Class: Yast::SignatureCheckDialogsClass

Inherits:

Module

• Object
• Module
• Yast::SignatureCheckDialogsClass

Defined in:

library/packages/src/modules/SignatureCheckDialogs.rb

Instance Method Summary

• #CheckSignatures ⇒ Object

  A semi-public helper.

• #CheckSignaturesInYaST ⇒ Object

  Should signatures be checked at all? Check a sysconfig variable (or a kernel parameter for the 1st installation stage).

• #GetDefaultDialogReturn(popup_type, popup_url) ⇒ true, false

  Function returns the default popup return value for case when user selected "don't show again".

• #GetShowThisPopup(popup_type, popup_url) ⇒ Boolean

  Function returns whether user want's to show the dialog (again).

• #ImportGPGKeyIntoTrustedDialog(key, repository) ⇒ Boolean

  ImportUntrustedGPGKeyIntoTrustedDialog.

• #ItemSignedWithPublicSignature(item_type, item_name, key) ⇒ Symbol

  Used for file or package signed by a public key.

• #ItemSignedWithUnknownSignature(item_type, item_name, key_id, dont_show_dialog_ident, repoid) ⇒ Boolean

  Used for file or package signed by unknown key.

• #main ⇒ Object
• #SetDefaultDialogReturn(popup_type, default_return, popup_url) ⇒ Object

  Function sets the default dialog return value for case when user selected "don't show again".

• #SetShowThisPopup(popup_type, show_it, popup_url) ⇒ Object

  Functions sets whether user want's to show the dialog again.

• #UseCorruptedItem(item_type, item_name, key, repository) ⇒ Boolean

  Used for corrupted file or package.

• #UseFileWithUnknownDigest(filename, digest, dont_show_dialog_ident) ⇒ Boolean

  Ask user to accept a file with unknown checksum.

• #UseFileWithWrongDigest(filename, requested_digest, found_digest, dont_show_dialog_ident) ⇒ Boolean

  Ask user to accept wrong digest.

• #UseItemWithNoChecksum(item_type, item_name, dont_show_dialog_ident) ⇒ Boolean

  Used for file or package on signed repository but without any checksum.

• #UseUnsignedItem(item_type, item_name, dont_show_dialog_ident, repository) ⇒ Boolean

  Used for unsiged file or package.

Instance Method Details

#CheckSignatures ⇒ Object

A semi-public helper. Convert the kernel parameter to the sysconfig string

Returns:

• sysconfig value: yes, yast, no

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 198

def CheckSignatures
  cmdline = Linuxrc.InstallInf("Cmdline")
  Builtins.y2milestone("Cmdline: %1", cmdline)

  val = Builtins.regexpsub(
    cmdline,
    "CHECK_SIGNATURES=([[:alpha:]]+)",
    "\\1"
  )
  if val.nil?
    val = Builtins.regexpsub(cmdline, "no_sig_check=([^[:digit:]]+)", "\\1")
    if !val.nil?
      trans = { "0" => "yes", "1" => "yast", "2" => "no" }
      val = Ops.get(trans, val)
    end
  end
  val = "yes" if val.nil?
  val
end

#CheckSignaturesInYaST ⇒ Object

Should signatures be checked at all? Check a sysconfig variable (or a kernel parameter for the 1st installation stage).

Returns:

• do checking?

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 221

def CheckSignaturesInYaST
  if @check_signatures.nil?
    chs = if Stage.initial
      CheckSignatures()
    else
      # default is "yes"
      Convert.to_string(
        SCR.Read(path(".sysconfig.security.CHECK_SIGNATURES"))
      )
    end
    Builtins.y2milestone("CHECK_SIGNATURES: %1", chs)
    @check_signatures = chs != "no"
  end
  @check_signatures
end

#GetDefaultDialogReturn(popup_type, popup_url) ⇒ true, false

Function returns the default popup return value for case when user selected "don't show again"

Parameters:

• popup_type (String) —

  dialog type

• popup_url (String) —

  dialog type

Returns:

