-#!/usr/bin/env python2
-# -*- coding: utf-8 -*-
+#!/usr/bin/env python3
#
# update.py - part of the FDroid server tools
# Copyright (C) 2010-2013, Ciaran Gultnieks, ciaran@ciarang.com
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import glob
-import hashlib
import os
import re
import shutil
import socket
import sys
-from optparse import OptionParser
+from argparse import ArgumentParser
import logging
import common
-from common import FDroidPopen, BuildException
config = {}
options = None
-def write_to_config(thisconfig, key, value=None):
- '''write a key/value to the local config.py'''
- if value is None:
- origkey = key + '_orig'
- value = thisconfig[origkey] if origkey in thisconfig else thisconfig[key]
- with open('config.py', 'r') as f:
- data = f.read()
- pattern = '\n[\s#]*' + key + '\s*=\s*"[^"]*"'
- repl = '\n' + key + ' = "' + value + '"'
- data = re.sub(pattern, repl, data)
- with open('config.py', 'w') as f:
- f.writelines(data)
-
-
def disable_in_config(key, value):
'''write a key/value to the local config.py, then comment it out'''
with open('config.py', 'r') as f:
f.writelines(data)
-def genpassword():
- '''generate a random password for when generating keys'''
- h = hashlib.sha256()
- h.update(os.urandom(16)) # salt
- h.update(bytes(socket.getfqdn()))
- return h.digest().encode('base64').strip()
-
-
-def genkey(keystore, repo_keyalias, password, keydname):
- '''generate a new keystore with a new key in it for signing repos'''
- logging.info('Generating a new key in "' + keystore + '"...')
- common.write_password_file("keystorepass", password)
- common.write_password_file("keypass", password)
- p = FDroidPopen(['keytool', '-genkey',
- '-keystore', keystore, '-alias', repo_keyalias,
- '-keyalg', 'RSA', '-keysize', '4096',
- '-sigalg', 'SHA256withRSA',
- '-validity', '10000',
- '-storepass:file', config['keystorepassfile'],
- '-keypass:file', config['keypassfile'],
- '-dname', keydname])
- # TODO keypass should be sent via stdin
- if p.returncode != 0:
- raise BuildException("Failed to generate key", p.output)
- # now show the lovely key that was just generated
- p = FDroidPopen(['keytool', '-list', '-v',
- '-keystore', keystore, '-alias', repo_keyalias,
- '-storepass:file', config['keystorepassfile']])
- logging.info(p.output.strip() + '\n\n')
-
-
def main():
global options, config
# Parse command line...
- parser = OptionParser()
- parser.add_option("-v", "--verbose", action="store_true", default=False,
- help="Spew out even more information than normal")
- parser.add_option("-q", "--quiet", action="store_true", default=False,
- help="Restrict output to warnings and errors")
- parser.add_option("-d", "--distinguished-name", default=None,
- help="X.509 'Distiguished Name' used when generating keys")
- parser.add_option("--keystore", default=None,
- help="Path to the keystore for the repo signing key")
- parser.add_option("--repo-keyalias", default=None,
- help="Alias of the repo signing key in the keystore")
- parser.add_option("--android-home", default=None,
- help="Path to the Android SDK (sometimes set in ANDROID_HOME)")
- parser.add_option("--no-prompt", action="store_true", default=False,
- help="Do not prompt for Android SDK path, just fail")
- (options, args) = parser.parse_args()
+ parser = ArgumentParser()
+ common.setup_global_opts(parser)
+ parser.add_argument("-d", "--distinguished-name", default=None,
+ help="X.509 'Distiguished Name' used when generating keys")
+ parser.add_argument("--keystore", default=None,
+ help="Path to the keystore for the repo signing key")
+ parser.add_argument("--repo-keyalias", default=None,
+ help="Alias of the repo signing key in the keystore")
+ parser.add_argument("--android-home", default=None,
+ help="Path to the Android SDK (sometimes set in ANDROID_HOME)")
+ parser.add_argument("--no-prompt", action="store_true", default=False,
+ help="Do not prompt for Android SDK path, just fail")
+ options = parser.parse_args()
# find root install prefix
tmp = os.path.dirname(sys.argv[0])
+ examplesdir = None
if os.path.basename(tmp) == 'bin':
- prefix = os.path.dirname(tmp)
- examplesdir = prefix + '/share/doc/fdroidserver/examples'
+ egg_link = os.path.join(tmp, '..', 'local/lib/python2.7/site-packages/fdroidserver.egg-link')
+ if os.path.exists(egg_link):
+ # installed from local git repo
+ examplesdir = os.path.join(open(egg_link).readline().rstrip(), 'examples')
+ else:
+ # try .egg layout
+ examplesdir = os.path.dirname(os.path.dirname(__file__)) + '/share/doc/fdroidserver/examples'
+ if not os.path.exists(examplesdir): # use UNIX layout
+ examplesdir = os.path.dirname(tmp) + '/share/doc/fdroidserver/examples'
else:
# we're running straight out of the git repo
prefix = os.path.normpath(os.path.join(os.path.dirname(__file__), '..'))
