Mercurial > p > roundup > code
diff roundup/mailgw.py @ 4781:6e9b9743de89
Implementation for:
http://issues.roundup-tracker.org/issue2550731
Add mechanism for the detectors to be able to tell the source of the
data changes.
Support for tx_Source property on database handle. Can be
used by detectors to find out the source of a change in an auditor to
block changes arriving by unauthenticated mechanisms (e.g. plain email
where headers can be faked). The property db.tx_Source has the
following values:
* None - Default value set to None. May be valid if it's a script
that is created by the user. Otherwise it's an error and indicates
that some code path is not properly setting the tx_Source property.
* "cli" - this string value is set when using roundup-admin and
supplied scripts.
* "web" - this string value is set when using any web based
technique: html interface, xmlrpc ....
* "email" - this string value is set when using an unauthenticated
email based technique.
* "email-sig-openpgp" - this string value is set when email with a
valid pgp signature is used. (*NOTE* the testing for this mode
is incomplete. If you have a pgp infrastructure you should test
and verify that this is properly set.)
This also includes some (possibly incomplete) tests cases for the
modes above and an example of using ts_Source in the customization.txt
document.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 23 Apr 2013 23:06:09 -0400 |
| parents | f1d6e2b2eb64 |
| children | 13f8f88ad984 |
line wrap: on
line diff
--- a/roundup/mailgw.py Fri Mar 22 15:53:27 2013 +0100 +++ b/roundup/mailgw.py Tue Apr 23 23:06:09 2013 -0400 @@ -1010,6 +1010,9 @@ "be PGP encrypted.") if self.message.pgp_signed(): self.message.verify_signature(author_address) + # signature has been verified + self.db.tx_Source = "email-sig-openpgp" + elif self.message.pgp_encrypted(): # Replace message with the contents of the decrypted # message for content extraction @@ -1019,8 +1022,26 @@ encr_only = self.config.PGP_REQUIRE_INCOMING == 'encrypted' encr_only = encr_only or not pgp_role() self.crypt = True - self.message = self.message.decrypt(author_address, - may_be_unsigned = encr_only) + try: + # see if the message has a valid signature + message = self.message.decrypt(author_address, + may_be_unsigned = False) + # only set if MailUsageError is not raised + # indicating that we have a valid signature + self.db.tx_Source = "email-sig-openpgp" + except MailUsageError: + # if there is no signature or an error in the message + # we get here. Try decrypting it again if we don't + # need signatures. + if encr_only: + message = self.message.decrypt(author_address, + may_be_unsigned = encr_only) + else: + # something failed with the message decryption/sig + # chain. Pass the error up. + raise + # store the decrypted message + self.message = message elif pgp_role(): raise MailUsageError, _(""" This tracker has been configured to require all email be PGP signed or @@ -1537,6 +1558,9 @@ ''' # get database handle for handling one email self.db = self.instance.open ('admin') + + self.db.tx_Source = "email" + try: return self._handle_message(message) finally: