From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 64102138334 for ; Mon, 25 Feb 2019 20:34:53 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D0122E0899; Mon, 25 Feb 2019 20:34:51 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8AA45E0899 for ; Mon, 25 Feb 2019 20:34:51 +0000 (UTC) Received: from gentoo.org (unknown [IPv6:2001:470:e1cc:3::10]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: prometheanfire) by smtp.gentoo.org (Postfix) with ESMTPSA id 4223D33BF53 for ; Mon, 25 Feb 2019 20:34:49 +0000 (UTC) Date: Mon, 25 Feb 2019 14:34:46 -0600 From: Matthew Thode To: gentoo-portage-dev@lists.gentoo.org Subject: [gentoo-portage-dev] [PATCH] enable user settable gpg keyservers Message-ID: <20190225203445.ucrapvzd64m6kavz@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-portage-dev@lists.gentoo.org Reply-to: gentoo-portage-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="o56etxu6fbmvt7lp" Content-Disposition: inline User-Agent: NeoMutt/20180716 X-Archives-Salt: 669495dd-b3a5-4516-a760-bec2ed21317b X-Archives-Hash: b0c46468b18a9a7430e7dfbaf158c772 --o56etxu6fbmvt7lp Content-Type: multipart/mixed; boundary="n74w6c73lqlfogts" Content-Disposition: inline --n74w6c73lqlfogts Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Allowing users to define which keyservers they update from allows them to work around buggy keyservers. It is also useful for local mirrors and / or private keyservers. It's likely that I'm setting the default incorrectly and not alphabetizing right, but the code works at least... --=20 Matthew Thode (prometheanfire) --n74w6c73lqlfogts Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0001-enable-user-settable-gpg-keyservers.patch" Content-Transfer-Encoding: quoted-printable =46rom fa649aac34f7478685c1999857de00c91a1d76cc Mon Sep 17 00:00:00 2001 =46rom: Matthew Thode Date: Mon, 25 Feb 2019 14:14:20 -0600 Subject: [PATCH] enable user settable gpg keyservers Allowing users to define which keyservers they update from allows them to work around buggy keyservers. It is also useful for local mirrors and / or private keyservers. Signed-off-by: Matthew Thode --- lib/portage/repository/config.py | 12 ++++++++++-- lib/portage/sync/syncbase.py | 6 +++--- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/lib/portage/repository/config.py b/lib/portage/repository/conf= ig.py index 482711c4b..47adbaf03 100644 --- a/lib/portage/repository/config.py +++ b/lib/portage/repository/config.py @@ -115,6 +115,7 @@ class RepoConfig(object): 'sync_openpgp_key_refresh_retry_delay_max', 'sync_openpgp_key_refresh_retry_delay_mult', 'sync_openpgp_key_refresh_retry_overall_timeout', + 'sync_openpgp_keyserver', 'sync_rcu', 'sync_rcu_spare_snapshots', 'sync_rcu_store_dir', @@ -224,8 +225,13 @@ class RepoConfig(object): self.sync_allow_hardlinks =3D repo_opts.get( 'sync-allow-hardlinks', 'true').lower() in ('true', 'yes') =20 - self.sync_openpgp_key_path =3D repo_opts.get( - 