X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=rt%2Flib%2FRT%2FCrypt%2FGnuPG.pm;h=ab444d0686bc4c4af9c986a754ca65dd00fd9cf7;hb=85e677b86fc37c54e6de2b06340351a28f5a5916;hp=29dd2a9fe06417690127eaeabb228bcf77ed2f68;hpb=0fb307c305e4bc2c9c27dc25a3308beae3a4d33c;p=freeside.git

diff --git a/rt/lib/RT/Crypt/GnuPG.pm b/rt/lib/RT/Crypt/GnuPG.pm
index 29dd2a9fe..ab444d068 100644
--- a/rt/lib/RT/Crypt/GnuPG.pm
+++ b/rt/lib/RT/Crypt/GnuPG.pm
@@ -2,7 +2,7 @@
 #
 # COPYRIGHT:
 #
-# This software is Copyright (c) 1996-2011 Best Practical Solutions, LLC
+# This software is Copyright (c) 1996-2012 Best Practical Solutions, LLC
 #                                          <sales@bestpractical.com>
 #
 # (Except where explicitly superseded by other copyright notices)
@@ -54,7 +54,7 @@ package RT::Crypt::GnuPG;
 use IO::Handle;
 use GnuPG::Interface;
 use RT::EmailParser ();
-use RT::Util 'safe_run_child';
+use RT::Util 'safe_run_child', 'mime_recommended_filename';
 
 =head1 NAME
 
@@ -168,7 +168,7 @@ quoted, otherwise you can see quite cryptic error 'gpg: Invalid option "--0"'.
 
 =item --homedir
 
-The GnuPG home directory, by default it is set to F</opt/rt3/var/data/gpg>.
+The GnuPG home directory, by default it is set to F</opt/rt4/var/data/gpg>.
 
 You can manage this data with the 'gpg' commandline utility 
 using the GNUPGHOME environment variable or --homedir option. 
@@ -351,14 +351,16 @@ my %supported_opt = map { $_ => 1 } qw(
        verbose
 );
 
+our $RE_FILE_EXTENSIONS = qr/pgp|asc/i;
+
 # DEV WARNING: always pass all STD* handles to GnuPG interface even if we don't
-# need them, just pass 'new IO::Handle' and then close it after safe_run_child.
+# need them, just pass 'IO::Handle->new()' and then close it after safe_run_child.
 # we don't want to leak anything into FCGI/Apache/MP handles, this break things.
 # So code should look like:
 #        my $handles = GnuPG::Handles->new(
-#            stdin  => ($handle{'stdin'}  = new IO::Handle),
-#            stdout => ($handle{'stdout'} = new IO::Handle),
-#            stderr => ($handle{'stderr'}  = new IO::Handle),
+#            stdin  => ($handle{'stdin'}  = IO::Handle->new()),
+#            stdout => ($handle{'stdout'} = IO::Handle->new()),
+#            stderr => ($handle{'stderr'}  = IO::Handle->new()),
 #            ...
 #        );
 
@@ -433,7 +435,7 @@ sub SignEncryptRFC3156 {
         @_
     );
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
 
     # handling passphrase in GnuPGOptions
@@ -615,7 +617,7 @@ sub _SignEncryptTextInline {
     );
     return unless $args{'Sign'} || $args{'Encrypt'};
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
 
     # handling passphrase in GnupGOptions
@@ -682,7 +684,7 @@ sub _SignEncryptTextInline {
         return %res;
     }
 
-    $entity->bodyhandle( new MIME::Body::File $tmp_fn );
+    $entity->bodyhandle( MIME::Body::File->new( $tmp_fn) );
     $entity->{'__store_tmp_handle_to_avoid_early_cleanup'} = $tmp_fh;
 
     return %res;
@@ -703,7 +705,7 @@ sub _SignEncryptAttachmentInline {
     );
     return unless $args{'Sign'} || $args{'Encrypt'};
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
 
     # handling passphrase in GnupGOptions
@@ -769,7 +771,7 @@ sub _SignEncryptAttachmentInline {
         return %res;
     }
 
