diff options
| author | J08nY | 2017-08-10 02:43:41 +0200 |
|---|---|---|
| committer | J08nY | 2017-08-10 02:43:41 +0200 |
| commit | dc30efedb9445dee5a04e53e356d8afde0f61e52 (patch) | |
| tree | feed841fd419cc8997a1a9a06a1e664759b0454a | |
| parent | c3aba5bef7652b9fad509ba52a795c119646fff7 (diff) | |
| download | mailman-pgp-dc30efedb9445dee5a04e53e356d8afde0f61e52.tar.gz mailman-pgp-dc30efedb9445dee5a04e53e356d8afde0f61e52.tar.zst mailman-pgp-dc30efedb9445dee5a04e53e356d8afde0f61e52.zip | |
| -rw-r--r-- | src/mailman_pgp/commands/eml_key.py | 6 | ||||
| -rw-r--r-- | src/mailman_pgp/commands/tests/test_key.py | 293 |
2 files changed, 295 insertions, 4 deletions
diff --git a/src/mailman_pgp/commands/eml_key.py b/src/mailman_pgp/commands/eml_key.py index 9c2de81..a298ea7 100644 --- a/src/mailman_pgp/commands/eml_key.py +++ b/src/mailman_pgp/commands/eml_key.py @@ -409,7 +409,7 @@ def _cmd_sign(pgp_list, mlist, msg, msgdata, arguments, results): print('You are not allowed to sign the list key.', file=results) return ContinueProcessing.no - if pgp_list.key.key_material != key.key_material: + if pgp_list.pubkey.key_material != key.key_material: print('You sent a wrong key.', file=results) return ContinueProcessing.no @@ -440,10 +440,10 @@ def _cmd_sign(pgp_list, mlist, msg, msgdata, arguments, results): print('No new certifications found.', file=results) return ContinueProcessing.no - for uid, sigs in uid_sigs.values(): + for uid, sigs in uid_sigs.items(): for sig in sigs: uid |= sig - pgp_list.key.fs_key.save() + pgp_list.fs_key.save() print('List key updated with new signatures.', file=results) return ContinueProcessing.yes diff --git a/src/mailman_pgp/commands/tests/test_key.py b/src/mailman_pgp/commands/tests/test_key.py index 266def6..5a6bb12 100644 --- a/src/mailman_pgp/commands/tests/test_key.py +++ b/src/mailman_pgp/commands/tests/test_key.py @@ -16,11 +16,12 @@ # this program. If not, see <http://www.gnu.org/licenses/>. """""" - +import copy import unittest from mailman.app.lifecycle import create_list from mailman.email.message import Message +from mailman.interfaces.member import MemberRole from mailman.interfaces.subscriptions import ISubscriptionManager from mailman.interfaces.usermanager import IUserManager from mailman.runners.command import CommandRunner @@ -942,6 +943,296 @@ class TestAfterSubscription(unittest.TestCase): self.assertEqual(len(revocs), 1) self.assertEqual(revoc.hash2, revocs[0].hash2) + def test_sign(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + self.mlist.subscribe(bart) + get_queue_messages('virgin') + + self.pgp_list.key_signing_allowed = {MemberRole.member} + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key sign') + wrapped_message = MIMEWrapper(message) + new_key = copy.copy(self.pgp_list.pubkey) + uid = next(iter(new_key.userids)) + sig = self.bart_key.certify(uid) + uid |= sig + message = wrapped_message.attach_keys(new_key) + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('List key updated with new signatures.', + results_msg.get_payload()) + + def test_sign_encrypted(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + self.mlist.subscribe(bart) + get_queue_messages('virgin') + + self.pgp_list.key_signing_allowed = {MemberRole.member} + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key sign') + wrapped_message = MIMEWrapper(message) + new_key = copy.copy(self.pgp_list.pubkey) + uid = next(iter(new_key.userids)) + sig = self.bart_key.certify(uid) + uid |= sig + message = wrapped_message.attach_keys(new_key) + wrapped_message = MIMEWrapper(message) + message = wrapped_message.encrypt(self.pgp_list.pubkey) + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('List key updated with new signatures.', + results_msg.get_payload()) + + def test_sign_extra_arg(self): + message = _create_plain('bart@example.com', 'test@example.com', + 'key sign extra arguments', '') + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('Extraneous argument/s: extra,arguments', + results_msg.get_payload()) + + def test_sign_no_email(self): + message = _create_mixed('', 'test@example.com', 'key sign') + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('No email.', results_msg.get_payload()) + + def test_sign_no_pgp_address(self): + message = _create_mixed('bart@example.com', 'test@example.com', + 