HEX
Server: Apache
System: Linux scp1.abinfocom.com 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User: confeduphaar (1010)
PHP: 8.1.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /usr/libexec/kcare/python/kcarectl/__pycache__/
Upload Files
File: //usr/libexec/kcare/python/kcarectl/__pycache__/fetch.cpython-38.pyc
U

n�h:�@s�ddlZddlZddlZddlZddlmZmZmZmZm	Z	m
Z
mZejej
gZdZdZdZddd	�Zd
d�Zdd
�Zeje�ej�ddd�ddd��ZGdd�de�Zejdd��Zdd�ZdS)�N�)�auth�config�	constants�errors�
http_utils�selinux�utilsz/usr/bin/gpgz/var/lib/kcare/gpgzrelease.content.jsonFc	Cs�tj}|rtj}tjr&tddd�}nt}|D]P}z|||�}Wq�Wq.tjk
r|}z||dkrl|�W5d}~XYq.Xq.||}t	�
||�|S)N���)r�urlopenr�urlopen_authr�FORCE_JSON_SIG_V3�SIG_VERIFY_ORDERr�NotFoundr	�save_to_file)	�url�dst�do_authZ
urlopen_localZsig_extsZsig_ext�	signatureZnfZsig_dst�r�+/usr/libexec/kcare/python/kcarectl/fetch.py�fetch_signatures 
rcCs tj�t�st�d�t���dS)Nz$No {0} present. Please install gnupg)�os�path�isfile�GPG_BINr�
KcareError�formatrrrr�
check_gpg_bin)src
Cs�t�|�tj�rptj�td�}zt�	|||�Wq�tj
k
rl}zt�d�
|t|����W5d}~XYq�Xnxt|d��}|��}W5QRXtj�td�}zt�|||�Wn8tk
r�}zt�d�
|t|����W5d}~XYnXdS)a8
    Check a file signature using the gpg tool.
    If signature is wrong BadSignatureException will be raised.

    :param file_path: path to file which signature will be checked
    :param signature: a file with the signature
    :return: True in case of valid signature
    :raises: BadSignatureException
    zroot-keys.jsonzBad Signature: {0}: {1}N�rbz
kcare_pub.key)r�endswithr�SIG_JSONrr�join�GPG_KEY_DIR�kcsig_verifyZverify�Errorr�BadSignatureExceptionr�str�open�readZrun_gpg_verify�	Exception)Z	file_pathrZ	root_keys�e�fZsigdataZkeyringrrr�check_gpg_signature.s
*r-�)�count�delaycCs^t�|�}t�|�}t�||�|r2|�||�n|rNt||dd�}t||�t	�
||�|S)NT)r)rrr�selinux_safe_tmpnamer	r�checkrr-r�rename)rrZcheck_signature�hash_checker�response�tmprrrr�	fetch_urlMs


r7c@seZdZdd�Zdd�ZdS)�HashCheckercCs6||_t�|��d�d|_t�t�|��d|_dS)N�/�files)	�content_filer	�get_patch_server_url�rstrip�
url_prefix�json�loads�	read_file�hashes)�self�baseurlr;rrr�__init__^szHashChecker.__init__cCsr|t|j�d�}||jkr0t�d�||j���t�t	�
|����}|j|d}||krnt�d�|||���dS)Nz3Invalid checksum: {0} not found in content file {1}�sha256z<Invalid checksum: {0} has invalid checksum {1}, expected {2})
�lenr>rBrrrr;�hashlibrFr	�
read_file_bin�	hexdigestr&)rCr�fnameZcfnameZhshZexpected_hshrrrr2cs
�zHashChecker.checkN)�__name__�
__module__�__qualname__rEr2rrrrr8]sr8cCsltjs
dS|jsdS|�t�}tj�|�s`ztt	�
|jt�|tj�Wntj
k
r^YdSXt|j|�S)N)r�USE_CONTENT_FILE_V3rD�
cache_path�CONTENT_FILErr�existsr7r	r<�
USE_SIGNATURErrr8)�levelrrrr�get_hash_checkerqs
rUcs�fdd�}|S)z=Enrish request with a cache key, and save it if responce had.csht��}|dk	r.d|kr i|d<||dtj<�||�}|j�tj�}|dk	rd||krdt�tj|�|S)N�headers)r	�
get_cache_keyr�CACHE_KEY_HEADERrV�get�atomic_write�CACHE_KEY_DUMP_PATH)�args�kwargs�	cache_key�respZ
new_cache_key��clblrr�wrapper�s
z$wrap_with_cache_key.<locals>.wrapperr)rarbrr`r�wrap_with_cache_key�src)F)FN)rHr?rr$�rrrrrrr	�SIGr!rrr#rQrrr-�retry�	check_excr&r7�objectr8�cachedrUrcrrrr�<module>s"$


@ Telegram