• (true, false) —

  default dialog return

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 173

def GetDefaultDialogReturn(popup_type, popup_url)
  if popup_type.nil?
    Builtins.y2error("popup_type %1 mustn't be nil!", popup_type)
    return false
  end

  stored_return = Convert.to_boolean(
    DontShowAgain.GetDefaultReturn(
      "q_type"  => "inst-source",
      "q_ident" => popup_type,
      "q_url"   => popup_url
    )
  )

  Builtins.y2milestone(
    "User decided not to show popup for '%1' again, returning user-decision '%2'",
    popup_type,
    stored_return
  )
  stored_return
end

#GetShowThisPopup(popup_type, popup_url) ⇒ Boolean

Function returns whether user want's to show the dialog (again). true is the default if nothing is set.

Parameters:

• popup_type (String) —

  dialog type

• popup_url (String) —

  if any

Returns:

• (Boolean) —

  show the dialog

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 118

def GetShowThisPopup(popup_type, popup_url)
  if popup_type.nil?
    Builtins.y2error("popup_type %1 mustn't be nil!", popup_type)
    return true
  end

  # Read the current configuration from system configuration
  stored = DontShowAgain.GetShowQuestionAgain(
    "q_type"  => "inst-source",
    "q_ident" => popup_type,
    "q_url"   => popup_url
  )

  # Stored in the configuration?
  stored.nil? ? true : stored
end

#ImportGPGKeyIntoTrustedDialog(key, repository) ⇒ Boolean

ImportUntrustedGPGKeyIntoTrustedDialog

Parameters:

• key (Hash<String, Object>)
• repository (Integer)

Returns:

• (Boolean) —

  whether zypp should import the key into the keyring of trusted keys

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 640

def ImportGPGKeyIntoTrustedDialog(key, repository)
  key = deep_copy(key)
  # additional Richtext (HTML) warning text (kind of help), 1/2
  warning_text = _(
    "<p>The owner of the key may distribute updates,\n" \
    "packages, and package repositories that your system will trust and offer\n" \
    "for installation and update without any further warning. In this way,\n" \
    "importing the key into your keyring of trusted keys allows the key owner\n" \
    "to have a certain amount of control over the software on your system.</p>"
  ) +
    # additional Richtext (HTML) warning text (kind of help), 2/2
    _(
      "<p>A warning dialog opens for every package that\n" \
      "is not signed by a trusted (imported) key. If you do not trust the key,\n" \
      "the packages or repositories created by the owner of the key will not be used.</p>"
    )

  repo = Pkg.SourceGeneralData(repository)

  # popup message - label, part 1, %1 stands for repository name, %2 for its URL
  dialog_text = Builtins.sformat(
    _(
      "The following GnuPG key has been found in repository\n" \
      "%1\n" \
      "(%2):"
    ),
    Ops.get_locale(repo, "name", _("Unknown")),
    (repo && repo["url"]) ? repo["url"].scan(/.{1,59}/).join("\n") : _("Unknown")
  )

  # popup message - label, part 2
  dialog_text2 = _(
    "You can choose to import it into your keyring of trusted\n" \
    "public keys, meaning that you trust the owner of the key.\n" \
    "You should be sure that you can trust the owner and that\n" \
    "the key really belongs to that owner before importing it."
  )

  expires = Ops.get_integer(key, "expires_raw", 0)
  if Ops.greater_than(expires, 0) &&
      Ops.greater_than(Builtins.time, expires)
    # warning label - the key to import is expired
    dialog_text2 = Ops.add(
      Ops.add(Builtins.sformat(_("WARNING: The key has expired!")), "\n\n"),
      dialog_text2
    )
  end

  displayinfo = UI.GetDisplayInfo
  # hide additional help text in not enough wide terminals so
  # the important GPG key properties are completely displayed
  hide_help = Ops.get_boolean(displayinfo, "TextMode", false) &&
    Ops.less_than(Ops.get_integer(displayinfo, "Width", 80), 105)

