Merge branch 'verify-apks-diff' into 'master'

verify_apks(): compare to unsigned APK if copying fails See merge request fdroid/fdroidserver!1264
2024-10-02 09:10:11 +02:00 · 2022-12-01 13:49:53 +00:00 · 2022-12-01 13:49:53 +00:00 · 393301c9e3
commit 393301c9e3
parent 159ae4a163 c81ad4485c
1 changed files with 9 additions and 3 deletions
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@ -3403,15 +3403,21 @@ def verify_apks(signed_apk, unsigned_apk, tmp_dir, v1_only=None):
        apksigcopier.do_copy(signed_apk, unsigned_apk, tmp_apk, v1_only=v1_only)
    except apksigcopier.APKSigCopierError as e:
        logging.info('...NOT verified - {0}'.format(tmp_apk))
-        return 'signature copying failed: {}'.format(str(e))
+        error = 'signature copying failed: {}'.format(str(e))
+        result = compare_apks(signed_apk, unsigned_apk, tmp_dir,
+                              os.path.dirname(unsigned_apk))
+        if result is not None:
+            error += '\nComparing reference APK to unsigned APK...\n' + result
+        return error

    if not verify_apk_signature(tmp_apk):
        logging.info('...NOT verified - {0}'.format(tmp_apk))
+        error = 'verification of APK with copied signature failed'
        result = compare_apks(signed_apk, tmp_apk, tmp_dir,
                              os.path.dirname(unsigned_apk))
        if result is not None:
-            return result
-        return 'verification of APK with copied signature failed'
+            error += '\nComparing reference APK to APK with copied signature...\n' + result
+        return error

    logging.info('...successfully verified')
    return None