# HG changeset patch # User Paul Boddie # Date 1374439551 -7200 # Node ID 386b919330422f25ad59bbccf9439029e7584b12 # Parent f3b08f6e6dd0f8b7e27875e638768a44a89bdc2b Added signing and encryption of retrieved message collections. diff -r f3b08f6e6dd0 -r 386b91933042 actions/FetchMessages.py --- a/actions/FetchMessages.py Sun Jul 21 22:41:55 2013 +0200 +++ b/actions/FetchMessages.py Sun Jul 21 22:45:51 2013 +0200 @@ -6,9 +6,10 @@ @license: GNU GPL (v2 or later), see COPYING.txt for details. """ -from MoinSupport import getMetadata, writeHeaders -from MoinMessage import Message -from MoinMessageSupport import MoinMessageAction +from MoinSupport import getMetadata, writeHeaders, parseDictEntry +from MoinMessage import Message, GPG +from MoinMessageSupport import MoinMessageAction, \ + get_signing_users, get_recipients from email.mime.text import MIMEText from email.parser import Parser from itertools import islice @@ -37,6 +38,39 @@ request.write("The content does not appear to be a request for messages.") return + homedir = self.get_homedir() + if not homedir: + return + + gpg = GPG(homedir) + + # Get keys for signing and encrypting. + # The signing key will be this wiki's signing key for the user + # requesting the messages. + # The encryption key will be the key associated with the user requesting + # the messages, found in the recipients mapping. + + recipient = request.user.name + + signing_users = get_signing_users(request) + signer = signing_users and signing_users.get(recipient) + + # Get the recipient details. + + recipients = get_recipients(request) + if not recipient or not recipients or not recipients.has_key(recipient): + writeHeaders(request, "text/plain", getMetadata(self.page), "403 Forbidden") + request.write("The recipient does not appear to be registered for message delivery.") + return + + recipient_details = recipients[recipient] + parameters = parseDictEntry(recipient_details, ("type", "location", "fingerprint",)) + + if not parameters.has_key("fingerprint"): + writeHeaders(request, "text/plain", getMetadata(self.page), "403 Forbidden") + request.write("The recipient does not appear to be registered for message delivery.") + return + # Obtain commands from the payload, returning a collection of messages. commands = content.get_payload(decode=True) @@ -123,9 +157,19 @@ part["Request-Status"] = "ERR" message.add_update(part) + # Sign and encrypt the message. + + message = message.get_payload() + + if signer: + message = gpg.signMessage(message, signer) + + message = gpg.encryptMessage(message, parameters["fingerprint"]) + # Write the response. - request.write(message.get_payload().as_string()) + request.write("Content-Type: text/plain\n\n") + request.write(message.as_string()) return 1, None # Action function.