New option to skip public key discovery in attachments

This commit is contained in:
nemunaire 2018-03-18 14:05:20 +01:00
parent 9f3c814469
commit 64be054961
2 changed files with 17 additions and 13 deletions

View File

@ -33,14 +33,14 @@ def relatesTo(data, submissions_dir):
yield data
def gen_checks(submissions_dir, check_content=False, check_submission_hash=None):
def gen_checks(submissions_dir, check_content=False, check_submission_hash=None, skip_public_key=True):
if check_content:
yield (relatesTo, [submissions_dir])
if HARD_MAX_SUBMISSION is not None:
yield (late.check, [HARD_MAX_SUBMISSION, SOFT_MAX_SUBMISSION])
else:
yield signcheck
yield (envelope.check, [GNUPG_DIRECTORY, BETA])
yield (envelope.check, [GNUPG_DIRECTORY, not skip_public_key, BETA])
yield (signature.check, [GNUPG_DIRECTORY])
yield (login.check, ["/home/nemunaire/workspace/check_mail/SRS2017.csv"])
if check_content:
@ -137,14 +137,14 @@ def readmail(fp):
return cnt, frm, subject, ref, to
def check_mail(cnt, submissions_dir, check_content=False, check_submission_hash=None):
def check_mail(cnt, submissions_dir, check_content=False, check_submission_hash=None, skip_public_key=True):
results = []
# sentinel
results.append([(None, [cnt])])
lvl = 0
for check in gen_checks(submissions_dir=submissions_dir, check_content=check_content, check_submission_hash=check_submission_hash):
for check in gen_checks(submissions_dir=submissions_dir, check_content=check_content, check_submission_hash=check_submission_hash, skip_public_key=skip_public_key):
lvl += 1
curr = []
curc = []
@ -231,6 +231,9 @@ if __name__ == '__main__':
parser.add_argument('--review-before-send', action="store_true",
help="Review the e-mail to be sent before sending it")
parser.add_argument('--skip-public-key', action="store_true",
help="enable if you want to skip public key discovery through attachments")
parser.add_argument('--beta', action="store_true",
help="enable beta features")
@ -252,4 +255,4 @@ if __name__ == '__main__':
BETA = args.beta
cnt, frm, subject, ref, to = readmail(sys.stdin.buffer)
respondmail(frm, subject, ref, [c for c in check_mail(cnt, submissions_dir=args.submissions, check_content=not args.sign, check_submission_hash=args.expected_submission_hash)], to)
respondmail(frm, subject, ref, [c for c in check_mail(cnt, submissions_dir=args.submissions, check_content=not args.sign, check_submission_hash=args.expected_submission_hash, skip_public_key=args.skip_public_key)], to)

View File

@ -47,16 +47,17 @@ def assume_oldstyle(payload):
def check(msg, GNUPG_DIRECTORY, beta=False):
def check(msg, GNUPG_DIRECTORY, accept_public_key=True, beta=False):
ct = msg.get_content_type()
# First, looking for public key
for part in msg.walk():
if part.get_content_type() == "application/pgp-keys" and not part.is_multipart() and part.get_payload(decode=True).find(b"-----BEGIN PGP PUBLIC KEY BLOCK-----") >= 0:
if part.get_content_type() != "application/pgp-keys":
yield MailTest("Public key file discovered, but content-type mismatched: got %s instead of application/pgp-keys." % part.get_content_type(), 2)
yield from import_pubkey(part.get_payload(decode=True), GNUPG_DIRECTORY)
return
if accept_public_key:
for part in msg.walk():
if part.get_content_type() == "application/pgp-keys" and not part.is_multipart() and part.get_payload(decode=True).find(b"-----BEGIN PGP PUBLIC KEY BLOCK-----") >= 0:
if part.get_content_type() != "application/pgp-keys":
yield MailTest("Public key file discovered, but content-type mismatched: got %s instead of application/pgp-keys." % part.get_content_type(), 2)
yield from import_pubkey(part.get_payload(decode=True), GNUPG_DIRECTORY)
return
if ct == "multipart/signed" and msg.is_multipart():
yield from assume_rfc3156(msg)
@ -85,7 +86,7 @@ def check(msg, GNUPG_DIRECTORY, beta=False):
yield MailTest("Separate signature found. Trying it with part %d (%s) ..." % (s, spart.get_content_type()), -1)
yield (spart.get_payload(decode=True), part.get_payload(decode=True))
elif payload is not None and not part.is_multipart() and part.get_payload(decode=True).find(b"-----BEGIN PGP PUBLIC KEY BLOCK-----") >= 0:
elif accept_public_key and payload is not None and not part.is_multipart() and part.get_payload(decode=True).find(b"-----BEGIN PGP PUBLIC KEY BLOCK-----") >= 0:
if part.get_content_type() != "application/pgp-keys":
yield MailTest("Public key file discovered, but content-type mismatched: got %s instead of application/pgp-keys." % part.get_content_type(), 2)
yield from import_pubkey(part.get_payload(decode=True), GNUPG_DIRECTORY)