mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-07-14 13:00:08 +02:00
fdroid update --create-key
to create a keystore/key
This provides the final option in this series, allowing the user to just add --create-key to `fdroid update, and thereby upgrade an unsigned repo to a proper signed repo. It also might be useful closes #13 https://gitlab.com/fdroid/fdroidserver/issues/13
This commit is contained in:
parent
276123856c
commit
de1c80f9b4
@ -23,6 +23,7 @@ import os
|
|||||||
import shutil
|
import shutil
|
||||||
import glob
|
import glob
|
||||||
import re
|
import re
|
||||||
|
import socket
|
||||||
import zipfile
|
import zipfile
|
||||||
import hashlib
|
import hashlib
|
||||||
import pickle
|
import pickle
|
||||||
@ -1019,6 +1020,8 @@ def main():
|
|||||||
|
|
||||||
# Parse command line...
|
# Parse command line...
|
||||||
parser = OptionParser()
|
parser = OptionParser()
|
||||||
|
parser.add_option("--create-key", action="store_true", default=False,
|
||||||
|
help="Create a repo signing key in a keystore")
|
||||||
parser.add_option("-c", "--create-metadata", action="store_true", default=False,
|
parser.add_option("-c", "--create-metadata", action="store_true", default=False,
|
||||||
help="Create skeleton metadata files that are missing")
|
help="Create skeleton metadata files that are missing")
|
||||||
parser.add_option("--delete-unknown", action="store_true", default=False,
|
parser.add_option("--delete-unknown", action="store_true", default=False,
|
||||||
@ -1065,6 +1068,32 @@ def main():
|
|||||||
logging.critical(k + ' "' + config[k] + '" does not exist! Correct it in config.py.')
|
logging.critical(k + ' "' + config[k] + '" does not exist! Correct it in config.py.')
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
|
# if the user asks to create a keystore, do it now, reusing whatever it can
|
||||||
|
if options.create_key:
|
||||||
|
if os.path.exists(config['keystore']):
|
||||||
|
logging.critical("Cowardily refusing to overwrite existing signing key setup!")
|
||||||
|
logging.critical("\t'" + config['keystore'] + "'")
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
if not 'repo_keyalias' in config:
|
||||||
|
config['repo_keyalias'] = socket.getfqdn()
|
||||||
|
common.write_to_config(config, 'repo_keyalias', config['repo_keyalias'])
|
||||||
|
if not 'keydname' in config:
|
||||||
|
config['keydname'] = 'CN=' + config['repo_keyalias'] + ', OU=F-Droid'
|
||||||
|
common.write_to_config(config, 'keydname', config['keydname'])
|
||||||
|
if not 'keystore' in config:
|
||||||
|
config['keystore'] = common.default_config.keystore
|
||||||
|
common.write_to_config(config, 'keystore', config['keystore'])
|
||||||
|
|
||||||
|
password = common.genpassword()
|
||||||
|
if not 'keystorepass' in config:
|
||||||
|
config['keystorepass'] = password
|
||||||
|
common.write_to_config(config, 'keystorepass', config['keystorepass'])
|
||||||
|
if not 'keypass' in config:
|
||||||
|
config['keypass'] = password
|
||||||
|
common.write_to_config(config, 'keypass', config['keypass'])
|
||||||
|
common.genkeystore(config)
|
||||||
|
|
||||||
# Get all apps...
|
# Get all apps...
|
||||||
apps = metadata.read_metadata()
|
apps = metadata.read_metadata()
|
||||||
|
|
||||||
|
@ -296,6 +296,33 @@ test -e repo/index.jar
|
|||||||
grep -F '<application id=' repo/index.xml
|
grep -F '<application id=' repo/index.xml
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------#
|
||||||
|
echo_header "setup a new repo manually and generate a keystore"
|
||||||
|
|
||||||
|
REPOROOT=`create_test_dir`
|
||||||
|
KEYSTORE=$REPOROOT/keystore.jks
|
||||||
|
cd $REPOROOT
|
||||||
|
touch config.py
|
||||||
|
cp $WORKSPACE/examples/fdroid-icon.png $REPOROOT/
|
||||||
|
! test -e $KEYSTORE
|
||||||
|
set +e
|
||||||
|
$fdroid update
|
||||||
|
if [ $? -eq 0 ]; then
|
||||||
|
echo "This should have failed because this repo has no keystore!"
|
||||||
|
exit 1
|
||||||
|
else
|
||||||
|
echo "`fdroid update` prompted to add keystore"
|
||||||
|
fi
|
||||||
|
set -e
|
||||||
|
$fdroid update --create-key
|
||||||
|
test -e $KEYSTORE
|
||||||
|
copy_apks_into_repo $REPOROOT
|
||||||
|
$fdroid update --create-metadata
|
||||||
|
test -e repo/index.xml
|
||||||
|
test -e repo/index.jar
|
||||||
|
grep -F '<application id=' repo/index.xml > /dev/null
|
||||||
|
|
||||||
|
|
||||||
#------------------------------------------------------------------------------#
|
#------------------------------------------------------------------------------#
|
||||||
echo_header "setup a new repo from scratch, generate a keystore, then add APK and update"
|
echo_header "setup a new repo from scratch, generate a keystore, then add APK and update"
|
||||||
|
|
||||||
@ -389,6 +416,24 @@ else
|
|||||||
fi
|
fi
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
|
# try creating a new keystore, but fail because the old one is there
|
||||||
|
test -e $KEYSTORE
|
||||||
|
set +e
|
||||||
|
$fdroid update --create-key
|
||||||
|
if [ $? -eq 0 ]; then
|
||||||
|
echo "This should have failed because a keystore is already there!"
|
||||||
|
exit 1
|
||||||
|
else
|
||||||
|
echo "`fdroid update` complained about existing keystore"
|
||||||
|
fi
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# now actually create the key with the existing settings
|
||||||
|
rm -f $KEYSTORE
|
||||||
|
! test -e $KEYSTORE
|
||||||
|
$fdroid update --create-key
|
||||||
|
test -e $KEYSTORE
|
||||||
|
|
||||||
|
|
||||||
#------------------------------------------------------------------------------#
|
#------------------------------------------------------------------------------#
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user