mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-09-13 14:32:28 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

verify: --clean-up-verified to rm all files except the JSON report

Browse source
This commit is contained in:
Hans-Christoph Steiner 2024-12-03 14:16:06 +01:00
parent 56814824ee
commit 5deb936e86
2 changed files with 29 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

9
fdroidserver/common.py
View file

@ -3649,7 +3649,9 @@ def sign_apk(unsigned_path, signed_path, keyalias):
os.remove(unsigned_path) os.remove(unsigned_path)
def verify_apks(signed_apk, unsigned_apk, tmp_dir, v1_only=None): def verify_apks(
signed_apk, unsigned_apk, tmp_dir, v1_only=None, clean_up_verified=False
):
"""Verify that two apks are the same. """Verify that two apks are the same.
One of the inputs is signed, the other is unsigned. The signature metadata One of the inputs is signed, the other is unsigned. The signature metadata
@ -3669,6 +3671,8 @@ def verify_apks(signed_apk, unsigned_apk, tmp_dir, v1_only=None):
v1_only v1_only
True for v1-only signatures, False for v1 and v2 signatures, True for v1-only signatures, False for v1 and v2 signatures,
or None for autodetection or None for autodetection
clean_up_verified
Remove any files created here if the verification succeeded.
Returns Returns
------- -------
@ -3705,6 +3709,9 @@ def verify_apks(signed_apk, unsigned_apk, tmp_dir, v1_only=None):
if result is not None: if result is not None:
error += '\nComparing reference APK to APK with copied signature...\n' + result error += '\nComparing reference APK to APK with copied signature...\n' + result
return error return error
if clean_up_verified and os.path.exists(tmp_apk):
logging.info(f"...cleaned up {tmp_apk} after successful verification")
os.remove(tmp_apk)
logging.info('...successfully verified') logging.info('...successfully verified')
return None return None

22
fdroidserver/verify.py
View file

@ -157,6 +157,12 @@ def main():
nargs='*', nargs='*',
help=_("application ID with optional versionCode in the form APPID[:VERCODE]"), help=_("application ID with optional versionCode in the form APPID[:VERCODE]"),
) )
parser.add_argument(
"--clean-up-verified",
action="store_true",
default=False,
help=_("Remove source tarball and any APKs if successfully verified."),
)
parser.add_argument( parser.add_argument(
"--reuse-remote-apk", "--reuse-remote-apk",
action="store_true", action="store_true",
@ -224,12 +230,26 @@ def main():
) from e ) from e
unsigned_apk = os.path.join(unsigned_dir, apkfilename) unsigned_apk = os.path.join(unsigned_dir, apkfilename)
compare_result = common.verify_apks(remote_apk, unsigned_apk, tmp_dir) compare_result = common.verify_apks(
remote_apk,
unsigned_apk,
tmp_dir,
clean_up_verified=options.clean_up_verified,
)
if options.output_json: if options.output_json:
write_json_report(url, remote_apk, unsigned_apk, compare_result) write_json_report(url, remote_apk, unsigned_apk, compare_result)
if compare_result: if compare_result:
raise FDroidException(compare_result) raise FDroidException(compare_result)
if options.clean_up_verified:
src_tarball = os.path.join(
unsigned_dir, common.get_src_tarball_name(appid, vercode)
)
for f in (remote_apk, unsigned_apk, src_tarball):
if os.path.exists(f):
logging.info(f"...cleaned up {f} after successful verification")
os.remove(f)
logging.info("...successfully verified") logging.info("...successfully verified")
verified += 1 verified += 1