2004-09-04 13:13:48 +00:00
|
|
|
;;; mml-smime.el --- S/MIME support for MML
|
2005-08-06 19:51:42 +00:00
|
|
|
|
2012-01-05 09:46:05 +00:00
|
|
|
;; Copyright (C) 2000-2012 Free Software Foundation, Inc.
|
2004-09-04 13:13:48 +00:00
|
|
|
|
|
|
|
|
;; Author: Simon Josefsson <simon@josefsson.org>
|
|
|
|
|
;; Keywords: Gnus, MIME, S/MIME, MML
|
|
|
|
|
|
|
|
|
|
;; This file is part of GNU Emacs.
|
|
|
|
|
|
2008-05-06 03:56:49 +00:00
|
|
|
;; GNU Emacs is free software: you can redistribute it and/or modify
|
|
|
|
|
;; it under the terms of the GNU General Public License as published by
|
|
|
|
|
;; the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
;; (at your option) any later version.
|
2004-09-04 13:13:48 +00:00
|
|
|
|
2008-05-06 03:56:49 +00:00
|
|
|
;; GNU Emacs is distributed in the hope that it will be useful,
|
|
|
|
|
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
;; GNU General Public License for more details.
|
2004-09-04 13:13:48 +00:00
|
|
|
|
|
|
|
|
;; You should have received a copy of the GNU General Public License
|
2008-05-06 03:56:49 +00:00
|
|
|
;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>.
|
2004-09-04 13:13:48 +00:00
|
|
|
|
|
|
|
|
;;; Commentary:
|
|
|
|
|
|
|
|
|
|
;;; Code:
|
|
|
|
|
|
2010-10-11 23:29:33 +00:00
|
|
|
;; For Emacs <22.2 and XEmacs.
|
2007-12-11 05:29:49 +00:00
|
|
|
(eval-and-compile
|
|
|
|
|
(unless (fboundp 'declare-function) (defmacro declare-function (&rest r))))
|
|
|
|
|
|
2004-09-29 06:35:14 +00:00
|
|
|
(eval-when-compile (require 'cl))
|
|
|
|
|
|
2004-09-04 13:13:48 +00:00
|
|
|
(require 'smime)
|
|
|
|
|
(require 'mm-decode)
|
2007-10-28 09:18:39 +00:00
|
|
|
(require 'mml-sec)
|
2004-09-04 13:13:48 +00:00
|
|
|
(autoload 'message-narrow-to-headers "message")
|
2004-09-29 06:35:14 +00:00
|
|
|
(autoload 'message-fetch-field "message")
|
2004-09-04 13:13:48 +00:00
|
|
|
|
2011-01-24 23:38:05 +00:00
|
|
|
(defcustom mml-smime-use (if (featurep 'epg) 'epg 'openssl)
|
|
|
|
|
"Whether to use OpenSSL or EPG to decrypt S/MIME messages.
|
|
|
|
|
Defaults to EPG if it's loaded."
|
|
|
|
|
:group 'mime-security
|
|
|
|
|
:type '(choice (const :tag "EPG" epg)
|
|
|
|
|
(const :tag "OpenSSL" openssl)))
|
2007-10-28 09:18:39 +00:00
|
|
|
|
|
|
|
|
(defvar mml-smime-function-alist
|
|
|
|
|
'((openssl mml-smime-openssl-sign
|
|
|
|
|
mml-smime-openssl-encrypt
|
|
|
|
|
mml-smime-openssl-sign-query
|
|
|
|
|
mml-smime-openssl-encrypt-query
|
|
|
|
|
mml-smime-openssl-verify
|
|
|
|
|
mml-smime-openssl-verify-test)
|
|
|
|
|
(epg mml-smime-epg-sign
|
|
|
|
|
mml-smime-epg-encrypt
|
|
|
|
|
nil
|
|
|
|
|
nil
|
|
|
|
|
mml-smime-epg-verify
|
|
|
|
|
mml-smime-epg-verify-test)))
|
|
|
|
|
|
|
|
|
|
(defcustom mml-smime-cache-passphrase mml-secure-cache-passphrase
|
|
|
|
|
"If t, cache passphrase."
|
|
|
|
|
:group 'mime-security
|
|
|
|
|
:type 'boolean)
|
|
|
|
|
|
|
|
|
|
(defcustom mml-smime-passphrase-cache-expiry mml-secure-passphrase-cache-expiry
|
|
|
|
|
"How many seconds the passphrase is cached.
