[Rt-commit] rt branch, smime, updated. rt-3.8.7-184-gbdd4038
Ruslan Zakirov
ruz at bestpractical.com
Tue Feb 16 11:37:52 EST 2010
The branch, smime has been updated
via bdd40381bc192e6f74b9504748e21bbb2fa3f32c (commit)
via 7a260505d64db49302b8f9154fd9cd28a34a139e (commit)
via fa00c3d91bbce813ae2e9f772f100091420be573 (commit)
via 81cefe92ff2be68e6c33198364d0622ff8e98082 (commit)
via 79097d95b8a956b4fd2d49f0a340fcdaf88df510 (commit)
via f35de2a377ab49f1134fb5c97d06944165c3833f (commit)
via 12a95f9201fd14fa7f4253c072b99971e752dd10 (commit)
via f3de784610382a4bf7feaf529d78fd13bd67b74d (commit)
via 73f3a2a7551a5a4bfceb03b87ca04f63b6154b83 (commit)
from 3416f000dea20885ee2816f7ec320d9f91b613b9 (commit)
Summary of changes:
etc/upgrade/3.8.8/content | 34 ++++++++++
lib/RT/Crypt.pm | 12 +++-
lib/RT/Crypt/SMIME.pm | 84 +++++++++++++++++---------
t/data/smime/mails/simple-txt-enc.eml | 36 -----------
t/data/smime/mails/with-bin-attachment.eml | 45 --------------
t/data/smime/mails/with-text-attachment.eml | 44 --------------
t/mail/smime/incoming.t | 87 +++++----------------------
t/web/gnupg-outgoing.t | 2 +-
t/web/smime/outgoing.t | 9 ++-
9 files changed, 122 insertions(+), 231 deletions(-)
create mode 100644 etc/upgrade/3.8.8/content
delete mode 100644 t/data/smime/mails/simple-txt-enc.eml
delete mode 100644 t/data/smime/mails/with-bin-attachment.eml
delete mode 100644 t/data/smime/mails/with-text-attachment.eml
- Log -----------------------------------------------------------------
commit 73f3a2a7551a5a4bfceb03b87ca04f63b6154b83
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Wed Feb 10 13:17:15 2010 +0300
fix cofiguration and emails in tests
diff --git a/t/web/gnupg-outgoing.t b/t/web/gnupg-outgoing.t
index a956678..444e209 100644
--- a/t/web/gnupg-outgoing.t
+++ b/t/web/gnupg-outgoing.t
@@ -31,7 +31,7 @@ RT->Config->Set( GnuPGOptions =>
RT->Config->Set( 'MailPlugins' => 'Auth::MailFrom', 'Auth::GnuPG' );
RT::Test->import_gnupg_key('rt-recipient at example.com');
-my $user_email = 'root at example.com';
+my $user_email = 'rt-test at example.com';
RT::Test->import_gnupg_key($user_email, 'public');
my $queue = RT::Test->load_or_create_queue(
diff --git a/t/web/smime/outgoing.t b/t/web/smime/outgoing.t
index 08890f3..b72eab2 100644
--- a/t/web/smime/outgoing.t
+++ b/t/web/smime/outgoing.t
@@ -35,6 +35,7 @@ RT->Config->Set( SMIME =>
OutgoingMessagesFormat => 'RFC',
Passphrase => {
'sender at example.com' => '123456',
+ 'root at example.com' => '123456',
},
OpenSSL => $openssl,
Keyring => $keyring,
@@ -184,7 +185,7 @@ foreach my $queue_set ( @variants ) {
# ------------------------------------------------------------------------------
# now delete all keys from the keyring and put back secret/pub pair for rt-test@
-# and only public key for rt-recipient@ so we can verify signatures and decrypt
+# and only public key for sender@ so we can verify signatures and decrypt
# like we are on another side recieving emails
# ------------------------------------------------------------------------------
@@ -237,7 +238,7 @@ foreach my $mail ( map cleanup_headers($_), @{ $mail{'signed'} } ) {
is $msg->GetHeader('X-RT-Incoming-Encryption'), 'Not encrypted',
"RT's outgoing mail looks not encrypted";
like $msg->GetHeader('X-RT-Incoming-Signature'),
- qr/<rt-recipient\@example.com>/,
+ qr/<sender\@example\.com>/,
"RT's outgoing mail looks signed";
like $attachments[0]->Content, qr/Some content/,
@@ -284,7 +285,7 @@ foreach my $mail ( map cleanup_headers($_), @{ $mail{'signed_encrypted'} } ) {
is $msg->GetHeader('X-RT-Incoming-Encryption'), 'Success',
"RT's outgoing mail looks encrypted";
like $msg->GetHeader('X-RT-Incoming-Signature'),
- qr/<rt-recipient\@example.com>/,
+ qr/<sender\@example.com>/,
"RT's outgoing mail looks signed";
like $attachments[0]->Content, qr/Some content/,
commit f3de784610382a4bf7feaf529d78fd13bd67b74d
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Feb 16 04:01:37 2010 +0300
we can not test with old files, new set of keys
diff --git a/t/mail/smime/incoming.t b/t/mail/smime/incoming.t
index 003d672..ecf449b 100644
--- a/t/mail/smime/incoming.t
+++ b/t/mail/smime/incoming.t
@@ -2,7 +2,7 @@
use strict;
use warnings;
-use RT::Test tests => 42;
+use RT::Test tests => 19;
my $openssl = RT::Test->find_executable('openssl');
plan skip_all => 'openssl executable is required.'
