ruz at bestpractical
Apr 7, 2008, 8:47 AM
Post #2 of 2
(259 views)
Permalink
|
|
Re: Bug in Ticket/Elements/ShowGnuPGStatus
[In reply to]
|
|
On Mon, Apr 7, 2008 at 6:29 PM, Otmar Lendl <ol[at]bofh.priv.at> wrote:
>
> Folks,
>
> I've been debugging my RTIR installation regarding GnuPG (my main error
> turned out to be the missing
> Set(@MailPlugins, 'Auth::MailFrom', 'Auth::GnuPG');
> line in the SiteConfig) when I took a closer look at Ticket/Elements/ShowGnuPGStatus
>
> The following code seems to contain a logical error:
>
> foreach ( $Attachment->SplitHeaders ) {
> if ( s/^X-RT-GnuPG-Status:\s*//i ) {
> require RT::Crypt::GnuPG;
> push @runs, [ RT::Crypt::GnuPG::ParseStatus( $_ ) ];
> }
>
> $needs_unsigned_warning = 0 if /^X-RT-Incoming-Signature:/;
>
> # if this is not set, then the email is generated by RT, and so we don't
> # need "email is unsigned" warnings
> $needs_unsigned_warning = 0 if not /^Received:/;
> }
>
> Shouldn't the logic be "$needs_unsigned_warning = 0" if no Received:
> header was was found, instead of = 0 if there is at least one header
> that is not a Received: one?
you're right.
>
> Secondly, this will never ever recheck a signature unless 'Auth::GnuPG'
> was enabled when the mail came in. This may be by design, but it's not
> perfect.
Not perfect. Needs more love, however it's not easy to implement
without big performance penalty. And impossible to implement without
pure copy of original email.
>
> /ol
> --
> -=- Otmar Lendl -- ol[at]bofh.priv.at -=-
> _______________________________________________
> List info: http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-devel
>
--
Best regards, Ruslan.
_______________________________________________
List info: http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-devel
|