|
|
|
|
|
Whether the passphrase is cached at all is controlled by
|
|
|
|
|
`mml-smime-cache-passphrase'."
|
|
|
|
|
:group 'mime-security
|
|
|
|
|
:type 'integer)
|
|
|
|
|
|
|
|
|
|
(defcustom mml-smime-signers nil
|
|
|
|
|
"A list of your own key ID which will be used to sign a message."
|
|
|
|
|
:group 'mime-security
|
|
|
|
|
:type '(repeat (string :tag "Key ID")))
|
|
|
|
|
|
2004-09-04 13:13:48 +00:00
|
|
|
(defun mml-smime-sign (cont)
|
2007-10-28 09:18:39 +00:00
|
|
|
(let ((func (nth 1 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func cont)
|
|
|
|
|
(error "Cannot find sign function"))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-encrypt (cont)
|
|
|
|
|
(let ((func (nth 2 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func cont)
|
|
|
|
|
(error "Cannot find encrypt function"))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-sign-query ()
|
|
|
|
|
(let ((func (nth 3 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-encrypt-query ()
|
|
|
|
|
(let ((func (nth 4 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-verify (handle ctl)
|
|
|
|
|
(let ((func (nth 5 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func handle ctl)
|
|
|
|
|
handle)))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-verify-test (handle ctl)
|
|
|
|
|
(let ((func (nth 6 (assq mml-smime-use mml-smime-function-alist))))
|
|
|
|
|
(if func
|
|
|
|
|
(funcall func handle ctl))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-openssl-sign (cont)
|
2004-09-04 13:13:48 +00:00
|
|
|
(when (null smime-keys)
|
|
|
|
|
(customize-variable 'smime-keys)
|
|
|
|
|
(error "No S/MIME keys configured, use customize to add your key"))
|
|
|
|
|
(smime-sign-buffer (cdr (assq 'keyfile cont)))
|
|
|
|
|
(goto-char (point-min))
|
|
|
|
|
(while (search-forward "\r\n" nil t)
|
|
|
|
|
(replace-match "\n" t t))
|
|
|
|
|
(goto-char (point-max)))
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-openssl-encrypt (cont)
|
2004-09-04 13:13:48 +00:00
|
|
|
(let (certnames certfiles tmp file tmpfiles)
|
|
|
|
|
;; xxx tmp files are always an security issue
|
|
|
|
|
(while (setq tmp (pop cont))
|
|
|
|
|
(if (and (consp tmp) (eq (car tmp) 'certfile))
|
|
|
|
|
(push (cdr tmp) certnames)))
|
|
|
|
|
(while (setq tmp (pop certnames))
|
|
|
|
|
(if (not (and (not (file-exists-p tmp))
|
|
|
|
|
(get-buffer tmp)))
|
|
|
|
|
(push tmp certfiles)
|
2005-08-31 13:08:28 +00:00
|
|
|
(setq file (mm-make-temp-file (expand-file-name "mml."
|
2004-09-04 13:13:48 +00:00
|
|
|
mm-tmp-directory)))
|
|
|
|
|
(with-current-buffer tmp
|
|
|
|
|
(write-region (point-min) (point-max) file))
|
|
|
|
|
(push file certfiles)
|
|
|
|
|
(push file tmpfiles)))
|
|
|
|
|
(if (smime-encrypt-buffer certfiles)
|
|
|
|
|
(progn
|
|
|
|
|
(while (setq tmp (pop tmpfiles))
|
|
|
|
|
(delete-file tmp))
|
|
|
|
|
t)
|
|
|
|
|
(while (setq tmp (pop tmpfiles))
|
|
|
|
|
(delete-file tmp))
|
|
|
|
|
nil))
|
|
|
|
|
(goto-char (point-max)))
|
|
|
|
|
|
2007-12-04 04:04:41 +00:00
|
|
|
(defvar gnus-extract-address-components)
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-openssl-sign-query ()
|
2004-09-04 13:13:48 +00:00
|
|
|
;; query information (what certificate) from user when MML tag is
|
|
|
|
|
;; added, for use later by the signing process
|
|
|
|
|
(when (null smime-keys)
|
|
|
|
|
(customize-variable 'smime-keys)
|
|
|
|
|
(error "No S/MIME keys configured, use customize to add your key"))
|
|
|
|
|
(list 'keyfile
|
|
|
|
|
(if (= (length smime-keys) 1)
|
|
|
|
|
(cadar smime-keys)
|
Revision: miles@gnu.org--gnu-2005/emacs--cvs-trunk--0--patch-530
Merge from gnus--rel--5.10
Patches applied:
* gnus--rel--5.10 (patch 106-111)
- Merge from emacs--cvs-trunk--0
- Update from CVS
2005-09-05 Reiner Steib <Reiner.Steib@gmx.de>
* lisp/gnus/message.el (message-tab-body-function): Fixed mismatched custom
type.
