[Rt-commit] r9168 - in rt/branches/3.7-RTIR-RELENG: . html/Elements html/Ticket

sartak at bestpractical.com sartak at bestpractical.com
Thu Sep 27 16:52:16 EDT 2007 

Author: sartak
Date: Thu Sep 27 16:51:49 2007
New Revision: 9168

Added:
   rt/branches/3.7-RTIR-RELENG/html/Elements/GnuPGSignIssues
Modified:
   rt/branches/3.7-RTIR-RELENG/   (props changed)
   rt/branches/3.7-RTIR-RELENG/html/Ticket/Create.html
   rt/branches/3.7-RTIR-RELENG/lib/RT/Crypt/GnuPG.pm

Log:
 r43190 at onn:  sartak | 2007-09-27 16:51:01 -0400
 Implement dry-signing on ticket create to catch bad passphrase errors


Added: rt/branches/3.7-RTIR-RELENG/html/Elements/GnuPGSignIssues
==============================================================================
--- (empty file)
+++ rt/branches/3.7-RTIR-RELENG/html/Elements/GnuPGSignIssues	Thu Sep 27 16:51:49 2007
@@ -0,0 +1,51 @@
+%# BEGIN BPS TAGGED BLOCK {{{
+%# 
+%# COPYRIGHT:
+%#  
+%# This software is Copyright (c) 1996-2007 Best Practical Solutions, LLC 
+%#                                          <jesse at bestpractical.com>
+%# 
+%# (Except where explicitly superseded by other copyright notices)
+%# 
+%# 
+%# LICENSE:
+%# 
+%# This work is made available to you under the terms of Version 2 of
+%# the GNU General Public License. A copy of that license should have
+%# been provided with this software, but in any event can be snarfed
+%# from www.gnu.org.
+%# 
+%# This work is distributed in the hope that it will be useful, but
+%# WITHOUT ANY WARRANTY; without even the implied warranty of
+%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+%# General Public License for more details.
+%# 
+%# You should have received a copy of the GNU General Public License
+%# along with this program; if not, write to the Free Software
+%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+%# 02110-1301 or visit their web page on the internet at
+%# http://www.gnu.org/copyleft/gpl.html.
+%# 
+%# 
+%# CONTRIBUTION SUBMISSION POLICY:
+%# 
+%# (The following paragraph is not intended to limit the rights granted
+%# to you to modify and distribute this software under the terms of
+%# the GNU General Public License and is only of importance to you if
+%# you choose to contribute your changes and enhancements to the
+%# community by submitting them to Best Practical Solutions, LLC.)
+%# 
+%# By intentionally submitting any modifications, corrections or
+%# derivatives to this work, or any other work intended for use with
+%# Request Tracker, to Best Practical Solutions, LLC, you confirm that
+%# you are the copyright holder for those contributions and you grant
+%# Best Practical Solutions,  LLC a nonexclusive, worldwide, irrevocable,
+%# royalty-free, perpetual, license to use, copy, create derivative
+%# works based on those contributions, and sublicense and distribute
+%# those contributions and any derivatives thereof.
+%# 
+%# END BPS TAGGED BLOCK }}}
+<&| /Widgets/TitleBox, title => loc('GnuPG error') &>
+<% loc("The system is unable to sign outgoing messages. This usually indicates that the passphrase was mis-set, or that GPG Agent is down. Please alert your system administrator immediately.") %>
+</&>
+

Modified: rt/branches/3.7-RTIR-RELENG/html/Ticket/Create.html
==============================================================================
--- rt/branches/3.7-RTIR-RELENG/html/Ticket/Create.html	(original)
+++ rt/branches/3.7-RTIR-RELENG/html/Ticket/Create.html	Thu Sep 27 16:51:49 2007
@@ -57,6 +57,10 @@
 <input type="hidden" class="hidden" name="id" value="new" />
 % $m->callback( CallbackName => 'FormStart', ARGSRef => \%ARGS );
 
+% if ($cannot_sign) {
+<& /Elements/GnuPGSignIssues &>
+% }
+
 <& /Elements/GnuPGKeyIssues, Issues => \@gnupg_keys_issues &>
 
 <div id="Ticket-Create-basics">
@@ -315,6 +319,16 @@
 }
 
 my $checks_failure = 0;
+
+# check to see if we have a good passphrase
+my $cannot_sign = 0;
+if ( $ARGS{'Sign'} ) {
+    if (!RT::Crypt::GnuPG::DrySign($QueueObj->CorrespondAddress, "x")) {
+        $cannot_sign = 1;
+        $checks_failure = 1;
+    }
+}
+
 my @gnupg_keys_issues;
 if ( !exists $ARGS{'AddMoreAttach'} && ($ARGS{'id'}||'') eq 'new' && $ARGS{'Encrypt'} ) {
 

Modified: rt/branches/3.7-RTIR-RELENG/lib/RT/Crypt/GnuPG.pm
==============================================================================
--- rt/branches/3.7-RTIR-RELENG/lib/RT/Crypt/GnuPG.pm	(original)
+++ rt/branches/3.7-RTIR-RELENG/lib/RT/Crypt/GnuPG.pm	Thu Sep 27 16:51:49 2007
@@ -2010,6 +2010,29 @@
     return %res;
 }
 
+# signs the input message, to make sure we have a useable passphrase
+# the first argument MUST be the email address of the signer
+# returns a true value if all went well
+sub DrySign {
+    my $from = shift;
+    my @message = @_;
+
+    my $mime = MIME::Entity->build(
+        From    => $from,
+        To      => 'nobody at localhost',
+        Subject => "dry run",
+        Message => \@message,
+    );
+
+    my %res = SignEncrypt(
+        Sign    => 1,
+        Encrypt => 0,
+        Entity  => $mime,
+    );
+
+    return $res{exit_code} == 0;
+}
+
 1;
 
 # helper package to avoid using temp file

More information about the Rt-commit mailing list