Bug in Ticket/Elements/ShowGnuPGStatus

Folks,

I’ve been debugging my RTIR installation regarding GnuPG (my main error
turned out to be the missing
Set(@MailPlugins, ‘Auth::MailFrom’, ‘Auth::GnuPG’);
line in the SiteConfig) when I took a closer look at Ticket/Elements/ShowGnuPGStatus

The following code seems to contain a logical error:

foreach ( $Attachment->SplitHeaders ) {
if ( s/^X-RT-GnuPG-Status:\s*//i ) {
require RT::Crypt::GnuPG;
push @runs, [ RT::Crypt::GnuPG::ParseStatus( $_ ) ];
}

$needs_unsigned_warning = 0 if /^X-RT-Incoming-Signature:/;

# if this is not set, then the email is generated by RT, and so we don't
# need "email is unsigned" warnings
$needs_unsigned_warning = 0 if not /^Received:/;

}

Shouldn’t the logic be “$needs_unsigned_warning = 0” if no Received:
header was was found, instead of = 0 if there is at least one header
that is not a Received: one?

Secondly, this will never ever recheck a signature unless ‘Auth::GnuPG’
was enabled when the mail came in. This may be by design, but it’s not
perfect.

/ol
-=- Otmar Lendl – ol@bofh.priv.at -=-

Folks,

I’ve been debugging my RTIR installation regarding GnuPG (my main error
turned out to be the missing
Set(@MailPlugins, ‘Auth::MailFrom’, ‘Auth::GnuPG’);
line in the SiteConfig) when I took a closer look at Ticket/Elements/ShowGnuPGStatus

The following code seems to contain a logical error:

foreach ( $Attachment->SplitHeaders ) {
if ( s/^X-RT-GnuPG-Status:\s*//i ) {
require RT::Crypt::GnuPG;
push @runs, [ RT::Crypt::GnuPG::ParseStatus( $_ ) ];
}

$needs_unsigned_warning = 0 if /^X-RT-Incoming-Signature:/;

# if this is not set, then the email is generated by RT, and so we don't
# need "email is unsigned" warnings
$needs_unsigned_warning = 0 if not /^Received:/;

}

Shouldn’t the logic be “$needs_unsigned_warning = 0” if no Received:
header was was found, instead of = 0 if there is at least one header
that is not a Received: one?
you’re right.

Secondly, this will never ever recheck a signature unless ‘Auth::GnuPG’
was enabled when the mail came in. This may be by design, but it’s not
perfect.
Not perfect. Needs more love, however it’s not easy to implement
without big performance penalty. And impossible to implement without
pure copy of original email.

/ol

-=- Otmar Lendl – ol@bofh.priv.at -=-


List info: The rt-devel Archives

Best regards, Ruslan.