[Rt-commit] rt branch, 4.2/smime-v2, updated. rt-4.0.4-353-g4fba102
Ruslan Zakirov
ruz at bestpractical.com
Tue Jan 10 07:23:59 EST 2012
The branch, 4.2/smime-v2 has been updated
via 4fba10295f28840f96f830671dce68a7c492946d (commit)
via b205c44f5352e448feeff6c2d8a16a6a8f84bc89 (commit)
via d3a0126534d95adac5bffb6dcb5cb8064b4e4a16 (commit)
via 0679261bd6c2a30647c5047843dfbc03b50f5b11 (commit)
from 2d9294d4fb01069cadcb0495e5f1e47fb225459e (commit)
Summary of changes:
Makefile.in | 2 +-
TODO.SMIME | 2 --
etc/RT_Config.pm.in | 18 ++++++++++++++++--
lib/RT/Crypt/SMIME.pm | 7 ++++---
lib/RT/Interface/Email/Auth/Crypt.pm | 16 +++++++++++++++-
t/web/smime/outgoing.t | 11 +++++++----
6 files changed, 43 insertions(+), 13 deletions(-)
- Log -----------------------------------------------------------------
commit 0679261bd6c2a30647c5047843dfbc03b50f5b11
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Jan 10 15:14:12 2012 +0400
Fill in SMIME docs in config and mail plugin
diff --git a/TODO.SMIME b/TODO.SMIME
index bfb7c0a..464fccc 100644
--- a/TODO.SMIME
+++ b/TODO.SMIME
@@ -1,5 +1,3 @@
-* fill basics on SMIME in lib/RT/Interface/Email/Auth/Crypt
-
* port RT::Attachment::{Encrypt,Decrypt} over new API with SMIME support
* continue with share//html/Ticket/Elements/ShowGnuPGStatus
diff --git a/etc/RT_Config.pm.in b/etc/RT_Config.pm.in
index 3fdacab..67ca67d 100755
--- a/etc/RT_Config.pm.in
+++ b/etc/RT_Config.pm.in
@@ -1953,8 +1953,8 @@ Set($DefaultTimeUnitsToHours, 0);
Description of cryptography capabilities can be found by running the command
`perldoc L<RT::Crypt>` (or `perldoc lib/RT/Crypt.pm` from RT install
-directory). At this momement support for GnuPG (PGP) and SMIME security
-protocols are supported.
+directory). At this momement GnuPG (PGP) and SMIME security protocols
+are supported.
=over 4
@@ -2003,12 +2003,26 @@ lib/RT/Crypt/SMIME.pm` from your RT install directory).
=item C<%SMIME>
+Set C<Enable> to false or true value to disable or enable SMIME interfaces
+for encryptng and signing outgoing messages.
+
+Set C<OpenSSL> to path to F<openssl> executable.
+
+Set C<Keyring> to directory with key files.
+
+Set C<Passphrase> to passphrase(s) for keys in the keyring.
+
+More details in L<RT::Crypt::SMIME>.
+
=back
=cut
Set( %SMIME,
Enable => @RT_SMIME@,
+ OpenSSL => '/usr/bin/openssl',
+ Keyring => q{@RT_VAR_PATH@/data/gpg},
+ Passphrase => '',
);
=head2 GnuPG configuration
diff --git a/lib/RT/Crypt/SMIME.pm b/lib/RT/Crypt/SMIME.pm
index 4ca9405..4ea999f 100644
--- a/lib/RT/Crypt/SMIME.pm
+++ b/lib/RT/Crypt/SMIME.pm
@@ -69,8 +69,8 @@ You should start from reading L<RT::Crypt>.
Set( %SMIME,
Enable => 1,
- OpenSSL => '/opt/local/bin/openssl',
- Keyring => '/opt/rt3/var/data/smime',
+ OpenSSL => '/usr/bin/openssl',
+ Keyring => '/opt/rt4/var/data/smime',
Passphrase => {
'queue.address at exampl.com' => 'passphrase',
},
@@ -87,7 +87,8 @@ should be stored in a PEM file named F<email.address at example.com.pem>.
