From e0a34a4d06bb40561bd0e1b7fbc8afb94f102527 Mon Sep 17 00:00:00 2001
From: Jacob Bachmeyer <jcb@gnu.org>
Date: Sat, 19 Nov 2022 21:20:20 -0600
Subject: [PATCH] Move directive archival to report phase

Each successfully processed directive is sent to a public archival list,
but directives not signed with a known key or with invalid syntax are only
sent to the internal report inbox.

This commit also reverts the testsuite changes from the previous
commit f9e77b3dd2d94986ff095abd4c50fb957196b05b.
---
 gatekeeper.pl                           | 36 ++++++++++++++++++-------
 testsuite/gatekeeper.all/03_triplet.exp |  2 --
 2 files changed, 27 insertions(+), 11 deletions(-)

diff --git a/gatekeeper.pl b/gatekeeper.pl
index b9dafbc..af00f8f 100755
--- a/gatekeeper.pl
+++ b/gatekeeper.pl
@@ -2721,6 +2721,9 @@ foreach my $packet (@packets) {	# each list element is an array reference
   my $directive_file = $packet->[0];
   my $upload_file = ''; my $sig_file = '';
 
+  # temporary scaffolding until the "any known key" issue is resolved
+  my $have_any_directive_signature = 0;
+
   unless ($directive_only) {
     foreach (@{$packet}[1..$#$packet]) {
       if (m/[.]sig$/) { $sig_file =$_ } else { $upload_file = $_ }
@@ -2743,8 +2746,11 @@ foreach my $packet (@packets) {	# each list element is an array reference
 
     $directive = read_directive_from_string($directive_text);
 
+    # TODO: also store the keyring containing a key in the key index and
+    #       check for a valid but inappropriate signature during RP phase
     push @email_addresses,
       guess_email_address_from_signature($directive_text);
+    $have_any_directive_signature = scalar @email_addresses;
 
     $oplist = interpret_directive($directive);
     $op_header = $oplist->[0][1];
@@ -2752,12 +2758,6 @@ foreach my $packet (@packets) {	# each list element is an array reference
     push @email_addresses,
       directory_email_addresses($op_header->{directory});
 
-    # Phone home. E-mail the contents of the directive file to the public
-    # archive list.
-    report_upload_to_archive($directive_text,
-			     defined $op_header->{package}
-			     ? $op_header->{package} : '');
-
     validate_directive($packet, $oplist);
 
     my @directory = File::Spec::Unix->splitdir($op_header->{directory});
@@ -2864,6 +2864,12 @@ foreach my $packet (@packets) {	# each list element is an array reference
     local $Phase = 'RP';
     our $Scratch_dir;
 
+    # Phone home. E-mail the contents of the directive file to the public
+    # archive list.
+    report_upload_to_archive($directive_text,
+			     defined $op_header->{package}
+			     ? $op_header->{package} : '');
+
     # report success
     if ($directive_only) {
       mail "processing of $directive_file complete",
@@ -2885,9 +2891,21 @@ foreach my $packet (@packets) {	# each list element is an array reference
 
     my $E = $@;	    # preserve the exception, since many functions use eval
 
-    unless ($oplist) {
-      # The directive text is emailed immediately after $oplist is set,
-      # so if $oplist is not set, then we still need to send it.  Do so now.
+    # TODO: rework this check to use the key ID index (also TODO) to locate
+    #       which keyring _does_ have the key, then verify the signature to
+    #       determine whether to send the directive to the public archive
+    if (($oplist && $have_any_directive_signature)
+	|| (defined $dsig_info
+	    && $dsig_info->{exitcode} == 0
+	    && !defined $dsig_info->{TILT}) ) {
+      # The directive was signed with a known key and syntactically valid.
+      # Send it to the public archive list.
+      report_upload_to_archive($directive_text,
+			       defined $op_header->{package}
+			       ? $op_header->{package} : '');
+    } else {
+      # The directive was either syntactically invalid or not signed with
+      # any known key.  Send it only to the internal inbox.
       mail $directive_text, subject => 'debug: directive file contents'
 	if $directive_text && DEBUG;
     }
diff --git a/testsuite/gatekeeper.all/03_triplet.exp b/testsuite/gatekeeper.all/03_triplet.exp
index 310852b..e68b3c6 100644
--- a/testsuite/gatekeeper.all/03_triplet.exp
+++ b/testsuite/gatekeeper.all/03_triplet.exp
@@ -115,7 +115,6 @@ check_triplet "bogus: signature from unknown key in directive" setup {
 	gpgv,directive-verify-failed "incorrect signature rejected"
     } email-to {
 	ftp-upload-script@gnu.org foo@example.org foo@example.net
-	ftp-upload-report@gnu.org
     }
 }
 
@@ -191,7 +190,6 @@ check_triplet "bogus: bad signature in directive" setup {
 	gpgv,directive-verify-failed "incorrect signature rejected"
     } email-to {
 	ftp-upload-script@gnu.org foo@example.org foo@example.net
-	ftp-upload-report@gnu.org
     }
 }
 
-- 
2.25.1