ManifestTask: improve gpg key parsing
This fixes it to correctly parse longer key IDs, which do not fit on
the first line of gpg output. Without this fix, failure to parse the
key results in manifest being re-signed even though they already have
a signature with the correct key.
diff --git a/pym/portage/package/ebuild/_parallel_manifest/ManifestTask.py b/pym/portage/package/ebuild/_parallel_manifest/ManifestTask.py
index bfa7bd7..d51400a 100644
--- a/pym/portage/package/ebuild/_parallel_manifest/ManifestTask.py
+++ b/pym/portage/package/ebuild/_parallel_manifest/ManifestTask.py
@@ -23,6 +23,8 @@
_PGP_HEADER = b"BEGIN PGP SIGNED MESSAGE"
_manifest_line_re = re.compile(r'^(%s) ' % "|".join(MANIFEST2_IDENTIFIERS))
+ _gpg_key_id_re = re.compile(r'^[0-9A-F]*$')
+ _gpg_key_id_lengths = (8, 16, 24, 32, 40)
def _start(self):
self._manifest_path = os.path.join(self.repo_config.location,
@@ -70,14 +72,15 @@
@staticmethod
def _parse_gpg_key(output):
"""
- Returns the last token of the first line, or None if there
- is no such token.
+ Returns the first token which appears to represent a gpg key
+ id, or None if there is no such token.
"""
- output = output.splitlines()
- if output:
- output = output[0].split()
- if output:
- return output[-1]
+ regex = ManifestTask._gpg_key_id_re
+ lengths = ManifestTask._gpg_key_id_lengths
+ for token in output.split():
+ m = regex.match(token)
+ if m is not None and len(m.group(0)) in lengths:
+ return m.group(0)
return None
def _check_sig_key_exit(self, proc):