=head3 Passphrase
-Hash with passphrases for keys in the keyring.
+Either scalar with one passphrase for all keys or hash with address
+and passphrase pairs for keys in the keyring.
=cut
diff --git a/lib/RT/Interface/Email/Auth/Crypt.pm b/lib/RT/Interface/Email/Auth/Crypt.pm
index deb84e0..429b72b 100644
--- a/lib/RT/Interface/Email/Auth/Crypt.pm
+++ b/lib/RT/Interface/Email/Auth/Crypt.pm
@@ -74,11 +74,25 @@ Set up a GnuPG key directory with a pubring containing only the keys
you care about and specify the following in your SiteConfig.pm
Set(%GnuPGOptions, homedir => '/opt/rt3/var/data/GnuPG');
-
+
Read also: L<RT::Crypt> and L<RT::Crypt::GnuPG>.
=head3 SMIME
+To use the SMIME-secured mail gateway, you need to do the following:
+
+Set up a SMIME key directory with files containing keys for queues'
+addresses and specify the following in your SiteConfig.pm
+
+ Set(%SMIME,
+ Enable => 1,
+ OpenSSL => '/usr/bin/openssl',
+ Keyring => '/opt/rt4/var/data/smime',
+ Passphrase => {
+ 'queue.address at exampl.com' => 'passphrase',
+ },
+ );
+
Read also: L<RT::Crypt> and L<RT::Crypt::SMIME>.
=cut
commit d3a0126534d95adac5bffb6dcb5cb8064b4e4a16
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Jan 10 16:22:26 2012 +0400
drop mail catcher call, we always set it
diff --git a/t/web/smime/outgoing.t b/t/web/smime/outgoing.t
index 4fce381..566885e 100644
--- a/t/web/smime/outgoing.t
+++ b/t/web/smime/outgoing.t
@@ -11,8 +11,6 @@ plan skip_all => 'openssl executable is required.'
use RT::Action::SendEmail;
use File::Temp qw(tempdir);
-RT::Test->set_mail_catcher;
-
use_ok('RT::Crypt::SMIME');
my $keys = RT::Test::get_abs_relocatable_dir(
commit b205c44f5352e448feeff6c2d8a16a6a8f84bc89
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Jan 10 16:23:00 2012 +0400
fix smime web tests
diff --git a/t/web/smime/outgoing.t b/t/web/smime/outgoing.t
index 566885e..6a5ff3c 100644
--- a/t/web/smime/outgoing.t
+++ b/t/web/smime/outgoing.t
@@ -2,7 +2,7 @@
use strict;
use warnings;
-use RT::Test tests => 494;
+use RT::Test tests => 495;
my $openssl = RT::Test->find_executable('openssl');
plan skip_all => 'openssl executable is required.'
@@ -188,7 +188,12 @@ foreach my $queue_set ( @variants ) {
# ------------------------------------------------------------------------------
unlink $_ foreach glob( $keyring ."/*" );
-RT::Test->import_smime_key('sender at example.com', 'public');
+{
+ my $sender = 'sender at example.com';
+ my $user = RT::Test->load_or_create_user( Name => $sender, EmailAddress => $sender );
+ ok $user && $user->id, 'loaded or created user';
+ RT::Test->import_smime_key($sender, $user);
+}
RT::Test->import_smime_key($user_email);
$queue = RT::Test->load_or_create_queue(
commit 4fba10295f28840f96f830671dce68a7c492946d
Author: Ruslan Zakirov <ruz at bestpractical.com>
Date: Tue Jan 10 16:23:22 2012 +0400
run more tests that are deeper
diff --git a/Makefile.in b/Makefile.in
index e5231d0..149755c 100755
--- a/Makefile.in
+++ b/Makefile.in
@@ -221,7 +221,7 @@ DB_RT_PASS = @DB_RT_PASS@
-TEST_FILES = t/*.t t/*/*.t
+TEST_FILES = t/*.t t/*/*.t t/*/*/*.t
TEST_VERBOSE = 0
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list