@@ -42,7 +42,21 @@ RT->Config->Set( SMIME =>
RT->Config->Set( 'MailPlugins' => 'Auth::MailFrom', 'Auth::Crypt' );
-my $mails = RT::Test::find_relocatable_path( 'data', 'smime', 'mails' );
+{
+ my $cf = RT::CustomField->new( $RT::SystemUser );
+ my ($ret, $msg) = $cf->Create(
+ Name => 'SMIME Key',
+ LookupType => RT::User->new( $RT::SystemUser )->CustomFieldLookupType,
+ Type => 'TextSingle',
+ );
+ ok($ret, "Custom Field created");
+
+ my $OCF = RT::ObjectCustomField->new( $RT::SystemUser );
+ $OCF->Create(
+ CustomField => $cf->id,
+ ObjectId => 0,
+ );
+}
my ($url, $m) = RT::Test->started_ok;
ok $m->login, "logged in";
@@ -123,75 +137,6 @@ RT::Test->close_mailgate_ok($mail);
}
{
- my $message = RT::Test->file_content([$mails, 'simple-txt-enc.eml']);
- my ($status, $tid) = RT::Test->send_via_mailgate( $message );
- ok !$status, "executed gate";
-
- my $tick = RT::Ticket->new( $RT::SystemUser );
- $tick->Load( $tid );
- ok( $tick->Id, "found ticket " . $tick->Id );
- is( $tick->Subject, 'test', 'Created the ticket' );
-
- my $txn = $tick->Transactions->First;
- my ($msg, $attach, $orig) = @{$txn->Attachments->ItemsArrayRef};
- is( $msg->GetHeader('X-RT-Incoming-Encryption'),
- 'Success',
- 'recorded incoming mail that is encrypted'
- );
- is( $msg->GetHeader('X-RT-Privacy'),
- 'SMIME',
- 'recorded incoming mail that is encrypted'
- );
- ok( $msg->GetHeader('User-Agent'), 'header is there');
- like( $attach->Content, qr'test');
-}
-
-{
- my $message = RT::Test->file_content([$mails, 'with-text-attachment.eml']);
- my ($status, $tid) = RT::Test->send_via_mailgate( $message );
- ok !$status, "executed gate";
-
- my $tick = RT::Ticket->new( $RT::SystemUser );
- $tick->Load( $tid );
- ok( $tick->Id, "found ticket " . $tick->Id );
- is( $tick->Subject, 'test', 'Created the ticket' );
- my $txn = $tick->Transactions->First;
- my @attachments = @{ $txn->Attachments->ItemsArrayRef };
- is( @attachments, 4, '4 attachments: top, two parts and orig' );
-
- is( $attachments[0]->GetHeader('X-RT-Incoming-Encryption'),
- 'Success',
- 'recorded incoming mail that is encrypted'
- );
- ok( $attachments[0]->GetHeader('User-Agent'), 'header is there' );
- like( $attachments[1]->Content, qr'test' );
- like( $attachments[2]->Content, qr'text attachment' );
- is( $attachments[2]->Filename, 'attachment.txt' );
-}
-
-{
- my $message = RT::Test->file_content([$mails, 'with-bin-attachment.eml']);
- my ($status, $tid) = RT::Test->send_via_mailgate( $message );
- ok !$status, "executed gate";
-
- my $tick = RT::Ticket->new( $RT::SystemUser );
- $tick->Load( $tid );
- ok( $tick->Id, "found ticket " . $tick->Id );
- is( $tick->Subject, 'test', 'Created the ticket' );
- my $txn = $tick->Transactions->First;
- my @attachments = @{ $txn->Attachments->ItemsArrayRef };
- is( @attachments, 4, '4 attachments: top, two parts and orig' );
-
- is( $attachments[0]->GetHeader('X-RT-Incoming-Encryption'),
