From d40c242a4c9a9b666fd8730734b149bce2dd7cd9 Mon Sep 17 00:00:00 2001
From: Zac Medico <zmedico@gentoo.org>
Date: Tue, 16 Oct 2012 14:46:44 -0700
Subject: repoman: validate PORTAGE_GPG_KEY

---
 bin/repoman | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'bin')

diff --git a/bin/repoman b/bin/repoman
index d1f0b861a..c59791c76 100755
--- a/bin/repoman
+++ b/bin/repoman
@@ -88,6 +88,7 @@ util.initialize_logger()
 max_desc_len = 100
 allowed_filename_chars="a-zA-Z0-9._-+:"
 pv_toolong_re = re.compile(r'[0-9]{19,}')
+GPG_KEY_ID_REGEX = r'(0x)?([0-9a-fA-F]{8}|[0-9a-fA-F]{16}|[0-9a-fA-F]{24}|[0-9a-fA-F]{32})!?'
 bad = create_color_func("BAD")
 
 # A sane umask is needed for files that portage creates.
@@ -605,6 +606,14 @@ if repo_config.sign_commit:
 sign_manifests = "sign" in repoman_settings.features and \
 	repo_config.sign_manifest
 
+if sign_manifests and options.mode in ("commit",) and \
+	repoman_settings.get("PORTAGE_GPG_KEY") and \
+	re.match(r'^%s$' % GPG_KEY_ID_REGEX,
+	repoman_settings["PORTAGE_GPG_KEY"]) is None:
+	logging.error("PORTAGE_GPG_KEY value is invalid: %s" %
+		repoman_settings["PORTAGE_GPG_KEY"])
+	sys.exit(1)
+
 manifest_hashes = repo_config.manifest_hashes
 if manifest_hashes is None:
 	manifest_hashes = portage.const.MANIFEST2_HASH_DEFAULTS
-- 
cgit v1.2.3-1-g7c22