Rev 514: Make sure signed testament matches repository data. in file:///data/jelmer/bzr-gtk/trunk/
Jelmer Vernooij
jelmer at samba.org
Sun Jun 29 20:18:35 BST 2008
At file:///data/jelmer/bzr-gtk/trunk/
------------------------------------------------------------
revno: 514
revision-id: jelmer at samba.org-20080629191834-ha2ecpv5szt96nge
parent: jelmer at samba.org-20080629190723-l8mzg9x4oec0lhsl
committer: Jelmer Vernooij <jelmer at samba.org>
branch nick: trunk
timestamp: Sun 2008-06-29 21:18:34 +0200
message:
Make sure signed testament matches repository data.
modified:
revisionview.py logview.py-20051024072750-4d5c28cb73611027
=== modified file 'revisionview.py'
--- a/revisionview.py 2008-06-29 19:07:23 +0000
+++ b/revisionview.py 2008-06-29 19:18:34 +0000
@@ -22,9 +22,11 @@
import gobject
import webbrowser
-from bzrlib.plugins.gtk import icon_path
from bzrlib.osutils import format_date
from bzrlib.util.bencode import bdecode
+from bzrlib.testament import Testament
+
+from bzrlib.plugins.gtk import icon_path
try:
from bzrlib.plugins.gtk import seahorse
@@ -222,6 +224,16 @@
def show_signature(self, crypttext):
(cleartext, key) = seahorse.verify(crypttext)
+ assert cleartext is not None
+
+ inv = self.repository.get_inventory(self.revision.revision_id)
+ expected_testament = Testament(self.revision, inv).as_short_text()
+ if expected_testament != cleartext:
+ self.signature_image.set_from_file(icon_path("sign-bad.png"))
+ self.signature_label.set_markup("<b>Signature does not match repository data</b>\n" +
+ "The signature plaintext is different from the expected testament plaintext.")
+ return
+
if key and key.is_available():
if key.is_trusted():
if key.get_display_name() == self.revision.committer:
More information about the bazaar-commits
mailing list