- 'Success',
- 'recorded incoming mail that is encrypted'
- );
- ok( $attachments[0]->GetHeader('User-Agent'), 'header is there');
- like( $attachments[1]->Content, qr'test');
- is( $attachments[2]->Filename, 'attachment.bin' );
-}
-
-{
my $buf = '';
run3(
commit 12a95f9201fd14fa7f4253c072b99971e752dd10
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Feb 16 04:03:09 2010 +0300
remove old files,we don't have keys for them
diff --git a/t/data/smime/mails/simple-txt-enc.eml b/t/data/smime/mails/simple-txt-enc.eml
deleted file mode 100644
index df38c4a..0000000
--- a/t/data/smime/mails/simple-txt-enc.eml
+++ /dev/null
@@ -1,36 +0,0 @@
-Date: Fri, 22 Dec 2006 05:01:04 +0300
-From: root at localhost
-X-Mozilla-Draft-Info: internal/draft; vcard=0; receipt=0; uuencode=0
-User-Agent: Thunderbird 1.5.0.9 (X11/20061221)
-MIME-Version: 1.0
-To: sender at test.com
-Subject: test
-Content-Type: application/x-pkcs7-mime; name="smime.p7m"
-Content-Transfer-Encoding: base64
-Content-Disposition: attachment; filename="smime.p7m"
-Content-Description: S/MIME Encrypted Message
-
-MIAGCSqGSIb3DQEHA6CAMIACAQAxggQ8MIIBjgIBADB2MGIxCzAJBgNVBAYTAlpBMSUwIwYD
-VQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVy
-c29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQBgzQJigV55Om1dc1u4CuYzANBgkqhkiG9w0B
-AQEFAASCAQBEI9JKBQgIqLcRTiYCwDHR1dVTnlOoAAVHoM10dHxzszYBNV5GBnQgPVzV5EbU
-kkjKPJy1Ipv6Eixoqed2u54/68fmvGSEC+zH8nu7noMbvF7nuspPfwawf9GQNq3jt3qZRuuk
-Us2EB5GGz8p9gxgFnv/GtrUQ+7HxCVvJRwFuyXkqwfqo2kxnE4C1jS05xjZ3ioo5gQlncC5f
-ib63YtU6Gvlnh9zq/LV0bMUg6SygRNAHoO+BTKBBHlzNMg0ixUESzRmxF1hJA3rbhCx4xPfe
-OHZh6NtSHPSD+88nzK3qBv1Gosz9In6O5/aYreQgLT6Vrbb+jlCPs3BJGaRPNwVKMIICpgIB
-ADCBjTCBhzELMAkGA1UEBhMCUlUxEzARBgNVBAgTClNvbWUtU3RhdGUxFjAUBgNVBAcTDVN0
-LVBldGVyc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBHRlc3QxDzANBgNVBAMTBlRl
-c3RlcjEcMBoGCSqGSIb3DQEJARYNdGVzdEB0ZXN0LmNvbQIBAzANBgkqhkiG9w0BAQEFAASC
-AgAqLoqQoTHSNgSyp+8XuylkokpE8/zE8mQ0TVnVrP8LrK8ppxBAkVr8/GGG2BNtwKXJEaEP
-7cDoHYABQS4xQD3CrEBtq180rDR0yGunRYuCTlBrAAZWy8Nq3/KGbwxJJBaqHUomaqiRUeiD
-j+V42pU1hVhBVUR+dNlDrtnLyh1OhbR1/ddhU0WCioAAdbyVCntgyHQU0Sr55xVINP69RUte
-OCHQj+s5b6HnfN2pQjdjZf5pHJdCajO5IpKn68LaBY2Q0YZVZYs3PLnRe0yHpZvHa7T5KRNs
-XL4fkJ5n6wrP48UH2eHyopHCww28qZupbnSkhZCERa7mJ3niExaRxnZnS28IpaU4AlbMLZGu
-fz7woFxcxrcwkGeGXCTxZkj6UkXXFZK/s04iWoQdcN59A56yGc0RTHg29AHQshJ2d3Ydcm+N
-/Uv9OwSkDOG/V6f6BvmWjBldF6SI2sOmEEK+SQy0OC81TYJfqVHRfT0lyUfz43JGGwOhgb1j
-hyxBgugzGq2+KkIdyONMdBZXe4HuZOm4MStB/5NOdb1lPttB5zgkcdq9I/rVl+QRSh3wjZWf
-2JL9HvlljweVNbVoCiwQjm17u14PnNlW0797YTXizHlsLUpupMgI8N2eDKv53cKTGyT/z+yc
-AmqCYdph3oA7VWlXBvQbZUeDxOarpfTnq+aOEjCABgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE
-CBUAZSknCBIhoIAEYHg/qMyTJn4qoHtG5PnCve9BA5m+02B8RFLe1EQ/4+S3r2tP8jSvCPvk
-jMrzK7wrza2xlXaOisFvakPMyjTqwCkup55n3LDELbXMe3eFt62L7mWSD1HI+bwCEM2d7v/5
-DAQIbHw1VJzs8tsAAAAAAAAAAAAA