* lisp/gnus/gnus.el (gnus-group-change-level-function): Ditto.
* lisp/gnus/gnus-msg.el (gnus-outgoing-message-group): Ditto.
* lisp/gnus/gnus-art.el (gnus-signature-limit)
(gnus-article-mime-part-function): Ditto.
2005-09-04 Reiner Steib <Reiner.Steib@gmx.de>
* lisp/gnus/nnweb.el (nnweb-type-definition, nnweb-google-wash-article):
Make fetching article by MID work again for Google Groups. Added
FIXME concerning gnus-group-make-web-group.
* lisp/gnus/mml-smime.el (mml-smime-sign-query, mml-smime-get-dns-cert):
Don't depend on Gnus by using mail-extract-address-components if
gnus-extract-address-components is not bound.
* lisp/gnus/gnus.el (gnus-user-agent): Use list of symbols instead of
symbols. Display full version number for (S)XEmacs. Optionally
display (S)XEmacs codename.
* lisp/gnus/gnus-util.el (gnus-emacs-version): Update for new
`gnus-user-agent'.
* lisp/gnus/gnus-msg.el (gnus-extended-version): Make it possible to omit
Gnus version.
2005-09-02 Hrvoje Niksic <hniksic@xemacs.org>
* lisp/gnus/mm-encode.el (mm-encode-content-transfer-encoding): Likewise
when encoding.
* lisp/gnus/mm-bodies.el (mm-decode-content-transfer-encoding):
De-canonicalize CRLF for all text content types, not just
text/plain.
2005-09-02 Katsumi Yamaoka <yamaoka@jpl.org>
* lisp/gnus/gnus-sum.el (gnus-thread-hide-subtree): Doc fix.
* lisp/gnus/gnus-msg.el (gnus-inews-insert-gcc): Fix the mistake of using
list, not listp.
2005-08-29 Romain Francoise <romain@orebokech.com>
* lisp/gnus/gnus-fun.el (gnus-convert-image-to-face-command): Fix typo in
docstring.
(gnus-face-from-file): Likewise.
2005-08-31 Juanma Barranquero <lekktu@gmail.com>
* lisp/gnus/gnus-art.el (w3m-minor-mode-map):
* lisp/gnus/gnus-spec.el (gnus-newsrc-file-version):
* lisp/gnus/gnus-util.el (nnmail-active-file-coding-system)
(gnus-original-article-buffer, gnus-user-agent):
* lisp/gnus/gnus.el (gnus-ham-process-destinations)
(gnus-parameter-ham-marks-alist)
(gnus-parameter-spam-marks-alist, gnus-spam-autodetect)
(gnus-spam-autodetect-methods, gnus-spam-newsgroup-contents)
(gnus-spam-process-destinations, gnus-spam-process-newsgroups):
* lisp/gnus/mm-decode.el (gnus-current-window-configuration):
* lisp/gnus/mm-extern.el (gnus-article-mime-handles):
* lisp/gnus/mm-url.el (url-current-object, url-package-name)
(url-package-version):
* lisp/gnus/mm-view.el (gnus-article-mime-handles, gnus-newsgroup-charset)
(smime-keys, w3m-cid-retrieve-function-alist)
(w3m-current-buffer, w3m-display-inline-images)
(w3m-minor-mode-map):
* lisp/gnus/mml-smime.el (gnus-extract-address-components):
* lisp/gnus/mml.el (gnus-article-mime-handles, gnus-mouse-2)
(gnus-newsrc-hashtb, message-default-charset)
(message-deletable-headers, message-options)
(message-posting-charset, message-required-mail-headers)
(message-required-news-headers):
* lisp/gnus/mml1991.el (mc-pgp-always-sign):
* lisp/gnus/mml2015.el (mc-pgp-always-sign):
* lisp/gnus/nnheader.el (nnmail-extra-headers):
* lisp/gnus/rfc1843.el (gnus-decode-encoded-word-function)
(gnus-decode-header-function, gnus-newsgroup-name):
* lisp/gnus/spam-stat.el (gnus-original-article-buffer): Add defvars.
