[Rt-commit] rt branch, 4.2/smime-gpg-defaults, updated. rt-4.1.19-251-g89d6240
Alex Vandiver
alexmv at bestpractical.com
Wed Sep 4 19:18:43 EDT 2013
The branch, 4.2/smime-gpg-defaults has been updated
via 89d6240f078aeea7c3fd4530041b8aa956eda0d2 (commit)
via 219ce9b9b9faeec30f21515e0ceb1e997abcd368 (commit)
via 757b5738c853fec72242af6310d90f0cb7fc020b (commit)
via af58ef37f0f9351b0f6be5cd504199db26a05847 (commit)
via 4c8aa5ea0446dc0ecbd12adb8d41a5012b40f264 (commit)
via ab84a8ffc2e90b37ce6228cf967565e2c2be5bb4 (commit)
from 1ecdff545b3935825e9006cf18ec596546d2047a (commit)
Summary of changes:
bin/rt-crontool.in | 6 +++---
etc/RT_Config.pm.in | 5 ++++-
lib/RT/Crypt/GnuPG.pm | 37 +++++++++++++++++++++++++++++++++++++
lib/RT/Crypt/SMIME.pm | 26 +++++++++++++++++++++++---
lib/RT/Interface/CLI.pm | 6 +++---
lib/RT/Test.pm | 12 ++----------
sbin/rt-email-dashboards.in | 6 +++---
sbin/rt-email-digest.in | 2 +-
sbin/rt-test-dependencies.in | 3 +++
9 files changed, 79 insertions(+), 24 deletions(-)
- Log -----------------------------------------------------------------
commit ab84a8ffc2e90b37ce6228cf967565e2c2be5bb4
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Wed Sep 4 19:01:23 2013 -0400
Provide better errors during SMIME Probe
diff --git a/lib/RT/Crypt/SMIME.pm b/lib/RT/Crypt/SMIME.pm
index 9512554..c0c93aa 100644
--- a/lib/RT/Crypt/SMIME.pm
+++ b/lib/RT/Crypt/SMIME.pm
@@ -56,6 +56,7 @@ use Role::Basic 'with';
with 'RT::Crypt::Role';
use RT::Crypt;
+use File::Which qw();
use IPC::Run3 0.036 'run3';
use RT::Util 'safe_run_child';
use Crypt::X509;
@@ -143,11 +144,28 @@ sub OpenSSLPath {
sub Probe {
my $self = shift;
my $bin = $self->OpenSSLPath();
- return 0 unless $bin;
+ unless ($bin) {
+ $RT::Logger->warning(
+ "No openssl path set; SMIME support has been disabled. ".
+ "Check the 'OpenSSL' configuration in %OpenSSL");
+ return 0;
+ }
if ($bin =~ m{^/}) {
- return 0 unless -f $bin;
- return 0 unless -x _;
+ unless (-f $bin and -x _) {
+ $RT::Logger->warning(
+ "Invalid openssl path $bin; SMIME support has been disabled. ".
+ "Check the 'OpenSSL' configuration in %OpenSSL");
+ return 0;
+ }
+ } else {
+ my $path = File::Which::which( $bin );
+ unless ($path) {
+ $RT::Logger->warning(
+ "Can't find openssl binary '$bin' in PATH; SMIME support has been disabled. ".
+ "Check the 'OpenSSL' configuration in %OpenSSL");
+ return 0;
+ }
}
{
diff --git a/sbin/rt-test-dependencies.in b/sbin/rt-test-dependencies.in
index 80e1bed..58ae174 100644
--- a/sbin/rt-test-dependencies.in
+++ b/sbin/rt-test-dependencies.in
@@ -326,6 +326,7 @@ PerlIO::eol
$deps{'SMIME'} = [ text_to_hash( << '.') ];
Crypt::X509
+File::Which
String::ShellQuote
.
