date code"), |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
201 ('u', 'user', "", "user"), |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
202 ('k', 'key', "", "the key id to sign with")], |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
203 "hg sign [OPTION]... REVISIONS"), |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
204 "sigcheck": (check, [], 'hg sigcheck REVISION') |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
205 } |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
206 |