diff options
Diffstat (limited to 'rt/share/html/Elements/GnuPG')
| -rw-r--r-- | rt/share/html/Elements/GnuPG/KeyIssues | 92 | ||||
| -rw-r--r-- | rt/share/html/Elements/GnuPG/SelectKeyForEncryption | 81 | ||||
| -rw-r--r-- | rt/share/html/Elements/GnuPG/SelectKeyForSigning | 64 | ||||
| -rw-r--r-- | rt/share/html/Elements/GnuPG/SignEncryptWidget | 184 |
4 files changed, 421 insertions, 0 deletions
diff --git a/rt/share/html/Elements/GnuPG/KeyIssues b/rt/share/html/Elements/GnuPG/KeyIssues new file mode 100644 index 000000000..48a7fd21e --- /dev/null +++ b/rt/share/html/Elements/GnuPG/KeyIssues @@ -0,0 +1,92 @@ +%# BEGIN BPS TAGGED BLOCK {{{ +%# +%# COPYRIGHT: +%# +%# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC +%# <jesse@bestpractical.com> +%# +%# (Except where explicitly superseded by other copyright notices) +%# +%# +%# LICENSE: +%# +%# This work is made available to you under the terms of Version 2 of +%# the GNU General Public License. A copy of that license should have +%# been provided with this software, but in any event can be snarfed +%# from www.gnu.org. +%# +%# This work is distributed in the hope that it will be useful, but +%# WITHOUT ANY WARRANTY; without even the implied warranty of +%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +%# General Public License for more details. +%# +%# You should have received a copy of the GNU General Public License +%# along with this program; if not, write to the Free Software +%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +%# 02110-1301 or visit their web page on the internet at +%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html. +%# +%# +%# CONTRIBUTION SUBMISSION POLICY: +%# +%# (The following paragraph is not intended to limit the rights granted +%# to you to modify and distribute this software under the terms of +%# the GNU General Public License and is only of importance to you if +%# you choose to contribute your changes and enhancements to the +%# community by submitting them to Best Practical Solutions, LLC.) +%# +%# By intentionally submitting any modifications, corrections or +%# derivatives to this work, or any other work intended for use with +%# Request Tracker, to Best Practical Solutions, LLC, you confirm that +%# you are the copyright holder for those contributions and you grant +%# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable, +%# royalty-free, perpetual, license to use, copy, create derivative +%# works based on those contributions, and sublicense and distribute +%# those contributions and any derivatives thereof. +%# +%# END BPS TAGGED BLOCK }}} +% if ( @$Issues || @$SignAddresses ) { +<&| /Widgets/TitleBox, title => loc('GnuPG issues') &> + +% if ( @$SignAddresses ) { +<% loc("The system is unable to sign outgoing email messages. This usually indicates that the passphrase was mis-set, or that GPG Agent is down. Please alert your system administrator immediately. The problem addresses are:") %> +<ul> +% for my $address (@$SignAddresses) { + <li><% $address %></li> +% } +</ul> +% } + +% if (@$Issues == 1) { +<% loc("You are going to encrypt outgoing email messages, but there is a problem with a recipient's public key. You have to fix the problem with the key, disable sending a message to that recipient, or disable encryption.") %> +% } elsif (@$Issues > 1) { +<% loc("You are going to encrypt outgoing email messages, but there are problems with recipients' public keys. You have to fix the problems with the keys, disable sending a message to the recipients with key problems, or disable encryption.") %> +% } + +<ul> +% foreach my $issue ( @$Issues ) { +<li> +% if ( $issue->{'User'} ) { +User <a href="<% RT->Config->Get('WebPath') %>/Admin/Users/Modify.html?id=<% $issue->{'User'}->id %>"><&/Elements/ShowUser, User => $issue->{'User'} &></a> has a