verify signatures even if key is new to edward
authorAndrew Engelbrecht <sudoman@ninthfloor.org>
Thu, 21 Jan 2016 20:29:39 +0000 (15:29 -0500)
committerAndrew Engelbrecht <sudoman@ninthfloor.org>
Thu, 21 Jan 2016 20:29:39 +0000 (15:29 -0500)
previously when users sent edward their gpg key and signed that message
with that key, users would not receive a message noting signature
verification success.

this commit processes emails twice so that keys are imported the first
time and signatures are verified the second time around. it is not the
most elegant method, but it works and lengthens run time very little.
for now debug output mentions imported keys twice but debug output is
not visible to users.

edward

diff --git a/edward b/edward
index b13ac7a4f0571dade15f212757c4020a2abae172..060d6d6e8b18a4592ec574dff6d187cb29fd9cad 100755 (executable)
--- a/edward
+++ b/edward
@@ -271,6 +271,8 @@ def main ():
                               edward_config.sign_with_key)
 
     email_bytes = sys.stdin.buffer.read()
+
+    parse_pgp_mime(email_bytes, gpgme_ctx)
     email_struct = parse_pgp_mime(email_bytes, gpgme_ctx)
 
     email_to, email_reply_to, email_subject = email_to_reply_to_subject(email_bytes)