This is an automated email from the ASF dual-hosted git repository.
sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/master by this push:
new c2ca6056 Allow gpg database to be used in local testing
c2ca6056 is described below
commit c2ca60563fcd01becb1699ae397d9dfa0e544be6
Author: Sebb <[email protected]>
AuthorDate: Tue Sep 17 22:37:34 2024 +0100
Allow gpg database to be used in local testing
---
.../workbench/views/actions/check-signature.json.rb | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/www/secretary/workbench/views/actions/check-signature.json.rb
b/www/secretary/workbench/views/actions/check-signature.json.rb
index 8ca2110d..2de50c9e 100644
--- a/www/secretary/workbench/views/actions/check-signature.json.rb
+++ b/www/secretary/workbench/views/actions/check-signature.json.rb
@@ -91,9 +91,24 @@ def validate_sig(attachment, signature, msgid)
# Might need to consider allowing for using a cached key if fetches fail
frequently,
# but this should probably be on demand only
+ # Allow auto key fetch to be turned off; create the file
/srv/gpg/whimsy_use_db
+ # This is intended for local testing
+ fetchKey = !File.exist?('/srv/gpg/whimsy_use_db')
+ # If the key is not in the database, we need to try and fetch it
+ unless fetchKey
+ if
+ err.include? "gpg: Can't check signature: No public key" or
+ err.include? "gpg: Can't check signature: public key not found"
+ then
+ fetchKey = true
+ end
+ end
+
# Look for the keyid so we can fetch the current key
keyid = err[/[RD]SA key (ID )?(\w+)/,2]
- if keyid
+
+ # we have a keyid and we need to fetch it
+ if keyid and fetchKey
then
# Try to fetch the key
Dir.mktmpdir do |dir|
