diff options
author | Konstantin Ryabitsev <konstantin@linuxfoundation.org> | 2020-02-25 21:24:04 -0500 |
---|---|---|
committer | Konstantin Ryabitsev <konstantin@linuxfoundation.org> | 2020-02-25 21:24:04 -0500 |
commit | 3f608ef85046bec4e2e8d8fe26e7c9df894ddb37 (patch) | |
tree | e4d7692b800b39c2604c0a04743e4a75be5aaa39 | |
parent | 8df18295e129f299a88e374e9ba377c6507fe5c0 (diff) | |
download | korg-helpers-3f608ef85046bec4e2e8d8fe26e7c9df894ddb37.tar.gz |
Fixes to deal with multiple attestations
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
-rwxr-xr-x | attest-patches.py | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/attest-patches.py b/attest-patches.py index 7e7491b..ba3bcb3 100755 --- a/attest-patches.py +++ b/attest-patches.py @@ -408,23 +408,24 @@ def verify_attestation(cmdargs): for good, valid, trusted, sigkey, siguid in adata: if cmdargs.ignorefrom or check_if_from_matches_uids(sigkey, msg): if not trusted: - logger.critical('FAIL | %s', msg['Subject']) VALIDATION_ERRORS.update(('Insufficient owner trust (model=%s): %s (key=%s)' % (GPGTRUSTMODEL, siguid, sigkey),)) ecode = 128 else: - logger.critical('PASS | %s', msg['Subject']) if ecode != 128: ecode = 0 break else: - logger.critical('FAIL | %s', msg['Subject']) VALIDATION_ERRORS.update(('Attestation ignored due to From/UID mismatch: %s' % siguid,)) ecode = 1 - if not cmdargs.nofast and ecode > 0: - logger.critical('Aborting due to failure.') - break + if ecode > 0: + logger.critical('FAIL | %s', msg['Subject']) + if not cmdargs.nofast: + logger.critical('Aborting due to failure.') + break + else: + logger.critical('PASS | %s', msg['Subject']) logger.critical('---') if ecode > 0: |