Launchpad itself

Merge lp:~cjwatson/launchpad/no-explicit-keyserver-port into lp:launchpad

  1. no-explicit-keyserver-port
  2. Merge into devel
Proposed by Colin Watson
Status: Merged
Merged at revision: 18540
Proposed branch: lp:~cjwatson/launchpad/no-explicit-keyserver-port
Merge into: lp:launchpad
Diff against target: 191 lines (+58/-31)
8 files modified
configs/development/launchpad-lazr.conf (+1/-0)
configs/testrunner/launchpad-lazr.conf (+1/-0)
lib/lp/registry/stories/person/xx-person-rdf.txt (+1/-1)
lib/lp/services/config/schema-lazr.conf (+4/-0)
lib/lp/services/gpg/doc/gpghandler.txt (+1/-24)
lib/lp/services/gpg/handler.py (+7/-4)
lib/lp/services/gpg/tests/test_gpghandler.py (+42/-1)
lib/lp/soyuz/stories/ppa/xx-ubuntu-ppas.txt (+1/-1)
To merge this branch: bzr merge lp:~cjwatson/launchpad/no-explicit-keyserver-port
Reviewer Review Type Date Requested Status
William Grant code Approve
Review via email: mp+336724@code.launchpad.net

Commit message

Construct public keyserver links using HTTPS without an explicit port.

