From 63c95a52d6dd2d8d1f2367f45d1dae53f8587b48 Mon Sep 17 00:00:00 2001
From: Jacob Bachmeyer <jcb@gnu.org>
Date: Thu, 3 Nov 2022 17:48:48 -0500
Subject: [PATCH] Add structured exception for GPG signature verification
 errors

This commit also adjusts check_files to use the package configuration
exception at the check for a lack of keyrings and tidies the syntax for a
similar check at top-level.
---
 gatekeeper.pl | 33 +++++++++++++++++++++++----------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/gatekeeper.pl b/gatekeeper.pl
index d6676f6..1e7ee35 100755
--- a/gatekeeper.pl
+++ b/gatekeeper.pl
@@ -609,6 +609,13 @@ END
   }
 }
 
+{
+  package Local::Exception::signature_error;
+  {our @ISA = qw(Local::Exception)}
+
+  sub sig_info { (shift)->{sig_info} }
+}
+
 {
   package Local::Exception::signature_from_future;
   {our @ISA = qw(Local::Exception)}
@@ -2277,7 +2284,9 @@ sub check_files {
 	     ."$upload_file size is $upload_file_size") if DEBUG;
 
   my @keyrings = directory_keyrings($header->{directory});
-  fatal("no keyring for package $header->{package}",0) if ($#keyrings < 0);
+  throw package_configuration => package_name => $header->{package},
+    summary => "no keyring for package $header->{package}"
+      unless @keyrings;
 
   my $valid = 0;
   foreach my $keyring (@keyrings) {
@@ -2288,8 +2297,9 @@ sub check_files {
       last;
     }
   }
-  fatal("gpg verify of upload file ($header->{filename}) failed",1)
-    unless $valid;
+  throw signature_error => sig_info => undef,
+    summary => "gpg verify of upload file ($header->{filename}) failed"
+      unless $valid;
 
   check_vulnerabilities($upload_file);
 
@@ -2620,17 +2630,18 @@ foreach my $packet (@packets) {	# each list element is an array reference
     my @keyrings = directory_keyrings($op_header->{directory});
     unless (@keyrings) {
       my $package = directory_package_name($op_header->{directory});
-      throw package_configuration =>
-	summary => "no keyring for package $package",
-	package_name => directory_package_name($op_header->{directory})
+      throw package_configuration => package_name => $package,
+	summary => "no keyring for package $package"
     }
 
     $sig_info = verify_clearsigned_message($directive_text, @keyrings);
 
-    fatal("gpg verify of directive file failed",1,'',2)
-      if $sig_info->{exitcode} != 0 || defined $sig_info->{TILT};
-    fatal("gpg verification problem: could not extract timestamp",1)
-      unless defined $sig_info->{sig_creation};
+    throw signature_error => sig_info => $sig_info,
+      summary => "gpg verify of directive file failed"
+	if $sig_info->{exitcode} != 0 || defined $sig_info->{TILT};
+    throw signature_error => sig_info => $sig_info,
+      summary => "gpg verification problem: could not extract timestamp"
+	unless defined $sig_info->{sig_creation};
 
     check_replay($oplist, $sig_info->{sig_creation});
 
@@ -2671,6 +2682,8 @@ foreach my $packet (@packets) {	# each list element is an array reference
 	mail(join("\n",$E->summary,'',$E->trace_msg),1);
       } elsif ($E->type_p('package_configuration')) {
 	mail($E->summary,0);
+      } elsif ($E->type_p('signature_error')) {
+	mail($E->summary,1);
       } elsif (UNIVERSAL::can($E, 'message')) {
 	# catch-all for exceptions carrying long-form messages
 	mail($E->message,1);
-- 
2.25.1