summaryrefslogtreecommitdiff
path: root/bin/interpret-mail
blob: 9c33ff96e16b9d78422fe740ea9d234af1e73c65 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
#!/bin/sh

# shellcheck source=conf/default.conf
. "${0%/*}/../conf/default.conf"

tmp_dir=$(mktemp -d)
trap 'rm -rf --one-file-system "${tmp_dir}"' EXIT

cat > \
  "${tmp_dir}/mail"

if ! hashcash -qXc -b 20 \
  -d -f "${tmp_dir}/hashcash.db" \
  -r 'archlinux32-buildmaster@eckner.net' \
  -r 'buildmaster@archlinux32.org' < \
  "${tmp_dir}/mail"; then
  >&2 echo 'Invalid stamp - ignoring this message.'
  exit
fi

if ! sed -n '
    /^-----BEGIN PGP MESSAGE-----$/{
      :a
      /\n-----END PGP MESSAGE-----$/!{
        N
        ba
      }
      p
    }
  ' "${tmp_dir}/mail" | \
    chronic gpg --batch --status-file "${tmp_dir}/gpg-status" -q -d -o "${tmp_dir}/plain-content"; then
  exit
fi

if [ -z "$(
  (
    grep '^\[GNUPG:] VALIDSIG ' "${tmp_dir}/gpg-status" | \
      cut -d' ' -f3 | \
      sort -u
    printf '%s\n' "${admin_gpg_keys}" | \
      sort -u
  ) | \
    sort | \
    uniq -d
  )" ]; then
  >&2 echo 'No valid signature found.'
  grep '^\[GNUPG:] VALIDSIG ' "${tmp_dir}/gpg-status" | \
    cut -d' ' -f3 | \
    sort -u >&2
  exit
fi

if grep -q '^From:\s' "${tmp_dir}/plain-content" &&
  grep -q '^To:\s' "${tmp_dir}/plain-content" &&
  grep -q '^Subject:\s' "${tmp_dir}/plain-content"; then
  # the content is / might be "multipart"
  sed -n '
    /^$/!b
    N
    s/^\n//
    /^--/b
    :a
    N
    /\n$/!ba
    s/\n$//
    p
  ' "${tmp_dir}/plain-content" > \
    "${tmp_dir}/raw-content"
else
  mv "${tmp_dir}/plain-content" "${tmp_dir}/raw-content"
fi

sed -n '
  /^stabilize:/{
    s/^stabilize:\s*//
    /\.pkg\.tar\.xz$/!s/$/.pkg.tar.xz/
    w '"${tmp_dir}/stabilize"'
  }
' "${tmp_dir}/raw-content"

if [ -s "${tmp_dir}/stabilize" ]; then
  chronic "${base_dir}/bin/db-update" -b -f "${tmp_dir}/stabilize"
fi