£Á°èZ¨Ä…–K§‚«“ô4“ÒÙ´dîfUÙÃÅ WKbyʦ•êŽ…È®FÒ¿ÊÎóCozá¬S@6{Í:›œêZÌ:Š•_%:¢¾¾~;‘Ã~芩ÊǍí`ÔÑ©ú뙵'5I¿fš×WO%ø9¾«¾DK|€ùÍD”Ýs]nHÕ¶êםӼ㞪éUWŸÈË%DÒÕ¬ï‘]/Åcx ‰ï2ß]ä6G[]S£Ôϯrs{úëóµmÒï#UQxo·õÞCe]"±/aÙ&Eã4ú9Jé_ÞåëdãöKë)AÞ ¯¹ægƒÛowЍø^d™ý½ßB7áyMä9ÜÖUã !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 3 g@svddlmZmZmZddlZddlZddlZddlmZddl m Z ej dZ da ddZdd Zd d Zd d ZdS))print_functionabsolute_importunicode_literalsN)which)_ZdnfcCs$tdkr tdatjtdttS)Nrpmkeysz3Using rpmkeys executable at %s to verify signatures)_rpmkeys_binaryr_loggerdebugrr r /usr/lib/python3.6/miscutils.py_find_rpmkeys_binarys  r cCst|dks |ddks |dr$dSd\}}}}x^|ddD]N}d|krNdS|jdr^d }q>|jd rnd }q>|jd r~d }q>|jd s>dSq>W|rdS|rdS|rd SdS)Nrs-:Fs: BADs: NOKEYTs : NOTTRUSTEDs : NOTFOUNDs: OK)FFFFr)lenendswith)dataZseen_sigZ missing_keyZ not_trustedZ not_signedir r r _process_rpm_output$s*      rc Cst}|dkstjj| r.tjtddSddd|dddd f}tj||d d itj d |d }|j d}WdQRX|j }t |t k rtd|dks|dkrdSt|jd}|r|S|rdSdS)Nz4Cannot find rpmkeys executable to verify signatures.rrz --checksigz--rootz --verbosez#--define=_pkgverify_level signaturez--define=_pkgverify_flags 0x0-LC_ALLC/)args executableenvstdoutcwdstdinrz Popen set return code to non-int )r ospathisfiler Zcriticalr subprocessPopenPIPEZ communicate returncodetypeintAssertionErrorrsplit)packageZ installrootZrpmkeys_binaryrprr)retr r r _verifyPackageUsingRpmkeys?s0   r1c Cs>tj|tjtjBtjB}zt||jj}Wdtj|X|S)a Takes a transaction set and a package, check it's sigs, return 0 if they are all fine return 1 if the gpg key can't be found return 2 if the header is in someway damaged return 3 if the key is not trusted return 4 if the pkg is not gpg or pgp signedN) r#openO_RDONLYO_NOCTTY O_CLOEXECr1tsZrootDirclose)r6r.Zfdnovaluer r r checkSig^s  r9)Z __future__rrrr#r&ZloggingZshutilrZdnf.i18nrZ getLoggerr rr rr1r9r r r r s