Changeset View
Changeset View
Standalone View
Standalone View
wallace/module_gpgencrypt.py
Show All 22 Lines | |||||
from email import message_from_string | from email import message_from_string | ||||
from email.MIMEBase import MIMEBase | from email.MIMEBase import MIMEBase | ||||
from email.MIMEText import MIMEText | from email.MIMEText import MIMEText | ||||
from email.parser import Parser | from email.parser import Parser | ||||
from email.utils import formataddr | from email.utils import formataddr | ||||
from email.utils import getaddresses | from email.utils import getaddresses | ||||
import email.mime.application | |||||
import email.mime.multipart | |||||
import email.mime.text | |||||
import email.encoders | |||||
import gnupg | |||||
import modules | import modules | ||||
import pykolab | import pykolab | ||||
from pykolab.translate import _ | from pykolab.translate import _ | ||||
log = pykolab.getLogger('pykolab.wallace') | log = pykolab.getLogger('pykolab.wallace') | ||||
conf = pykolab.getConf() | conf = pykolab.getConf() | ||||
mybasepath = '/var/spool/pykolab/wallace/gpgencrypt/' | mybasepath = '/var/spool/pykolab/wallace/gpgencrypt/' | ||||
def __init__(): | def __init__(): | ||||
modules.register('gpgencrypt', execute, description=description()) | modules.register('gpgencrypt', execute, description=description()) | ||||
def description(): | def description(): | ||||
return """Encrypt messages to the recipient(s).""" | return """Encrypt messages to the recipient(s).""" | ||||
def pgp_mime(msg, recepients): | |||||
gpg = gnupg.GPG(gnupghome='/var/lib/kolab/.gnupg', verbose=conf.debuglevel > 8) | |||||
gpg.encoding = 'utf-8' | |||||
msg = msg | |||||
msg_boundary = str(msg.get_boundary()) | |||||
msg_content_type = str(msg.get_content_type()) | |||||
payload = msg.get_payload() | |||||
content = "Content-Type: " + msg_content_type + ";" + "\n boundary=\"" + msg_boundary + "\"\n\n" + payload | |||||
encrypted_content = gpg.encrypt(content, recepients, always_trust=True) | |||||
msg.set_type("multipart/encrypted") | |||||
msg.set_param("protocol","application/pgp-encrypted") | |||||
msg_boundary_gpg = "--boundary-gpg-encryption-42" | |||||
msg_preamble = "This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)\n\ | |||||
" + msg_boundary_gpg + "\n\ | |||||
Content-Type: application/pgp-encrypted\n\ | |||||
Content-Description: PGP/MIME version identification\n\ | |||||
\n\ | |||||
Version: 1\n\ | |||||
\n\ | |||||
" + msg_boundary_gpg + "\n\ | |||||
Content-Type: application/octet-stream; name=\"encrypted.asc\"\n\ | |||||
Content-Description: OpenPGP encrypted message\n\ | |||||
Content-Disposition: inline; filename=\"encrypted.asc\"\n\n" | |||||
msg.set_boundary(msg_boundary_gpg) | |||||
msg.set_payload(msg_preamble + str(encrypted_content) + "\n" + msg_boundary_gpg) | |||||
return msg | |||||
def execute(*args, **kw): | def execute(*args, **kw): | ||||
if not os.path.isdir(mybasepath): | if not os.path.isdir(mybasepath): | ||||
os.makedirs(mybasepath) | os.makedirs(mybasepath) | ||||
for stage in ['incoming', 'ACCEPT' ]: | for stage in ['incoming', 'ACCEPT' ]: | ||||
if not os.path.isdir(os.path.join(mybasepath, stage)): | if not os.path.isdir(os.path.join(mybasepath, stage)): | ||||
os.makedirs(os.path.join(mybasepath, stage)) | os.makedirs(os.path.join(mybasepath, stage)) | ||||
▲ Show 20 Lines • Show All 114 Lines • ▼ Show 20 Lines | try: | ||||
