- initial import of revision 374 from cnc
[apt.git] / contrib / gpg-check / gpg-check.lua
1 if confget("RPM::GPG-Check/b", "true") == "false" then
2     return
3 end
4
5 if table.getn(files_install) < 1 then
6     return
7 end
8
9 hash = '###########################################'
10 hashestotal = string.len(hash)
11 interactive = confget("RPM::Interactive/b", "true")
12 quiet = tonumber(confget("quiet", 0))
13
14 function printhash(amount, total)
15     percent = amount/total*100
16     if interactive == "true" then
17         nrhash = hashestotal - hashestotal / total * amount
18         line = string.format("%-44s[%3d%%]", string.sub(hash, nrhash), percent)
19         io.stdout.write(io.stdout, line)
20         io.stdout.flush(io.stdout)
21         for i = 1, string.len(line) do
22             io.stdout.write(io.stdout, '\b')
23         end
24     else
25         io.stdout.write(io.stdout, string.format("%%%% %f\n", percent))
26     end
27 end
28         
29 function showerrors(i, msg)
30     apterror(msg)
31 end
32
33 good = 1
34 unknown = 0
35 illegal = 0
36 unsigned = 0
37 errors = {}
38
39 skiplist = confgetlist("RPM::GPG::Skip-Check", "")
40
41 io.stdout.write(io.stdout, string.format("%-28s", _("Checking GPG signatures...")))
42 if interactive == "false" then
43         io.stdout.write(io.stdout, '\n')
44 end
45 for i, file in ipairs(files_install) do
46     skipthis = false
47     for j, skip in ipairs(skiplist) do
48         start = string.find(pkgname(pkgs_install[i]), skip)
49         if start then
50             skipthis = true
51             aptwarning(_("Skipped GPG check on "..pkgname(pkgs_install[i])))
52             break
53         end
54     end
55     if quiet == 0 then
56         printhash(i, table.getn(files_install))
57     end
58     if skipthis == false then
59         inp = io.popen("LANG=C /bin/rpm --checksig  "..file.." 2>&1")
60  
61         for line in inp.lines(inp) do
62             if string.find(line, "gpg") then
63                 break
64             elseif string.find(line, "GPG") then
65                 table.insert(errors, _("Unknown signature "..line))
66                 unknown = unknown + 1
67                 good = nil
68             elseif string.find(line, "rpmReadSignature") then
69                 table.insert(errors, _("Illegal signature "..line))
70                 illegal = illegal + 1
71                 good = nil
72             else
73                 table.insert(errors, _("Unsigned "..line))
74                 unsigned = unsigned + 1
75                 good = nil
76             end
77         end
78         io.close(inp)
79     end
80 end
81 if interactive == "true" then
82     io.stdout.write(io.stdout, '\n')
83 end
84
85 if not good then
86     table.foreach(errors, showerrors)
87     apterror(_("Error(s) while checking package signatures:\n"..unsigned.." unsigned package(s)\n"..unknown.." package(s) with unknown signatures\n"..illegal.." package(s) with illegal/corrupted signatures"))
88 end
89
90 -- vim::sts=4:sw=4