-    my $filename = $entity->head->recommended_filename || 'no_name';
+    my $filename = mime_recommended_filename( $entity ) || 'no_name';
     if ( $args{'Sign'} && !$args{'Encrypt'} ) {
         $entity->make_multipart;
         $entity->attach(
@@ -779,7 +781,7 @@ sub _SignEncryptAttachmentInline {
             Disposition => 'attachment',
         );
     } else {
-        $entity->bodyhandle( new MIME::Body::File $tmp_fn );
+        $entity->bodyhandle(MIME::Body::File->new( $tmp_fn) );
         $entity->effective_type('application/octet-stream');
         $entity->head->mime_attr( $_ => "$filename.pgp" )
             foreach (qw(Content-Type.name Content-Disposition.filename));
@@ -805,7 +807,7 @@ sub SignEncryptContent {
     );
     return unless $args{'Sign'} || $args{'Encrypt'};
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
 
     # handling passphrase in GnupGOptions
@@ -891,6 +893,8 @@ sub FindProtectedParts {
 
     # inline PGP block, only in singlepart
     unless ( $entity->is_multipart ) {
+        my $file = ($entity->head->recommended_filename||'') =~ /\.${RE_FILE_EXTENSIONS}$/;
+
         my $io = $entity->open('r');
         unless ( $io ) {
             $RT::Logger->warning( "Entity of type ". $entity->effective_type ." has no body" );
@@ -902,8 +906,8 @@ sub FindProtectedParts {
             $RT::Logger->debug("Found $type inline part");
             return {
                 Type    => $type,
-                Format  => 'Inline',
-                Data  => $entity,
+                Format  => !$file || $type eq 'signed'? 'Inline' : 'Attachment',
+                Data    => $entity,
             };
         }
         $io->close;
@@ -1000,7 +1004,7 @@ sub FindProtectedParts {
 
     # attachments with inline encryption
     my @encrypted_indices =
-        grep {($entity->parts($_)->head->recommended_filename || '') =~ /\.pgp$/}
+        grep {($entity->parts($_)->head->recommended_filename || '') =~ /\.${RE_FILE_EXTENSIONS}$/}
             0 .. $entity->parts - 1;
 
     foreach my $i ( @encrypted_indices ) {
@@ -1092,7 +1096,7 @@ sub VerifyInline { return DecryptInline( @_ ) }
 sub VerifyAttachment {
     my %args = ( Data => undef, Signature => undef, Top => undef, @_ );
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
     $opt{'digest-algo'} ||= 'SHA1';
     $gnupg->options->hash_init(
@@ -1146,7 +1150,7 @@ sub VerifyAttachment {
 sub VerifyRFC3156 {
     my %args = ( Data => undef, Signature => undef, Top => undef, @_ );
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
     $opt{'digest-algo'} ||= 'SHA1';
     $gnupg->options->hash_init(
@@ -1199,7 +1203,7 @@ sub DecryptRFC3156 {
         @_
     );
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
 
     # handling passphrase in GnupGOptions
@@ -1261,7 +1265,7 @@ sub DecryptRFC3156 {
     }
 
     seek $tmp_fh, 0, 0;
-    my $parser = new RT::EmailParser;
+    my $parser = RT::EmailParser->new();
     my $decrypted = $parser->ParseMIMEEntityFromFileHandle( $tmp_fh, 0 );
     $decrypted->{'__store_link_to_object_to_avoid_early_cleanup'} = $parser;
     $args{'Top'}->parts( [] );
@@ -1277,7 +1281,7 @@ sub DecryptInline {
         @_
     );
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
 
     # handling passphrase in GnuPGOptions
@@ -1373,7 +1377,7 @@ sub DecryptInline {
     }
 
     seek $tmp_fh, 0, 0;
-    $args{'Data'}->bodyhandle( new MIME::Body::File $tmp_fn );
+    $args{'Data'}->bodyhandle(MIME::Body::File->new( $tmp_fn ));
     $args{'Data'}->{'__store_tmp_handle_to_avoid_early_cleanup'} = $tmp_fh;
     return %res;
 }
@@ -1436,7 +1440,7 @@ sub DecryptAttachment {
         @_
     );
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
 
     # handling passphrase in GnuPGOptions
@@ -1469,12 +1473,19 @@ sub DecryptAttachment {
     );
     return %res unless $res_fh;
 
-    $args{'Data'}->bodyhandle( new MIME::Body::File $res_fn );
+    $args{'Data'}->bodyhandle(MIME::Body::File->new($res_fn) );
     $args{'Data'}->{'__store_tmp_handle_to_avoid_early_cleanup'} = $res_fh;
 