'key sign') + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('A pgp enabled address not found.', + results_msg.get_payload()) + + def test_sign_no_key_set(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + t.add(pgp_address) + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key sign') + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn("You currently don't have a key set.", + results_msg.get_payload()) + + def test_sign_key_not_confirmed(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + t.add(pgp_address) + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key sign') + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('Your key is currently not confirmed.', + results_msg.get_payload()) + + def test_sign_no_key(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + message = _create_plain('bart@example.com', 'test@example.com', + 'key sign', '') + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('No keys attached? Send a key.', + results_msg.get_payload()) + + def test_sign_multiple_keys(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key sign') + + wrapped_message = MIMEWrapper(message) + message = wrapped_message.attach_keys(self.bart_key.pubkey) + wrapped_message = MIMEWrapper(message) + message = wrapped_message.attach_keys(self.bart_new_key.pubkey) + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('More than one key! Send only one key.', + results_msg.get_payload()) + + def test_sign_not_allowed(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + self.pgp_list.key_signing_allowed = {MemberRole.owner} + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key sign') + wrapped_message = MIMEWrapper(message) + message = wrapped_message.attach_keys(self.pgp_list.pubkey) + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('You are not allowed to sign the list key.', + results_msg.get_payload()) + + def test_sign_wrong_keymaterial(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + self.mlist.subscribe(bart) + get_queue_messages('virgin') + + self.pgp_list.key_signing_allowed = {MemberRole.member} + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key sign') + wrapped_message = MIMEWrapper(message) + message = wrapped_message.attach_keys(self.bart_key.pubkey) + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('You sent a wrong key.', + results_msg.get_payload()) + + def test_sign_no_uids(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + self.mlist.subscribe(bart) + get_queue_messages('virgin') + + self.pgp_list.key_signing_allowed = {MemberRole.member} + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key sign') + wrapped_message = MIMEWrapper(message) + new_key = copy.copy(self.pgp_list.pubkey) + for uid in new_key.userids: + new_key.del_uid(uid.email) + message = wrapped_message.attach_keys(new_key) + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('No signed UIDs found.', + results_msg.get_payload()) + + def test_sign_no_new_sig(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + self.mlist.subscribe(bart) + get_queue_messages('virgin') + + self.pgp_list.key_signing_allowed = {MemberRole.member} + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key sign') + wrapped_message = MIMEWrapper(message) + message = wrapped_message.attach_keys(self.pgp_list.pubkey) + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('No new certifications found.', + results_msg.get_payload()) + + def test_sign_no_sig_by_key(self): + bart = getUtility(IUserManager).create_address('bart@example.com', + 'Bart Person') + with transaction() as t: + pgp_address = PGPAddress(bart) + pgp_address.key = self.bart_key.pubkey + pgp_address.key_confirmed = True + t.add(pgp_address) + + self.mlist.subscribe(bart) + get_queue_messages('virgin') + + self.pgp_list.key_signing_allowed = {MemberRole.member} + + message = _create_mixed('bart@example.com', 'test@example.com', + 'key sign') + wrapped_message = MIMEWrapper(message) + new_key = copy.copy(self.pgp_list.pubkey) + uid = next(iter(new_key.userids)) + sig = self.bart_new_key.certify(uid) + uid |= sig + message = wrapped_message.attach_keys(new_key) + + items = _run_message(message, 1) + results_msg = items[0].msg + + self.assertIn('No new certifications found.', + results_msg.get_payload()) + class TestGeneral(unittest.TestCase): layer = PGPConfigLayer |