New option to skip public key discovery in attachments

This commit is contained in:
nemunaire 2018-03-18 14:05:20 +01:00
parent 9f3c814469
commit 64be054961
2 changed files with 17 additions and 13 deletions

View File

@ -33,14 +33,14 @@ def relatesTo(data, submissions_dir):
yield data yield data
def gen_checks(submissions_dir, check_content=False, check_submission_hash=None): def gen_checks(submissions_dir, check_content=False, check_submission_hash=None, skip_public_key=True):
if check_content: if check_content:
yield (relatesTo, [submissions_dir]) yield (relatesTo, [submissions_dir])
if HARD_MAX_SUBMISSION is not None: if HARD_MAX_SUBMISSION is not None:
yield (late.check, [HARD_MAX_SUBMISSION, SOFT_MAX_SUBMISSION]) yield (late.check, [HARD_MAX_SUBMISSION, SOFT_MAX_SUBMISSION])
else: else:
yield signcheck yield signcheck
yield (envelope.check, [GNUPG_DIRECTORY, BETA]) yield (envelope.check, [GNUPG_DIRECTORY, not skip_public_key, BETA])
yield (signature.check, [GNUPG_DIRECTORY]) yield (signature.check, [GNUPG_DIRECTORY])
yield (login.check, ["/home/nemunaire/workspace/check_mail/SRS2017.csv"]) yield (login.check, ["/home/nemunaire/workspace/check_mail/SRS2017.csv"])
if check_content: if check_content:
@ -137,14 +137,14 @@ def readmail(fp):
return cnt, frm, subject, ref, to return cnt, frm, subject, ref, to
def check_mail(cnt, submissions_dir, check_content=False, check_submission_hash=None): def check_mail(cnt, submissions_dir, check_content=False, check_submission_hash=None, skip_public_key=True):
results = [] results = []
# sentinel # sentinel
results.append([(None, [cnt])]) results.append([(None, [cnt])])
lvl = 0 lvl = 0
for check in gen_checks(submissions_dir=submissions_dir, check_content=check_content, check_submission_hash=check_submission_hash): for check in gen_checks(submissions_dir=submissions_dir, check_content=check_content, check_submission_hash=check_submission_hash, skip_public_key=skip_public_key):
lvl += 1 lvl += 1
curr = [] curr = []
curc = [] curc = []
@ -231,6 +231,9 @@ if __name__ == '__main__':
parser.add_argument('--review-before-send', action="store_true", parser.add_argument('--review-before-send', action="store_true",
help="Review the e-mail to be sent before sending it") help="Review the e-mail to be sent before sending it")
parser.add_argument('--skip-public-key', action="store_true",
help="enable if you want to skip public key discovery through attachments")
parser.add_argument('--beta', action="store_true", parser.add_argument('--beta', action="store_true",
help="enable beta features") help="enable beta features")
@ -252,4 +255,4 @@ if __name__ == '__main__':
BETA = args.beta BETA = args.beta
cnt, frm, subject, ref, to = readmail(sys.stdin.buffer) cnt, frm, subject, ref, to = readmail(sys.stdin.buffer)
respondmail(frm, subject, ref, [c for c in check_mail(cnt, submissions_dir=args.submissions, check_content=not args.sign, check_submission_hash=args.expected_submission_hash)], to) respondmail(frm, subject, ref, [c for c in check_mail(cnt, submissions_dir=args.submissions, check_content=not args.sign, check_submission_hash=args.expected_submission_hash, skip_public_key=args.skip_public_key)], to)

View File

@ -47,10 +47,11 @@ def assume_oldstyle(payload):
def check(msg, GNUPG_DIRECTORY, beta=False): def check(msg, GNUPG_DIRECTORY, accept_public_key=True, beta=False):
ct = msg.get_content_type() ct = msg.get_content_type()
# First, looking for public key # First, looking for public key
if accept_public_key:
for part in msg.walk(): for part in msg.walk():
if part.get_content_type() == "application/pgp-keys" and not part.is_multipart() and part.get_payload(decode=True).find(b"-----BEGIN PGP PUBLIC KEY BLOCK-----") >= 0: if part.get_content_type() == "application/pgp-keys" and not part.is_multipart() and part.get_payload(decode=True).find(b"-----BEGIN PGP PUBLIC KEY BLOCK-----") >= 0:
if part.get_content_type() != "application/pgp-keys": if part.get_content_type() != "application/pgp-keys":
@ -85,7 +86,7 @@ def check(msg, GNUPG_DIRECTORY, beta=False):
yield MailTest("Separate signature found. Trying it with part %d (%s) ..." % (s, spart.get_content_type()), -1) yield MailTest("Separate signature found. Trying it with part %d (%s) ..." % (s, spart.get_content_type()), -1)
yield (spart.get_payload(decode=True), part.get_payload(decode=True)) yield (spart.get_payload(decode=True), part.get_payload(decode=True))
elif payload is not None and not part.is_multipart() and part.get_payload(decode=True).find(b"-----BEGIN PGP PUBLIC KEY BLOCK-----") >= 0: elif accept_public_key and payload is not None and not part.is_multipart() and part.get_payload(decode=True).find(b"-----BEGIN PGP PUBLIC KEY BLOCK-----") >= 0:
if part.get_content_type() != "application/pgp-keys": if part.get_content_type() != "application/pgp-keys":
yield MailTest("Public key file discovered, but content-type mismatched: got %s instead of application/pgp-keys." % part.get_content_type(), 2) yield MailTest("Public key file discovered, but content-type mismatched: got %s instead of application/pgp-keys." % part.get_content_type(), 2)
yield from import_pubkey(part.get_payload(decode=True), GNUPG_DIRECTORY) yield from import_pubkey(part.get_payload(decode=True), GNUPG_DIRECTORY)