From: W. Trevor King <wking@tremily.us>
Date: Thu, 20 Sep 2012 17:24:01 +0000 (-0400)
Subject: mailpipe: don't raise UnverifiedSignatureMessage for valid signatures.
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=c5b1c1f4b767d374ab5c968d151822769f745b91;p=pygrader.git

mailpipe: don't raise UnverifiedSignatureMessage for valid signatures.

Before this patch, signatures like:

  ... signature
    summary:
      CRL missing: False
      CRL too old: False
      bad policy: False
      green: True
      key expired: False
      key missing: False
      key revoked: False
      red: False
      signature expired: False
      system error: False
      valid: True
    ...

would raise the exception.  Now they won't.
---

diff --git a/pygrader/mailpipe.py b/pygrader/mailpipe.py
index 281839b..d48c9e9 100644
--- a/pygrader/mailpipe.py
+++ b/pygrader/mailpipe.py
@@ -959,7 +959,11 @@ def _get_verified_message(message, pgp_key):
             fingerprints=fingerprints, decrypted=decrypted)
     signature = matches[0]
     if not verified:
-        if signature.get_summary() != 0:
+        problems = [k for k,v in signature.summary.items() if v]
+        for good in ['green', 'valid']:
+            if good in problems:
+                problems.remove(good)
+        if problems:
             raise UnverifiedSignatureMessage(
                 message=message, signature=signature, decrypted=decrypted)
         # otherwise, we may have an untrusted key.  We'll count that