commit 4c8aa5ea0446dc0ecbd12adb8d41a5012b40f264
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Wed Sep 4 19:02:43 2013 -0400
Use the same logic in RT::Crypt::GPG to allow selection of gpg binaries
This allows support for GPG binaries in non-standard locations, for
instance.
diff --git a/etc/RT_Config.pm.in b/etc/RT_Config.pm.in
index 57623ec..a5f21dc 100755
--- a/etc/RT_Config.pm.in
+++ b/etc/RT_Config.pm.in
@@ -2425,6 +2425,8 @@ be found by running the command `perldoc L<RT::Crypt::GnuPG>` (or
Set C<Enable> to false or true value to disable or enable GnuPG interfaces
for encrypting and signing outgoing messages.
+Set C<GnuPG> to the name or path of the gpg binary to use.
+
Set C<Passphrase> to a scalar (to use for all keys), an anonymous
function, or a hash (to look up by address). If the hash is used, the
'' key is used as a default.
@@ -2436,6 +2438,7 @@ signatures instead of 'RFC' (GPG/MIME: RFC3156 and RFC1847) format.
Set(%GnuPG,
Enable => @RT_GPG@,
+ GnuPG => 'gpg',
Passphrase => undef,
OutgoingMessagesFormat => "RFC", # Inline
);
diff --git a/lib/RT/Crypt/GnuPG.pm b/lib/RT/Crypt/GnuPG.pm
index 5eb3feb..ded5c6a 100644
--- a/lib/RT/Crypt/GnuPG.pm
+++ b/lib/RT/Crypt/GnuPG.pm
@@ -48,6 +48,7 @@
use strict;
use warnings;
+use 5.010;
package RT::Crypt::GnuPG;
@@ -55,6 +56,7 @@ use Role::Basic 'with';
with 'RT::Crypt::Role';
use IO::Handle;
+use File::Which qw();
use RT::Crypt::GnuPG::CRLFHandle;
use GnuPG::Interface;
use RT::EmailParser ();
@@ -343,6 +345,7 @@ sub CallGnuPG {
%{ $args{Options} || {} },
);
my $gnupg = GnuPG::Interface->new;
+ $gnupg->call( $self->GnuPGPath );
$gnupg->options->hash_init(
_PrepareGnuPGOptions( %opt ),
);
@@ -1811,9 +1814,41 @@ sub ImportKey {
);
}
+sub GnuPGPath {
+ state $cache = RT->Config->Get('GnuPG')->{'GnuPG'};
+ return $cache;
+}
+
sub Probe {
my $self = shift;
my $gnupg = GnuPG::Interface->new;
+
+ my $bin = $self->GnuPGPath();
+ unless ($bin) {
+ $RT::Logger->warning(
+ "No gpg path set; GnuPG support has been disabled. ".
+ "Check the 'GnuPG' configuration in %GnuPG");
+ return 0;
+ }
+
+ if ($bin =~ m{^/}) {
+ unless (-f $bin and -x _) {
+ $RT::Logger->warning(
+ "Invalid gpg path $bin; GnuPG support has been disabled. ".
+ "Check the 'GnuPG' configuration in %GnuPG");
+ return 0;
+ }
+ } else {
+ my $path = File::Which::which( $bin );
+ unless ($path) {
+ $RT::Logger->warning(
+ "Can't find gpg binary '$bin' in PATH; GnuPG support has been disabled. ".
+ "Check the 'GnuPG' configuration in %GnuPG");
+ return 0;
+ }
+ }
+
+ $gnupg->call( $bin );
$gnupg->options->hash_init(
_PrepareGnuPGOptions( RT->Config->Get('GnuPGOptions') )
);
diff --git a/sbin/rt-test-dependencies.in b/sbin/rt-test-dependencies.in
index 58ae174..815374f 100644
--- a/sbin/rt-test-dependencies.in
+++ b/sbin/rt-test-dependencies.in
@@ -320,6 +320,7 @@ DBD::SQLite 1.00
.
