Rename the 'sync-rsync-openpgp-key-path' to a more generic
'sync-openpgp-key-path'. OpenPGP is the basis of at least three
different verification schemes (git, rsync, snapshots) and at least
two of them use the same keys.
---
 cnf/repos.conf                             | 2 +-
 man/portage.5                              | 9 +++++----
 pym/portage/repository/config.py           | 4 ++++
 pym/portage/sync/modules/rsync/__init__.py | 1 -
 pym/portage/sync/modules/rsync/rsync.py    | 8 ++------
 5 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/cnf/repos.conf b/cnf/repos.conf
index 0d2b1f4be..4a40ff4fc 100644
--- a/cnf/repos.conf
+++ b/cnf/repos.conf
@@ -7,7 +7,7 @@ sync-type = rsync
 sync-uri = rsync://rsync.gentoo.org/gentoo-portage
 auto-sync = yes
 sync-rsync-verify-metamanifest = yes
-sync-rsync-openpgp-key-path = 
/var/lib/gentoo/gkeys/keyrings/gentoo/release/pubring.gpg
+sync-openpgp-key-path = 
/var/lib/gentoo/gkeys/keyrings/gentoo/release/pubring.gpg
 
 # for daily squashfs snapshots
 #sync-type = squashdelta
diff --git a/man/portage.5 b/man/portage.5
index 84999bd2f..1f6259715 100644
--- a/man/portage.5
+++ b/man/portage.5
@@ -1071,10 +1071,11 @@ Extra options to give to rsync on repository 
synchronization. It takes
 precedence over a declaration in [DEFAULT] section, that takes
 precedence over PORTAGE_RSYNC_EXTRA_OPTS.
 .TP
-.B sync\-rsync\-openpgp\-key\-path
-Path to the OpenPGP key(ring) used to verify MetaManifest. Used only
-if \fBsync\-rsync\-verify\-metamanifest\fR is enabled. If unset,
-the user's keyring is used.
+.B sync\-openpgp\-key\-path
+Path to the OpenPGP key(ring) used to verify received repository. Used
+only for protocols supporting cryptographic verification, provided
+that the respective verification option is enabled. If unset, the user's
+keyring is used.
 .TP
 .B sync-rsync-vcs-ignore = true|false
 Ignore vcs directories that may be present in the repository. It is the
diff --git a/pym/portage/repository/config.py b/pym/portage/repository/config.py
index be31ed3b1..d3a622f7c 100644
--- a/pym/portage/repository/config.py
+++ b/pym/portage/repository/config.py
@@ -86,6 +86,7 @@ class RepoConfig(object):
                'sync_type', 'sync_umask', 'sync_uri', 'sync_user', 
'thin_manifest',
                'update_changelog', '_eapis_banned', '_eapis_deprecated',
                '_masters_orig', 'module_specific_options', 
'manifest_required_hashes',
+               'openpgp_key_path',
                )
 
        def __init__(self, name, repo_opts, local_config=True):
@@ -182,6 +183,9 @@ class RepoConfig(object):
                self.strict_misc_digests = repo_opts.get(
                        'strict-misc-digests', 'true').lower() == 'true'
 
+               self.openpgp_key_path = repo_opts.get(
+                       'sync-openpgp-key-path', None)
+
                self.module_specific_options = {}
 
                # Not implemented.
diff --git a/pym/portage/sync/modules/rsync/__init__.py 
b/pym/portage/sync/modules/rsync/__init__.py
index 14af2120c..27a2548c0 100644
--- a/pym/portage/sync/modules/rsync/__init__.py
+++ b/pym/portage/sync/modules/rsync/__init__.py
@@ -27,7 +27,6 @@ module_spec = {
                        'validate_config': CheckSyncConfig,
                        'module_specific_options': (
                                'sync-rsync-extra-opts',
-                               'sync-rsync-openpgp-key-path',
                                'sync-rsync-vcs-ignore',
                                'sync-rsync-verify-jobs',
                                'sync-rsync-verify-metamanifest',
diff --git a/pym/portage/sync/modules/rsync/rsync.py 
b/pym/portage/sync/modules/rsync/rsync.py
index 552ac6f6b..d9d7d56f2 100644
--- a/pym/portage/sync/modules/rsync/rsync.py
+++ b/pym/portage/sync/modules/rsync/rsync.py
@@ -87,10 +87,6 @@ class RsyncSync(NewBase):
                self.verify_metamanifest = (
                                self.repo.module_specific_options.get(
                                        'sync-rsync-verify-metamanifest', 
False))
-               # Default to gentoo-keys keyring.
-               self.openpgp_key_path = (
-                               self.repo.module_specific_options.get(
-                                       'sync-rsync-openpgp-key-path', None))
                # Support overriding job count.
                self.verify_jobs = self.repo.module_specific_options.get(
                                'sync-rsync-verify-jobs', None)
@@ -276,8 +272,8 @@ class RsyncSync(NewBase):
                # if synced successfully, verify now
                if exitcode == 0 and self.verify_metamanifest:
                        command = ['gemato', 'verify', '-s', self.repo.location]
-                       if self.openpgp_key_path is not None:
-                               command += ['-K', self.openpgp_key_path]
+                       if self.repo.openpgp_key_path is not None:
+                               command += ['-K', self.repo.openpgp_key_path]
                        if self.verify_jobs is not None:
                                command += ['-j', self.verify_jobs]
                        exitcode = portage.process.spawn(command, 
**self.spawn_kwargs)
-- 
2.16.1


Reply via email to