include gpg public key export in GpgSigned

This makes debug-me not rely on the gpg keyservers at all.
Before, it was only working when the user had the developer's public key
already. I thought that --verify would download from --keyserver, but
seems not.

This is a protocol breaking change! Luckily done before any release, so
ok. ProtocolBuffers renumbered.

This commit was sponsored by Denis Dzyubenko on Patreon.

1 files changed, 5 insertions, 3 deletions

diff --git a/Role/Developer.hs b/Role/Developer.hs
index 2cc6c1c..2cdf917 100644
--- a/Role/Developer.hs
+++ b/Role/Developer.hs
@@ -230,7 +230,9 @@ authUser spk ichan ochan devstate logger = do
 	atomically $ writeTMChan ichan msg
 	logger $ Developer msg
 	waitresp $ case spk of
-		GpgSigned pk _ -> pk
+		-- Don't bother verifying the user's gpg public key;
+		-- normally users send UnSigned.
+		GpgSigned pk _ _ -> pk
 		UnSigned pk -> pk
   where
 	waitresp pk = do
@@ -291,7 +293,7 @@ getServerMessage ochan devstate ts = do
 	-- When other developers connect, learn their SessionKeys.
 	process (Developer msg@(ControlMessage (Control (SessionKey spk) _))) = do
 		let sigverifier = mkSigVerifier $ case spk of
-			GpgSigned pk _ -> pk
+			GpgSigned pk _ _ -> pk
 			UnSigned pk -> pk
 		if verifySigned sigverifier msg
 			then do
@@ -421,7 +423,7 @@ processSessionStart sk ochan logger dsv = do
 	sigverifier <- case sessionmsg of
 		User (ControlMessage c@(Control (SessionKey spk) _)) -> do
 			let pk = case spk of
-				GpgSigned k _ -> k
+				GpgSigned k _ _ -> k
 				UnSigned k -> k
 			let sv = mkSigVerifier pk
 			if verifySigned sv c