# If android_home is not None, the path given from the command line
# will be directly written in the config.
if 'sdk_path' in test_config:
- write_to_config(test_config, 'sdk_path', options.android_home)
+ common.write_to_config(test_config, 'sdk_path', options.android_home)
else:
logging.warn('Looks like this is already an F-Droid repo, cowardly refusing to overwrite it...')
logging.info('Try running `fdroid init` in an empty directory.')
sys.exit()
- if not 'aapt' in test_config or not os.path.isfile(test_config['aapt']):
+ if 'aapt' not in test_config or not os.path.isfile(test_config['aapt']):
# try to find a working aapt, in all the recent possible paths
build_tools = os.path.join(test_config['sdk_path'], 'build-tools')
aaptdirs = []
test_config['build_tools'] = ''
else:
test_config['build_tools'] = dirname
- write_to_config(test_config, 'build_tools')
+ common.write_to_config(test_config, 'build_tools')
common.ensure_build_tools_exists(test_config)
# now that we have a local config.py, read configuration...
config = common.read_config(options)
- # track down where the Android NDK is
- ndk_path = '/opt/android-ndk'
- if os.path.isdir(config['ndk_path']):
- ndk_path = config['ndk_path']
- elif 'ANDROID_NDK' in os.environ.keys():
- logging.info('using ANDROID_NDK')
- ndk_path = os.environ['ANDROID_NDK']
- if os.path.isdir(ndk_path):
- write_to_config(test_config, 'ndk_path')
- # the NDK is optional so we don't prompt the user for it if its not found
+ # the NDK is optional and there may be multiple versions of it, so it's
+ # left for the user to configure
# find or generate the keystore for the repo signing key. First try the
# path written in the default config.py. Then check if the user has
if not os.path.exists(keystore):
logging.info('"' + keystore
+ '" does not exist, creating a new keystore there.')
- write_to_config(test_config, 'keystore', keystore)
+ common.write_to_config(test_config, 'keystore', keystore)
repo_keyalias = None
if options.repo_keyalias:
repo_keyalias = options.repo_keyalias
- write_to_config(test_config, 'repo_keyalias', repo_keyalias)
+ common.write_to_config(test_config, 'repo_keyalias', repo_keyalias)
if options.distinguished_name:
keydname = options.distinguished_name
- write_to_config(test_config, 'keydname', keydname)
+ common.write_to_config(test_config, 'keydname', keydname)
if keystore == 'NONE': # we're using a smartcard
- write_to_config(test_config, 'repo_keyalias', '1') # seems to be the default
+ common.write_to_config(test_config, 'repo_keyalias', '1') # seems to be the default
disable_in_config('keypass', 'never used with smartcard')
- write_to_config(test_config, 'smartcardoptions',
- ('-storetype PKCS11 -providerName SunPKCS11-OpenSC '
- + '-providerClass sun.security.pkcs11.SunPKCS11 '
- + '-providerArg opensc-fdroid.cfg'))
+ common.write_to_config(test_config, 'smartcardoptions',
+ ('-storetype PKCS11 -providerName SunPKCS11-OpenSC '
+ + '-providerClass sun.security.pkcs11.SunPKCS11 '
+ + '-providerArg opensc-fdroid.cfg'))
# find opensc-pkcs11.so
if not os.path.exists('opensc-fdroid.cfg'):
if os.path.exists('/usr/lib/opensc-pkcs11.so'):
with open('opensc-fdroid.cfg', 'w') as f:
f.write(opensc_fdroid)
elif not os.path.exists(keystore):
- # no existing or specified keystore, generate the whole thing
- keystoredir = os.path.dirname(keystore)
- if not os.path.exists(keystoredir):
- os.makedirs(keystoredir, mode=0o700)
- password = genpassword()
- write_to_config(test_config, 'keystorepass', password)
- write_to_config(test_config, 'keypass', password)
- if options.repo_keyalias is None:
- repo_keyalias = socket.getfqdn()
- write_to_config(test_config, 'repo_keyalias', repo_keyalias)
- if not options.distinguished_name:
- keydname = 'CN=' + repo_keyalias + ', OU=F-Droid'
- write_to_config(test_config, 'keydname', keydname)
- genkey(keystore, repo_keyalias, password, keydname)
+ password = common.genpassword()
+ c = dict(test_config)
+ c['keystorepass'] = password
+ c['keypass'] = password
+ c['repo_keyalias'] = socket.getfqdn()
+ c['keydname'] = 'CN=' + c['repo_keyalias'] + ', OU=F-Droid'
+ common.write_to_config(test_config, 'keystorepass', password)
+ common.write_to_config(test_config, 'keypass', password)
+ common.write_to_config(test_config, 'repo_keyalias', c['repo_keyalias'])
+ common.write_to_config(test_config, 'keydname', c['keydname'])
+ common.genkeystore(c)
logging.info('Built repo based in "' + fdroiddir + '"')
logging.info('with this config:')
logging.info(' Android SDK:\t\t\t' + config['sdk_path'])
if aapt:
logging.info(' Android SDK Build Tools:\t' + os.path.dirname(aapt))
- logging.info(' Android NDK (optional):\t' + ndk_path)
+ logging.info(' Android NDK r10e (optional):\t$ANDROID_NDK')
logging.info(' Keystore for signing key:\t' + keystore)
if repo_keyalias is not None:
logging.info(' Alias for key in store:\t' + repo_keyalias)