2005-09-05 23:58:09 +00:00
|
|
|
(or (let ((from (cadr (funcall (if (boundp
|
|
|
|
|
'gnus-extract-address-components)
|
|
|
|
|
gnus-extract-address-components
|
|
|
|
|
'mail-extract-address-components)
|
2004-09-04 13:13:48 +00:00
|
|
|
(or (save-excursion
|
|
|
|
|
(save-restriction
|
|
|
|
|
(message-narrow-to-headers)
|
|
|
|
|
(message-fetch-field "from")))
|
|
|
|
|
"")))))
|
|
|
|
|
(and from (smime-get-key-by-email from)))
|
|
|
|
|
(smime-get-key-by-email
|
Merge changes made in Gnus trunk.
nndraft.el (nndraft-request-expire-articles): Use the group name instead if "nndraft".
gnus.texi (Using IMAP): Remove the @acronyms from the headings.
nnregistry.el: Added.
nnimap.el (nnimap-insert-partial-structure): Be way more permissive when interpreting the structures.
GNUS-NEWS: Minor error in GNUS-NEWS - password-cache.el.
nnimap.el (nnimap-request-accept-article): Add \r\n to the lines to make this work with Cyrus.
gnus-registry.el: Don't prompt on load, which makes it impossible to build Gnus.
gnus-gravatar.el: Add gnus-gravatar-properties.
gnus-agent.el, gnus-art.el, gnus-bookmark.el, gnus-dired.el, gnus-group.el,\
gnus-int.el, gnus-msg.el, gnus-registry.el, gnus-score.el, gnus-srvr.el,\
gnus-sum.el, gnus-topic.el, gnus-util.el, gnus.el, mm-decode.el, mm-util.el,\
mm-view.el, mml-smime.el, mml.el, nnmairix.el, nnrss.el, smime.el:\
Introduce gnus-completing-read.
gnus-util.el: Make completing-read function configurable.
gnus-util.el: Add requires and fix history for iswitchb.
webmail.el: Remove netscape/my-deja, since they no longer exist.
gnus.el (gnus-local-domain): Declare variable obsolete.
nnimap.el (nnimap-insert-partial-structure): Get the type from the correct slot, too.
pop3.el (pop3-send-streaming-command, pop3-stream-length): New variable.
nnimap.el (nnimap-open-connection): Revert the auto-network->starttls code.
nnimap.el (nnimap-request-set-mark): Erase the buffer before issuing commands.
nnimap.el (nnimap-split-rule): Mark as obsolete.
gnus-sum.el (gnus-valid-move-group-p): Make sure that `group' is a symbol.
nnimap.el (nnimap-split-incoming-mail): Allow `default' as nnimap-split-methods value.
nnimap.el (nnimap-request-article): Downcase the NILs so that they are nil.
nndoc.el (nndoc-retrieve-groups): New function.
gnus.texi: Fix Gravatar documentation.
2010-09-30 08:39:23 +00:00
|
|
|
(gnus-completing-read "Sign this part with what signature"
|
2010-10-04 22:26:51 +00:00
|
|
|
(mapcar 'car smime-keys) nil nil nil
|
Merge changes made in Gnus trunk.
nndraft.el (nndraft-request-expire-articles): Use the group name instead if "nndraft".
gnus.texi (Using IMAP): Remove the @acronyms from the headings.
nnregistry.el: Added.
nnimap.el (nnimap-insert-partial-structure): Be way more permissive when interpreting the structures.
