[Rt-commit] rt branch, 4.4-trunk, updated. rt-4.4.4-186-gd6a996bf5c
? sunnavy
sunnavy at bestpractical.com
Tue Nov 24 17:41:58 EST 2020
The branch, 4.4-trunk has been updated
via d6a996bf5c51d7f0c7d4a04ad92e52a12d01b647 (commit)
via 8e5909337be8581f912cacea51a844acd4abc1a3 (commit)
via 674e4f5171c840942fa3455ad16abaaa3edc4f6a (commit)
from 2071d5bc79c09dae1200294d89a74abcc3fd42a9 (commit)
Summary of changes:
lib/RT/Attachment.pm | 41 +++++++++++++++++++++++++++++++++++++++++
t/mail/gnupg-incoming.t | 39 ++++++++++++++++++++++++++++++++++++++-
t/mail/smime/incoming.t | 44 ++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 123 insertions(+), 1 deletion(-)
- Log -----------------------------------------------------------------
commit 674e4f5171c840942fa3455ad16abaaa3edc4f6a
Author: Dianne Skoll <dianne at bestpractical.com>
Date: Fri Nov 20 10:32:33 2020 -0500
Add RT::Attachment->GetCryptStatus method.
This returns the parsed status from the X-RT-(SMIME|GnuPG)-Status: header, if any.
diff --git a/lib/RT/Attachment.pm b/lib/RT/Attachment.pm
index 3c2ef6cc4a..e947450636 100644
--- a/lib/RT/Attachment.pm
+++ b/lib/RT/Attachment.pm
@@ -903,6 +903,47 @@ sub _SplitHeaders {
return(@headers);
}
+=head2 GetCryptStatus
+
+Returns the parsed status from the X-RT-GnuPG-Status or
+X-RT-SMIME-Status header.
+
+The return value is an array of hashrefs; each hashref is as described
+in L<RT::Crypt::ParseStatus>; however, each hashref has one additional
+entry 'Protocol' which is the name of the crypto protocol used and is
+one of 'SMIME' or 'GnuPG'.
+
+If no crypto header exists, returns an empty array
+
+=cut
+
+sub GetCryptStatus {
+ my $self = shift;
+ my @ret = ();
+
+ foreach my $h ( $self->SplitHeaders ) {
+ next unless $h =~ /^X-RT-(GnuPG|SMIME)-Status:/i;
+ my $protocol = $1;
+ my ( $h_key, $h_val ) = split( /:\s*/, $h, 2 );
+ my @result = RT::Crypt->ParseStatus(
+ Protocol => $protocol,
+ Status => $h_val
+ );
+
+ # Canonicalize protocol case so it's always SMIME or GnuPG
+ if ( uc($protocol) eq 'SMIME' ) {
+ $protocol = 'SMIME';
+ }
+ elsif ( uc($protocol) eq 'GNUPG' ) {
+ $protocol = 'GnuPG';
+ }
+ foreach my $hash (@result) {
+ $hash->{'Protocol'} = $protocol;
+ push( @ret, $hash );
+ }
+ }
+ return @ret;
+}
sub Encrypt {
my $self = shift;
commit 8e5909337be8581f912cacea51a844acd4abc1a3
Author: Dianne Skoll <dianne at bestpractical.com>
Date: Tue Nov 24 16:45:30 2020 -0500
Test RT::Attachment::GetCryptStatus
diff --git a/t/mail/gnupg-incoming.t b/t/mail/gnupg-incoming.t
index 2a583adb99..5a0d0d87b0 100644
--- a/t/mail/gnupg-incoming.t
+++ b/t/mail/gnupg-incoming.t
@@ -10,13 +10,15 @@ BEGIN {
use RT::Test::Crypt
GnuPG => 1,
- tests => 53,
+ tests => undef,
actual_server => 1,
gnupg_options => {
passphrase => 'rt-test',
homedir => $homedir,
};
+use Test::Deep;
+
use String::ShellQuote 'shell_quote';
use IPC::Run3 'run3';
use MIME::Base64;
@@ -62,6 +64,9 @@ RT::Test->close_mailgate_ok($mail);
'recorded incoming mail that is not encrypted'
);
like( $txn->Attachments->First->Content, qr/Blah/);
+ my ($msg) = @{ $txn->Attachments->ItemsArrayRef };
+ my @status = $msg->GetCryptStatus;
+ cmp_deeply( \@status, [], 'Got empty array for unsigned/unencrypted attachment' );
}
# test for signed mail
@@ -105,6 +110,36 @@ RT::Test->close_mailgate_ok($mail);
);
# test for some kind of PGP-Signed-By: Header
like( $attach->Content, qr/fnord/);
+
+ my @status = $msg->GetCryptStatus;
+ cmp_deeply(
+ \@status,
+ [ { 'Protocol' => 'GnuPG',
+ 'Reserved' => re('^\d+$'),
