Project

General

Profile

« Previous | Next » 

Revision 09b32d70

Added by Marc Dequènes about 15 years ago

  • ID 09b32d703dd0a5924155082fd7743e536fd8231f

[evol] sign outgoing mails, and lot's of fixes and code improvement in mail handling (related to signing, crypting, and preparing/chaining the two)

View differences:

lib/cyborghood/mail.rb
{:ok => false, :msg => "mail not RFC3156 compliant"}.to_ostruct
end
def create_reply
tmail_reply = @mail.create_reply
tmail_reply.from_addrs = TMail::Address.parse(@config.mail.from_address || self.to.first)
reply = self.class.new(tmail_reply.to_s)
reply.set_custom_headers
reply
end
def set_custom_headers
@mail['Organization'] = @config.mail.organization
end
def check_headers
@mail.header.keys.each do |h|
@mail[h] = quote_address_if_necessary(@mail[h].to_s, "utf-8")
end
end
def deliver
check_headers
smtp_server = @config.mail.smtp_server || "localhost"
smtp_port = @config.mail.smtp_port || 25
smtp_from = @mail.from_addrs.collect{|a| a.address}.join(", ")
smtp_to = @mail.to_addrs.collect{|a| a.address}
Net::SMTP.start(smtp_server, smtp_port) do |smtp|
#p @mail.to_s
smtp.send_message(@mail.to_s, smtp_from, smtp_to)
end
end
def to_s
@mail.to_s
end
def crypt(fingerprint)
clear_data = build_intermediate_mail()
encrypted_data = clear_data.pgp_crypt(fingerprint)
# build properly encrypted mail
# (modify original mail parts)
@mail.set_content_type("multipart", "encrypted", {'boundary' => TMail.new_boundary, "protocol" => "application/pgp-encrypted"})
@mail.transfer_encoding = "7bit"
@mail['content-disposition'] = nil
@mail.body = "This mail is a RFC3156 encrypted message.\n"
@mail.parts.clear
p_pgp = TMail::Mail.new
p_pgp.set_content_type("application", "pgp-encrypted")
p_pgp.transfer_encoding = "7bit"
p_pgp.content_disposition = "inline"
p_pgp.body = "Version: 1\n"
@mail.parts << p_pgp
p_encrypted = TMail::Mail.new
p_encrypted.set_content_type("application", "octet-stream")
p_encrypted.transfer_encoding = "7bit"
p_encrypted.content_disposition = "inline"
p_encrypted.body = encrypted_data
@mail.parts << p_encrypted
end
def sign
data = build_intermediate_mail()
signature = data.pgp_sign([@config.mail.key_id]) do |uid_hint, passphrase_info, prev_was_bad|
@config.mail.key_passphrase
end
original_content_type = @mail.content_type
original_content_transfer_encoding = @mail.content_transfer_encoding
original_content_disposition = @mail.content_disposition
# build properly signed mail
# (modify original mail parts)
@mail.set_content_type("multipart", "signed", {'boundary' => TMail.new_boundary, 'protocol' => "application/pgp-signature"})
@mail.transfer_encoding = "7bit"
@mail['content-disposition'] = nil
@mail.body = "This mail is a RFC3156 signed message.\n"
@mail.parts.clear
p_signed = data
@mail.parts << p_signed
p_signature = TMail::Mail.new
p_signature.set_content_type("application", "pgp-signature")
p_signature.transfer_encoding = "7bit"
p_signature.content_disposition = "inline"
p_signature.body = signature
@mail.parts << p_signature
end
def sign_and_crypt(fingerprint)
sign()
crypt(fingerprint)
end
def quoted_printable_body=(txt)
@mail.transfer_encoding = "quoted-printable"
@mail.body = [normalize_new_lines(txt)].pack("M*")
end
private
def build_intermediate_mail
# build a fake mail to get the generated content to be crypted/signed
fake_mail = TMail::Mail.new
