Rev 515: Merge patch for checking signatures. in file:///data/jelmer/bzr-gtk/trunk/
Jelmer Vernooij
jelmer at samba.org
Sun Jun 29 23:29:08 BST 2008
At file:///data/jelmer/bzr-gtk/trunk/
------------------------------------------------------------
revno: 515
revision-id: jelmer at samba.org-20080629222903-ihamc1mifd2zs5xu
parent: jelmer at samba.org-20080629222757-20xdy0hofjebcbv2
parent: jelmer at samba.org-20080629191834-ha2ecpv5szt96nge
committer: Jelmer Vernooij <jelmer at samba.org>
branch nick: trunk
timestamp: Mon 2008-06-30 00:29:03 +0200
message:
Merge patch for checking signatures.
modified:
NEWS news-20070325173539-3va57o99cz3o57xe-1
revisionview.py logview.py-20051024072750-4d5c28cb73611027
seahorse.py crypt.py-20080401000513-m7ksudqlvqbdfejf-1
------------------------------------------------------------
revno: 511.1.3
revision-id: jelmer at samba.org-20080629191834-ha2ecpv5szt96nge
parent: jelmer at samba.org-20080629190723-l8mzg9x4oec0lhsl
committer: Jelmer Vernooij <jelmer at samba.org>
branch nick: trunk
timestamp: Sun 2008-06-29 21:18:34 +0200
message:
Make sure signed testament matches repository data.
modified:
revisionview.py logview.py-20051024072750-4d5c28cb73611027
------------------------------------------------------------
revno: 511.1.2
revision-id: jelmer at samba.org-20080629190723-l8mzg9x4oec0lhsl
parent: jelmer at samba.org-20080629190444-3hhmoc5fsoknrvet
committer: Jelmer Vernooij <jelmer at samba.org>
branch nick: trunk
timestamp: Sun 2008-06-29 21:07:23 +0200
message:
Return cleartext from seahorse module
modified:
revisionview.py logview.py-20051024072750-4d5c28cb73611027
seahorse.py crypt.py-20080401000513-m7ksudqlvqbdfejf-1
------------------------------------------------------------
revno: 511.1.1
revision-id: jelmer at samba.org-20080629190444-3hhmoc5fsoknrvet
parent: jelmer at samba.org-20080628154539-l5lkvs5qwuf2zx1m
committer: Jelmer Vernooij <jelmer at samba.org>
branch nick: trunk
timestamp: Sun 2008-06-29 21:04:44 +0200
message:
Re-enable signature showing.
modified:
revisionview.py logview.py-20051024072750-4d5c28cb73611027
=== modified file 'NEWS'
--- a/NEWS 2008-06-29 22:27:57 +0000
+++ b/NEWS 2008-06-29 22:29:03 +0000
@@ -18,6 +18,9 @@
* Moved notify icon code to separate script. (Jelmer Vernooij)
+ * Verify testaments when showing signatures on revisions and
+ re-enable signature display. (Jelmer Vernooij)
+
INTERNALS
* All i18n calls should now go through _i18n which must be imported from
=== modified file 'revisionview.py'
--- a/revisionview.py 2008-06-24 10:34:38 +0000
+++ b/revisionview.py 2008-06-29 19:18:34 +0000
@@ -22,9 +22,11 @@
import gobject
import webbrowser
-from bzrlib.plugins.gtk import icon_path
from bzrlib.osutils import format_date
from bzrlib.util.bencode import bdecode
+from bzrlib.testament import Testament
+
+from bzrlib.plugins.gtk import icon_path
try:
from bzrlib.plugins.gtk import seahorse
@@ -220,7 +222,17 @@
"This revision has not been signed.")
def show_signature(self, crypttext):
- key = seahorse.verify(crypttext)
+ (cleartext, key) = seahorse.verify(crypttext)
+
+ assert cleartext is not None
+
+ inv = self.repository.get_inventory(self.revision.revision_id)
+ expected_testament = Testament(self.revision, inv).as_short_text()
+ if expected_testament != cleartext:
+ self.signature_image.set_from_file(icon_path("sign-bad.png"))
+ self.signature_label.set_markup("<b>Signature does not match repository data</b>\n" +
+ "The signature plaintext is different from the expected testament plaintext.")
+ return
if key and key.is_available():
if key.is_trusted():
@@ -322,8 +334,8 @@
self._create_general()
self._create_relations()
# Disabled because testaments aren't verified yet:
- # if has_seahorse:
- # self._create_signature()
+ if has_seahorse:
+ self._create_signature()
self._create_file_info_view()
self._create_bugs()
=== modified file 'seahorse.py'
--- a/seahorse.py 2008-06-20 03:33:17 +0000
+++ b/seahorse.py 2008-06-29 19:07:23 +0000
@@ -85,7 +85,10 @@
if key not in keyset:
keyset[key] = Key(key)
- return keyset[key]
+ return (cleartext, keyset[key])
+
+ return (cleartext, None)
+
class Key:
More information about the bazaar-commits
mailing list