+++ /dev/null
-%# BEGIN BPS TAGGED BLOCK {{{
-%#
-%# COPYRIGHT:
-%#
-%# This software is Copyright (c) 1996-2015 Best Practical Solutions, LLC
-%# <sales@bestpractical.com>
-%#
-%# (Except where explicitly superseded by other copyright notices)
-%#
-%#
-%# LICENSE:
-%#
-%# This work is made available to you under the terms of Version 2 of
-%# the GNU General Public License. A copy of that license should have
-%# been provided with this software, but in any event can be snarfed
-%# from www.gnu.org.
-%#
-%# This work is distributed in the hope that it will be useful, but
-%# WITHOUT ANY WARRANTY; without even the implied warranty of
-%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-%# General Public License for more details.
-%#
-%# You should have received a copy of the GNU General Public License
-%# along with this program; if not, write to the Free Software
-%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-%# 02110-1301 or visit their web page on the internet at
-%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
-%#
-%#
-%# CONTRIBUTION SUBMISSION POLICY:
-%#
-%# (The following paragraph is not intended to limit the rights granted
-%# to you to modify and distribute this software under the terms of
-%# the GNU General Public License and is only of importance to you if
-%# you choose to contribute your changes and enhancements to the
-%# community by submitting them to Best Practical Solutions, LLC.)
-%#
-%# By intentionally submitting any modifications, corrections or
-%# derivatives to this work, or any other work intended for use with
-%# Request Tracker, to Best Practical Solutions, LLC, you confirm that
-%# you are the copyright holder for those contributions and you grant
-%# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
-%# royalty-free, perpetual, license to use, copy, create derivative
-%# works based on those contributions, and sublicense and distribute
-%# those contributions and any derivatives thereof.
-%#
-%# END BPS TAGGED BLOCK }}}
-<table class="crypt-runs">
-<tr><td align="right" class="labeltop" rowspan="<% scalar @messages %>">GnuPG:</td>
-<td><% shift @messages %></td></tr>
-
-% foreach my $msg( @messages ) {
-<tr><td><% $msg %></td></tr>
-% }
-</table>
-<%ARGS>
-$Attachment
-$WarnUnsigned => undef
-$Reverify => 1
-</%ARGS>
-<%INIT>
-my @runs;
-my $needs_unsigned_warning = $WarnUnsigned;
-
-foreach ( $Attachment->SplitHeaders ) {
- if ( s/^X-RT-GnuPG-Status:\s*//i ) {
- require RT::Crypt::GnuPG;
- push @runs, [ RT::Crypt::GnuPG::ParseStatus( $_ ) ];
- }
-
- $needs_unsigned_warning = 0 if /^X-RT-Incoming-Signature:/;
-
- # if this is not set, then the email is generated by RT, and so we don't
- # need "email is unsigned" warnings
- $needs_unsigned_warning = 0 if not /^Received:/;
-}
-
-return unless @runs or $needs_unsigned_warning;
-
-my $reverify_cb = sub {
- my $top = shift;
-
- my $txn = $top->TransactionObj;
- unless ( $txn && $txn->id ) {
- return (0, "Couldn't get transaction of attachment #". $top->id);
- }
-
- my $attachments = $txn->Attachments->Clone;
- $attachments->Limit( FIELD => 'ContentType', VALUE => 'application/x-rt-original-message' );
- my $original = $attachments->First;
- unless ( $original ) {
- return (0, "Couldn't find attachment with original email of transaction #". $txn->id);
- }
-
- my $parser = RT::EmailParser->new();
- $parser->SmartParseMIMEEntityFromScalar(
- Message => $original->Content,
- Decode => 0,
- Exact => 1,
- );
- my $entity = $parser->Entity;
- unless ( $entity ) {
- return (0, "Couldn't parse content of attachment #". $original->id);
- }
-
- use RT::Interface::Email::Auth::GnuPG;
- my ($status, @res) = RT::Interface::Email::Auth::GnuPG::VerifyDecrypt( Entity => $entity );
- if ( $status && !@res ) {
- # imposible in this situation
- return (0, "Content of attachment #". $original->id ." is not signed and/or encrypted");
- }
- elsif ( @res ) {
- require RT::Crypt::GnuPG;
-
- $top->DelHeader('X-RT-GnuPG-Status');
- $top->AddHeader(map { ('X-RT-GnuPG-Status' => $_->{'status'} ) } @res);
- $top->SetHeader('X-RT-Privacy' => 'PGP' );
- $top->DelHeader('X-RT-Incoming-Signature');
-
- my @status = RT::Crypt::GnuPG::ParseStatus( $res[0]->{'status'} );
- for ( @status ) {
- if ( $_->{'Operation'} eq 'Verify' && $_->{'Status'} eq 'DONE' ) {
- $top->AddHeader( 'X-RT-Incoming-Signature' => $_->{'UserString'} );
- $needs_unsigned_warning = 0;
- }
- }
- }
- return (1, "Reverified original message");
-};
-
-my @messages;
-foreach my $run ( @runs ) {
- foreach my $line ( @$run ) {
- if ( $line->{'Operation'} eq 'KeyCheck' ) {
- next unless $Reverify;
- # if a public key was missing during verification then we want try again
- next unless $line->{'KeyType'} eq 'public' && $line->{'Status'} eq 'MISSING';
-
- # but only if we have key
- my %key = RT::Crypt::GnuPG::GetPublicKeyInfo( $line->{'Key'} );
- if ( $key{'info'} ) {
- my ($status, $msg) = $reverify_cb->($Attachment);
- unless ($status) {
- $RT::Logger->error($msg);
- } else {
- return $m->comp('SELF', %ARGS, Reverify => 0);
- }
- }
- else {
- push @messages, loc( "Public key '0x[_1]' is required to verify signature", $line->{'Key'} );
- }
- }
- elsif ( $line->{'Operation'} eq 'PassphraseCheck' ) {
- next if $line->{'Status'} eq 'DONE';
- push @messages, loc( $line->{'Message'} );
- }
- elsif ( $line->{'Operation'} eq 'Decrypt' ) {
- push @messages, loc( $line->{'Message'} );
- }
- elsif ( $line->{'Operation'} eq 'Verify' ) {
- push @messages, loc( $line->{'Message'} );
- }
- else {
- next if $line->{'Status'} eq 'DONE';
- push @messages, loc( $line->{'Message'} );
- }
- }
-}
-
-push @messages, loc('Warning! This is NOT signed!')
- if $needs_unsigned_warning;
-return unless @messages;
-
-my %seen;
-@messages = grep !$seen{$_}++, @messages;
-
-</%INIT>
projects / freeside.git / blobdiff