GNUS-NEWS: Minor error in GNUS-NEWS - password-cache.el.
nnimap.el (nnimap-request-accept-article): Add \r\n to the lines to make this work with Cyrus.
gnus-registry.el: Don't prompt on load, which makes it impossible to build Gnus.
gnus-gravatar.el: Add gnus-gravatar-properties.
gnus-agent.el, gnus-art.el, gnus-bookmark.el, gnus-dired.el, gnus-group.el,\
gnus-int.el, gnus-msg.el, gnus-registry.el, gnus-score.el, gnus-srvr.el,\
gnus-sum.el, gnus-topic.el, gnus-util.el, gnus.el, mm-decode.el, mm-util.el,\
mm-view.el, mml-smime.el, mml.el, nnmairix.el, nnrss.el, smime.el:\
Introduce gnus-completing-read.
gnus-util.el: Make completing-read function configurable.
gnus-util.el: Add requires and fix history for iswitchb.
webmail.el: Remove netscape/my-deja, since they no longer exist.
gnus.el (gnus-local-domain): Declare variable obsolete.
nnimap.el (nnimap-insert-partial-structure): Get the type from the correct slot, too.
pop3.el (pop3-send-streaming-command, pop3-stream-length): New variable.
nnimap.el (nnimap-open-connection): Revert the auto-network->starttls code.
nnimap.el (nnimap-request-set-mark): Erase the buffer before issuing commands.
nnimap.el (nnimap-split-rule): Mark as obsolete.
gnus-sum.el (gnus-valid-move-group-p): Make sure that `group' is a symbol.
nnimap.el (nnimap-split-incoming-mail): Allow `default' as nnimap-split-methods value.
nnimap.el (nnimap-request-article): Downcase the NILs so that they are nil.
nndoc.el (nndoc-retrieve-groups): New function.
gnus.texi: Fix Gravatar documentation.
2010-09-30 08:39:23 +00:00
|
|
|
(and (listp (car-safe smime-keys))
|
|
|
|
|
(caar smime-keys))))))))
|
2004-09-04 13:13:48 +00:00
|
|
|
|
|
|
|
|
(defun mml-smime-get-file-cert ()
|
|
|
|
|
(ignore-errors
|
|
|
|
|
(list 'certfile (read-file-name
|
|
|
|
|
"File with recipient's S/MIME certificate: "
|
|
|
|
|
smime-certificate-directory nil t ""))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-get-dns-cert ()
|
|
|
|
|
;; todo: deal with comma separated multiple recipients
|
|
|
|
|
(let (result who bad cert)
|
|
|
|
|
(condition-case ()
|
|
|
|
|
(while (not result)
|
|
|
|
|
(setq who (read-from-minibuffer
|
|
|
|
|
(format "%sLookup certificate for: " (or bad ""))
|
Revision: miles@gnu.org--gnu-2005/emacs--cvs-trunk--0--patch-530
Merge from gnus--rel--5.10
Patches applied:
* gnus--rel--5.10 (patch 106-111)
- Merge from emacs--cvs-trunk--0
- Update from CVS
2005-09-05 Reiner Steib <Reiner.Steib@gmx.de>
* lisp/gnus/message.el (message-tab-body-function): Fixed mismatched custom
type.
* lisp/gnus/gnus.el (gnus-group-change-level-function): Ditto.
* lisp/gnus/gnus-msg.el (gnus-outgoing-message-group): Ditto.
* lisp/gnus/gnus-art.el (gnus-signature-limit)
(gnus-article-mime-part-function): Ditto.
2005-09-04 Reiner Steib <Reiner.Steib@gmx.de>
* lisp/gnus/nnweb.el (nnweb-type-definition, nnweb-google-wash-article):
Make fetching article by MID work again for Google Groups. Added
FIXME concerning gnus-group-make-web-group.
* lisp/gnus/mml-smime.el (mml-smime-sign-query, mml-smime-get-dns-cert):
Don't depend on Gnus by using mail-extract-address-components if
gnus-extract-address-components is not bound.
* lisp/gnus/gnus.el (gnus-user-agent): Use list of symbols instead of
symbols. Display full version number for (S)XEmacs. Optionally
display (S)XEmacs codename.
* lisp/gnus/gnus-util.el (gnus-emacs-version): Update for new
`gnus-user-agent'.
* lisp/gnus/gnus-msg.el (gnus-extended-version): Make it possible to omit
Gnus version.
2005-09-02 Hrvoje Niksic <hniksic@xemacs.org>
* lisp/gnus/mm-encode.el (mm-encode-content-transfer-encoding): Likewise
when encoding.
* lisp/gnus/mm-bodies.el (mm-decode-content-transfer-encoding):
De-canonicalize CRLF for all text content types, not just
text/plain.
