You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@whimsical.apache.org by se...@apache.org on 2019/03/21 19:08:15 UTC

[whimsy] branch master updated: Verify error should not cause key refetch

This is an automated email from the ASF dual-hosted git repository.

sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git


The following commit(s) were added to refs/heads/master by this push:
     new 6ff1512  Verify error should not cause key refetch
6ff1512 is described below

commit 6ff15122b307465eba7fc39aa00ee5e9521f80f0
Author: Sebb <se...@apache.org>
AuthorDate: Thu Mar 21 19:08:12 2019 +0000

    Verify error should not cause key refetch
---
 .../views/actions/check-signature.json.rb          | 23 ++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/www/secretary/workbench/views/actions/check-signature.json.rb b/www/secretary/workbench/views/actions/check-signature.json.rb
index 4628e25..40296e9 100644
--- a/www/secretary/workbench/views/actions/check-signature.json.rb
+++ b/www/secretary/workbench/views/actions/check-signature.json.rb
@@ -31,25 +31,28 @@ begin
     # extract and fetch key
     keyid = err[/[RD]SA key (ID )?(\w+)/,2].untaint
 
+    out2, err2 = '' # needed later
     KEYSERVERS.each do |server|
       out2, err2, rc2 = Open3.capture3 gpg, '--keyserver', server,
         '--debug', 'ipc', # seems to show communication with dirmngr
         '--recv-keys', keyid
       # for later analysis
       Wunderbar.warn "#{gpg} --keyserver #{server} --recv-keys #{keyid} rc2=#{rc2} out2=#{out2} err2=#{err2}"
-  
-      # run gpg verify command again
-      out, err, rc = Open3.capture3 gpg, '--verify', signature.path,
-        attachment.path
-  
-      # if verify failed, concatenate fetch output
-      if rc.exitstatus != 0
-        out += out2
-        err += err2
-      else
+      if rc2.exitstatus == 0 # Found the key
+        out2 = err2 = '' # Don't add download error to verify error
         break
       end
     end
+  
+    # run gpg verify command again
+    out, err, rc = Open3.capture3 gpg, '--verify', signature.path,
+      attachment.path
+
+    # if verify failed, concatenate fetch output
+    if rc.exitstatus != 0
+      out += out2
+      err += err2
+    end
   end
 
   # list of strings to ignore