'sync-openpgp-key-path', None) + sync_openpgp_keyserver =3D repo_opts.get( + 'sync-openpgp-keyserver') + if sync_openpgp_keyserver is not None: + sync_openpgp_keyserver =3D sync_openpgp_keyserver.strip().lower() + else: + sync_openpgp_keyserver =3D 'hkps.pool.sks-keyservers.net' + self.sync_openpgp_keyserver =3D sync_openpgp_keyserver =20 for k in ('sync_openpgp_key_refresh_retry_count', 'sync_openpgp_key_refresh_retry_delay_exp_base', @@ -602,6 +608,7 @@ class RepoConfigLoader(object): 'sync_depth', 'sync_hooks_only_on_change', 'sync_openpgp_key_path', + 'sync_openpgp_keyserver', 'sync_openpgp_key_refresh_retry_count', 'sync_openpgp_key_refresh_retry_delay_exp_base', 'sync_openpgp_key_refresh_retry_delay_max', @@ -1048,6 +1055,7 @@ class RepoConfigLoader(object): "priority", "sync_depth", "sync_openpgp_key_path", + "sync_openpgp_keyserver", "sync_openpgp_key_refresh_retry_count", "sync_openpgp_key_refresh_retry_delay_exp_base", "sync_openpgp_key_refresh_retry_delay_max", diff --git a/lib/portage/sync/syncbase.py b/lib/portage/sync/syncbase.py index 83b35c667..ae9ec938e 100644 --- a/lib/portage/sync/syncbase.py +++ b/lib/portage/sync/syncbase.py @@ -252,10 +252,10 @@ class SyncBase(object): @type openpgp_env: gemato.openpgp.OpenPGPEnvironment """ out =3D portage.output.EOutput(quiet=3D('--quiet' in self.options['emerg= e_config'].opts)) - out.ebegin('Refreshing keys from keyserver') + out.ebegin('Refreshing keys from keyserver {s}'.format(s=3Dself.repo.syn= c_openpgp_keyserver)) retry_decorator =3D self._key_refresh_retry_decorator() if retry_decorator is None: - openpgp_env.refresh_keys() + openpgp_env.refresh_keys(keyserver=3Dself.repo.sync_openpgp_keyserver) else: def noisy_refresh_keys(): """ @@ -263,7 +263,7 @@ class SyncBase(object): errors, display errors as soon as they occur. """ try: - openpgp_env.refresh_keys() + openpgp_env.refresh_keys(keyserver=3Dself.repo.sync_openpgp_keyserver) except Exception as e: writemsg_level("%s\n" % (e,), level=3Dlogging.ERROR, noiselevel=3D-1) --=20 2.19.2 --n74w6c73lqlfogts-- --o56etxu6fbmvt7lp Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEExFR3cOKGRpGbcMHPZKN76q4ZpOgFAlx0UWUACgkQZKN76q4Z pOgfHg/+K1SHNOPe8C/4RZHLEHUAiXLELd4TNS8WTdbwXtSRV9UMzi5yolWfHFpW UitxZ1nFu3PRuDjcT5IDoeUD1ffRxk2FyD7PQHiU7JjlrTYTyg4OU1WEKJ6klEo7 oM7CIuSoxViDFJjEmYDAU1pVT2gg1oym2iii5YnH3y2u2GItaC57YiL5fkeR0qHm eCZcetYOmRtIftm+ROC8GB8f60EoANep5lFMSpcN+fUOemoVQ7KJ1KE5xJVVfoSI Tjr5Dn0jGtOIgcwyS/Er1Vl1fqUm6qMdJYt/0NPpM1b8jAgs3h8zFr86+UgF6q3r AzuORBC1JX4tFnxUPkc8Rk3/aGJXpFnVnDgGqLWN34ufTcVJiXMjvunWDyGsN01j QPXitJrFj/l5ZFQmeZH78jPuLl+WOlecFAQBEzpGYyk1jm2dWH3v3W1yNZO8Ihzc HrgKelQHj6Kg/9f8FlCPYgAdt8czrQBXHrpyt0BQwyuEpRFfh5AnjM4J4sMSpPXm zvErUzocqwsSJRUqLzR9XUWV0ppTffurz34KX7tNI9OqYVRBJws0hFwd6sBlEV6R jbAdtTMtBqhapSfNNHrjzLOzxvke9PvWyS7DdAkJ4BM1440F3s5hDvwTIn7PwYvc Op3aVhZ813XkYz7VtmJ58GdM1jtQmuFV3uHuxsf0S4OWvVS7bak= =nQQH -----END PGP SIGNATURE----- --o56etxu6fbmvt7lp--