diff --git a/t/data/smime/mails/with-bin-attachment.eml b/t/data/smime/mails/with-bin-attachment.eml
deleted file mode 100644
index 4f4f89d..0000000
--- a/t/data/smime/mails/with-bin-attachment.eml
+++ /dev/null
@@ -1,45 +0,0 @@
-Date: Fri, 22 Dec 2006 06:41:22 +0300
-From: root at localhost
-X-Mozilla-Draft-Info: internal/draft; vcard=0; receipt=0; uuencode=0
-User-Agent: Thunderbird 1.5.0.9 (X11/20061221)
-MIME-Version: 1.0
-To: sender at test.com
-Subject: test
-Content-Type: application/x-pkcs7-mime; name="smime.p7m"
-Content-Transfer-Encoding: base64
-Content-Disposition: attachment; filename="smime.p7m"
-Content-Description: S/MIME Encrypted Message
-
-MIAGCSqGSIb3DQEHA6CAMIACAQAxggQ8MIIBjgIBADB2MGIxCzAJBgNVBAYTAlpBMSUwIwYD
-VQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVy
-c29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQBgzQJigV55Om1dc1u4CuYzANBgkqhkiG9w0B
-AQEFAASCAQC/2Z7Gd1vC5nSuTH7B1A6HevkiMfA4svuCd+93geSmRfFIKEGIxnjSi6cyD/FO
-DVB7q/+lVA3uDmZ5j2dw15ccxGGYLfq3WjVOPtR3oL3a70LeGHzkeKYBTalENkphR7f4669j
-C8r+3AK6vIGw06h5cCvMFZGsGQZmulga1JS8LcVim1vcmMH4s3CuEIYE3XppU3Dgl4JURI0R
-+5inyxpurkWEQ8ACFLBr2N/HK+AANqY8e231YwkiGdGVjhOxYGzWW5V+c5O93C4266wLvg8c
-2SCYMGryh38Zt/TkeNvlTEAYZemgqyaRbkjRY6+y6AAHitDL1LvJj1ADhxJkri9KMIICpgIB
-ADCBjTCBhzELMAkGA1UEBhMCUlUxEzARBgNVBAgTClNvbWUtU3RhdGUxFjAUBgNVBAcTDVN0
-LVBldGVyc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBHRlc3QxDzANBgNVBAMTBlRl
-c3RlcjEcMBoGCSqGSIb3DQEJARYNdGVzdEB0ZXN0LmNvbQIBAzANBgkqhkiG9w0BAQEFAASC
-AgAMJzwFWoFS70JsXSe83zwlkduPHfK+CNeHG0cTizN7TBS/NOgnTK85hGtc5JZSowEpZpkU
-e1O4dYGRl2YHXAAY/J//BrDhj8mLhukIjyfd4/Wy6KDIkP1fvbLPpDNSg98FUtcWSozC3IJy
-soTJPyWSN8Ui5GYX/st/zW2RGPk8fmrX95joodvOJt38AQGpnVFMIpFCqzS1y+JCRR0l1dmb
-5gVn75rFEVTGVNmSguXJaKDGqgwx39QHWhXxpzz166F1L2Ys4s5eKeYjK+9jtqCeTYAjop0f
-E3+W9SHksM+0B9p2l7jUM74/LQNyXcA+l1ab8h6iEIWTRIQ8L5CzJUJGzsSREgffylBAAGEq
-0bV8vQBXIi0YTRhKU1kBfAFBZxlsS2Vmrxn+RGQz11hRjHH69VTyPFV2h978YBnIqt8DoByv
-mLVg+P8r7LvcrCsrKUFAGaHENILbdiKilPUBhV4djmD0Y4pHsEneMinjLa3ayn0mLGWW9KcV
-NaxXdrMg1prLPNY8JRYXSg8zVpPYDW3hG0abvFXKztp+J+dGKXlb3D+VuOoP4FYc2JcGxxdU
-hSTRq8Ee4OtkRGuSTLgXARUYofH4nqAor6+1ixr84QnqK5h61qLPXSJnA6Dox2fUmeRsWm7x
-psCK7Y9v7fFK2WST4LE5fmpyHVtGyOmih4Ug8TCABgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE
-CGA0oBrKobsjoIAEggIwV0YAtLgEB/F5GEZ8ghp6+H1WJmwn5U9tNNNmzWAif5FytdXoSRL3
-SwJMi0B6IINu0uDV3X47glhdCazJTKiduwF55oEARPPpvFpSqEKPg5KTf47bX0Q41669H9jl
-znFFzgzIZQFl4gpMeg87QJOq+rG3TxWBTOiynBisTT816UrlqYC9LqMEr3laq/psuI0vZLyr
-rr68FrlvO8c21c77RA+oUQ/fFb97SrvmnPpX0DtKLD9Z/n+smPzRA2kUFs+PlbKy7FnH4zX/
-8UCMCYwvtGWXMQA+28aiI4RYw7nJbt+B6FHXQ+ZR9tJ2sVCvSMhGX4ao8UVBLZKA2IE9M2BK
-fX0+o41IhWf5qRT04yVvHlaygCxIKaUzTPu2PTTtez53DPX91s3joLUHi1/a9bpHODuP57dv
-76c1vSg3qJURtVbrAptDpR54DV4bvdRcig6TKoeLw8tjqf0F8glhMIeg6NF7BbUwYtKPL7bm
-0r3bN72/BENBcGyNl/Ou9dZLV3O4+zs1MEoE972LW61AH0voSZVV8Roj0mceSMgpTwU0RY7G
-fzARr/pGh1NwLGVBBYT/5UHIUTuMAVHcZvaFsZjX9kPKnVtTeQjhnYRCfdHVYVoIQnkzn6Sy
