diff options
author | Ruben Pollan <meskio@sindominio.net> | 2017-05-26 00:34:15 +0200 |
---|---|---|
committer | Ruben Pollan <meskio@sindominio.net> | 2017-05-26 12:59:10 +0200 |
commit | 1448a963841771be3787dc11b3d6a30572550d16 (patch) | |
tree | bf40974de7a9453161685fb865a65334dce1549b /src/leap/mx/mail_receiver.py | |
parent | 0c227c30ee20b1af4518ecf56848b06572b4ed72 (diff) |
[bug] check if key is expired
For expired keys gnupg will not allow us to encrypt (to force it we'll
need to fake the system date). Let's bounce the email properly in this case,
and register the error.
Make sure as well that _encrypt_message does not return None, let's
raise exceptions in case of failure.
- Related: #8663
Diffstat (limited to 'src/leap/mx/mail_receiver.py')
-rw-r--r-- | src/leap/mx/mail_receiver.py | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/leap/mx/mail_receiver.py b/src/leap/mx/mail_receiver.py index b200772..c8113c1 100644 --- a/src/leap/mx/mail_receiver.py +++ b/src/leap/mx/mail_receiver.py @@ -203,6 +203,13 @@ class MailReceiver(Service): gpg.import_keys(pubkey) key = gpg.list_keys().pop() + if key['expires']: + expires = datetime.fromtimestamp(int(key['expires'])) + if expires < datetime.now(): + log.msg("_encrypt_message: the key is expired (%s), " + "can't encrypt" % (str(expires),)) + raise Exception("Expired key") + encryption_result = gpg.encrypt( json.dumps(data, ensure_ascii=False), key["fingerprint"], @@ -211,7 +218,8 @@ class MailReceiver(Service): if not encryption_result.ok: log.msg("_encrypt_message: Encryption failed with status: %r" % (encryption_result.status,)) - return None + raise Exception("Encryption failed: %r" + % (encryption_result.status,)) doc.content = { self.INCOMING_KEY: True, |