1.1 --- a/MoinMessageSupport.py Fri Jun 07 18:41:04 2013 +0200
1.2 +++ b/MoinMessageSupport.py Sat Jun 08 01:21:27 2013 +0200
1.3 @@ -10,8 +10,10 @@
1.4 from MoinMoin.log import getLogger
1.5 from MoinMoin.user import User
1.6 from MoinMoin import wikiutil
1.7 -from MoinSupport import ItemStore, getHeader, getMetadata, getWikiDict, writeHeaders
1.8 -from MoinMessage import GPG, Message, MoinMessageError, is_signed, is_encrypted
1.9 +from MoinSupport import ItemStore, getHeader, getMetadata, getWikiDict, \
1.10 + writeHeaders
1.11 +from MoinMessage import GPG, Message, MoinMessageError, \
1.12 + is_signed, is_encrypted, getContentAndSignature
1.13 from email.parser import Parser
1.14 import time
1.15
1.16 @@ -123,74 +125,20 @@
1.17
1.18 request = self.request
1.19
1.20 - homedir = self.get_homedir()
1.21 - if not homedir:
1.22 - return
1.23 -
1.24 - gpg = GPG(homedir)
1.25 + # Accept any message whose sender was authenticated by the PGP method.
1.26
1.27 - # NOTE: RFC 3156 states that signed messages should employ a detached
1.28 - # NOTE: signature but then shows "BEGIN PGP MESSAGE" for signatures
1.29 - # NOTE: instead of "BEGIN PGP SIGNATURE".
1.30 - # NOTE: The "micalg" parameter is currently not supported.
1.31 -
1.32 - try:
1.33 - fingerprint, identity, content = gpg.verifyMessage(message)
1.34 + if request.user and request.user.valid and request.user.auth_method == "pgp":
1.35
1.36 - # Reject messages without a declaration.
1.37 -
1.38 - except MoinMessageMissingPart:
1.39 - writeHeaders(request, "text/plain", getMetadata(self.page), "415 Unsupported Media Type")
1.40 - request.write("There must be a content part and a signature for signed uploads.")
1.41 - return
1.42 + # Handle the embedded message.
1.43
1.44 - # Reject messages without appropriate content.
1.45 -
1.46 - except MoinMessageBadContent:
1.47 - writeHeaders(request, "text/plain", getMetadata(self.page), "415 Unsupported Media Type")
1.48 - request.write("Signature data must be provided in the second part as application/pgp-signature.")
1.49 - return
1.50 + content, signature = getContentAndSignature(message)
1.51 + self.handle_message_content(content)
1.52
1.53 # Reject any unverified message.
1.54
1.55 - except MoinMessageError:
1.56 + else:
1.57 writeHeaders(request, "text/plain", getMetadata(self.page), "403 Forbidden")
1.58 request.write("The message could not be verified.")
1.59 - return
1.60 -
1.61 - # Log non-fatal errors.
1.62 -
1.63 - if gpg.errors:
1.64 - getLogger(__name__).warning(gpg.errors)
1.65 -
1.66 - # Map the fingerprint to a Wiki user.
1.67 -
1.68 - old_user = None
1.69 - request = self.request
1.70 -
1.71 - try:
1.72 - if fingerprint:
1.73 - gpg_users = getWikiDict(
1.74 - getattr(request.cfg, "moinmessage_gpg_users_page", "MoinMessageUserDict"),
1.75 - request
1.76 - )
1.77 -
1.78 - # With a user mapping and a fingerprint corresponding to a known
1.79 - # user, temporarily switch user in order to make the edit.
1.80 -
1.81 - if gpg_users and gpg_users.has_key(fingerprint):
1.82 - old_user = request.user
1.83 - request.user = User(request, auth_method="gpg", auth_username=gpg_users[fingerprint])
1.84 -
1.85 - # Handle the embedded message.
1.86 -
1.87 - self.handle_message_content(content)
1.88 -
1.89 - # Restore any user identity.
1.90 -
1.91 - finally:
1.92 - if old_user:
1.93 - request.user = old_user
1.94
1.95 def handle_message_content(self, content):
1.96