-1aGmsv/z6vsF4eSAs9HrF8kwFWRFUJ2YHSl0dqNyvlqvX0VDeK/Ks6ei8AVYvfMdkY5bCbPE
-6KpdkYGyNLJff13Ef1xOcqJgqNWdzGA7S9pnSw+J85UxMKQECNY4jO2xzB+FAAAAAAAAAAAA
-AA==
diff --git a/t/data/smime/mails/with-text-attachment.eml b/t/data/smime/mails/with-text-attachment.eml
deleted file mode 100644
index e18c759..0000000
--- a/t/data/smime/mails/with-text-attachment.eml
+++ /dev/null
@@ -1,44 +0,0 @@
-Date: Fri, 22 Dec 2006 05:24:50 +0300
-From: root at localhost
-X-Mozilla-Draft-Info: internal/draft; vcard=0; receipt=0; uuencode=0
-User-Agent: Thunderbird 1.5.0.9 (X11/20061221)
-MIME-Version: 1.0
-To: sender at test.com
-Subject: test
-Content-Type: application/x-pkcs7-mime; name="smime.p7m"
-Content-Transfer-Encoding: base64
-Content-Disposition: attachment; filename="smime.p7m"
-Content-Description: S/MIME Encrypted Message
-
-MIAGCSqGSIb3DQEHA6CAMIACAQAxggQ8MIIBjgIBADB2MGIxCzAJBgNVBAYTAlpBMSUwIwYD
-VQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVy
-c29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQBgzQJigV55Om1dc1u4CuYzANBgkqhkiG9w0B
-AQEFAASCAQByY+Ab0R/EB6cPAU13dB+uXWsJ7xCIuAwC0On3jEKeWssROQboi68xpezuB9Xn
-NyrJiY/m/BG7wTovEX5I4zzZxTLg+wBKnr3eGJ26WbiwTuqkH8JwilE+NKI8H5FQjw4gNS59
-meAXcrVSixoE+Ztii6jMs3EeiUqf4e0fXniiAe6nujMYBD9OWB9BsafksewverYE4mKZ/x6D
-a/6hQso52ZL/hEn/2Rq8O7oxF9Jx4qRs8AAnF42RK1YTzL6kLQU76tIHKJhJMrwDTAlazKM/
-zOrG4xradlg7gzagFCwPXP2oyUOY/lN62blqXuObN3mjlf6MMHUj9y1TTTuKxHttMIICpgIB
-ADCBjTCBhzELMAkGA1UEBhMCUlUxEzARBgNVBAgTClNvbWUtU3RhdGUxFjAUBgNVBAcTDVN0
-LVBldGVyc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBHRlc3QxDzANBgNVBAMTBlRl
-c3RlcjEcMBoGCSqGSIb3DQEJARYNdGVzdEB0ZXN0LmNvbQIBAzANBgkqhkiG9w0BAQEFAASC
-AgAdzb7zD1rdx95PAkUvjHRVkT/cex7JyGYSql9Ew86F6mxIThl+ZulVEgdiTba0zxoNl6Fj
-p2P4SpvpcNAFt2GzR6bChEgv2r+bkQ2CkOCB/qNuthjgTeJsKiEaLkSP/G8AJugmJco9MXN/
-o+6mEbdmGdeG8qu+12BP42f+je9UxtQCqdRB7iZuetQ33V2LMYDyH4UE+sSvBhn6a87wC7bE
-mJKN16G8CxQKjZcf9qc68RrvfR9y3X84l2CrlgxaafbUwBnNcTdbXzvkeT/sYPaF+LwMImpc
-mddzN+VpCRKVgH04zO2SjSqXap0FdCcMW9Namvi+pI2+ahSlrFB9NBqcOJQvCC1hv+pY2d6a
-sIF/I3lvf1/phKNyO8+BbvO/HungjeF/kbdg/Ab9ABrb/RadqS1CRYN5nya51nS/r28lmkav
-4z9CvJEcMiBDj+CHME2hT9k8rZ3Gcoz8dhd1aIJGGvp9Y65VDSmvNmRG5dfeUCw82zKcnkp+
-ZZf6XYLl9+MaT12fx7qP0ScF6UgNNSza7r2a2tWvyssxnyyBXL1jsczwGZRRUf6Ufv4wyyWf
-/mAhq3AAiQ8iMWqJbTMNRCHIVSvEPfrQwbWtoHovlehtUuhKLFWZQiAMhiQVCLLKVyNKAcrG
-oQfNCsrh+HGat7FsV1bXMC7p0j4ljfU9kl0JUjCABgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE
-CMA4cFD8aLwqoIAEggIIxSwx7MnbaVGmvr6I5u/GPUKqBzDT4g3Pnstsao+WLstsLYulLBbR
-M4tBqQyLT3vJv5OaVgLB4A0/wYbfNfNm5NCdf+1SkjHp0B+VZSqbNPzN6SW9mDET6ZMk/kL6
-o1Td8ePF9SkIZTlWI7ns9PRpPC28iKAV1/d1rd2EMrT4gjSnZX9MUNa6YrDc9UmFAq3E6+IM
-WFA2xVuemCamiHz8ecfQojjAexMKX9W7gBSwslDvT1COKchUlceJ0PSPCUBmsqpjCX7ezG1h
-4gs5nBWrxiIVwhcN2VU9WK5TMOR72Svibv7nSQbv5iwDBANSN8p4Y3HfWbq9EsCiiDP/cJcQ
-BMi0E+wyWvkVwjywX9e5xCrq4fWfuwYELttrO3yfthr9coDg3xo+EMBegmlHGp0mSlW3VRO3
