7 files changed, 33 insertions, 44 deletions

diff --git a/src/mailman_pgp/config/mailman_pgp.cfg b/src/mailman_pgp/config/mailman_pgp.cfg
index ad11407..e4166a7 100644
--- a/src/mailman_pgp/config/mailman_pgp.cfg
+++ b/src/mailman_pgp/config/mailman_pgp.cfg
@@ -34,6 +34,9 @@ archive_keydir = $DATA_DIR/pgp/archive_keydir/
 
 
 [keypairs]
+# Whether to autogenerate
+autogenerate = yes
+
 # Length of primary list key.
 key_length = 4096
 
diff --git a/src/mailman_pgp/model/list.py b/src/mailman_pgp/model/list.py
index f8efdd4..eaeb7a3 100644
--- a/src/mailman_pgp/model/list.py
+++ b/src/mailman_pgp/model/list.py
@@ -19,6 +19,7 @@
 
 from os.path import exists, isfile, join
 
+from flufl.lock import Lock
 from mailman.database.types import Enum, SAUnicode
 from mailman.interfaces.action import Action
 from mailman.interfaces.listmanager import IListManager
@@ -61,7 +62,6 @@ class PGPMailingList(Base):
         self._defaults()
         self.list_id = mlist.list_id
         self._mlist = mlist
-        self._generate(mlist)
 
     def _defaults(self):
         self.unsigned_msg_action = Action.reject
@@ -80,14 +80,6 @@ class PGPMailingList(Base):
         self._key = None
         self._key_generator = None
 
-    def _generate(self, mlist):
-        self._key_generator = ListKeyGenerator(config.pgp.keypair_config,
-                                               mlist.display_name,
-                                               mlist.posting_address,
-                                               mlist.request_address,
-                                               self.key_path)
-        self._key_generator.start()
-
     @property
     def mlist(self):
         """
@@ -110,17 +102,25 @@ class PGPMailingList(Base):
             # Check the file
             if exists(self.key_path) and isfile(self.key_path):
                 self._key, _ = PGPKey.from_file(self.key_path)
-            else:
-                # Check if key generator is running or what? Restart it if not.
-                # If we race it shutting down and saving the key file
-                # it will simply check the key_file exists and exit.
-                if self._key_generator is None or \
-                        not self._key_generator.is_alive():
-                    self._generate(self.mlist)
-                else:
-                    self._key_generator.join(0.2)
         return self._key
 
+    @key.setter
+    def key(self, value):
+        with Lock(self.key_path + '.lock'):
+            self._key = value
+            with open(self.key_path, 'w') as key_file:
+                key_file.write(str(value))
+
+    def generate_key(self, block=False):
+        self._key_generator = ListKeyGenerator(config.pgp.keypair_config,
+                                               self.mlist.display_name,
+                                               self.mlist.posting_address,
+                                               self.mlist.request_address,
+                                               self.key_path)
+        self._key_generator.start()
+        if block:
+            self._key_generator.join()
+
     @property
     def pubkey(self):
         """
diff --git a/src/mailman_pgp/pgp/__init__.py b/src/mailman_pgp/pgp/__init__.py
index d273f5e..31b61b3 100644
--- a/src/mailman_pgp/pgp/__init__.py
+++ b/src/mailman_pgp/pgp/__init__.py
@@ -30,7 +30,7 @@ from public import public
 from mailman_pgp.config import config
 
 KEYDIR_CONFIG_PATHS = ['list_keydir', 'user_keydir', 'archive_keydir']
-KEYPAIR_CONFIG_VARIABLES = ['key_type', 'key_length',
+KEYPAIR_CONFIG_VARIABLES = ['autogenerate', 'key_type', 'key_length',
                             'subkey_type', 'subkey_length']
 
 # The main key needs to support signing.
diff --git a/src/mailman_pgp/pgp/keygen.py b/src/mailman_pgp/pgp/keygen.py
index 36c90ca..b750e28 100644
--- a/src/mailman_pgp/pgp/keygen.py
+++ b/src/mailman_pgp/pgp/keygen.py
@@ -19,7 +19,6 @@
 potentially long key generation operation."""
 