  UI.OpenDialog(
    Opt(:decorated),
    HBox(
      # left-side help
      if hide_help
        Empty()
      else
        HWeight(3, VBox(RichText(warning_text)))
      end,
      HSpacing(1.5),
      # dialog
      HWeight(
        5,
        VBox(
          # popup heading
          Heading(_("Import Untrusted GnuPG Key")),
          # dialog message
          MarginBox(
            0.4,
            0.4,
            VBox(
              Left(Label(dialog_text)),
              GPGKeyAsTerm(key),
              Left(Label(dialog_text2))
            )
          ),
          # dialog buttons
          ButtonBox(
            # push button
            PushButton(Id(:trust), Opt(:key_F10, :okButton), _("&Trust")),
            PushButton(
              Id(:cancel),
              Opt(:key_F9, :cancelButton),
              Label.CancelButton
            )
          )
        )
      )
    )
  )

  UI.SetFocus(:cancel)

  ret = Convert.to_symbol(UI.UserInput)

  UI.CloseDialog

  ret == :trust
end

#ItemSignedWithPublicSignature(item_type, item_name, key) ⇒ Symbol

Used for file or package signed by a public key. This key is still not listed in trusted keys.

Parameters:

• item_type (Symbol) —

  :file or :package

• item_name (String) —

  file name or package name

• key (Hash<String, Object>)

Returns:

• (Symbol) —

  :key_import, :install, :skip

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 563

def ItemSignedWithPublicSignature(item_type, item_name, key)
  key = deep_copy(key)
  description_text = Builtins.sformat(
    if item_type == :package
      # popup question, %1 stands for the package name, %2 for the key ID, %3 for the key name
      _(
        "The package %1 is digitally signed\n" \
        "with key '%2 (%3)'.\n" \
        "\n" \
        "There is no trust relationship with the owner of the key.\n" \
        "If you trust the owner, mark the key as trusted.\n" \
        "\n" \
        "Installing a package from an unknown repository puts\n" \
        "the integrity of your system at risk. It is safest\n" \
        "to skip the package.\n"
      )
    else
      item_name = strip_download_prefix(item_name)
      # popup question, %1 stands for the filename, %2 for the key ID, %3 for the key name
      _(
        "The file %1 is digitally signed\n" \
        "with key '%2 (%3)'.\n" \
        "\n" \
        "There is no trust relationship with the owner of the key.\n" \
        "If you trust the owner, mark the key as trusted.\n" \
        "\n" \
        "Installing a file from an unknown repository puts\n" \
        "the integrity of your system at risk. It is safest\n" \
        "to skip it.\n"
      )
    end,
    item_name,
    Ops.get_string(key, "id", ""),
    Ops.get_string(key, "name", "")
  )

  UI.OpenDialog(
    Opt(:decorated),
    VBox(
      # popup heading
      Heading(_("Signed with Untrusted Public Key")),
      MarginBox(0.5, 0.5, Label(description_text)),
      ButtonBox(
        # push button
        PushButton(
          Id(:trust),
          Opt(:okButton, :key_F10),
          _("&Trust and Import the Key")
        ),
        PushButton(Id(:skip), Opt(:cancelButton, :key_F9), Label.SkipButton)
      )
    )
  )
  UI.SetFocus(:skip)

  # wait for one of listed ID's, return the default value in case of `cancel
  ret = WaitForSymbolUserInput([:trust, :skip], :skip)

  if ret == :trust
    # later, if asking whether to import the key, the key is trusted
    # so it will be also imported
    # bugzilla #282254
    @list_of_trusted_keys = Builtins.add(
      @list_of_trusted_keys,
      Ops.get_string(key, "id", "")
    )
  end

  UI.CloseDialog
  ret
end

#ItemSignedWithUnknownSignature(item_type, item_name, key_id, dont_show_dialog_ident, repoid) ⇒ Boolean

Used for file or package signed by unknown key.