problem. +% } else { +There is a problem with key(s) for address <% $issue->{'EmailAddress'} %>, but there is no user in the DB for this address. +% } +<% $issue->{'Message'} %> +<br /> +Select a key you want to use for encryption: +<& /Elements/GnuPG/SelectKeyForEncryption, + Name => 'UseKey-'. $issue->{'EmailAddress'}, + EmailAddress => $issue->{'EmailAddress'}, + Default => ( $issue->{'User'}? $issue->{'User'}->PreferredKey : undef ), +&> +</li> +% } +</ul> +</&> +% } + +<%ARGS> +$Issues => [] +$SignAddresses => [] +</%ARGS> + diff --git a/rt/share/html/Elements/GnuPG/SelectKeyForEncryption b/rt/share/html/Elements/GnuPG/SelectKeyForEncryption new file mode 100644 index 000000000..c28c5ad3f --- /dev/null +++ b/rt/share/html/Elements/GnuPG/SelectKeyForEncryption @@ -0,0 +1,81 @@ +%# BEGIN BPS TAGGED BLOCK {{{ +%# +%# COPYRIGHT: +%# +%# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC +%# <jesse@bestpractical.com> +%# +%# (Except where explicitly superseded by other copyright notices) +%# +%# +%# LICENSE: +%# +%# This work is made available to you under the terms of Version 2 of +%# the GNU General Public License. A copy of that license should have +%# been provided with this software, but in any event can be snarfed +%# from www.gnu.org. +%# +%# This work is distributed in the hope that it will be useful, but +%# WITHOUT ANY WARRANTY; without even the implied warranty of +%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +%# General Public License for more details. +%# +%# You should have received a copy of the GNU General Public License +%# along with this program; if not, write to the Free Software +%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +%# 02110-1301 or visit their web page on the internet at +%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html. +%# +%# +%# CONTRIBUTION SUBMISSION POLICY: +%# +%# (The following paragraph is not intended to limit the rights granted +%# to you to modify and distribute this software under the terms of +%# the GNU General Public License and is only of importance to you if +%# you choose to contribute your changes and enhancements to the +%# community by submitting them to Best Practical Solutions, LLC.) +%# +%# By intentionally submitting any modifications, corrections or +%# derivatives to this work, or any other work intended for use with +%# Request Tracker, to Best Practical Solutions, LLC, you confirm that +%# you are the copyright holder for those contributions and you grant +%# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable, +%# royalty-free, perpetual, license to use, copy, create derivative +%# works based on those contributions, and sublicense and distribute +%# those contributions and any derivatives thereof. +%# +%# END BPS TAGGED BLOCK }}} +% if (!@keys) { +<% loc("No usable keys.") %> +% } else { +<select name="<% $Name %>"> +% foreach my $key (@keys) { +<option value="<% $key->{'Fingerprint'} %>"><% $key->{'Fingerprint'} %> <% loc("(trust: [_1])", $key->{'TrustTerse'}) %></option> +% } +</select> +% } + +<%INIT> +require RT::Crypt::GnuPG; +my $d; + +my %res = RT::Crypt::GnuPG::GetKeysForEncryption($EmailAddress); +# move the preferred key to the top of the list +my @keys = map { + $_->{'Fingerprint'} eq ( $Default || '' ) + ? do { $d = $_; () } + : $_ + } + @{ $res{'info'} }; + +@keys = sort { $b->{'TrustLevel'} <=> $a->{'TrustLevel'} } @keys; + +unshift @keys, $d if defined $d; + +</%INIT> +<%ARGS> +$Name => 'PreferredKey' +$EmailAddress => undef +$Default => undef +</%ARGS> + diff --git a/rt/share/html/Elements/GnuPG/SelectKeyForSigning b/rt/share/html/Elements/GnuPG/SelectKeyForSigning new file mode 100644 index 000000000..13b40df26 --- /dev/null +++ b/rt/share/html/Elements/GnuPG/SelectKeyForSigning @@ -0,0 +1,64 @@ +%# BEGIN BPS TAGGED BLOCK {{{ +%# +%# COPYRIGHT: +%# +%# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC +%# <jesse@bestpractical.com> +%# +%# (Except where explicitly superseded by other copyright notices) +%# +%# +%# LICENSE: +%# +%# This work is made available to you under the terms of Version 2 of +%# the GNU General Public License. A copy of that license should have +%# been provided with this software, but in any event can be snarfed +%# from www.gnu.org. +%# +%# This work is distributed in the hope that it will be useful, but +%# WITHOUT ANY WARRANTY; without even the implied warranty of +%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +%# General Public License for more details. +%# +%# You should have received a copy of the GNU General Public License +%# along with this program; if not, write to the Free Software +%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +%# 02110-1301 or visit their web page on the internet at +%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html. +%# +%# +%# CONTRIBUTION SUBMISSION POLICY: +%# +%# (The following paragraph is not intended to limit the rights granted +%# to you to modify and distribute this software under the terms of +%# the GNU General Public License and is only of importance to you if +%# you choose to contribute your changes and enhancements to the +%# community by submitting them to Best Practical Solutions, LLC.) +%# +%# By intentionally submitting any modifications, corrections or +%# derivatives to this work, or any other work intended for use with +%# Request Tracker, to Best Practical Solutions, LLC, you confirm that +%# you are the copyright holder for those contributions and you grant +%# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable, +%# royalty-free, perpetual, license to use, copy, create derivative +%# works based on those contributions, and sublicense and distribute +%# those contributions and any derivatives thereof. +%# +%# END BPS TAGGED BLOCK }}} +% if ( $user_key ) { +<select name="<% $Name %>"> +<option value=""><% loc("Queue's key") %></option> +<option value="<% $user_key %>"><% $user_key %></option> +</select> +% } else { +<% loc("Queue's key") %> +% } +<%ARGS> +$Name => 'SignUsing', +$User => undef, +</%ARGS> +<%INIT> +return unless RT->Config->Get('GnuPG')->{'Enable'}; + +my $user_key = $User->PrivateKey; +</%INIT> diff --git a/rt/share/html/Elements/GnuPG/SignEncryptWidget b/rt/share/html/Elements/GnuPG/SignEncryptWidget new file mode 100644 index 000000000..9303fb52a --- /dev/null +++ b/rt/share/html/Elements/GnuPG/SignEncryptWidget @@ -0,0 +1,184 @@ +%# BEGIN BPS TAGGED BLOCK {{{ +%# +%# COPYRIGHT: +%# +%# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC +%# <jesse@bestpractical.com> +%# +%# (Except where explicitly superseded by other copyright notices) +%# +%# +%# LICENSE: +%# +%# This work is made available to you under the terms of Version 2 of +%# the GNU General Public License. A copy of that license should have +%# been provided with this software, but in any event can be snarfed +%# from www.gnu.org. +%# +%# This work is distributed in the hope that it will be useful, but +%# WITHOUT ANY WARRANTY; without even the implied warranty of +%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +%# General Public License for more details. +%# +%# You should have received a copy of the GNU General Public License +%# along with this program; if not, write to the Free Software +%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +%# 02110-1301 or visit their web page on the internet at +%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html. +%# +%# +%# CONTRIBUTION SUBMISSION POLICY: +%# +%# (The following paragraph is not intended to limit the rights granted +%# to you to modify and distribute this software under the terms of +%# the GNU General Public License and is only of importance