fake_mail['content-type'] = @mail['content-type'].to_s
fake_mail.transfer_encoding = @mail.transfer_encoding if @mail.transfer_encoding
fake_mail.content_disposition = @mail.content_disposition if @mail.content_disposition
if @mail.multipart?
@mail.each_part {|p| fake_mail.parts << p }
else
fake_mail.body = @mail.body
end
# store the calculated content, to be able to use the raw() method
fake_mail.write_back
fake_mail
end
def parse_signed
order = {:ok => false, :msg => "mail not formatted correctly"}
sig_check = verify_pgp_signature()
sigs_check = verify_pgp_signature()
return order.to_ostruct if sigs_check.nil? or sigs_check.size != 1
sig_check = sigs_check.first
if sig_check.status == 0
logger.info "Mail content was properly signed by key #{sig_check.fingerprint}"
user = Person.find_by_fingerprint(sig_check.fingerprint)
......
catch :notforme do
begin
# block is not passed to delegate (limitation ?)
clear_message = @mail.decrypt do |uid_hint, passphrase_info, prev_was_bad|
clear_message = @mail.pgp_decrypt do |uid_hint, passphrase_info, prev_was_bad|
logger.info "Mail crypted for #{uid_hint}"
# check if requesting passphrase for the expected key
......
order.to_ostruct
end
def create_reply
tmail_reply = @mail.create_reply
tmail_reply.from_addrs = TMail::Address.parse(@config.mail.from_address || self.to.first)
reply = self.class.new(tmail_reply.to_s)
reply.set_custom_headers
reply
end
def set_custom_headers
@mail['Organization'] = @config.mail.organization
end
def check_headers
@mail.header.keys.each do |h|
@mail[h] = quote_address_if_necessary(@mail[h].to_s, "utf-8")
end
end
def deliver
check_headers
smtp_server = @config.mail.smtp_server || "localhost"
smtp_port = @config.mail.smtp_port || 25
smtp_from = @mail.from_addrs.collect{|a| a.address}.join(", ")
smtp_to = @mail.to_addrs.collect{|a| a.address}
Net::SMTP.start(smtp_server, smtp_port) do |smtp|
#p @mail.to_s
smtp.send_message(@mail.to_s, smtp_from, smtp_to)
end
end
def to_s
@mail.to_s
end
def crypt(fingerprint)
# build a fake mail to get the generated content to be crypted
if @mail.multipart?
fake_mail = TMail::Mail.new
fake_mail.set_content_type("multipart", "mixed", {'boundary' => TMail.new_boundary})
@mail.each_part {|p| fake_mail.parts << p }
clear_data = fake_mail.to_s
else
fake_mail = TMail::Mail.new
fake_mail.content_type = @mail.content_type
fake_mail.body = @mail.body
fake_mail.transfer_encoding = @mail.transfer_encoding if @mail.transfer_encoding
clear_data = fake_mail.to_s
end
# retrieve key and encrypt
gpg = GPGME::Ctx.new
key = gpg.get_key(fingerprint)
encrypted_data = GPGME.encrypt([key], clear_data, {:armor => true, :always_trust => true})
# build properly encrypted mail
# (modify original mail parts)
@mail.set_content_type("multipart", "encrypted", {'boundary' => TMail.new_boundary, "protocol" => "application/pgp-encrypted"})
@mail.transfer_encoding = nil
@mail.body = "This mail is a RFC3156 encrypted message."
@mail.parts.clear
p_pgp = TMail::Mail.new
p_pgp.set_content_type("application", "pgp-encrypted")
p_pgp.body = "Version: 1"
@mail.parts << p_pgp
p_encrypted = TMail::Mail.new
p_encrypted.set_content_type("application", "octet-stream")
p_encrypted.body = encrypted_data
@mail.parts << p_encrypted
end
def quoted_printable_body=(txt)
@mail.transfer_encoding = "quoted-printable"
@mail.body = [normalize_new_lines(txt)].pack("M*")
end
end
end

Also available in: Unified diff