From 336bff1104453d83e8286385e56a1e986cd375ed Mon Sep 17 00:00:00 2001 From: David Robertson Date: Fri, 1 Apr 2022 14:41:42 +0100 Subject: Burn `check_signature` dev script. (#12351) --- changelog.d/12349.misc | 2 +- changelog.d/12351.misc | 1 + mypy.ini | 1 - scripts-dev/check_signature.py | 72 ------------------------------------------ 4 files changed, 2 insertions(+), 74 deletions(-) create mode 100644 changelog.d/12351.misc delete mode 100644 scripts-dev/check_signature.py diff --git a/changelog.d/12349.misc b/changelog.d/12349.misc index 2b96e2d938..b2d83a7f78 100644 --- a/changelog.d/12349.misc +++ b/changelog.d/12349.misc @@ -1 +1 @@ -Remove unused and broken dev script `list_url_patterns.py`. \ No newline at end of file +Remove broken and unused development scripts. diff --git a/changelog.d/12351.misc b/changelog.d/12351.misc new file mode 100644 index 0000000000..b1dd1e2696 --- /dev/null +++ b/changelog.d/12351.misc @@ -0,0 +1 @@ +Remove broken and unused development scripts. \ No newline at end of file diff --git a/mypy.ini b/mypy.ini index 33c7d3e638..84e6b8646e 100644 --- a/mypy.ini +++ b/mypy.ini @@ -24,7 +24,6 @@ files = exclude = (?x) ^( |scripts-dev/build_debian_packages.py - |scripts-dev/check_signature.py |scripts-dev/definitions.py |scripts-dev/federation_client.py |scripts-dev/hash_history.py diff --git a/scripts-dev/check_signature.py b/scripts-dev/check_signature.py deleted file mode 100644 index 6755bc5282..0000000000 --- a/scripts-dev/check_signature.py +++ /dev/null @@ -1,72 +0,0 @@ -import argparse -import json -import logging -import sys - -import dns.resolver -import urllib2 -from signedjson.key import decode_verify_key_bytes, write_signing_keys -from signedjson.sign import verify_signed_json -from unpaddedbase64 import decode_base64 - - -def get_targets(server_name): - if ":" in server_name: - target, port = server_name.split(":") - yield (target, int(port)) - return - try: - answers = dns.resolver.query("_matrix._tcp." + server_name, "SRV") - for srv in answers: - yield (srv.target, srv.port) - except dns.resolver.NXDOMAIN: - yield (server_name, 8448) - - -def get_server_keys(server_name, target, port): - url = "https://%s:%i/_matrix/key/v1" % (target, port) - keys = json.load(urllib2.urlopen(url)) - verify_keys = {} - for key_id, key_base64 in keys["verify_keys"].items(): - verify_key = decode_verify_key_bytes(key_id, decode_base64(key_base64)) - verify_signed_json(keys, server_name, verify_key) - verify_keys[key_id] = verify_key - return verify_keys - - -def main(): - - parser = argparse.ArgumentParser() - parser.add_argument("signature_name") - parser.add_argument( - "input_json", nargs="?", type=argparse.FileType("r"), default=sys.stdin - ) - - args = parser.parse_args() - logging.basicConfig() - - server_name = args.signature_name - keys = {} - for target, port in get_targets(server_name): - try: - keys = get_server_keys(server_name, target, port) - print("Using keys from https://%s:%s/_matrix/key/v1" % (target, port)) - write_signing_keys(sys.stdout, keys.values()) - break - except Exception: - logging.exception("Error talking to %s:%s", target, port) - - json_to_check = json.load(args.input_json) - print("Checking JSON:") - for key_id in json_to_check["signatures"][args.signature_name]: - try: - key = keys[key_id] - verify_signed_json(json_to_check, args.signature_name, key) - print("PASS %s" % (key_id,)) - except Exception: - logging.exception("Check for key %s failed" % (key_id,)) - print("FAIL %s" % (key_id,)) - - -if __name__ == "__main__": - main() -- cgit 1.4.1