Allowing users to define which keyservers they update from allows them to work around buggy keyservers. It is also useful for local mirrors and / or private keyservers.
It's likely that I'm setting the default incorrectly and not alphabetizing right, but the code works at least... -- Matthew Thode (prometheanfire)
From fa649aac34f7478685c1999857de00c91a1d76cc Mon Sep 17 00:00:00 2001
From: Matthew Thode <mth...@mthode.org>
Date: Mon, 25 Feb 2019 14:14:20 -0600
Subject: [PATCH] enable user settable gpg keyservers
Allowing users to define which keyservers they update from allows them
to work around buggy keyservers. It is also useful for local mirrors
and / or private keyservers.
Signed-off-by: Matthew Thode <mth...@mthode.org>
---
lib/portage/repository/config.py | 12 ++++++++++--
lib/portage/sync/syncbase.py | 6 +++---
2 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/lib/portage/repository/config.py b/lib/portage/repository/config.py
index 482711c4b..47adbaf03 100644
--- a/lib/portage/repository/config.py
+++ b/lib/portage/repository/config.py
@@ -115,6 +115,7 @@ class RepoConfig(object):
'sync_openpgp_key_refresh_retry_delay_max',
'sync_openpgp_key_refresh_retry_delay_mult',
'sync_openpgp_key_refresh_retry_overall_timeout',
+ 'sync_openpgp_keyserver',
'sync_rcu',
'sync_rcu_spare_snapshots',
'sync_rcu_store_dir',
@@ -224,8 +225,13 @@ class RepoConfig(object):
self.sync_allow_hardlinks = repo_opts.get(
'sync-allow-hardlinks', 'true').lower() in ('true', 'yes')
- self.sync_openpgp_key_path = repo_opts.get(
- 'sync-openpgp-key-path', None)
+ sync_openpgp_keyserver = repo_opts.get(
+ 'sync-openpgp-keyserver')
+ if sync_openpgp_keyserver is not None:
+ sync_openpgp_keyserver = sync_openpgp_keyserver.strip().lower()
+ else:
+ sync_openpgp_keyserver = 'hkps.pool.sks-keyservers.net'
+ self.sync_openpgp_keyserver = sync_openpgp_keyserver
for k in ('sync_openpgp_key_refresh_retry_count',
'sync_openpgp_key_refresh_retry_delay_exp_base',
@@ -602,6 +608,7 @@ class RepoConfigLoader(object):
'sync_depth',
'sync_hooks_only_on_change',
'sync_openpgp_key_path',
+ 'sync_openpgp_keyserver',
'sync_openpgp_key_refresh_retry_count',
'sync_openpgp_key_refresh_retry_delay_exp_base',
'sync_openpgp_key_refresh_retry_delay_max',
@@ -1048,6 +1055,7 @@ class RepoConfigLoader(object):
"priority",
"sync_depth",
"sync_openpgp_key_path",
+ "sync_openpgp_keyserver",
"sync_openpgp_key_refresh_retry_count",
"sync_openpgp_key_refresh_retry_delay_exp_base",
"sync_openpgp_key_refresh_retry_delay_max",
diff --git a/lib/portage/sync/syncbase.py b/lib/portage/sync/syncbase.py
index 83b35c667..ae9ec938e 100644
--- a/lib/portage/sync/syncbase.py
+++ b/lib/portage/sync/syncbase.py
@@ -252,10 +252,10 @@ class SyncBase(object):
@type openpgp_env: gemato.openpgp.OpenPGPEnvironment
"""
out = portage.output.EOutput(quiet=('--quiet' in self.options['emerge_config'].opts))
- out.ebegin('Refreshing keys from keyserver')
+ out.ebegin('Refreshing keys from keyserver {s}'.format(s=self.repo.sync_openpgp_keyserver))
retry_decorator = self._key_refresh_retry_decorator()
if retry_decorator is None:
- openpgp_env.refresh_keys()
+ openpgp_env.refresh_keys(keyserver=self.repo.sync_openpgp_keyserver)
else:
def noisy_refresh_keys():
"""
@@ -263,7 +263,7 @@ class SyncBase(object):
errors, display errors as soon as they occur.
"""
try:
- openpgp_env.refresh_keys()
+ openpgp_env.refresh_keys(keyserver=self.repo.sync_openpgp_keyserver)
except Exception as e:
writemsg_level("%s\n" % (e,),
level=logging.ERROR, noiselevel=-1)
--
2.19.2
signature.asc
Description: PGP signature
