[dak/bpo] key expire

To: debian-dak@lists.debian.org
Subject: [dak/bpo] key expire
From: Joerg Jaspert <joerg@debian.org>
Date: Mon, 08 Jun 2009 22:18:32 +0000
Message-id: <[🔎] E1MDnAn-0005OM-5s@ries.debian.org>

catch a case where the key is expired and no not-expired-subkey is
used to sign the .changes, ie. no GOODSIG token available. The
timestamp we get back from the command is unixtime, but type string,
so we should cast it to float or time.gmtime will complain.

And if that doesnt work, for whatever reason, issue a more generic
reject message.

Signed-off-by: Joerg Jaspert <joerg@debian.org>
---
 daklib/utils.py |    5 ++++-
 1 files changed, 4 insertions(+), 1 deletions(-)

diff --git a/daklib/utils.py b/daklib/utils.py
index cb5df31..b20a063 100755
--- a/daklib/utils.py
+++ b/daklib/utils.py
@@ -1345,7 +1345,10 @@ def check_signature (sig_filename, reject, data_filename="", keyrings=None, auto
         if len(args) >= 1:
             timestamp = args[0]
             if timestamp.count("T") == 0:
-                expiredate = time.strftime("%Y-%m-%d", time.gmtime(timestamp))
+                try:
+                    expiredate = time.strftime("%Y-%m-%d", time.gmtime(float(timestamp)))
+                except ValueError:
+                    expiredate = "unknown (%s)" % (timestamp)
             else:
                 expiredate = timestamp
         reject("The key used to sign %s has expired on %s" % (sig_filename, expiredate))
-- 
1.5.6.5

Reply to:

Prev by Date: [dak/bpo] architectures
Next by Date: [dak/bpo] Add a space
Previous by thread: [dak/bpo] architectures
Next by thread: [dak/bpo] Add a space
Index(es):
- Date
- Thread