Remove hardcoded gpg signing key ID

operasoftware · Aug 22, 2017 · 29b3f0b · 29b3f0b
1 parent 4d86410
commit 29b3f0b
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/config/config-sample.ini b/config/config-sample.ini
@@ -90,3 +90,8 @@ admin_group_cn = ska-administrators
 ; If a value is found, it can be used as a link to an inventory system.
 ; %s in the url directive will be replaced with the value found in /etc/uuid
 ;url = "https://inventory.example.com/device/%s"
+
+[gpg]
+; SSH Key Authority can GPG sign outgoing emails sent from the email.from_address. To do this it needs to
+; know an appropriate key ID to use.
+;key_id = 0123456789ABCDEF0123456789ABCDEF01234567
diff --git a/email.php b/email.php
@@ -81,7 +81,7 @@ public function send() {
 		$this->headers[] = "Precedence: bulk";
 		$this->flow();
 		$this->append_signature();
-		if(function_exists('gnupg_init') && $this->gpg_sign) {
+		if(function_exists('gnupg_init') && $this->gpg_sign && isset($config['gpg']['key_id'])) {
 			$this->sign();
 		}
 		if(is_null($this->from['name'])) {
@@ -214,8 +214,9 @@ private function sign() {
 	}
 
 	private function get_gpg_signature($message) {
+		global $config;
 		$gpg = new gnupg();
-		$gpg->addsignkey('5BF47B590E2629854FC99BCEE8D5397409381BE2');
+		$gpg->addsignkey($config['gpg']['key_id']);
 		$gpg->setsignmode(GNUPG::SIG_MODE_DETACH);
 		return $gpg->sign($message);
 	}