2005-09-02 Katsumi Yamaoka <yamaoka@jpl.org>
* lisp/gnus/gnus-sum.el (gnus-thread-hide-subtree): Doc fix.
* lisp/gnus/gnus-msg.el (gnus-inews-insert-gcc): Fix the mistake of using
list, not listp.
2005-08-29 Romain Francoise <romain@orebokech.com>
* lisp/gnus/gnus-fun.el (gnus-convert-image-to-face-command): Fix typo in
docstring.
(gnus-face-from-file): Likewise.
2005-08-31 Juanma Barranquero <lekktu@gmail.com>
* lisp/gnus/gnus-art.el (w3m-minor-mode-map):
* lisp/gnus/gnus-spec.el (gnus-newsrc-file-version):
* lisp/gnus/gnus-util.el (nnmail-active-file-coding-system)
(gnus-original-article-buffer, gnus-user-agent):
* lisp/gnus/gnus.el (gnus-ham-process-destinations)
(gnus-parameter-ham-marks-alist)
(gnus-parameter-spam-marks-alist, gnus-spam-autodetect)
(gnus-spam-autodetect-methods, gnus-spam-newsgroup-contents)
(gnus-spam-process-destinations, gnus-spam-process-newsgroups):
* lisp/gnus/mm-decode.el (gnus-current-window-configuration):
* lisp/gnus/mm-extern.el (gnus-article-mime-handles):
* lisp/gnus/mm-url.el (url-current-object, url-package-name)
(url-package-version):
* lisp/gnus/mm-view.el (gnus-article-mime-handles, gnus-newsgroup-charset)
(smime-keys, w3m-cid-retrieve-function-alist)
(w3m-current-buffer, w3m-display-inline-images)
(w3m-minor-mode-map):
* lisp/gnus/mml-smime.el (gnus-extract-address-components):
* lisp/gnus/mml.el (gnus-article-mime-handles, gnus-mouse-2)
(gnus-newsrc-hashtb, message-default-charset)
(message-deletable-headers, message-options)
(message-posting-charset, message-required-mail-headers)
(message-required-news-headers):
* lisp/gnus/mml1991.el (mc-pgp-always-sign):
* lisp/gnus/mml2015.el (mc-pgp-always-sign):
* lisp/gnus/nnheader.el (nnmail-extra-headers):
* lisp/gnus/rfc1843.el (gnus-decode-encoded-word-function)
(gnus-decode-header-function, gnus-newsgroup-name):
* lisp/gnus/spam-stat.el (gnus-original-article-buffer): Add defvars.
2005-09-05 23:58:09 +00:00
|
|
|
(cadr (funcall (if (boundp
|
|
|
|
|
'gnus-extract-address-components)
|
|
|
|
|
gnus-extract-address-components
|
|
|
|
|
'mail-extract-address-components)
|
2004-09-04 13:13:48 +00:00
|
|
|
(or (save-excursion
|
|
|
|
|
(save-restriction
|
|
|
|
|
(message-narrow-to-headers)
|
|
|
|
|
(message-fetch-field "to")))
|
|
|
|
|
"")))))
|
|
|
|
|
(if (setq cert (smime-cert-by-dns who))
|
|
|
|
|
(setq result (list 'certfile (buffer-name cert)))
|
|
|
|
|
(setq bad (format "`%s' not found. " who))))
|
|
|
|
|
(quit))
|
|
|
|
|
result))
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-get-ldap-cert ()
|
|
|
|
|
;; todo: deal with comma separated multiple recipients
|
|
|
|
|
(let (result who bad cert)
|
|
|
|
|
(condition-case ()
|
|
|
|
|
(while (not result)
|
|
|
|
|
(setq who (read-from-minibuffer
|
|
|
|
|
(format "%sLookup certificate for: " (or bad ""))
|
|
|
|
|
(cadr (funcall gnus-extract-address-components
|
|
|
|
|
(or (save-excursion
|
|
|
|
|
(save-restriction
|
|
|
|
|
(message-narrow-to-headers)
|
|
|
|
|
(message-fetch-field "to")))
|
|
|
|
|
"")))))
|
|
|
|
|
(if (setq cert (smime-cert-by-ldap who))
|
|
|
|
|
(setq result (list 'certfile (buffer-name cert)))
|
|
|
|
|
(setq bad (format "`%s' not found. " who))))
|
|
|
|
|
(quit))
|
|
|
|
|
result))
|
|
|
|
|
|
Merge changes made in Gnus trunk.
nndraft.el (nndraft-request-expire-articles): Use the group name instead if "nndraft".
gnus.texi (Using IMAP): Remove the @acronyms from the headings.
nnregistry.el: Added.
nnimap.el (nnimap-insert-partial-structure): Be way more permissive when interpreting the structures.
