[tor-commits] [trac-email/master] Cleaning up script and improving gnupg management

hiro at torproject.org hiro at torproject.org
Tue Dec 13 17:22:53 UTC 2016 

commit 341aeac1f5d43d09b714d83842b41631a20c518a
Author: hiromipaw <hiro at torproject.org>
Date:   Tue Dec 13 18:22:48 2016 +0100

    Cleaning up script and improving gnupg management
---
 notify.py | 54 ++++++++++++++++++++++++++++++------------------------
 1 file changed, 30 insertions(+), 24 deletions(-)

diff --git a/notify.py b/notify.py
index 189ca12..25992d4 100755
--- a/notify.py
+++ b/notify.py
@@ -2,6 +2,7 @@ import sys
 import email
 import re
 import gnupg
+import csv
 from trac.env import Environment
 from trac.ticket.model import Ticket
 from trac.perm import IPermissionRequestor, PermissionCache, PermissionSystem
@@ -10,30 +11,39 @@ def read_message():
     full_msg = sys.stdin.read()
     return email.message_from_string("".join(full_msg))
 
-def verify_email_signature(message):
+def verify_email_signature(message, user):
     gpg = gnupg.GPG(gnupghome='/home/tracadm/.gnupg')
-    return gpg.verify(message)
+    verified = gpg.verify(message)
+    if verified.trust_level is not None and verified.trust_level >= verified.TRUST_UNDEFINED:
+        with open('bin/map', 'rb') as csvfile:
+            keysreader = csv.reader(csvfile, delimiter=' ')
+            for row in keysreader:
+                k = row[0]
+                u = row[1].strip()
+                if k == verified.fingerprint and u == user:
+                    return True
 
 def get_message_body(message):
-    body = ""
     if message.is_multipart():
+        body = ''
         for payload in message.get_payload():
-            body.join(payload.get_payload())
+            body = body.join(payload.get_payload())
+        return body
     else:
-        body.join(message.get_payload())
-
-    return body
+        return message.get_payload()
 
 def verify_user_permissions(env, user, permission):
     ps = PermissionSystem(env)
     permissions_list = ps.get_user_permissions(user)
     return permissions_list[permission]
 
-def find_or_create_ticket(message, body, env):
+def find_or_create_ticket(message, env):
     # Find the ticket ID if exists
     summary = message['Subject']
     ticket_id = re.search('#(.+?) ', summary)
 
+    # Get the message body
+    body = ''.join(get_message_body(message))
     reporter = message['From']
 
     if ticket_id:
@@ -57,23 +67,19 @@ def find_or_create_ticket(message, body, env):
             tkt.insert()
 
 # Open logs file
-f = open('/home/tracadm/log/test.log', 'w')
-
-# Define the current trac environment
-env = Environment('/current')
-
-# Build email message
-msg = read_message()
-
-# Get the message body
-body = msg.get_payload()
+with open('/home/tracadm/log/test.log', 'w') as f:
 
-verified = verify_email_signature(body)
+    # Define the current trac environment
+    env = Environment('/current')
 
-if verified.trust_level is not None and verified.trust_level >= verified.TRUST_FULLY:
+    # Build email message
+    msg = read_message()
 
-    # Find or create ticket
-    find_or_create_ticket(msg, body, env)
+    # Read user from email
+    user = msg['From'].split('@')[0]
 
-# Close log file
-f.close
+    verified = verify_email_signature(msg.as_string(), user)
+    if verified:
+        # Find or create ticket
+        f.write('GPG verified')
+        find_or_create_ticket(msg, env)

More information about the tor-commits mailing list