Parameters:

• item_type (Symbol) —

  file orpackage

• item_name (String) —

  file name or package name

• key_id (String)
• dont_show_dialog_ident (String) —

  for the identification in magic "don't show" functions

• repoid (Fixnum) —

  Id of the repository from the item was downloaded

Returns:

• (Boolean) —

  true if 'yes, use file'

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 474

def ItemSignedWithUnknownSignature(item_type, item_name, key_id, dont_show_dialog_ident, repoid)
  repo_url = Ops.get_string(Pkg.SourceGeneralData(repoid), "url", "")
  description_text = Builtins.sformat(
    if item_type == :package
      # popup question, %1 stands for the package name, %2 for the complex multiline description of the GnuPG key
      _(
        "The package %1 is digitally signed\n" \
        "with the following unknown GnuPG key: %2.\n" \
        "\n" \
        "This means that a trust relationship to the creator of the package\n" \
        "cannot be established. Installing the package may put the integrity\n" \
        "of your system at risk.\n" \
        "\n" \
        "Install it anyway?"
      )
    else
      item_name = strip_download_prefix(item_name)
      # popup question, %1 stands for the filename, %2 for the complex multiline description of the GnuPG key
      _(
        "The file %1\n" \
        "is digitally signed with the following unknown GnuPG key: %2.\n" \
        "\n" \
        "This means that a trust relationship to the creator of the file\n" \
        "cannot be established. Using the file may put the integrity\n" \
        "of your system at risk.\n" \
        "\n" \
        "Use it anyway?"
      )
    end,
    # TODO: use something like "%1 from %2" and make it translatable
    if repo_url == ""
      item_name
    else
      Builtins.sformat("%1 (%2)", item_name, repo_url)
    end,
    Ops.add(
      "\n",
      # Part of the GnuPG key description in popup, %1 is a GnuPG key ID
      Builtins.sformat(_("ID: %1"), key_id)
    )
  )

  UI.OpenDialog(
    Opt(:decorated),
    VBox(
      # popup heading
      Heading(_("Unknown GnuPG Key")),
      MarginBox(0.5, 0.5, Label(description_text)),
      Left(
        MarginBox(
          0,
          1.2,
          CheckBox(
            Id(:dont_show_again),
            Message.DoNotShowMessageAgain,
            GetShowThisPopup(dont_show_dialog_ident, item_name) ? false : true
          )
        )
      ),
      YesNoButtons(:no)
    )
  )

  # This will optionally offer to retrieve the key from gpg keyservers
  # That's why it will return 'symbol' instead of 'boolean'
  # But by now it only handles yes/no/cancel
  ret = WaitForYesNoCancelUserInput()
  # default value
  ret = false if ret.nil?

  # Store the don't show value, store the default return value
  HandleDoNotShowDialogAgain(
    ret,
    dont_show_dialog_ident,
    :dont_show_again,
    item_name
  )

  UI.CloseDialog
  ret
end

#main ⇒ Object

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 32

def main
  Yast.import "Pkg"
  Yast.import "UI"
  textdomain "base"

  Yast.import "Label"
  Yast.import "Popup"
  Yast.import "Message"
  Yast.import "DontShowAgain"
  Yast.import "Stage"
  Yast.import "Linuxrc"

  # --------------------------- Don't show this dialog again Magic ---------------------------

  # /etc/sysconfig/security:CHECK_SIGNATURES

  @check_signatures = nil # lazy

  # Standard text strings

  # GnuPG fingerprint used as "Fingerprint: AAA BBB CCC"
  @s_fingerprint = _("Fingerprint")
  # GnuPG key ID used as "Key ID: 1144AAAA444"
  @s_keyid = _("Key ID")

  # UI can show images
  @has_local_image_support = nil

  # List of trusted keys
  #
  # @see bugzilla #282254
  @list_of_trusted_keys = []
end

#SetDefaultDialogReturn(popup_type, default_return, popup_url) ⇒ Object

Function sets the default dialog return value for case when user selected "don't show again"

