[Pkg-privacy-commits] [msva-perl] 261/356: add new "email" context
Ximin Luo
infinity0 at moszumanska.debian.org
Mon Aug 24 07:42:03 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a commit to branch debian
in repository msva-perl.
commit e97ba52e65a1ba0175616946a6c7fe9b62921b4a
Author: Jameson Rollins <jrollins at finestructure.net>
Date: Sat Dec 25 10:58:54 2010 -0500
add new "email" context
This can be used for validating user IDs associated with email
signatures. Since email signatures are generated with signing-capable
keys, the signing capability flag is required for email-context keys
to be valid.
---
Crypt/Monkeysphere/MSVA.pm | 32 ++++++++++++++++++++++++--------
1 file changed, 24 insertions(+), 8 deletions(-)
diff --git a/Crypt/Monkeysphere/MSVA.pm b/Crypt/Monkeysphere/MSVA.pm
index ff16316..86be5da 100755
--- a/Crypt/Monkeysphere/MSVA.pm
+++ b/Crypt/Monkeysphere/MSVA.pm
@@ -645,7 +645,7 @@
};
# check context string
- if ($data->{context} =~ /^(https|ssh|smtp|ike|postgresql|imaps|imap|submission)$/) {
+ if ($data->{context} =~ /^(https|ssh|smtp|ike|postgresql|imaps|imap|submission|email)$/) {
$data->{context} = $1;
} else {
msvalog('error', "invalid context: %s\n", $data->{context});
@@ -671,11 +671,12 @@
}
my $prefix = $data->{context}.'://';
- if (defined $data->{peer}->{type} &&
+ if ($data->{context} eq 'email' ||
+ (defined $data->{peer}->{type} &&
$data->{peer}->{type} eq 'client' &&
# ike and smtp clients are effectively other servers, so we'll
# exclude them:
- $data->{context} !~ /^(ike|smtp)$/) {
+ $data->{context} !~ /^(ike|smtp)$/)) {
$prefix = '';
# clients can have any one-line User ID without NULL characters
# and leading or trailing whitespace
@@ -774,18 +775,33 @@
$primarymatch = 1;
}
if ($primarymatch) {
- if ($subkey->usage_flags =~ /a/) {
- msvalog('verbose', "key matches, and 0x%s is authentication-capable\n", $subkey->hex_id);
+ my $iscapable = 0;
+ msvalog('verbose', "key 0x%s matches...\n",$subkey->hex_id);
+ if ($data->{context} eq 'email') {
+ if ($subkey->usage_flags =~ /s/) {
+ $iscapable = 1;
+ msvalog('verbose', "...and is signing-capable...\n");
+ } else {
+ msvalog('verbose', "...but is not signing-capable.\n");
+ }
+ } else {
+ if ($subkey->usage_flags =~ /a/) {
+ $iscapable = 1;
+ msvalog('verbose', "...and is authentication-capable...\n");
+ } else {
+ msvalog('verbose', "...but is not authentication-capable.\n");
+ }
+ }
+ if ($iscapable) {
if ($validity =~ /^[fu]$/) {
$foundvalid = 1;
- msvalog('verbose', "...and it's fully valid!\n");
+ msvalog('verbose', "...and is fully valid!\n");
$ret->{valid} = JSON::true;
$ret->{message} = sprintf('Successfully validated "%s" through the OpenPGP Web of Trust.', $uid);
} else {
+ msvalog('verbose', "...but is not fully valid.\n");
push(@subvalid_key_fprs, { fpr => $subkey->fingerprint, val => $validity }) if $lastloop;
}
- } else {
- msvalog('verbose', "key matches, but 0x%s is not authentication-capable\n", $subkey->hex_id);
}
}
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/msva-perl.git
More information about the Pkg-privacy-commits
mailing list