$deps{'GPG'} = [ text_to_hash( << '.') ];
+File::Which
GnuPG::Interface
PerlIO::eol
.
commit af58ef37f0f9351b0f6be5cd504199db26a05847
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Wed Sep 4 19:06:41 2013 -0400
Cache the full path to the openssl/gpg binary
diff --git a/lib/RT/Crypt/GnuPG.pm b/lib/RT/Crypt/GnuPG.pm
index ded5c6a..44d6518 100644
--- a/lib/RT/Crypt/GnuPG.pm
+++ b/lib/RT/Crypt/GnuPG.pm
@@ -1816,6 +1816,7 @@ sub ImportKey {
sub GnuPGPath {
state $cache = RT->Config->Get('GnuPG')->{'GnuPG'};
+ $cache = $_[1] if @_ > 1;
return $cache;
}
@@ -1846,6 +1847,7 @@ sub Probe {
"Check the 'GnuPG' configuration in %GnuPG");
return 0;
}
+ $self->GnuPGPath( $bin = $path );
}
$gnupg->call( $bin );
diff --git a/lib/RT/Crypt/SMIME.pm b/lib/RT/Crypt/SMIME.pm
index c0c93aa..7c41701 100644
--- a/lib/RT/Crypt/SMIME.pm
+++ b/lib/RT/Crypt/SMIME.pm
@@ -138,6 +138,7 @@ to the certificate on the user.
sub OpenSSLPath {
state $cache = RT->Config->Get('SMIME')->{'OpenSSL'};
+ $cache = $_[1] if @_ > 1;
return $cache;
}
@@ -166,6 +167,7 @@ sub Probe {
"Check the 'OpenSSL' configuration in %OpenSSL");
return 0;
}
+ $self->OpenSSLPath( $bin = $path );
}
{
commit 757b5738c853fec72242af6310d90f0cb7fc020b
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Wed Sep 4 19:07:47 2013 -0400
Clear our environment (including PATH) after gpg/openssl have been found
In the case that the gpg or openssl binaries required for the encryption
backend are in non-standard locations (i.e. not in /bin or /usr/bin),
they cannot be found if CleanEnv() was called prior to RT::Init.
Push all existing calls to CleanEnv() later to allow time for
RT::Crypt::SMIME and RT::Crypt::GnuPG to locate and cache the location
of their relevant binaries.
diff --git a/bin/rt-crontool.in b/bin/rt-crontool.in
index 959622f..e2d49db 100644
--- a/bin/rt-crontool.in
+++ b/bin/rt-crontool.in
@@ -73,9 +73,6 @@ use Getopt::Long;
use RT::Interface::CLI qw(CleanEnv GetCurrentUser GetMessageContent loc);
-#Clean out all the nasties from the environment
-CleanEnv();
-
my ( $search, $condition, $action, $search_arg, $condition_arg, $action_arg,
$template, $template_id, $transaction, $transaction_type, $help, $log, $verbose );
GetOptions(
@@ -103,6 +100,9 @@ RT->Config->Set( LogToSTDERR => $log ) if $log;
#Connect to the database and get RT::SystemUser and RT::Nobody loaded
RT::Init();
+# Clean out all the nasties from the environment
+CleanEnv();
+
require RT::Tickets;
require RT::Template;
diff --git a/lib/RT/Interface/CLI.pm b/lib/RT/Interface/CLI.pm
index cbd16a9..7fa8452 100644
--- a/lib/RT/Interface/CLI.pm
+++ b/lib/RT/Interface/CLI.pm
@@ -65,9 +65,6 @@ our @EXPORT_OK = qw(CleanEnv GetCurrentUser GetMessageContent debug loc);
use RT::Interface::CLI qw(CleanEnv
GetCurrentUser GetMessageContent loc);
- #Clean out all the nasties from the environment
- CleanEnv();
-
#let's talk to RT'
use RT;
@@ -77,6 +74,9 @@ our @EXPORT_OK = qw(CleanEnv GetCurrentUser GetMessageContent debug loc);
# Connect to the database. set up loggign
RT::Init();