Parameters:

• popup_type (String) —

  dialog type

• default_return (Boolean)

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 140

def SetDefaultDialogReturn(popup_type, default_return, popup_url)
  if popup_type.nil? || default_return.nil?
    Builtins.y2error(
      "Neither popup_type %1 nor default_return %2 can be nil!",
      popup_type,
      default_return
    )
    return
  end
  Builtins.y2milestone(
    "User decision in default return for '%1' for '%2' is '%3'",
    popup_type,
    popup_url,
    default_return
  )
  DontShowAgain.SetDefaultReturn(
    {
      "q_type"  => "inst-source",
      "q_ident" => popup_type,
      "q_url"   => popup_url
    },
    default_return
  )

  nil
end

#SetShowThisPopup(popup_type, show_it, popup_url) ⇒ Object

Functions sets whether user want's to show the dialog again

Parameters:

• popup_type (String) —

  dialog type

• show_it (true, false) —

  show again

• popup_url (String)

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 73

def SetShowThisPopup(popup_type, show_it, popup_url)
  if popup_type.nil? || show_it.nil?
    Builtins.y2error(
      "Neither popup_type %1 nor show_it %2 can be nil!",
      popup_type,
      show_it
    )
    return
  end

  # it's the default
  if show_it
    Builtins.y2debug(
      "User decision to show dialog '%1' again is '%2'",
      popup_type,
      show_it
    )
    # store only "don't show"
  else
    Builtins.y2milestone(
      "User decision to show dialog '%1' for '%2' again is '%3'",
      popup_type,
      popup_url,
      show_it
    )
    # Show again -> false, so, store it
    DontShowAgain.SetShowQuestionAgain(
      {
        "q_type"  => "inst-source",
        "q_ident" => popup_type,
        "q_url"   => popup_url
      },
      show_it
    )
  end

  nil
end

#UseCorruptedItem(item_type, item_name, key, repository) ⇒ Boolean

Used for corrupted file or package. Opens dialog asking whether user wants to use this corrupted item.

Parameters:

• item_type (Symbol) —

  file orpackage

• item_name (String) —

  file name or package name

• key (Hash{String => Object}) —

  Used key

Returns:

• (Boolean) —

  use or don't use ('true' if 'yes')

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 409

def UseCorruptedItem(item_type, item_name, key, repository)
  key = deep_copy(key)
  repo = Pkg.SourceGeneralData(repository)

  description_text = Builtins.sformat(
    if item_type == :package
      # popup question, %1 stands for the package name, %2 for the complete description of the GnuPG key (multiline)
      _(
        "Package %1 from repository %2\n" \
        "%3\n" \
        "is signed with the following GnuPG key, but the integrity check failed: %4\n" \
        "\n" \
        "The package has been changed, either by accident or by an attacker,\n" \
        "since the repository creator signed it. Installing it is a big risk\n" \
        "for the integrity and security of your system.\n" \
        "\n" \
        "Install it anyway?\n"
      )
    else
      item_name = strip_download_prefix(item_name)
      # popup question, %1 stands for the filename, %2 for the complete description of the GnuPG key (multiline)
      _(
        "File %1 from repository %2\n" \
        "%3\n" \
        "is signed with the following GnuPG key, but the integrity check failed: %4\n" \
        "\n" \
        "The file has been changed, either by accident or by an attacker,\n" \
        "since the repository creator signed it. Using it is a big risk\n" \
        "for the integrity and security of your system.\n" \
        "\n" \
        "Use it anyway?\n"
      )
    end,
    item_name,
    Ops.get_locale(repo, "name", _("Unknown")),
    Ops.get_locale(repo, "url", _("Unknown")),
    Ops.add("\n\n", GPGKeyAsString(key))
  )

  UI.OpenDialog(
    Opt(:decorated),
    VBox(
      # popup heading
      Heading(_("Validation Check Failed")),
      MarginBox(0.5, 0.5, Label(description_text)),
      YesNoButtons(:no)
    )
  )

  ret = WaitForYesNoCancelUserInput()
  # default value
  ret = false if ret.nil?

