my $directive_file = $packet->[0];
my $upload_file = ''; my $sig_file = '';
+ # temporary scaffolding until the "any known key" issue is resolved
+ my $have_any_directive_signature = 0;
+
unless ($directive_only) {
foreach (@{$packet}[1..$#$packet]) {
if (m/[.]sig$/) { $sig_file =$_ } else { $upload_file = $_ }
$directive = read_directive_from_string($directive_text);
+ # TODO: also store the keyring containing a key in the key index and
+ # check for a valid but inappropriate signature during RP phase
push @email_addresses,
guess_email_address_from_signature($directive_text);
+ $have_any_directive_signature = scalar @email_addresses;
$oplist = interpret_directive($directive);
$op_header = $oplist->[0][1];
push @email_addresses,
directory_email_addresses($op_header->{directory});
- # Phone home. E-mail the contents of the directive file to the public
- # archive list.
- report_upload_to_archive($directive_text,
- defined $op_header->{package}
- ? $op_header->{package} : '');
-
validate_directive($packet, $oplist);
my @directory = File::Spec::Unix->splitdir($op_header->{directory});
local $Phase = 'RP';
our $Scratch_dir;
+ # Phone home. E-mail the contents of the directive file to the public
+ # archive list.
+ report_upload_to_archive($directive_text,
+ defined $op_header->{package}
+ ? $op_header->{package} : '');
+
# report success
if ($directive_only) {
mail "processing of $directive_file complete",
my $E = $@; # preserve the exception, since many functions use eval
- unless ($oplist) {
- # The directive text is emailed immediately after $oplist is set,
- # so if $oplist is not set, then we still need to send it. Do so now.
+ # TODO: rework this check to use the key ID index (also TODO) to locate
+ # which keyring _does_ have the key, then verify the signature to
+ # determine whether to send the directive to the public archive
+ if (($oplist && $have_any_directive_signature)
+ || (defined $dsig_info
+ && $dsig_info->{exitcode} == 0
+ && !defined $dsig_info->{TILT}) ) {
+ # The directive was signed with a known key and syntactically valid.
+ # Send it to the public archive list.
+ report_upload_to_archive($directive_text,
+ defined $op_header->{package}
+ ? $op_header->{package} : '');
+ } else {
+ # The directive was either syntactically invalid or not signed with
+ # any known key. Send it only to the internal inbox.
mail $directive_text, subject => 'debug: directive file contents'
if $directive_text && DEBUG;
}
projects / gatekeeper.git / commitdiff