[gentoo-commits] proj/portage:master commit in: pym/portage/sync/modules/rsync/

Mon, 05 Feb 2018 10:45:06 -0800 

commit:     a02b5f9f0ae428eeb6cdc30bb3bcb7ac647358de
Author:     Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Thu Feb  1 11:44:49 2018 +0000
Commit:     Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Mon Feb  5 18:41:35 2018 +0000
URL:        https://gitweb.gentoo.org/proj/portage.git/commit/?id=a02b5f9f

rsync: Verify the Manifest signature even if tree is unchanged

Always verify the Manifest signature if verification is enabled.
Skipping the deep tree verification for unchanged case is reasonable
but we need to make sure the Manifest signature stays valid to catch
the case of the signing key being revoked.

Reviewed-by: Zac Medico <zmedico <AT> gentoo.org>

 pym/portage/sync/modules/rsync/rsync.py | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/pym/portage/sync/modules/rsync/rsync.py 
b/pym/portage/sync/modules/rsync/rsync.py
index 39c4066d8..e6e218868 100644
--- a/pym/portage/sync/modules/rsync/rsync.py
+++ b/pym/portage/sync/modules/rsync/rsync.py
@@ -292,7 +292,7 @@ class RsyncSync(NewBase):
                self._process_exitcode(exitcode, dosyncuri, out, maxretries)
 
                # if synced successfully, verify now
-               if exitcode == 0 and not local_state_unchanged and 
self.verify_metamanifest:
+               if exitcode == 0 and self.verify_metamanifest:
                        if gemato is None:
                                writemsg_level("!!! Unable to verify: 
gemato-11.0+ is required\n",
                                        level=logging.ERROR, noiselevel=-1)
@@ -315,6 +315,8 @@ class RsyncSync(NewBase):
                                                        
openpgp_env.refresh_keys()
                                                        out.eend(0)
 
+                                               # we always verify the Manifest 
signature, in case
+                                               # we had to deal with key 
revocation case
                                                m = 
gemato.recursiveloader.ManifestRecursiveLoader(
                                                                
os.path.join(self.repo.location, 'Manifest'),
                                                                
verify_openpgp=True,
@@ -336,9 +338,12 @@ class RsyncSync(NewBase):
                                                out.einfo('- timestamp: %s UTC' 
% (
                                                        
m.openpgp_signature.timestamp))
 
-                                               out.ebegin('Verifying %s' % 
(self.repo.location,))
-                                               m.assert_directory_verifies()
-                                               out.eend(0)
+                                               # if nothing has changed, skip 
the actual Manifest
+                                               # verification
+                                               if not local_state_unchanged:
+                                                       out.ebegin('Verifying 
%s' % (self.repo.location,))
+                                                       
m.assert_directory_verifies()
+                                                       out.eend(0)
                                except GematoException as e:
                                        writemsg_level("!!! Manifest 
verification failed:\n%s\n"
                                                        % (e,),

Reply via email to