summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xbin/interpret-mail17
-rw-r--r--conf/.gitignore1
-rwxr-xr-xconf/default.conf6
3 files changed, 23 insertions, 1 deletions
diff --git a/bin/interpret-mail b/bin/interpret-mail
index ff40b22..12b0520 100755
--- a/bin/interpret-mail
+++ b/bin/interpret-mail
@@ -28,7 +28,22 @@ if ! sed -n '
p
}
' "${tmp_dir}/mail" | \
- chronic gpg --batch -q -d -o "${tmp_dir}/plain-content"; then
+ chronic gpg --batch --status-file "${tmp_dir}/gpg-status" -q -d -o "${tmp_dir}/plain-content"; then
+ exit
+fi
+
+if [ -z "$(
+ (
+ grep '^\[GNUPG:] VALIDSIG ' "${tmp_dir}/gpg-status" | \
+ cut -d' ' -f3 | \
+ sort -u
+ printf '%s\n' "${admin_gpg_keys}" | \
+ sort -u
+ ) | \
+ sort | \
+ uniq -d
+ )" ]; then
+ >&2 echo 'No valid signature found.'
exit
fi
diff --git a/conf/.gitignore b/conf/.gitignore
index f21e1b2..9eef7aa 100644
--- a/conf/.gitignore
+++ b/conf/.gitignore
@@ -1 +1,2 @@
local.conf
+admin-gpg-keys
diff --git a/conf/default.conf b/conf/default.conf
index f9bf2ea..34c5c3e 100755
--- a/conf/default.conf
+++ b/conf/default.conf
@@ -34,6 +34,12 @@ max_parallel_build_per_client=2
repo_key='0xdeadbeef'
package_key='0x15eebadc0de'
+if [ -s "${base_dir}/conf/admin-gpg-keys" ]; then
+ admin_gpg_keys=$(
+ sed 's|\s*#.*$||' "${base_dir}/conf/admin-gpg-keys"
+ )
+fi
+
# to access the master mirror via rsync
master_mirror_rsync_command='rsync --password-file=/home/slave/rsync.password'
master_mirror_rsync_directory='rsync://buildmaster@mirror.archlinux32.org/packages32'