  UI.CloseDialog
  ret
end

#UseFileWithUnknownDigest(filename, digest, dont_show_dialog_ident) ⇒ Boolean

Ask user to accept a file with unknown checksum

Parameters:

• filename (String) —

  Name of the file

• digest (String) —

  Current checksum

• dont_show_dialog_ident (String) —

  Uniq ID for "don't show again"

Returns:

• (Boolean) —

  true when user accepts the file

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 788

def UseFileWithUnknownDigest(filename, digest, dont_show_dialog_ident)
  filename = strip_download_prefix(filename)
  description_text =
    # popup question, %1 stands for the filename, %2 is expected digest, %3 is the current digest
    Builtins.sformat(
      _(
        "The checksum of file %1\n" \
        "is %2,\n" \
        "but the expected checksum is not known.\n" \
        "\n" \
        "This means that the origin and integrity of the file\n" \
        "cannot be verified. Using the file puts the integrity of your system at risk.\n" \
        "\n" \
        "Use it anyway?\n"
      ),
      filename,
      digest
    )
  # dialog heading - displayed in a big bold font
  heading = _("Unknown Digest")

  RunSimpleErrorPopup(
    heading,
    description_text,
    dont_show_dialog_ident,
    filename
  )
end

#UseFileWithWrongDigest(filename, requested_digest, found_digest, dont_show_dialog_ident) ⇒ Boolean

Ask user to accept wrong digest

Parameters:

• filename (String) —

  Name of the file

• requested_digest (String) —

  Expected checksum

• found_digest (String) —

  Current checksum

• dont_show_dialog_ident (String) —

  Uniq ID for "don't show again"

Returns:

• (Boolean) —

  true when user accepts the file

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 750

def UseFileWithWrongDigest(filename, requested_digest, found_digest, dont_show_dialog_ident)
  filename = strip_download_prefix(filename)
  description_text =
    # popup question, %1 stands for the filename, %2 is expected checksum
    # %3 is the current checksum (e.g. "803a8ff00d00c9075a1bd223a480bcf92d2481c1")
    Builtins.sformat(
      _(
        "The expected checksum of file %1\n" \
        "is %2,\n" \
        "but the current checksum is %3.\n" \
        "\n" \
        "The file has been changed by accident or by an attacker\n" \
        "since the repository creator signed it. Using it is a big risk\n" \
        "for the integrity and security of your system.\n" \
        "\n" \
        "Use it anyway?\n"
      ),
      filename,
      requested_digest,
      found_digest
    )

  # dialog heading - displayed in a big bold font
  heading = _("Wrong Digest")

  RunSimpleErrorPopup(
    heading,
    description_text,
    dont_show_dialog_ident,
    filename
  )
end

#UseItemWithNoChecksum(item_type, item_name, dont_show_dialog_ident) ⇒ Boolean

Used for file or package on signed repository but without any checksum. Opens dialog asking whether user wants to use this item.

Parameters:

• item_type (Symbol) —

  file orpackage

• item_name (String) —

  file name or package name

• dont_show_dialog_ident (String) —

  for the identification in magic "don't show" functions

Returns:

• (Boolean) —

  use or don't use ('true' if 'yes')

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 338

def UseItemWithNoChecksum(item_type, item_name, dont_show_dialog_ident)
  description_text = Builtins.sformat(
    if item_type == :package
      # popup question, %1 stands for the package name
      _(
        "No checksum for package %1 was found in the repository.\n" \
        "While the package is part of the signed repository, it is not contained \n" \
        "in the list of checksums in this repository. Installing the package puts \n" \
        "the integrity of your system at risk.\n" \
        "\n" \
        "Install it anyway?\n"
      )
    else
      item_name = strip_download_prefix(item_name)
      # popup question, %1 stands for the filename
      _(
        "No checksum for file %1 was found in the repository.\n" \
        "This means that the file is part of the signed repository,\n" \
        "but the list of checksums in this repository does not mention this file. Using the file\n" \
        "may put the integrity of your system at risk.\n" \
        "\n" \
        "Use it anyway?"
      )
    end,
    item_name
  )

