# HG changeset patch
# User Paul Boddie <paul@boddie.org.uk>
# Date 1342893514 -7200
# Node ID 2c935363b2cf03576826afe18799ac2e2ccfd2d9
# Parent  cec8772ca71790309e33c12744152d581bde2a69
Added actual signature verification, switching to use of the subprocess module
in order to check the return code from gpg.
Changed the expected value of the "Update-Type" header to "collection".

diff -r cec8772ca717 -r 2c935363b2cf actions/PostMessage.py
--- a/actions/PostMessage.py	Sat Jul 21 02:01:16 2012 +0200
+++ b/actions/PostMessage.py	Sat Jul 21 19:58:34 2012 +0200
@@ -7,9 +7,10 @@
 """
 
 from MoinMoin.PageEditor import PageEditor
+from MoinMoin.log import getLogger
 from MoinSupport import *
 from email.parser import Parser
-import os
+from subprocess import Popen, PIPE
 
 try:
     from cStringIO import StringIO
@@ -41,8 +42,7 @@
 
         # Get the message.
 
-        message_text = StringIO(request.read(content_length))
-        self.handle_message(message_text)
+        self.handle_message(StringIO(request.read(content_length)))
 
     def handle_message(self, message_text):
 
@@ -83,18 +83,35 @@
 
             # Decrypt the message text.
 
-            to_child, from_child, error_child = os.popen3(["gpg", "--no-default-keyring", "--homedir", homedir, "--decrypt"])
-            to_child.write(part.get_payload())
-            to_child.close()
-            #print >>open("/tmp/log.txt", "a"), error_child.read()
+            cmd = Popen(["gpg", "--homedir", homedir, "--decrypt"],
+                stdin=PIPE, stdout=PIPE, stderr=PIPE)
+
+            cmd.stdin.write(part.get_payload())
+            cmd.stdin.close()
+
+            errors = cmd.stderr.read()
+            if errors:
+                getLogger(__name__).warning(errors)
 
             # Handle the embedded message.
 
             try:
-                self.handle_plaintext_message(from_child)
+                message_text = cmd.stdout.read()
+
+                # With a zero return code, accept the message.
+
+                if not cmd.wait():
+                    self.handle_plaintext_message(StringIO(message_text))
+
+                # Otherwise, reject the unverified message.
+
+                else:
+                    writeHeaders(request, "text/plain", getMetadata(self.page), "403 Forbidden")
+                    request.write("The message could not be verified.")
+
             finally:
-                from_child.close()
-                error_child.close()
+                cmd.stdout.close()
+                cmd.stderr.close()
 
         # Reject unsigned payloads.
 
@@ -163,7 +180,7 @@
         page_editor.saveText("\n\n".join(body), 0)
 
 def is_collection(message):
-    return message.get("Update-Type") == "Collection"
+    return message.get("Update-Type") == "collection"
 
 def to_replace(message):
     return message.get("Update-Action") == "replace"