~bzr-pqm/bzr/bzr.dev

2052.3.2 by John Arbash Meinel
Change Copyright .. by Canonical to Copyright ... Canonical
1
# Copyright (C) 2005 Canonical Ltd
1442.1.57 by Robert Collins
check that we get the right command line from the default gpg strategy.
2
#   Authors: Robert Collins <robert.collins@canonical.com>
3
#
4
# This program is free software; you can redistribute it and/or modify
5
# it under the terms of the GNU General Public License as published by
6
# the Free Software Foundation; either version 2 of the License, or
7
# (at your option) any later version.
8
#
9
# This program is distributed in the hope that it will be useful,
10
# but WITHOUT ANY WARRANTY; without even the implied warranty of
11
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12
# GNU General Public License for more details.
13
#
14
# You should have received a copy of the GNU General Public License
15
# along with this program; if not, write to the Free Software
16
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
17
18
"""GPG signing and checking logic."""
19
1996.3.1 by John Arbash Meinel
Demandloading builtins.py drops our load time from 350ms to 291ms
20
import os
21
import sys
22
23
from bzrlib.lazy_import import lazy_import
24
lazy_import(globals(), """
1442.1.58 by Robert Collins
gpg signing of content
25
import errno
1442.1.57 by Robert Collins
check that we get the right command line from the default gpg strategy.
26
import subprocess
27
1912.3.2 by John Arbash Meinel
Adding some logging, because on my machine TTY is not exported by default.
28
from bzrlib import (
29
    errors,
30
    trace,
1551.8.11 by Aaron Bentley
Clear terminal before signing
31
    ui,
1912.3.2 by John Arbash Meinel
Adding some logging, because on my machine TTY is not exported by default.
32
    )
1996.3.1 by John Arbash Meinel
Demandloading builtins.py drops our load time from 350ms to 291ms
33
""")
1442.1.57 by Robert Collins
check that we get the right command line from the default gpg strategy.
34
1912.3.1 by John Arbash Meinel
updating gpg.py to set GPG_TTY in the environment.
35
1442.1.62 by Robert Collins
Allow creation of testaments from uncommitted data, and use that to get signatures before committing revisions.
36
class DisabledGPGStrategy(object):
37
    """A GPG Strategy that makes everything fail."""
38
39
    def __init__(self, ignored):
40
        """Real strategies take a configuration."""
41
42
    def sign(self, content):
43
        raise errors.SigningFailed('Signing is disabled.')
44
45
1442.1.59 by Robert Collins
Add re-sign command to generate a digital signature on a single revision.
46
class LoopbackGPGStrategy(object):
1442.1.62 by Robert Collins
Allow creation of testaments from uncommitted data, and use that to get signatures before committing revisions.
47
    """A GPG Strategy that acts like 'cat' - data is just passed through."""
1442.1.59 by Robert Collins
Add re-sign command to generate a digital signature on a single revision.
48
49
    def __init__(self, ignored):
50
        """Real strategies take a configuration."""
51
52
    def sign(self, content):
1551.12.15 by Aaron Bentley
add header/trailer to fake clearsigned texts
53
        return ("-----BEGIN PSEUDO-SIGNED CONTENT-----\n" + content +
1551.12.52 by Aaron Bentley
speling fix
54
                "-----END PSEUDO-SIGNED CONTENT-----\n")
1442.1.59 by Robert Collins
Add re-sign command to generate a digital signature on a single revision.
55
56
1912.3.1 by John Arbash Meinel
updating gpg.py to set GPG_TTY in the environment.
57
def _set_gpg_tty():
58
    tty = os.environ.get('TTY')
59
    if tty is not None:
60
        os.environ['GPG_TTY'] = tty
1912.3.2 by John Arbash Meinel
Adding some logging, because on my machine TTY is not exported by default.
61
        trace.mutter('setting GPG_TTY=%s', tty)
62
    else:
63
        # This is not quite worthy of a warning, because some people
64
        # don't need GPG_TTY to be set. But it is worthy of a big mark
65
        # in ~/.bzr.log, so that people can debug it if it happens to them
66
        trace.mutter('** Env var TTY empty, cannot set GPG_TTY.'
67
                     '  Is TTY exported?')
1912.3.1 by John Arbash Meinel
updating gpg.py to set GPG_TTY in the environment.
68
69
1442.1.57 by Robert Collins
check that we get the right command line from the default gpg strategy.
70
class GPGStrategy(object):
71
    """GPG Signing and checking facilities."""
72
        
73
    def _command_line(self):
1185.78.4 by John Arbash Meinel
Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.
74
        return [self._config.gpg_signing_command(), '--clearsign']
1442.1.57 by Robert Collins
check that we get the right command line from the default gpg strategy.
75
76
    def __init__(self, config):
77
        self._config = config
1442.1.58 by Robert Collins
gpg signing of content
78
79
    def sign(self, content):
2273.1.1 by John Arbash Meinel
``GPGStrategy.sign()`` will now raise ``BzrBadParameterUnicode`` if
80
        if isinstance(content, unicode):
81
            raise errors.BzrBadParameterUnicode('content')
1551.8.11 by Aaron Bentley
Clear terminal before signing
82
        ui.ui_factory.clear_term()
1963.1.8 by John Arbash Meinel
Don't use preexec_fn on win32
83
84
        preexec_fn = _set_gpg_tty
85
        if sys.platform == 'win32':
86
            # Win32 doesn't support preexec_fn, but wouldn't support TTY anyway.
87
            preexec_fn = None
1442.1.58 by Robert Collins
gpg signing of content
88
        try:
1185.78.4 by John Arbash Meinel
Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.
89
            process = subprocess.Popen(self._command_line(),
90
                                       stdin=subprocess.PIPE,
1912.3.1 by John Arbash Meinel
updating gpg.py to set GPG_TTY in the environment.
91
                                       stdout=subprocess.PIPE,
1963.1.8 by John Arbash Meinel
Don't use preexec_fn on win32
92
                                       preexec_fn=preexec_fn)
1442.1.58 by Robert Collins
gpg signing of content
93
            try:
1185.78.4 by John Arbash Meinel
Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.
94
                result = process.communicate(content)[0]
1442.1.58 by Robert Collins
gpg signing of content
95
                if process.returncode is None:
96
                    process.wait()
97
                if process.returncode != 0:
1185.78.4 by John Arbash Meinel
Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.
98
                    raise errors.SigningFailed(self._command_line())
1442.1.58 by Robert Collins
gpg signing of content
99
                return result
1442.1.59 by Robert Collins
Add re-sign command to generate a digital signature on a single revision.
100
            except OSError, e:
1442.1.58 by Robert Collins
gpg signing of content
101
                if e.errno == errno.EPIPE:
1185.78.4 by John Arbash Meinel
Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.
102
                    raise errors.SigningFailed(self._command_line())
1442.1.59 by Robert Collins
Add re-sign command to generate a digital signature on a single revision.
103
                else:
104
                    raise
1442.1.58 by Robert Collins
gpg signing of content
105
        except ValueError:
106
            # bad subprocess parameters, should never happen.
107
            raise
108
        except OSError, e:
109
            if e.errno == errno.ENOENT:
110
                # gpg is not installed
1185.78.4 by John Arbash Meinel
Reverting gpg changes, should not be mainline, see gpg_uses_tempfile plugin.
111
                raise errors.SigningFailed(self._command_line())
1442.1.58 by Robert Collins
gpg signing of content
112
            else:
113
                raise