[tor-commits] [bridgedb/master] Refactor bridgedb.EmailServer.getGPGContext() to improve exception/error handling.

[isis at torproject.org]

commit 2db549b98c6c65677bc59c87fa7d0954bc9880bc
Author: Isis Lovecruft <isis at torproject.org>
Date:   Tue Nov 19 05:25:39 2013 +0000

    Refactor bridgedb.EmailServer.getGPGContext() to improve exception/error handling.
---
 lib/bridgedb/EmailServer.py |   61 +++++++++++++++++++++++--------------------
 1 file changed, 32 insertions(+), 29 deletions(-)

diff --git a/lib/bridgedb/EmailServer.py b/lib/bridgedb/EmailServer.py
index b2f2bf5..c37713e 100644
--- a/lib/bridgedb/EmailServer.py
+++ b/lib/bridgedb/EmailServer.py
@@ -452,40 +452,43 @@ def getGPGContext(cfg):
     except AttributeError:
         return None
 
+    keyfile = None
+    ctx = gpgme.Context()
+
     try:
-        # import the key
+        logging.debug("Opening GPG keyfile %s..." % cfg.EMAIL_GPG_SIGNING_KEY)
         keyfile = open(cfg.EMAIL_GPG_SIGNING_KEY)
-        logging.debug("Opened GPG Keyfile %s" % cfg.EMAIL_GPG_SIGNING_KEY)
-        ctx = gpgme.Context()
-        result = ctx.import_(keyfile)
+        key = ctx.import_(keyfile)
+
+        if not (len(key.imports) > 0):
+            logging.debug(
+                "Unexpected result from gpgme.Context.import_(): %r" % key)
+            raise gpgme.GpgmeError("Could not import GnuPG key from file %r"
+                                   % cfg.EMAIL_GPG_SIGNING_KEY)
 
-        assert len(result.imports) == 1
-        fingerprint = result.imports[0][0]
-        keyfile.close()
-        logging.debug("GPG Key with fingerprint %s imported" % fingerprint)
+        fingerprint = key.imports[0][0]
+        logging.info("GPG Key with fingerprint %s imported" % fingerprint)
 
         ctx.armor = True
         ctx.signers = [ctx.get_key(fingerprint)]
-        assert len(ctx.signers) == 1
 
-        # make sure we can sign
+        logging.info("Testing signature created with GnuPG key...")
         message = StringIO('Test')
-        signature = StringIO()
-        try:
-            new_sigs = ctx.sign(message, signature, gpgme.SIG_MODE_CLEAR)
-        except gpgme.GpgmeError as error:
-            logging.error(error.message)
-            return None
-
-        assert len(new_sigs) == 1, "Testing signature creation failed"
-
-        # return the ctx
-        return ctx
-
-    except IOError, e:
-        # exit noisily if keyfile not found
-        exit(e)
-    except AssertionError as error:
-        logging.error(error.message)
-        # exit noisily if key does not pass tests
-        exit('Invalid GPG Signing Key')
+        new_sigs = ctx.sign(message, StringIO(), gpgme.SIG_MODE_CLEAR)
+        if not len(new_sigs) == 1:
+            raise gpgme.GpgmeError(
+                "Testing was unable to produce a signature with GnuPG key.")
+
+    except (IOError, OSError) as error:
+        logging.debug(error)
+        logging.error("Could not open or read from GnuPG key file %r!"
+                      % cfg.EMAIL_GPG_SIGNING_KEY)
+        ctx = None
+    except gpgme.GpgmeError as error:
+        logging.exception(error)
+        ctx = None
+    finally:
+        if keyfile and not keyfile.closed:
+            keyfile.close()
+
+    return ctx