-    my $filename = $args{'Data'}->head->recommended_filename;
-    $filename =~ s/\.pgp$//i;
-    $args{'Data'}->head->mime_attr( $_ => $filename )
+    my $head = $args{'Data'}->head;
+
+    # we can not trust original content type
+    # TODO: and don't have way to detect, so we just use octet-stream
+    # some clients may send .asc files (encryped) as text/plain
+    $head->mime_attr( "Content-Type" => 'application/octet-stream' );
+
+    my $filename = $head->recommended_filename;
+    $filename =~ s/\.${RE_FILE_EXTENSIONS}$//i;
+    $head->mime_attr( $_ => $filename )
         foreach (qw(Content-Type.name Content-Disposition.filename));
 
     return %res;
@@ -1487,7 +1498,7 @@ sub DecryptContent {
         @_
     );
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
 
     # handling passphrase in GnupGOptions
@@ -1597,8 +1608,7 @@ User friendly message.
 
 =back
 
-This parser is based on information from GnuPG distribution, see also
-F<docs/design_docs/gnupg_details_on_output_formats> in the RT distribution.
+This parser is based on information from GnuPG distribution.
 
 =cut
 
@@ -2000,7 +2010,7 @@ sub CheckRecipients {
             # good, one suitable and trusted key 
             next;
         }
-        my $user = RT::User->new( $RT::SystemUser );
+        my $user = RT::User->new( RT->SystemUser );
         $user->LoadByEmail( $address );
         # it's possible that we have no User record with the email
         $user = undef unless $user->id;
@@ -2076,7 +2086,7 @@ sub GetKeysInfo {
         return (exit_code => 0) unless $force;
     }
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
     $opt{'digest-algo'} ||= 'SHA1';
     $opt{'with-colons'} = undef; # parseable format
@@ -2262,7 +2272,7 @@ sub _ParseDate {
     return $value unless $value;
 
     require RT::Date;
-    my $obj = RT::Date->new( $RT::SystemUser );
+    my $obj = RT::Date->new( RT->SystemUser );
     # unix time
     if ( $value =~ /^\d+$/ ) {
         $obj->Set( Value => $value );
@@ -2275,7 +2285,7 @@ sub _ParseDate {
 sub DeleteKey {
     my $key = shift;
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
     $gnupg->options->hash_init(
         _PrepareGnuPGOptions( %opt ),
@@ -2287,7 +2297,6 @@ sub DeleteKey {
 
     eval {
         local $SIG{'CHLD'} = 'DEFAULT';
-        local @ENV{'LANG', 'LC_ALL'} = ('C', 'C');
         my $pid = safe_run_child { $gnupg->wrap_call(
             handles => $handles,
             commands => ['--delete-secret-and-public-key'],
@@ -2323,7 +2332,7 @@ sub DeleteKey {
 sub ImportKey {
     my $key = shift;
 
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
     $gnupg->options->hash_init(
         _PrepareGnuPGOptions( %opt ),
@@ -2335,7 +2344,6 @@ sub ImportKey {
 
     eval {
         local $SIG{'CHLD'} = 'DEFAULT';
-        local @ENV{'LANG', 'LC_ALL'} = ('C', 'C');
         my $pid = safe_run_child { $gnupg->wrap_call(
             handles => $handles,
             commands => ['--import'],
@@ -2406,7 +2414,7 @@ properly (and false otherwise).
 
 
 sub Probe {
-    my $gnupg = new GnuPG::Interface;
+    my $gnupg = GnuPG::Interface->new();
     my %opt = RT->Config->Get('GnuPGOptions');
     $gnupg->options->hash_init(
         _PrepareGnuPGOptions( %opt ),
@@ -2463,15 +2471,7 @@ sub _make_gpg_handles {
     return ($handles, \%handle_map);
 }
 
-eval "require RT::Crypt::GnuPG_Vendor";
-if ($@ && $@ !~ qr{^Can't locate RT/Crypt/GnuPG_Vendor.pm}) {
-    die $@;
-};
-
-eval "require RT::Crypt::GnuPG_Local";
-if ($@ && $@ !~ qr{^Can't locate RT/Crypt/GnuPG_Local.pm}) {
-    die $@;
-};
+RT::Base->_ImportOverlays();
 
 # helper package to avoid using temp file
 package IO::Handle::CRLF;