 import multiprocessing as mp
-from os.path import exists, isfile
 
 from flufl.lock import Lock
 from pgpy import PGPKey, PGPUID
@@ -36,12 +35,12 @@ class ListKeyGenerator(mp.Process):
                 target=self.generate,
                 args=(keypair_config, display_name, posting_address,
                       request_address, key_path),
-                daemon=False)
+                daemon=True)
 
     def generate(self, keypair_config, display_name, posting_address,
                  request_address, key_path):
         """
-        Generate the list keypair and save it, if it does not exist.
+        Generate the list keypair and save it.
 
         :param keypair_config:
         :param display_name:
@@ -49,11 +48,9 @@ class ListKeyGenerator(mp.Process):
         :param request_address:
         :param key_path:
         """
+        key = self._create(keypair_config, display_name, posting_address,
+                           request_address)
         with Lock(key_path + '.lock'):
-            if exists(key_path) and isfile(key_path):
-                return
-            key = self._create(keypair_config, display_name, posting_address,
-                               request_address)
             self._save(key, key_path)
 
     def _create(self, config, display_name, posting_address, request_address):
diff --git a/src/mailman_pgp/rules/signature.py b/src/mailman_pgp/rules/signature.py
index 311ebfb..716483c 100644
--- a/src/mailman_pgp/rules/signature.py
+++ b/src/mailman_pgp/rules/signature.py
@@ -100,20 +100,6 @@ class Signature:
                               'Signature did not verify.')
                 return True
 
-        # # TODO: handle more signatures here?
-        # sig_obj = next(verification.good_signatures)
-        # sig_key = sig_obj.by
-        # sig_sig = sig_obj.signature
-        #
-        # # Take the `expired_sig_action` if either he signature or the key
-        # # is expired.
-        # if sig_sig.is_expired or sig_key.is_expired:
-        #     action = enc_list.expired_sig_action
-        #     if action is not None:
-        #         _record_action(msgdata, action, msg.sender,
-        #                        'Signature or key expired.')
-        #         return True
-
         # XXX: we need to track key revocation separately to use it here
         # TODO: check key revocation here
 
diff --git a/src/mailman_pgp/runners/tests/test_incoming.py b/src/mailman_pgp/runners/tests/test_incoming.py
index f879bc5..e3ceb67 100644
--- a/src/mailman_pgp/runners/tests/test_incoming.py
+++ b/src/mailman_pgp/runners/tests/test_incoming.py
@@ -14,7 +14,6 @@
 #
 # You should have received a copy of the GNU General Public License along with
 # this program.  If not, see <http://www.gnu.org/licenses/>.
-from time import sleep
 from unittest import TestCase
 
 from mailman.app.lifecycle import create_list
@@ -49,8 +48,7 @@ class TestIncoming(TestCase):
             self.mlist.subscribe(self.sender, MemberRole.member)
 
         self.pgp_list = PGPMailingList.for_list(self.mlist)
-        while self.pgp_list.pubkey is None:
-            sleep(1)
+        self.pgp_list.generate_key(True)
 
         sender_key = load_key('data/rsa_1024.pub.asc')
         with transaction() as t:
diff --git a/src/mailman_pgp/styles/base.py b/src/mailman_pgp/styles/base.py
index a817fcd..6b5271b 100644
--- a/src/mailman_pgp/styles/base.py
+++ b/src/mailman_pgp/styles/base.py
@@ -16,9 +16,10 @@
 # this program.  If not, see <http://www.gnu.org/licenses/>.
 
 """"""
-
+from lazr.config import as_boolean
 from public import public
 
+from mailman_pgp.config import config
 from mailman_pgp.database import transaction
 from mailman_pgp.model.list import PGPMailingList
 
@@ -35,6 +36,10 @@ class PGPStyle:
         if pgp_list:
             return
 
+        generate = as_boolean(config.get('keypairs', 'autogenerate'))
+
         with transaction() as session:
             pgp_list = PGPMailingList(mailing_list)
+            if generate:
+                pgp_list.generate_key()
             session.add(pgp_list)