X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=ticket.py;h=c6dc4f734481defcf6abddf0669fc0df3305c718;hb=e57432c1dfdfeaa52cc32799e2abbc34b7704ce9;hp=2e87eb1c27d06398d6ba5a1bc5d643ec810f22c5;hpb=2cdb68a20824f5aa0245916f42decec37bc71bef;p=nodemanager.git

diff --git a/ticket.py b/ticket.py
index 2e87eb1..c6dc4f7 100644
--- a/ticket.py
+++ b/ticket.py
@@ -9,11 +9,15 @@ from xmlrpclib import dumps, loads
 
 GPG = '/usr/bin/gpg'
 
+def _popen_gpg(*args):
+    """Return a Popen object to GPG."""
+    return Popen((GPG, '--batch', '--no-tty') + args,
+                 stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True)
 
 def sign(data):
     """Return <data> signed with the default GPG key."""
-    msg = dumps((data,))
-    p = _popen_gpg('--armor', '--sign')
+    msg = dumps((data,), methodresponse = True)
+    p = _popen_gpg('--armor', '--sign', '--keyring', '/etc/planetlab/secring.gpg', '--no-default-keyring')
     p.stdin.write(msg)
     p.stdin.close()
     signed_msg = p.stdout.read()
@@ -24,17 +28,14 @@ def sign(data):
 
 def verify(signed_msg):
     """If <signed_msg> is a valid signed document, return its contents.  Otherwise, return None."""
-    p = _popen_gpg('--decrypt')
+    p = _popen_gpg('--decrypt', '--keyring', '/usr/boot/pubring.gpg', '--no-default-keyring')
     p.stdin.write(signed_msg)
     p.stdin.close()
     msg = p.stdout.read()
     p.stdout.close()
     p.stderr.close()
-    if p.wait(): return None  # verification failed
+    if p.wait():
+        return None  # verification failed
     else:
         data, = loads(msg)[0]
         return data
-
-def _popen_gpg(*args):
-    """Return a Popen object to GPG."""
-    return Popen((GPG, '--batch', '--no-tty') + args, stdin=PIPE, stdout=PIPE, stderr=PIPE)