-mRwlLyrO7RYyfo3rupVlocrtkcS8WNXWhyXDy7ws068fX+6wfPbp3b2Q9fU1mROii7zNgzZM
-teiun37qth35FrbeClPEhjs6KDP1LBGOjFdqvXaSBkYSA4Z7+mG0YSfKrwoQahEn0V+Y4K+S
-PQGXBO3/5ObXsNaCFeGD0mCU2cvRZsrgK0/hcgcPiwVjSPbmLQhwfYRBlqA7QrvSbF4VNxid
-8UUx3eVgrVUGH//ZaB7K+CrAGiIY6C1dmciodun7v7h8QZk9yivQeQse+xhSBZZUiAQI1dPS
-qA5aPVUAAAAAAAAAAAAA
commit f35de2a377ab49f1134fb5c97d06944165c3833f
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Feb 16 04:03:57 2010 +0300
always pass top entity when we detecting crypto parts
diff --git a/lib/RT/Crypt.pm b/lib/RT/Crypt.pm
index 0d7a215..a9b032e 100644
--- a/lib/RT/Crypt.pm
+++ b/lib/RT/Crypt.pm
@@ -51,13 +51,18 @@ sub FindProtectedParts {
my $entity = $args{'Entity'};
return () if $args{'Skip'}{ $entity };
+ $args{'TopEntity'} ||= $entity;
+
my @protocols = $args{'Protocols'}
? @{ $args{'Protocols'} }
: $self->EnabledOnIncoming;
foreach my $protocol ( @protocols ) {
my $class = $self->LoadImplementation( $protocol );
- my %info = $class->CheckIfProtected( Entity => $entity );
+ my %info = $class->CheckIfProtected(
+ TopEntity => $args{'TopEntity'},
+ Entity => $entity,
+ );
next unless keys %info;
$args{'Skip'}{ $entity } = 1;
@@ -95,6 +100,7 @@ sub FindProtectedParts {
foreach my $protocol ( @protocols ) {
my $class = $self->LoadImplementation( $protocol );
my @list = $class->FindScatteredParts(
+ Entity => $args{'TopEntity'},
Parts => \@parts,
Parents => \%parent,
Skip => $args{'Skip'}
commit 79097d95b8a956b4fd2d49f0a340fcdaf88df510
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Feb 16 04:05:06 2010 +0300
when key not found, $res{info} is empty
diff --git a/lib/RT/Crypt/SMIME.pm b/lib/RT/Crypt/SMIME.pm
index ae20332..46596a4 100644
--- a/lib/RT/Crypt/SMIME.pm
+++ b/lib/RT/Crypt/SMIME.pm
@@ -47,7 +47,7 @@ sub SignEncrypt {
$RT::Logger->debug( "Considering encrypting message to " . $address );
my %key_info = $self->GetKeysInfo( Key => $address );
- unless ( %key_info ) {
+ unless ( defined $key_info{'info'} ) {
$res{'exit_code'} = 1;
my $reason = 'Key not found';
$res{'status'} .=
commit 81cefe92ff2be68e6c33198364d0622ff8e98082
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Feb 16 04:05:55 2010 +0300
improve recipient detection for SMIME
check all recipients from message head, as well every address related
to the queue, use someheuristicto guess most likely candidate
diff --git a/lib/RT/Crypt/SMIME.pm b/lib/RT/Crypt/SMIME.pm
index 46596a4..6e9607b 100644
--- a/lib/RT/Crypt/SMIME.pm
+++ b/lib/RT/Crypt/SMIME.pm
@@ -259,33 +259,38 @@ sub DecryptRFC3851 {
my $msg = $args{'Data'}->as_string;
+ my %addresses;
+ $addresses{lc $_}++ foreach
+ map $_->address,
+ map Email::Address->parse($_),
+ @{$args{'Recipients'}};
+
my $action = 'correspond';
$action = 'comment' if grep defined && $_ eq 'comment', @{ $args{'Actions'}||[] };
-
- my $address = $action eq 'correspond'
- ? $args{'Queue'}->CorrespondAddress || RT->Config->Get('CorrespondAddress')