  UI.OpenDialog(
    Opt(:decorated),
    VBox(
      # popup heading
      Heading(_("No Checksum Found")),
      MarginBox(0.5, 0.5, Label(description_text)),
      Left(
        MarginBox(
          0,
          1.2,
          CheckBox(
            Id(:dont_show_again),
            Message.DoNotShowMessageAgain,
            GetShowThisPopup(dont_show_dialog_ident, item_name) ? false : true
          )
        )
      ),
      YesNoButtons(:no)
    )
  )

  ret = WaitForYesNoCancelUserInput()
  # default value
  ret = false if ret.nil?

  # Store the don't show value, store the default return value
  HandleDoNotShowDialogAgain(
    ret,
    dont_show_dialog_ident,
    :dont_show_again,
    item_name
  )

  UI.CloseDialog
  ret
end

#UseUnsignedItem(item_type, item_name, dont_show_dialog_ident, repository) ⇒ Boolean

Used for unsiged file or package. Opens dialog asking whether user wants to use this unsigned item.

Parameters:

• item_type (Symbol) —

  file orpackage

• item_name (String) —

  file name or package name

• dont_show_dialog_ident (String) —

  for the identification in magic "don't show" functions

Returns:

• (Boolean) —

  use or don't use ('true' if 'yes')

# File 'library/packages/src/modules/SignatureCheckDialogs.rb', line 244

def UseUnsignedItem(item_type, item_name, dont_show_dialog_ident, repository)
  Builtins.y2milestone(
    "UseUnsignedItem: type: %1, name: %2, dontshowid: %3, repo: %4",
    item_type,
    item_name,
    dont_show_dialog_ident,
    repository
  )

  repo = Pkg.SourceGeneralData(repository)

  description_text = Builtins.sformat(
    if item_type == :package
      # popup question, %1 stands for the package name
      # %2 is a repository name
      # %3 is URL of the repository
      _(
        "The package %1 from repository %2\n" \
        "%3\n" \
        "is not digitally signed. This means that the origin\n" \
        "and integrity of the package cannot be verified. Installing the package\n" \
        "may put the integrity of your system at risk.\n" \
        "\n" \
        "Install it anyway?"
      )
    else
      item_name = strip_download_prefix(item_name)
      # popup question, %1 stands for the filename
      # %2 is a repository name
      # %3 is URL of the repository
      _(
        "The file %1 from repository %2\n" \
        "%3\n" \
        "is not digitally signed. The origin and integrity of the file\n" \
        "cannot be verified. Using the file anyway puts the integrity of your \n" \
        "system at risk.\n" \
        "\n" \
        "Use it anyway?\n"
      )
    end,
    item_name,
    Ops.get_locale(repo, "name", _("Unknown")),
    Ops.get_locale(repo, "url", _("Unknown"))
  )

  UI.OpenDialog(
    Opt(:decorated),
    VBox(
      Heading(
        if item_type == :package
          _("Unsigned Package")
        else
          _("Unsigned File")
        end
      ),
      MarginBox(0.5, 0.5, Label(description_text)),
      Left(
        MarginBox(
          0,
          1.2,
          CheckBox(
            Id(:dont_show_again),
            Message.DoNotShowMessageAgain,
            GetShowThisPopup(dont_show_dialog_ident, item_name) ? false : true
          )
        )
      ),
      YesNoButtons(:no)
    )
  )

  ret = WaitForYesNoCancelUserInput()
  # default value
  ret = false if ret.nil?

  # Store the don't show value, store the default return value
  HandleDoNotShowDialogAgain(
    ret,
    dont_show_dialog_ident,
    :dont_show_again,
    item_name
  )

  UI.CloseDialog
  ret
end