1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
# Copyright (C) 2017 Jan Jancar
#
# This file is a part of the Mailman PGP plugin.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along with
# this program. If not, see <http://www.gnu.org/licenses/>.
""""""
from mailman.email.message import UserNotification
from mailman.interfaces.subscriptions import TokenOwner
from mailman.workflows.common import WhichSubscriber
from pgpy import PGPKey
from mailman_pgp.model.address import PGPAddress
from mailman_pgp.model.list import PGPMailingList
from mailman_pgp.pgp.utils import copy_headers
from mailman_pgp.pgp.wrapper import PGPWrapper
KEY_REQUEST = """\
----------
TODO: this is a pgp enabled list.
We need your pubkey.
Reply to this message with it as a PGP/MIME(preferred) or inline.
----------"""
CONFIRM_REQUEST = """\
----------
TODO: this is a pgp enabled list.
Reply to this message with this whole text
signed with your supplied key, either inline or PGP/MIME.
Fingerprint: {}
Token: {}
----------
"""
class PubkeyMixin:
def __init__(self, pubkey=None, pre_confirmed=False):
self.pubkey = pubkey
self.pubkey_confirmed = pre_confirmed
@property
def pubkey_key(self):
if self.pubkey is None:
return None
return str(self.pubkey)
@pubkey_key.setter
def pubkey_key(self, value):
if value is not None:
self.pubkey, _ = PGPKey.from_blob(value)
else:
self.pubkey = None
def _step_pubkey_checks(self):
self.push('restore_subscriber')
if not self.pubkey:
self.push('send_key_request')
else:
if not self.pubkey_confirmed:
self.push('send_key_confirm_request')
def _step_send_key_request(self):
self._set_token(TokenOwner.subscriber)
self.push('receive_key')
self.save()
request_address = self.mlist.request_address
email_address = self.address.email
msg = UserNotification(email_address, request_address,
'key set {}'.format(self.token),
KEY_REQUEST)
msg.send(self.mlist, add_precedence=False)
# Now we wait for the confirmation.
raise StopIteration
def _step_receive_key(self):
pgp_address = PGPAddress.for_address(self.address)
if pgp_address is None or pgp_address.key is None:
# The workflow was confirmed but we still dont have an address
# or the pubkey. So resend request and wait.
self.push('send_key_request')
return
else:
self.pubkey = pgp_address.key
if not self.pubkey_confirmed:
self.push('send_key_confirm_request')
def _step_send_key_confirm_request(self):
self._set_token(TokenOwner.subscriber)
self.push('receive_key_confirmation')
self.save()
request_address = self.mlist.request_address
email_address = self.address.email
msg = UserNotification(email_address, request_address,
'key confirm {}'.format(self.token),
CONFIRM_REQUEST.format(self.pubkey.fingerprint,
self.token))
pgp_list = PGPMailingList.for_list(self.mlist)
wrapped = PGPWrapper(msg)
encrypted = wrapped.sign_encrypt(pgp_list.key, self.pubkey,
pgp_list.pubkey)
msg.set_payload(encrypted.get_payload())
copy_headers(encrypted, msg, True)
msg.send(self.mlist)
raise StopIteration
def _step_receive_key_confirmation(self):
self._set_token(TokenOwner.no_one)
def _step_restore_subscriber(self):
if self.which is WhichSubscriber.address:
self.subscriber = self.address
else:
assert self.which is WhichSubscriber.user
self.subscriber = self.user
|