+ 'Version' => '4',
+ 'CreationDate' => re('^\d{4}-\d{2}-\d{2}$'),
+ 'Other' => undef,
+ 'HashAlgo' => '2',
+ 'HashAlgoName' => 'SHA-1',
+ 'PubkeyAlgo' => '17',
+ 'PubkeyAlgoName' => 'DSA',
+ 'Fingerprint' => '7232A3C60F796865796370A54855ED8893EB9DE7',
+ 'Status' => 'DONE',
+ 'Key' => '4855ED8893EB9DE7',
+ 'UserString' => 'Test User <recipient at example.com>',
+ 'Operation' => 'Verify',
+ 'Message' =>
+ 'The signature is good, signed by Test User <recipient at example.com>, trust level is ultimate',
+ 'ExpireTimestamp' => '0',
+ 'Class' => '00',
+ 'Timestamp' => re('^\d+$'),
+ 'Trust' => 'ULTIMATE',
+ 'Keyword' => 'GOODSIG',
+ 'PKFingerprint' => '7232A3C60F796865796370A54855ED8893EB9DE7'
+ }
+ ],
+ 'Got expected crypt status'
+ );
}
# test for clear-signed mail
@@ -378,3 +413,5 @@ EOF
my $content = $tick->Transactions->First->Content;
like $content, qr/a{1024,}/, 'content is not lost';
}
+
+done_testing;
diff --git a/t/mail/smime/incoming.t b/t/mail/smime/incoming.t
index 4442c5744d..bc19dfdba1 100644
--- a/t/mail/smime/incoming.t
+++ b/t/mail/smime/incoming.t
@@ -8,6 +8,7 @@ use IPC::Run3 'run3';
use String::ShellQuote 'shell_quote';
use RT::Tickets;
use Test::Warn;
+use Test::Deep;
my ($url, $m) = RT::Test->started_ok;
ok $m->login, "logged in";
@@ -52,6 +53,9 @@ RT::Test->close_mailgate_ok($mail);
'recorded incoming mail that is not encrypted'
);
like( $txn->Attachments->First->Content, qr'Blah');
+ my ($msg) = @{ $txn->Attachments->ItemsArrayRef };
+ my @status = $msg->GetCryptStatus;
+ cmp_deeply( \@status, [], 'Got expected crypt status (Empty array)' );
}
{
@@ -135,6 +139,29 @@ RT::Test->close_mailgate_ok($mail);
'recorded incoming mail that is encrypted'
);
like( $attach->Content, qr'orzzzz');
+ my @status = $msg->GetCryptStatus;
+ cmp_deeply(
+ \@status,
+ [ { Operation => 'Decrypt',
+ Protocol => 'SMIME',
+ Message => 'Decryption process succeeded',
+ EncryptedTo => [ { EmailAddress => 'sender at example.com' } ],
+ Status => 'DONE'
+ },
+ { Status => 'DONE',
+ UserString => '"Enoch Root" <root at example.com>',
+ Trust => 'FULL',
+ Issuer => '"CA Owner" <ca.owner at example.com>',
+ CreatedTimestamp => re('^\d+$'),
+ Message =>
+ 'The signature is good, signed by "Enoch Root" <root at example.com>, assured by "CA Owner" <ca.owner at example.com>, trust is full',
+ ExpireTimestamp => re('^\d+$'),
+ Operation => 'Verify',
+ Protocol => 'SMIME'
+ }
+ ],
+ 'Got expected signing/encryption status'
+ );
}
{
@@ -172,6 +199,23 @@ RT::Test->close_mailgate_ok($mail);
"Message was signed"
);
like( $attach->Content, qr/This is the body/ );
+ my @status = $msg->GetCryptStatus;
+ cmp_deeply(
+ \@status,
+ [ { CreatedTimestamp => re('^\d+$'),
+ ExpireTimestamp => re('^\d+$'),
+ Issuer => '"CA Owner" <ca.owner at example.com>',
+ Protocol => 'SMIME',
+ Operation => 'Verify',
+ Status => 'DONE',
+ Message =>
+ 'The signature is good, signed by "Enoch Root" <root at example.com>, assured by "CA Owner" <ca.owner at example.com>, trust is full',
+ UserString => '"Enoch Root" <root at example.com>',
+ Trust => 'FULL'
+ }
+ ],
+ 'Got expected crypt status for signed message'
+ );
}
# Make the signature not match
commit d6a996bf5c51d7f0c7d4a04ad92e52a12d01b647
Merge: 2071d5bc79 8e5909337b
Author: sunnavy <sunnavy at bestpractical.com>
Date: Wed Nov 25 06:39:15 2020 +0800
Merge branch '4.4/add-crypt-status-functions' into 4.4-trunk
-----------------------------------------------------------------------
More information about the rt-commit
mailing list