- : $args{'Queue'}->CommentAddress || RT->Config->Get('CommentAddress');
- my $key_file = File::Spec->catfile(
- RT->Config->Get('SMIME')->{'Keyring'}, $address .'.pem'
- );
- unless ( -e $key_file && -r _ ) {
- $res{'exit_code'} = 1;
- $res{'status'} = $self->FormatStatus({
- Operation => 'KeyCheck',
- Status => 'MISSING',
- Message => "Secret key for '$address' is not available",
- Key => $address,
- KeyType => 'secret',
- });
- $res{'User'} = {
- String => $address,
- SecretKeyMissing => 1,
- };
- return %res;
+ if ( $action eq 'correspond' ) {
+ my $i = 1;
+ $addresses{lc $_} += $i++ foreach (
+ $args{'Queue'}->CorrespondAddress, RT->Config->Get('CorrespondAddress'),
+ $args{'Queue'}->CommentAddress, RT->Config->Get('CommentAddress')
+ );
+ } else {
+ my $i = 1;
+ $addresses{lc $_} += $i++ foreach (
+ $args{'Queue'}->CorrespondAddress, RT->Config->Get('CorrespondAddress'),
+ $args{'Queue'}->CommentAddress, RT->Config->Get('CommentAddress'),
+ );
}
+ my $keyring = RT->Config->Get('SMIME')->{'Keyring'};
my $buf;
- {
+ my $found_key = 0;
+ my $encrypted_to;
+ foreach my $address ( sort { $addresses{$b} <=> $addresses{$a} } grep length, keys %addresses ) {
+ my $key_file = File::Spec->catfile( $keyring, $address .'.pem' );
+ next unless -e $key_file && -r _;
+
+ $found_key = 1;
+
local $ENV{SMIME_PASS} = $self->GetPassphrase( Address => $address );
local $SIG{CHLD} = 'DEFAULT';
my $cmd = join( ' ', shell_quote(
@@ -294,11 +299,17 @@ sub DecryptRFC3851 {
-recip => $key_file,
) );
safe_run_child { run3( $cmd, \$msg, \$buf, \$res{'stderr'} ) };
+ unless ( $? ) {
+ $encrypted_to = $address;
+ last;
+ }
+
+ next if index($res{'stderr'}, 'no recipient matches key') >= 0;
+
$res{'exit_code'} = $?;
- }
- if ( $res{'exit_code'} ) {
$res{'message'} = "openssl exitted with error code ". ($? >> 8)
." and error: $res{stderr}";
+ $RT::Logger->error( $res{'message'} );
$res{'status'} = $self->FormatStatus({
Operation => 'Decrypt', Status => 'ERROR',
Message => 'Decryption failed',
@@ -306,6 +317,16 @@ sub DecryptRFC3851 {
});
return %res;
}
+ unless ( $found_key ) {
+ $res{'exit_code'} = 1;
+ $res{'status'} = $self->FormatStatus({
+ Operation => 'KeyCheck',
+ Status => 'MISSING',
+ Message => "Secret key is not available",
+ KeyType => 'secret',
+ });
+ return %res;
+ }
my $res_entity = _extract_msg_from_buf( \$buf, 1 );
$res_entity->make_multipart( 'mixed', Force => 1 );
@@ -317,7 +338,7 @@ sub DecryptRFC3851 {
$res{'status'} = $self->FormatStatus({
Operation => 'Decrypt', Status => 'DONE',
Message => 'Decryption process succeeded',
- EncryptedTo => $address,
+ EncryptedTo => $encrypted_to,
});
return %res;
@@ -434,13 +455,20 @@ sub CheckIfProtected {
}
}
}
- return () if !$security_type && $type eq 'application/octet-stream';
+ return () unless $security_type;
- return (
+ my %res = (
Type => $security_type,
Format => 'RFC3851',
Data => $entity,