+ # Clean out all the nasties from the environment
+ CleanEnv();
+
#Get the current user all loaded
my $CurrentUser = GetCurrentUser();
diff --git a/sbin/rt-email-dashboards.in b/sbin/rt-email-dashboards.in
index 84c64c9..4811618 100644
--- a/sbin/rt-email-dashboards.in
+++ b/sbin/rt-email-dashboards.in
@@ -83,15 +83,15 @@ require RT;
require RT::Interface::CLI;
RT::Interface::CLI->import(qw{ CleanEnv loc });
-# Clean out all the nasties from the environment
-CleanEnv();
-
# Load the config file
RT::LoadConfig();
# Connect to the database and get RT::SystemUser and RT::Nobody loaded
RT::Init();
+# Clean out all the nasties from the environment
+CleanEnv();
+
require RT::Dashboard::Mailer;
RT::Dashboard::Mailer->MailDashboards(
All => $opts{all},
diff --git a/sbin/rt-email-digest.in b/sbin/rt-email-digest.in
index 769ea8c..eec0fe7 100644
--- a/sbin/rt-email-digest.in
+++ b/sbin/rt-email-digest.in
@@ -71,9 +71,9 @@ use RT;
use RT::Interface::CLI qw( CleanEnv loc );
use RT::Interface::Email;
-CleanEnv();
RT::LoadConfig();
RT::Init();
+CleanEnv();
sub usage {
my ($error) = @_;
commit 219ce9b9b9faeec30f21515e0ceb1e997abcd368
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Wed Sep 4 19:10:58 2013 -0400
Allow use of PATH to determine which openssl binary to use
diff --git a/etc/RT_Config.pm.in b/etc/RT_Config.pm.in
index a5f21dc..e4a82a5 100755
--- a/etc/RT_Config.pm.in
+++ b/etc/RT_Config.pm.in
@@ -2405,7 +2405,7 @@ See L<RT::Crypt::SMIME> for details.
Set( %SMIME,
Enable => @RT_SMIME@,
- OpenSSL => '/usr/bin/openssl',
+ OpenSSL => 'openssl',
Keyring => q{@RT_VAR_PATH@/data/smime},
CAPath => undef,
AcceptUntrustedCAs => undef,
commit 89d6240f078aeea7c3fd4530041b8aa956eda0d2
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Wed Sep 4 19:11:59 2013 -0400
RT::Test::find_executable is merely File::Which; use it
diff --git a/lib/RT/Test.pm b/lib/RT/Test.pm
index af21763..ae1bbb4 100644
--- a/lib/RT/Test.pm
+++ b/lib/RT/Test.pm
@@ -72,6 +72,7 @@ use Socket;
use File::Temp qw(tempfile);
use File::Path qw(mkpath);
use File::Spec;
+use File::Which qw();
use Scalar::Util qw(blessed);
our @EXPORT = qw(is_empty diag parse_mail works fails plan done_testing);
@@ -1651,17 +1652,8 @@ sub file_content {
sub find_executable {
my $self = shift;
- my $name = shift;
- require File::Spec;
- foreach my $dir ( split /:/, $ENV{'PATH'} ) {
- my $fpath = File::Spec->catpath(
- (File::Spec->splitpath( $dir, 'no file' ))[0..1], $name
- );
- next unless -e $fpath && -r _ && -x _;
- return $fpath;
- }
- return undef;
+ return File::Which::which( @_ );
}
sub diag {
diff --git a/sbin/rt-test-dependencies.in b/sbin/rt-test-dependencies.in
index 815374f..15e4e86 100644
--- a/sbin/rt-test-dependencies.in
+++ b/sbin/rt-test-dependencies.in
@@ -269,6 +269,7 @@ Text::ParseWords
$deps{'DEVELOPER'} = [ text_to_hash( << '.') ];
Email::Abstract
File::Find
+File::Which
Locale::PO
Log::Dispatch::Perl
Mojo::DOM
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list