log.debug(_("Recipients: %r") % (recipients)) | log.debug(_("Recipients: %r") % (recipients)) | ||||
# Split between recipients we can encrypt for/to, and ones we can not | # Split between recipients we can encrypt for/to, and ones we can not | ||||
encrypt_rcpts = [] | encrypt_rcpts = [] | ||||
nocrypt_rcpts = [] | nocrypt_rcpts = [] | ||||
import gnupg | |||||
gpg = gnupg.GPG(gnupghome='/var/lib/kolab/.gnupg', verbose=conf.debuglevel > 8) | gpg = gnupg.GPG(gnupghome='/var/lib/kolab/.gnupg', verbose=conf.debuglevel > 8) | ||||
gpg.encoding = 'utf-8' | gpg.encoding = 'utf-8' | ||||
local_keys = gpg.list_keys() | local_keys = gpg.list_keys() | ||||
log.debug(_("Current keys: %r") % (local_keys), level=8) | log.debug(_("Current keys: %r") % (local_keys), level=8) | ||||
for recipient in recipients: | for recipient in recipients: | ||||
key_local = False | key_local = False | ||||
Show All 19 Lines | try: | ||||
for key in local_keys: | for key in local_keys: | ||||
for address in [x for x in [address for displayname,address in getaddresses(key['uids'])] if x == recipient]: | for address in [x for x in [address for displayname,address in getaddresses(key['uids'])] if x == recipient]: | ||||
log.debug(_("Found matching address %r") % (address)) | log.debug(_("Found matching address %r") % (address)) | ||||
key_local = key['keyid'] | key_local = key['keyid'] | ||||
if not key_local == False: | if not key_local == False: | ||||
encrypt_rcpts.append(key_local) | encrypt_rcpts.append(key_local) | ||||
payload = message.get_payload() | payload = message.get_payload() | ||||
print "payload:", payload | #print "payload:", payload | ||||
if len(encrypt_rcpts) < 1: | if len(encrypt_rcpts) < 1: | ||||
return filepath | return filepath | ||||
if "multipart" in message.get_content_type(): | |||||
log.debug(_("Mime Message - we need to build multipart/encrypted structure"), level=8) | |||||
msg = message | |||||
enc_mime_message = pgp_mime(msg, encrypt_rcpts) | |||||
message = enc_mime_message | |||||
else: | |||||
log.debug(_("No Mime Message - encypt plain"), level=8) | |||||
encrypted_data = gpg.encrypt(payload, encrypt_rcpts, always_trust=True) | encrypted_data = gpg.encrypt(payload, encrypt_rcpts, always_trust=True) | ||||
encrypted_string = str(encrypted_data) | encrypted_string = str(encrypted_data) | ||||
print "encrypted string:", encrypted_string | |||||
message.set_payload(encrypted_string) | message.set_payload(encrypted_string) | ||||
message.add_header('X-wallace-gpg-encrypted', 'true') | |||||
(fp, new_filepath) = tempfile.mkstemp(dir="/var/spool/pykolab/wallace/gpgencrypt/ACCEPT") | (fp, new_filepath) = tempfile.mkstemp(dir="/var/spool/pykolab/wallace/gpgencrypt/ACCEPT") | ||||
os.write(fp, message.as_string()) | os.write(fp, message.as_string()) | ||||
os.close(fp) | os.close(fp) | ||||
os.unlink(filepath) | os.unlink(filepath) | ||||
exec('modules.cb_action_%s(%r, %r)' % ('ACCEPT','gpgencrypt', new_filepath)) | exec('modules.cb_action_%s(%r, %r)' % ('ACCEPT','gpgencrypt', new_filepath)) | ||||
except Exception, errmsg: | except Exception, errmsg: | ||||
log.error(_("An error occurred: %r") % (errmsg)) | log.error(_("An error occurred: %r") % (errmsg)) | ||||
if conf.debuglevel > 8: | if conf.debuglevel > 8: | ||||
import traceback | import traceback | ||||
traceback.print_exc() | traceback.print_exc() |