aboutsummaryrefslogtreecommitdiff
path: root/src/mailman_pgp/rules/signature.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/mailman_pgp/rules/signature.py')
-rw-r--r--src/mailman_pgp/rules/signature.py11
1 files changed, 10 insertions, 1 deletions
diff --git a/src/mailman_pgp/rules/signature.py b/src/mailman_pgp/rules/signature.py
index 998e9c3..b7d4b5c 100644
--- a/src/mailman_pgp/rules/signature.py
+++ b/src/mailman_pgp/rules/signature.py
@@ -35,7 +35,7 @@ from mailman_pgp.model.sighash import PGPSigHash
from mailman_pgp.pgp.wrapper import PGPWrapper
from mailman_pgp.utils.email import get_email
from mailman_pgp.utils.moderation import record_action
-from mailman_pgp.utils.pgp import hashes, verifies
+from mailman_pgp.utils.pgp import hashes, verifies, expired
@public
@@ -96,6 +96,15 @@ class Signature:
return True
verifications = list(wrapped.verify(key))
+ # verifications is a list of SignatureVerification, only contains
+ # sigs that appear to be by the pgp_address.key
+
+ if expired(verifications):
+ action = pgp_list.expired_sig_action
+ if action != Action.defer:
+ record_action(msg, msgdata, action, email,
+ 'Signature is expired.')
+ return True
# Take the `invalid_sig_action` if the verification failed.
if not verifies(verifications):
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-08 09:14:26 +0000