author: J08nY 2017-06-27 00:34:19 +0200
committer: J08nY 2017-06-27 00:34:19 +0200
commit: b7e3366e385d603885360ba6550bcf04c4d7d878 (patch)
tree: b34a45faadd9f8ca921cd17e05179aac8311238e
parent: 016740a6ca2aa789713abdf9caadf9d102c8b866 (diff)
download: mailman-pgp-b7e3366e385d603885360ba6550bcf04c4d7d878.tar.gz
mailman-pgp-b7e3366e385d603885360ba6550bcf04c4d7d878.tar.zst
mailman-pgp-b7e3366e385d603885360ba6550bcf04c4d7d878.zip
2 files changed, 25 insertions, 26 deletions
diff --git a/src/mailman_pgp/rules/signature.py b/src/mailman_pgp/rules/signature.py
index 5f5b802..6bac3dc 100644
--- a/src/mailman_pgp/rules/signature.py
+++ b/src/mailman_pgp/rules/signature.py
@@ -18,6 +18,7 @@
 """Signature checking rule for the pgp-posting-chain."""
 
 from mailman.core.i18n import _
+from mailman.interfaces.action import Action
 from mailman.interfaces.rules import IRule
 from mailman.interfaces.usermanager import IUserManager
 from public import public
@@ -30,7 +31,7 @@ from mailman_pgp.model.list import PGPMailingList
 from mailman_pgp.pgp.wrapper import PGPWrapper
 
 
-def _record_action(msgdata, action, sender, reason):
+def record_action(msgdata, action, sender, reason):
     msgdata['moderation_action'] = action
     msgdata['moderation_sender'] = sender
     msgdata.setdefault('moderation_reasons', []).append(reason)
@@ -60,16 +61,16 @@ class Signature:
         # Take unsigned_msg_action if unsigned.
         if not wrapped.is_signed():
             action = enc_list.unsigned_msg_action
-            if action is not None:
-                _record_action(msgdata, action, msg.sender,
+            if action != Action.defer:
+                record_action(msgdata, action, msg.sender,
                                'The message is unsigned.')
                 return True
 
         # Take `inline_pgp_action` if inline signed.
-        if wrapped.is_inline_signed():
+        if wrapped.inline.is_signed():
             action = enc_list.inline_pgp_action
-            if action is not None:
-                _record_action(msgdata, action, msg.sender,
+            if action != Action.defer:
+                record_action(msgdata, action, msg.sender,
                                'Inline PGP is not allowed.')
                 return True
 
@@ -85,33 +86,30 @@ class Signature:
         # See if we have a key.
         key = enc_address.key
         if key is None:
-            # TODO: how to handle this?
             raise ValueError('No key?')
 
-        # Verify, this gives us stuff we need to check.
-        verification = wrapped.verify(key)
-
         # Take the `invalid_sig_action` if the verification failed.
-        if not verification:
+        if not wrapped.verifies(key):
             action = enc_list.invalid_sig_action
-            if action is not None:
-                _record_action(msgdata, action, msg.sender,
+            if action != Action.defer:
+                record_action(msgdata, action, msg.sender,
                                'Signature did not verify.')
                 return True
 
-        # TODO: handle more signatures here?
-        sig_obj = next(verification.good_signatures)
-        sig_key = sig_obj.by
-        sig_sig = sig_obj.signature
 
-        # Take the `expired_sig_action` if either he signature or the key
-        # is expired.
-        if sig_sig.is_expired or sig_key.is_expired:
-            action = enc_list.expired_sig_action
-            if action is not None:
-                _record_action(msgdata, action, msg.sender,
-                               'Signature or key expired.')
-                return True
+        # # TODO: handle more signatures here?
+        # sig_obj = next(verification.good_signatures)
+        # sig_key = sig_obj.by
+        # sig_sig = sig_obj.signature
+        #
+        # # Take the `expired_sig_action` if either he signature or the key
+        # # is expired.
+        # if sig_sig.is_expired or sig_key.is_expired:
+        #     action = enc_list.expired_sig_action
+        #     if action is not None:
+        #         _record_action(msgdata, action, msg.sender,
+        #                        'Signature or key expired.')
+        #         return True
 
         # XXX: we need to track key revocation separately to use it here
         # TODO: check key revocation here
diff --git a/src/mailman_pgp/runners/incoming.py b/src/mailman_pgp/runners/incoming.py
index b34f5e5..7bc14e1 100644
--- a/src/mailman_pgp/runners/incoming.py
+++ b/src/mailman_pgp/runners/incoming.py
@@ -20,6 +20,7 @@
 from mailman.config import config as mailman_config
 from mailman.core.runner import Runner
 from mailman.email.message import Message
+from mailman.interfaces.action import Action
 from mailman.model.mailinglist import MailingList
 from public import public
 
@@ -59,7 +60,7 @@ class IncomingRunner(Runner):
             # just set some data for our `encryption` rule which will
             # jump to the moderation chain if `pgp_moderate` is True
             action = pgp_list.nonencrypted_msg_action
-            if action is not None:
+            if action != Action.defer:
                 msgdata['moderation_action'] = action
                 msgdata['moderation_sender'] = msg.sender
                 msgdata['moderation_reason'] = 'Message was not encrypted.'
author	J08nY	2017-06-27 00:34:19 +0200
committer	J08nY	2017-06-27 00:34:19 +0200
commit	b7e3366e385d603885360ba6550bcf04c4d7d878 (patch)
tree	b34a45faadd9f8ca921cd17e05179aac8311238e
parent	016740a6ca2aa789713abdf9caadf9d102c8b866 (diff)
download	mailman-pgp-b7e3366e385d603885360ba6550bcf04c4d7d878.tar.gz mailman-pgp-b7e3366e385d603885360ba6550bcf04c4d7d878.tar.zst mailman-pgp-b7e3366e385d603885360ba6550bcf04c4d7d878.zip