);
+
+ if ( $security_type eq 'encrypted' ) {
+ my $top = $args{'TopEntity'}->head;
+ $res{'Recipients'} = [grep defined && length, map $top->get($_), 'To', 'Cc'];
+ }
+
+ return %res;
}
elsif ( $type eq 'multipart/signed' ) {
# RFC3156, multipart/signed
commit fa00c3d91bbce813ae2e9f772f100091420be573
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Feb 16 04:19:20 2010 +0300
upgrade script
diff --git a/etc/upgrade/3.8.8/content b/etc/upgrade/3.8.8/content
new file mode 100644
index 0000000..90737bf
--- /dev/null
+++ b/etc/upgrade/3.8.8/content
@@ -0,0 +1,34 @@
+ at Initial = (
+ sub {
+ my $cf = RT::CustomField->new( $RT::SystemUser );
+ $cf->LoadByCols(
+ Name => 'PublicKey',
+ LookupType => RT::User->new( $RT::SystemUser )->CustomFieldLookupType,
+ );
+ unless ( $cf->id ) {
+ $RT::Logger->info("You don't have PublicKey. Nothing to do.");
+ return 1;
+ }
+ my ($status, $msg) = $cf->SetName('SMIME Key');
+ unless ( $status ) {
+ $RT::Logger->error("Couldn't rename custom field: $msg");
+ } else {
+ $RT::Logger->info("Renamed custom field: $msg");
+ }
+ return 1;
+ },
+ sub {
+ $RT::Logger->info("Going to delete all SMIMEKeyNotAfter attributes");
+ my $attrs = RT::Attributes->new( $RT::SystemUser );
+ $attrs->Limit( FIELD => 'ObjectType', VALUE => 'RT::User' );
+ $attrs->Limit( FIELD => 'Name', VALUE => 'SMIMEKeyNotAfter' );
+ while ( my $attr = $attrs->Next ) {
+ my ($status, $msg) = $attr->Delete;
+ unless ( $status ) {
+ $RT::Logger->error("Couldn't delete attribute: $msg");
+ }
+ }
+ return 1;
+ },
+);
+
commit 7a260505d64db49302b8f9154fd9cd28a34a139e
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Feb 16 04:20:42 2010 +0300
fix number of tests
diff --git a/t/web/smime/outgoing.t b/t/web/smime/outgoing.t
index b72eab2..709d902 100644
--- a/t/web/smime/outgoing.t
+++ b/t/web/smime/outgoing.t
@@ -2,7 +2,7 @@
use strict;
use warnings;
-use RT::Test tests => 492;
+use RT::Test tests => 494;
my $openssl = RT::Test->find_executable('openssl');
plan skip_all => 'openssl executable is required.'
commit bdd40381bc192e6f74b9504748e21bbb2fa3f32c
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Feb 16 06:35:53 2010 +0300
make protocol case insensetive
diff --git a/lib/RT/Crypt.pm b/lib/RT/Crypt.pm
index a9b032e..48fbc07 100644
--- a/lib/RT/Crypt.pm
+++ b/lib/RT/Crypt.pm
@@ -8,6 +8,7 @@ require RT::Crypt::GnuPG;
require RT::Crypt::SMIME;
our @PROTOCOLS = ('GnuPG', 'SMIME');
+our %PROTOCOLS = map { lc $_ => $_ } @PROTOCOLS;
sub Protocols {
return @PROTOCOLS;
@@ -28,7 +29,8 @@ sub EnabledOnIncoming {
{ my %cache;
sub LoadImplementation {
- my $class = 'RT::Crypt::'. $_[1];
+ my $proto = $PROTOCOLS{ lc $_[1] } or die "Unknown protocol '$_[1]'";
+ my $class = 'RT::Crypt::'. $proto;
return $class if $cache{ $class }++;
eval "require $class; 1" or do { require Carp; Carp::confess( $@ ) };
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list