Fix unencrypted delivery and key removal #130

Merged

pfm merged 40 commits from 129-key-removal into main

2023-12-02 21:59:15 +01:00

pfm commented

2023-09-21 20:24:24 +02:00

Collaborator

Expected to fix !129.

pfm added 3 commits 2023-09-21 20:24:25 +02:00

fccabc083c Fix unencrypted delivery arguments

When falling back to unencrypted mail delivery, do not pass sender information
to SendFrom.call method.

6c114b6dcd Ensure correct logging initialisation in webgate-cron

624a335a41 GnuPG: clean up and collect more diagnostic info

- Use regular expressions instead of finding particular characters in gnupg
  output to decide whether confirmation line was found.

- Use tempfile.mkdtemp to create secure temporary directories.

- Record information about the key considered by GnuPG. When missing in
  exception, it means no key was found.

pfm self-assigned this 2023-09-21 20:24:32 +02:00

pfm added 1 commit 2023-09-25 19:44:33 +02:00

c570bcd383 Update Alice's key expiry date

pfm added 5 commits 2023-10-23 22:48:26 +02:00

274bfbaf3b Always use 'python' binary during tests

41442e5b59 Add basic support for RDBMS-based keyring

43f43a4137 Fix DatabaseKeyring tests

e5339d264c Improve asyncio usage

3dd6913599 Initialise db connection lazily, use isolated asyncio test case

pfm added 1 commit 2023-10-27 23:54:06 +02:00

02edb4cc96 Validate keyring type config parameter on daemon startup

pfm added 6 commits 2023-11-15 20:38:29 +01:00

5e108c189a Replace file-based identity store with a dedicated db table

bf677585be Don't require watchdog anymore

9bbc86bc53 Extract parts of cron script to modules

Introduce new Python modules:

- lacre.notify -- to send notifications from the cron script;

- lacre.dbschema -- to keep database schema definition as code (SQLAlchemy);

- lacre.repositories -- to define key and identity repositories with high
  level APIs that we can then use elsewhere.

Also:

- rework GnuPG.add_key to return fingerprint so we can use it in the cron
  script;

- rename cron-job's logger name, replacing dash with an underscore as logging
  module doesn't like dashes.

6ca5db2db3 Issue an INFO log entry after configuring logging

Also: reformat with spaces instead of tabs.

2edd842f90 Use lacre.dbschema definition of identities table

a3eb892df9 Remove duplicate logger initialisation

pfm added 2 commits 2023-11-17 22:56:04 +01:00

7ac928af76 Handle gpg-mailgate.py missing params better

c6b2dbf618 Add docs, improve logging

pfm added 4 commits 2023-11-20 22:12:23 +01:00

4fbae908d6 Don't require less-than and greater-than around the email

Keys don't have to be surrounded with less-than and greater-than characters,
so this code could mishandle valid keys.

56da7e0cb4 Refactor calculating execution time

- Implement a context manager logging execution time.
- Use that context manager in daemon's handle_DATA method.

bfa2643dc7 Implement identity repository

Also: rename key_id to fingerprint.

89affde0d5 Add tests for GnuPG parsing routines

pfm added 1 commit 2023-11-20 22:28:14 +01:00

5efef3c9cb Fix table name, unify metadata handling

pfm added 4 commits 2023-11-25 01:14:13 +01:00

7c2d32bf3c Make IdentityRepository a KeyRing

- Keep only one class to provide access to identities stored in the database.

- Remove old code and its tests.

- Align KeyRing and IdentityRepository APIs.

- Implement a (very) simple unit test for IdentityRepository.

72217e38ea GnuPG module: make key-listing more thorough

- Flush key-collecting structures each time a new public key entry is found.
  This will avoid adding sub-keys and overwriting main keys with them.

- Use parseaddr from email.utils to parse emails (and drop realname part).

- Record logs produced during unit tests.

- Fix a small bug in test code.

Also: add basic information about available test identities to testing
documentation.

acd33fec1e Fix inheritance issues

- Use accessor methods.
- Avoid data duplication.

4950e0b9c3 Keep secondary keyring for test purposes

pfm added 2 commits 2023-11-25 14:08:06 +01:00

becb39f139 Clean up database access

- Don't pass table definitions to repository constructors.

- Keep an internal reference to Engine in lacre.repository.

- Implement KeyConfirmationQueue.count_keys.

1ad0d2df0e Implement lacre.admin CLI tool

pfm added 3 commits 2023-11-25 15:10:07 +01:00

7fe52ae8b5 Don't pass table definition to KeyConfirmationQueue

9b5c43b769 Fix crontest config, polish Makefile

95c5802c38 Add test/lacre.db to gitignore

pfm added 2 commits 2023-11-25 16:11:25 +01:00

626fce5f2c lacre.admin: Implement 'identities' sub-command

97c4f9f14a lacre.repositories: Fix naming after refactoring

pfm commented

2023-11-26 10:34:59 +01:00

Author

Collaborator

This change depends on Lacre/lacre-webgate#11.

pfm added 3 commits 2023-11-26 18:32:31 +01:00

aa8c353a05 Replace NBSP in doc/admin.md with a regular space

0fe5e6b3dc Make GnuPG.public_keys docstring more complete

b44bd7b150 lacre.admin: Implement identity import, fix identity list

- Let the user specify a directory, using the one from configuration by
  default.

- If user requested identity list without a specific email, list all.  Drop
  support for '-a' option.

pfm added 2 commits 2023-12-02 21:19:19 +01:00

0975ce3a69 lacre.admin: Handle database exceptions

052551072e Change table prefix from 'gpgmw' to 'lacre'

pfm added 1 commit 2023-12-02 21:48:31 +01:00

ac5dddfa98 Remove configuration options no longer used

pfm merged commit b7713207ab into main

2023-12-02 21:59:15 +01:00

pfm deleted branch 129-key-removal

2023-12-02 21:59:16 +01:00

pfm referenced this issue from a commit

2023-12-02 21:59:16 +01:00

Merge pull request 'Fix unencrypted delivery and key removal' (#130) from 129-key-removal into main