1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
from mailman.email.message import UserNotification
from mailman.interfaces.subscriptions import TokenOwner
from pgpy import PGPKey
from mailman_pgp.database import transaction
from mailman_pgp.model.address import PGPAddress
from mailman_pgp.model.list import PGPMailingList
from mailman_pgp.pgp.wrapper import PGPWrapper
from mailman_pgp.utils.email import copy_headers
KEY_REQUEST = """\
----------
TODO: this is a pgp enabled list.
We need your pubkey.
Reply to this message with it as a PGP/MIME(preferred) or inline.
----------"""
CONFIRM_REQUEST = """\
----------
TODO: this is a pgp enabled list.
Reply to this message with this whole text
signed with your supplied key, either inline or PGP/MIME.
Fingerprint: {}
Token: {}
----------
"""
class SetPubkeyMixin:
def __init__(self, pubkey=None):
self.pubkey = pubkey
@property
def pubkey_key(self):
if self.pubkey is None:
return None
return str(self.pubkey)
@pubkey_key.setter
def pubkey_key(self, value):
if value is not None:
self.pubkey, _ = PGPKey.from_blob(value)
else:
self.pubkey = None
def _step_pubkey_checks(self):
pgp_address = PGPAddress.for_address(self.address)
assert pgp_address is not None
if self.pubkey is None:
if pgp_address.key is None:
self.push('send_key_request')
else:
with transaction():
pgp_address.key = self.pubkey
def _step_send_key_request(self):
self._set_token(TokenOwner.subscriber)
self.push('receive_key')
self.save()
request_address = self.mlist.request_address
email_address = self.address.email
msg = UserNotification(email_address, request_address,
'key set {}'.format(self.token),
KEY_REQUEST)
msg.send(self.mlist, add_precedence=False)
# Now we wait for the confirmation.
raise StopIteration
def _step_receive_key(self):
self._restore_subscriber()
self._set_token(TokenOwner.no_one)
class ConfirmPubkeyMixin:
def __init__(self, pre_confirmed=False):
self.pubkey_confirmed = pre_confirmed
def _step_pubkey_confirmation(self):
pgp_address = PGPAddress.for_address(self.address)
assert pgp_address is not None
if self.pubkey_confirmed:
with transaction():
pgp_address.key_confirmed = True
else:
if not pgp_address.key_confirmed:
self.push('send_key_confirm_request')
def _step_send_key_confirm_request(self):
self._set_token(TokenOwner.subscriber)
self.push('receive_key_confirmation')
self.save()
pgp_address = PGPAddress.for_address(self.address)
request_address = self.mlist.request_address
email_address = self.address.email
msg = UserNotification(email_address, request_address,
'key confirm {}'.format(self.token),
CONFIRM_REQUEST.format(
pgp_address.key_fingerprint,
self.token))
pgp_list = PGPMailingList.for_list(self.mlist)
wrapped = PGPWrapper(msg)
encrypted = wrapped.sign_encrypt(pgp_list.key, pgp_address.key)
msg.set_payload(encrypted.get_payload())
copy_headers(encrypted, msg, True)
msg.send(self.mlist)
raise StopIteration
def _step_receive_key_confirmation(self):
self._restore_subscriber()
self._set_token(TokenOwner.no_one)
with transaction():
pgp_address = PGPAddress.for_address(self.address)
pgp_address.key_confirmed = True
|