To post a comment you must log in.
Revision history for this message
William Grant (wgrant) :
review: Approve (code)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'configs/development/launchpad-lazr.conf'
--- configs/development/launchpad-lazr.conf 2017-09-07 13:25:13 +0000
+++ configs/development/launchpad-lazr.conf 2018-01-26 22:52:25 +0000
@@ -90,6 +90,7 @@
90[gpghandler]90[gpghandler]
91host: keyserver.launchpad.dev91host: keyserver.launchpad.dev
92public_host: keyserver.launchpad.dev92public_host: keyserver.launchpad.dev
93public_https: False
9394
94[launchpad]95[launchpad]
95enable_test_openid_provider: True96enable_test_openid_provider: True
9697
=== modified file 'configs/testrunner/launchpad-lazr.conf'
--- configs/testrunner/launchpad-lazr.conf 2016-05-18 00:33:18 +0000
+++ configs/testrunner/launchpad-lazr.conf 2018-01-26 22:52:25 +0000
@@ -95,6 +95,7 @@
95upload_keys: True95upload_keys: True
96host: localhost96host: localhost
97public_host: keyserver.ubuntu.com97public_host: keyserver.ubuntu.com
98public_https: True
9899
99[karmacacheupdater]100[karmacacheupdater]
100max_scaling: 2101max_scaling: 2
101102
=== modified file 'lib/lp/registry/stories/person/xx-person-rdf.txt'
--- lib/lp/registry/stories/person/xx-person-rdf.txt 2017-10-21 18:14:14 +0000
+++ lib/lp/registry/stories/person/xx-person-rdf.txt 2018-01-26 22:52:25 +0000
@@ -36,7 +36,7 @@
36 <wot:hex_id>12345678</wot:hex_id>36 <wot:hex_id>12345678</wot:hex_id>
37 <wot:length>1024</wot:length>37 <wot:length>1024</wot:length>
38 <wot:fingerprint>ABCDEF0123456789ABCDDCBA0000111112345678</wot:fingerprint>38 <wot:fingerprint>ABCDEF0123456789ABCDDCBA0000111112345678</wot:fingerprint>
39 <wot:pubkeyAddress rdf:resource="http://keyserver.ubuntu.com:11371/pks/lookup?fingerprint=on&amp;op=index&amp;search=0xABCDEF0123456789ABCDDCBA0000111112345678"/>39 <wot:pubkeyAddress rdf:resource="https://keyserver.ubuntu.com/pks/lookup?fingerprint=on&amp;op=index&amp;search=0xABCDEF0123456789ABCDDCBA0000111112345678"/>
40 </wot:PubKey>40 </wot:PubKey>
41 </wot:hasKey>41 </wot:hasKey>
42 </foaf:Person>42 </foaf:Person>
4343
=== modified file 'lib/lp/services/config/schema-lazr.conf'
--- lib/lp/services/config/schema-lazr.conf 2017-09-07 13:25:13 +0000
+++ lib/lp/services/config/schema-lazr.conf 2018-01-26 22:52:25 +0000
@@ -811,6 +811,10 @@
811# datatype: ip_address_or_hostname811# datatype: ip_address_or_hostname
812public_host: keyserver.ubuntu.com812public_host: keyserver.ubuntu.com
813813
814# If true, construct public keyserver links using HTTPS, ignoring the value
815# of `port`.
816public_https: True
817
814# Port number on Host to access the keyserver.818# Port number on Host to access the keyserver.
815# datatype: int819# datatype: int
816port: 11371820port: 11371
817821
=== modified file 'lib/lp/services/gpg/doc/gpghandler.txt'
--- lib/lp/services/gpg/doc/gpghandler.txt 2017-07-31 11:19:23 +0000
+++ lib/lp/services/gpg/doc/gpghandler.txt 2018-01-26 22:52:25 +0000
@@ -2,7 +2,7 @@
22
3`IGPGHandler` is a utility designed to handle OpenPGP (GPG) operations.3`IGPGHandler` is a utility designed to handle OpenPGP (GPG) operations.
44
5The following operation are supported:5The following operations are supported:
66
7 * Importing public and secret keys;7 * Importing public and secret keys;
8 * Generating a new key;8 * Generating a new key;
@@ -260,29 +260,6 @@
260 True260 True
261261
262262
263== Keyserver URLs ==
264
265The gpghandler can also provide us with convenient links to the
266keyserver web interface. By default the action is to display the index
267page. Notice that the fingerprint must be the 40-byte fingerprint,
268to avoid the retrieval of more than one key.
269
270 >>> fingerprint = "A419AE861E88BC9E04B9C26FBA2B9389DFD20543"
271 >>> gpghandler.getURLForKeyInServer(fingerprint)
272 'http://localhost:11371/pks/lookup?fingerprint=on&op=index&search=0xA419AE861E88BC9E04B9C26FBA2B9389DFD20543'
273
274But you can also specify your own action:
275
276 >>> gpghandler.getURLForKeyInServer(fingerprint, action="get")
277 'http://localhost:11371/pks/lookup?fingerprint=on&op=get&search=0xA419AE861E88BC9E04B9C26FBA2B9389DFD20543'
278
279The method accepts a flag to retrieve a link to ubuntu's public
280keyserver web interface.
281
282 >>> gpghandler.getURLForKeyInServer(fingerprint, public=True)
283 'http://keyserver.ubuntu.com:11371/pks/lookup?fingerprint=on&op=index&search=0xA419AE861E88BC9E04B9C26FBA2B9389DFD20543'
284
285
286== Keyserver uploads ==263== Keyserver uploads ==
287264
288IGPGHandler also allow callsites to upload the public part of a local265IGPGHandler also allow callsites to upload the public part of a local
289266
=== modified file 'lib/lp/services/gpg/handler.py'
--- lib/lp/services/gpg/handler.py 2017-07-31 11:19:23 +0000
+++ lib/lp/services/gpg/handler.py 2018-01-26 22:52:25 +0000
@@ -1,4 +1,4 @@
1# Copyright 2009-2017 Canonical Ltd. This software is licensed under the1# Copyright 2009-2018 Canonical Ltd. This software is licensed under the
