1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
#
# Copyright (c) 2015 ThoughtWorks, Inc.
#
# Pixelated is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Pixelated is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with Pixelated. If not, see <http://www.gnu.org/licenses/>.
from leap.keymanager import documents as leap_doc
from leap.keymanager.keys import OpenPGPKey
from twisted.internet import defer
import logging
TYPE_OPENPGP_KEY = 'OpenPGPKey'
TYPE_OPENPGP_ACTIVE = 'OpenPGPKey-active'
KEY_DOC_TYPES = {TYPE_OPENPGP_ACTIVE, TYPE_OPENPGP_KEY}
logger = logging.getLogger(__name__)
def _is_key_doc(doc):
return doc.content.get(leap_doc.KEY_TYPE_KEY, None) in KEY_DOC_TYPES
def _is_private_key_doc(doc):
return _is_key_doc(doc) and doc.content.get(leap_doc.KEY_PRIVATE_KEY, False)
def _is_active_key_doc(doc):
return _is_key_doc(doc) and doc.content.get(leap_doc.KEY_TYPE_KEY, None) == TYPE_OPENPGP_ACTIVE
def _is_public_key(doc):
return _is_key_doc(doc) and not doc.content.get(leap_doc.KEY_PRIVATE_KEY, False)
def _key_fingerprint(doc):
return doc.content.get(leap_doc.KEY_FINGERPRINT_KEY, None)
def _address(doc):
return doc.content.get(leap_doc.KEY_ADDRESS_KEY, None)
class SoledadMaintenance(object):
def __init__(self, soledad):
self._soledad = soledad
@defer.inlineCallbacks
def repair(self):
_, docs = yield self._soledad.get_all_docs()
private_key_fingerprints = self._key_fingerprints_with_private_key(docs)
for doc in docs:
if _is_key_doc(doc) and _key_fingerprint(doc) not in private_key_fingerprints:
logger.warn('Deleting doc %s for key %s of <%s>' % (doc.doc_id, _key_fingerprint(doc), _address(doc)))
yield self._soledad.delete_doc(doc)
yield self._repair_missing_active_docs(docs, private_key_fingerprints)
@defer.inlineCallbacks
def _repair_missing_active_docs(self, docs, private_key_fingerprints):
missing = self._missing_active_docs(docs, private_key_fingerprints)
for fingerprint in missing:
emails = self._emails_for_key_fingerprint(docs, fingerprint)
for email in emails:
logger.warn('Re-creating active doc for key %s, email %s' % (fingerprint, email))
yield self._soledad.create_doc_from_json(OpenPGPKey(email, fingerprint=fingerprint, private=False).get_active_json())
def _key_fingerprints_with_private_key(self, docs):
return [doc.content[leap_doc.KEY_FINGERPRINT_KEY] for doc in docs if _is_private_key_doc(doc)]
def _missing_active_docs(self, docs, private_key_fingerprints):
active_doc_ids = self._active_docs_for_key_fingerprint(docs)
return set([private_key_fingerprint for private_key_fingerprint in private_key_fingerprints if private_key_fingerprint not in active_doc_ids])
def _emails_for_key_fingerprint(self, docs, fingerprint):
for doc in docs:
if _is_private_key_doc(doc) and _key_fingerprint(doc) == fingerprint:
email = _address(doc)
if email is None:
return []
if isinstance(email, list):
return email
return [email]
def _active_docs_for_key_fingerprint(self, docs):
return [doc.content[leap_doc.KEY_FINGERPRINT_KEY] for doc in docs if _is_active_key_doc(doc) and _is_public_key(doc)]
|
