bin/interpret-mail


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

#!/bin/sh

# shellcheck source=conf/default.conf
. "${0%/*}/../conf/default.conf"

tmp_dir=$(mktemp -d)
trap 'rm -rf --one-file-system "${tmp_dir}"' EXIT

cat > \
  "${tmp_dir}/mail"

if ! hashcash -qXc -b 20 \
  -d -f "${tmp_dir}/hashcash.db" \
  -r 'archlinux32-buildmaster@eckner.net' \
  -r 'buildmaster@archlinux32.org' < \
  "${tmp_dir}/mail"; then
  >&2 echo 'Invalid stamp - ignoring this message.'
  exit
fi

if ! sed -n '
    /^-----BEGIN PGP MESSAGE-----$/{
      :a
      /\n-----END PGP MESSAGE-----$/!{
        N
        ba
      }
      p
    }
  ' "${tmp_dir}/mail" | \
    chronic gpg --batch --status-file "${tmp_dir}/gpg-status" -q -d -o "${tmp_dir}/plain-content"; then
  exit
fi

grep '^\[GNUPG:] VALIDSIG ' "${tmp_dir}/gpg-status" | \
  cut -d' ' -f3 | \
  sort -u > \
  "${tmp_dir}/found-keys"

printf '%s\n' "${admin_gpg_keys}" | \
  sort -k1,1 -u > \
  "${tmp_dir}/admin-gpg-keys"

join -j 1 -o 2.2 \
  "${tmp_dir}/found-keys" \
  "${tmp_dir}/admin-gpg-keys" | \
  tr ',' '\n' | \
  sed 's|^ALL$|'"${possible_email_actions}"'|' | \
  tr ' ,' '\n' | \
  sort -u > \
  "${tmp_dir}/allowed-actions"

if [ ! -s "${tmp_dir}/allowed-actions" ]; then
  >&2 echo 'No valid signature found.'
  grep '^\[GNUPG:] VALIDSIG ' "${tmp_dir}/gpg-status" | \
    cut -d' ' -f3 | \
    sort -u >&2
  exit
fi

sed -n '
  /^$/!b
  N
  s/^\n//
  /^--/b
  :a
  N
  /\n$/!ba
  s/\n$//
  p
' "${tmp_dir}/plain-content" > \
  "${tmp_dir}/raw-content"

sed -n "$(
  while read -r action; do
    if [ -z "${action}" ]; then
      continue
    fi
    printf \
      '/^%s:/{ s/^%s:\s*//; w %s/%s\n }\n' \
      "${action}" \
      "${action}" \
      "${tmp_dir}" \
      "${action}"
  done < \
    "${tmp_dir}/allowed-actions"
)" "${tmp_dir}/raw-content"

if [ -s "${tmp_dir}/block" ]; then
  chronic "${base_dir}/bin/block-package" "${tmp_dir}/block"
fi

if [ -s "${tmp_dir}/stabilize" ]; then
  sed -i '
    /\.pkg\.tar\.xz$/!s/$/.pkg.tar.xz/
  ' "${tmp_dir}/stabilize"
#  chronic "${base_dir}/bin/db-update" -b -f "${tmp_dir}/stabilize"
fi

if [ -s "${tmp_dir}/unblock" ]; then
  chronic "${base_dir}/bin/block-package" -u "${tmp_dir}/unblock"
fi