2# GNU Affero General Public License version 3 (see the file LICENSE).2# GNU Affero General Public License version 3 (see the file LICENSE).
33
4__metaclass__ = type4__metaclass__ = type
@@ -478,9 +478,12 @@
478 host = config.gpghandler.public_host478 host = config.gpghandler.public_host
479 else:479 else:
480 host = config.gpghandler.host480 host = config.gpghandler.host
481 return 'http://%s:%s/pks/lookup?%s' % (481 if public and config.gpghandler.public_https:
482 host, config.gpghandler.port,482 base = 'https://%s' % host
483 urllib.urlencode(sorted(params.items())))483 else:
484 base = 'http://%s:%s' % (host, config.gpghandler.port)
485 return '%s/pks/lookup?%s' % (
486 base, urllib.urlencode(sorted(params.items())))
484487
485 def _getPubKey(self, fingerprint):488 def _getPubKey(self, fingerprint):
486 """See IGPGHandler for further information."""489 """See IGPGHandler for further information."""
487490
=== modified file 'lib/lp/services/gpg/tests/test_gpghandler.py'
--- lib/lp/services/gpg/tests/test_gpghandler.py 2018-01-02 10:54:31 +0000
+++ lib/lp/services/gpg/tests/test_gpghandler.py 2018-01-26 22:52:25 +0000
@@ -1,4 +1,4 @@
1# Copyright 2009-2017 Canonical Ltd. This software is licensed under the1# Copyright 2009-2018 Canonical Ltd. This software is licensed under the
2# GNU Affero General Public License version 3 (see the file LICENSE).2# GNU Affero General Public License version 3 (see the file LICENSE).
33
4import base644import base64
@@ -207,6 +207,47 @@
207 GPGKeyDoesNotExistOnServer,207 GPGKeyDoesNotExistOnServer,
208 removeSecurityProxy(self.gpg_handler)._getPubKey, fingerprint)208 removeSecurityProxy(self.gpg_handler)._getPubKey, fingerprint)
209209
210 def test_getURLForKeyInServer_default(self):
211 # By default the action is to display the key's index page. Notice
212 # that the fingerprint must be the 40-byte fingerprint, to avoid the
213 # retrieval of more than one key.
214 fingerprint = "A419AE861E88BC9E04B9C26FBA2B9389DFD20543"
215 self.assertEqual(
216 "http://localhost:11371/pks/lookup?fingerprint=on&"
217 "op=index&search=0x%s" % fingerprint,
218 self.gpg_handler.getURLForKeyInServer(fingerprint))
219
220 def test_getURLForKeyInServer_different_action(self):
221 # The caller can specify a different action.
222 fingerprint = "A419AE861E88BC9E04B9C26FBA2B9389DFD20543"
223 self.assertEqual(
224 "http://localhost:11371/pks/lookup?fingerprint=on&"
225 "op=get&search=0x%s" % fingerprint,
226 self.gpg_handler.getURLForKeyInServer(fingerprint, action="get"))
227
228 def test_getURLForKeyInServer_public_http(self):
229 # The caller can request a link to the public keyserver web
230 # interface. If the configuration item gpghandler.public_https is
231 # false, then this uses HTTP and gpghandler.port.
232 self.pushConfig("gpghandler", public_https=False)
233 fingerprint = "A419AE861E88BC9E04B9C26FBA2B9389DFD20543"
234 self.assertEqual(
235 "http://keyserver.ubuntu.com:11371/pks/lookup?fingerprint=on&"
236 "op=index&search=0x%s" % fingerprint,
237 self.gpg_handler.getURLForKeyInServer(fingerprint, public=True))
238
239 def test_getURLForKeyInServer_public_https(self):
240 # The caller can request a link to the public keyserver web
241 # interface. If the configuration item gpghandler.public_https is
242 # true, then this uses HTTPS and the default HTTPS port.
243 # This is the testrunner default, but let's be explicit here.
244 self.pushConfig("gpghandler", public_https=True)
245 fingerprint = "A419AE861E88BC9E04B9C26FBA2B9389DFD20543"
246 self.assertEqual(
247 "https://keyserver.ubuntu.com/pks/lookup?fingerprint=on&"
248 "op=index&search=0x%s" % fingerprint,
249 self.gpg_handler.getURLForKeyInServer(fingerprint, public=True))
250
210 def test_signContent_uses_sha512_digests(self):251 def test_signContent_uses_sha512_digests(self):
211 secret_keys = [252 secret_keys = [
212 ("ppa-sample@canonical.com.sec", ""), # 1024R253 ("ppa-sample@canonical.com.sec", ""), # 1024R
213254
=== modified file 'lib/lp/soyuz/stories/ppa/xx-ubuntu-ppas.txt'
--- lib/lp/soyuz/stories/ppa/xx-ubuntu-ppas.txt 2017-07-31 11:45:32 +0000
+++ lib/lp/soyuz/stories/ppa/xx-ubuntu-ppas.txt 2018-01-26 22:52:25 +0000
@@ -581,7 +581,7 @@
581581
582 >>> print anon_browser.getLink(582 >>> print anon_browser.getLink(
583 ... '1024D/ABCDEF0123456789ABCDDCBA0000111112345678').url583 ... '1024D/ABCDEF0123456789ABCDDCBA0000111112345678').url
584 http://keyserver.ubuntu.com:11371/pks/lookup?fingerprint=on&op=index&search=0xABCDEF0123456789ABCDDCBA0000111112345678584 https://keyserver.ubuntu.com/pks/lookup?fingerprint=on&op=index&search=0xABCDEF0123456789ABCDDCBA0000111112345678
585585
586Using software from a PPA can be hard for novices. We offer two586Using software from a PPA can be hard for novices. We offer two
587links to the same help pop-up that describes how to add a PPA and587links to the same help pop-up that describes how to add a PPA and