From: Jacob Bachmeyer <jcb@gnu.org>
Date: Thu, 3 Nov 2022 20:48:48 +0000 (-0500)
Subject: Add structured exception for invalid signature timestamp
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=4afeed657662e78fcf0fe38edaed8ba56d8fad4c;p=gatekeeper.git

Add structured exception for invalid signature timestamp
---

diff --git a/gatekeeper.pl b/gatekeeper.pl
index 1bcdd52..84ccd60 100755
--- a/gatekeeper.pl
+++ b/gatekeeper.pl
@@ -581,6 +581,20 @@ END
     { return join("\n", map join(': ', @$_), @{(shift)->{trace}})."\n" }
 }
 
+{
+  package Local::Exception::signature_from_future;
+  {our @ISA = qw(Local::Exception)}
+
+  sub summary { return 'directive signature timestamp from the future' }
+
+  sub message { my $M = <<'END'; return join(' ', split /\n/, $M); }
+GPG signed upload from the future - not allowed.  Please make sure your
+clock is set correctly, resign the directive file, and upload again.  You
+may have to wait 24 hours before re-uploading if you do not change the
+filename for your triplet.
+END
+}
+
 {
   package Local::Exception::signature_replay;
   {our @ISA = qw(Local::Exception)}
@@ -2108,11 +2122,7 @@ sub check_replay {
     # Verify that this timestamp is not too far in the future. We allow a
     # discrepancy of 1 day so we don't have to worry about timezones
     if ($timestamp > (time() + 24*3600)) {
-      fatal("GPG signed upload from the future - not allowed. "
-	    ."Please make sure your clock is set correctly, "
-	    ."resign the directive file, and upload again. "
-	    ."You may have to wait 24 hours before re-uploading if you do not "
-	    ."change the filename for your triplet.",1);
+      throw signature_from_future => timestamp => $timestamp
     }
 
 
diff --git a/testsuite/lib/gatekeeper.exp b/testsuite/lib/gatekeeper.exp
index b6b15ec..ed8c955 100644
--- a/testsuite/lib/gatekeeper.exp
+++ b/testsuite/lib/gatekeeper.exp
@@ -748,7 +748,7 @@ proc analyze_log { base_dir name assess } {
 		     exp_continue
 		 }
 	-re {^gatekeeper\[[0-9]+\]: \(Test\) \[AA\]\
-		 GPG signed upload from the future - not allowed[^\r\n]+} {
+		 directive signature timestamp from the future} {
 		     # from read_directive_file, if signature timestamp bad
 		     set A(validate,future-signature-timestamp) 1
 		     exp_continue