to you if +%# you choose to contribute your changes and enhancements to the +%# community by submitting them to Best Practical Solutions, LLC.) +%# +%# By intentionally submitting any modifications, corrections or +%# derivatives to this work, or any other work intended for use with +%# Request Tracker, to Best Practical Solutions, LLC, you confirm that +%# you are the copyright holder for those contributions and you grant +%# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable, +%# royalty-free, perpetual, license to use, copy, create derivative +%# works based on those contributions, and sublicense and distribute +%# those contributions and any derivatives thereof. +%# +%# END BPS TAGGED BLOCK }}} +<table> +<td><% loc('Sign')%></td> +<td><& /Widgets/Form/Boolean:InputOnly, Name => 'Sign', CurrentValue => $self->{'Sign'} &> +using <& SelectKeyForSigning, User => $session{'CurrentUser'}->UserObj &> +</td> +<td><% loc('Encrypt')%></td> +<td><& /Widgets/Form/Boolean:InputOnly, Name => 'Encrypt', CurrentValue => $self->{'Encrypt'} &></td> +</table> +<%ARGS> +$self => undef, +</%ARGS> +<%INIT> +return unless $self; +</%INIT> + +<%METHOD new> +<%ARGS> +$Arguments => {} +</%ARGS> +<%INIT> +return undef unless RT->Config->Get('GnuPG')->{'Enable'}; + +require RT::Crypt::GnuPG; +return { %$Arguments }; +</%INIT> +</%METHOD> + +<%METHOD ShowIssues> +<%ARGS> +$self => undef, +</%ARGS> +<%INIT> +return unless $self; + +return $m->comp( '/Elements/GnuPG/KeyIssues', + Issues => $self->{'GnuPGRecipientsKeyIssues'} || [], + SignAddresses => $self->{'GnuPGCanNotSignAs'} || [], +); +</%INIT> +</%METHOD> + + +<%METHOD Process> +<%ARGS> +$self => undef +$QueueObj => undef +$TicketObj => undef +</%ARGS> +<%INIT> +return unless $self; + +$QueueObj ||= $TicketObj->QueueObj if $TicketObj; + +foreach ( qw(Sign Encrypt) ) { + $self->{ $_ } = $m->comp( '/Widgets/Form/Boolean:Process', + Name => $_, + DefaultValue => $QueueObj->$_, + Arguments => $self, + ); +} +</%INIT> +</%METHOD> + +<%METHOD Check> +<%ARGS> +$self => undef +$Operation => 'Update' +$TicketObj => undef +$QueueObj => undef +</%ARGS> +<%INIT> +return 1 unless $self; + +my $checks_failure = 0; + +if ( $self->{'Sign'} ) { + $QueueObj ||= $TicketObj->QueueObj + if $TicketObj; + + my $address = $self->{'SignUsing'}; + $address ||= ($self->{'UpdateType'} && $self->{'UpdateType'} eq "private") + ? ( $QueueObj->CommentAddress || RT->Config->Get('CommentAddress') ) + : ( $QueueObj->CorrespondAddress || RT->Config->Get('CorrespondAddress') ); + + unless ( RT::Crypt::GnuPG::DrySign( $address ) ) { + push @{ $self->{'GnuPGCanNotSignAs'} ||= [] }, $address; + $checks_failure = 1; + } else { + RT::Crypt::GnuPG::UseKeyForSigning( $self->{'SignUsing'} ) + if $self->{'SignUsing'}; + } +} + +if ( $self->{'Encrypt'} ) { + + my @recipients; + + if ( $Operation eq 'Update' ) { + # skip any email addresses that we won't be sending mail to + my %squelch = $m->comp( + '/Ticket/Elements/PreviewScrips:SquelchRecipients', + %$self, + TicketObj => $TicketObj + ); + + @recipients = $m->comp( + '/Ticket/Elements/PreviewScrips:GetRecipients', + %$self, TicketObj => $TicketObj + ); + } + elsif ( $Operation eq 'Create' ) { + @recipients = $m->comp( + '/Ticket/Elements/PreviewScrips:GetRecipientsOnCreate', + %$self, + ); + } + else { + $RT::Logger->crit('Incorrect operation: '. $Operation ); + } + + my %seen; + @recipients = grep !$seen{ lc $_ }++, @recipients; + + RT::Crypt::GnuPG::UseKeyForEncryption( + map { (/^UseKey-(.*)$/)[0] => $self->{ $_ } } + grep $self->{ $_ } && /^UseKey-/, + keys %$self + ); + + my ($status, @issues) = RT::Crypt::GnuPG::CheckRecipients( @recipients ); + push @{ $self->{'GnuPGRecipientsKeyIssues'} ||= [] }, @issues; + $checks_failure = 1 unless $status; +} + +return $checks_failure ? 0 : 1; +</%INIT> +</%METHOD> |