GNUS-NEWS: Minor error in GNUS-NEWS - password-cache.el.
nnimap.el (nnimap-request-accept-article): Add \r\n to the lines to make this work with Cyrus.
gnus-registry.el: Don't prompt on load, which makes it impossible to build Gnus.
gnus-gravatar.el: Add gnus-gravatar-properties.
gnus-agent.el, gnus-art.el, gnus-bookmark.el, gnus-dired.el, gnus-group.el,\
gnus-int.el, gnus-msg.el, gnus-registry.el, gnus-score.el, gnus-srvr.el,\
gnus-sum.el, gnus-topic.el, gnus-util.el, gnus.el, mm-decode.el, mm-util.el,\
mm-view.el, mml-smime.el, mml.el, nnmairix.el, nnrss.el, smime.el:\
Introduce gnus-completing-read.
gnus-util.el: Make completing-read function configurable.
gnus-util.el: Add requires and fix history for iswitchb.
webmail.el: Remove netscape/my-deja, since they no longer exist.
gnus.el (gnus-local-domain): Declare variable obsolete.
nnimap.el (nnimap-insert-partial-structure): Get the type from the correct slot, too.
pop3.el (pop3-send-streaming-command, pop3-stream-length): New variable.
nnimap.el (nnimap-open-connection): Revert the auto-network->starttls code.
nnimap.el (nnimap-request-set-mark): Erase the buffer before issuing commands.
nnimap.el (nnimap-split-rule): Mark as obsolete.
gnus-sum.el (gnus-valid-move-group-p): Make sure that `group' is a symbol.
nnimap.el (nnimap-split-incoming-mail): Allow `default' as nnimap-split-methods value.
nnimap.el (nnimap-request-article): Downcase the NILs so that they are nil.
nndoc.el (nndoc-retrieve-groups): New function.
gnus.texi: Fix Gravatar documentation.
2010-09-30 08:39:23 +00:00
|
|
|
(autoload 'gnus-completing-read "gnus-util")
|
2007-12-11 05:29:49 +00:00
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-openssl-encrypt-query ()
|
2004-09-04 13:13:48 +00:00
|
|
|
;; todo: try dns/ldap automatically first, before prompting user
|
|
|
|
|
(let (certs done)
|
|
|
|
|
(while (not done)
|
Merge changes made in Gnus trunk.
nndraft.el (nndraft-request-expire-articles): Use the group name instead if "nndraft".
gnus.texi (Using IMAP): Remove the @acronyms from the headings.
nnregistry.el: Added.
nnimap.el (nnimap-insert-partial-structure): Be way more permissive when interpreting the structures.
GNUS-NEWS: Minor error in GNUS-NEWS - password-cache.el.
nnimap.el (nnimap-request-accept-article): Add \r\n to the lines to make this work with Cyrus.
gnus-registry.el: Don't prompt on load, which makes it impossible to build Gnus.
gnus-gravatar.el: Add gnus-gravatar-properties.
gnus-agent.el, gnus-art.el, gnus-bookmark.el, gnus-dired.el, gnus-group.el,\
gnus-int.el, gnus-msg.el, gnus-registry.el, gnus-score.el, gnus-srvr.el,\
gnus-sum.el, gnus-topic.el, gnus-util.el, gnus.el, mm-decode.el, mm-util.el,\
mm-view.el, mml-smime.el, mml.el, nnmairix.el, nnrss.el, smime.el:\
Introduce gnus-completing-read.
gnus-util.el: Make completing-read function configurable.
gnus-util.el: Add requires and fix history for iswitchb.
webmail.el: Remove netscape/my-deja, since they no longer exist.
gnus.el (gnus-local-domain): Declare variable obsolete.
nnimap.el (nnimap-insert-partial-structure): Get the type from the correct slot, too.
pop3.el (pop3-send-streaming-command, pop3-stream-length): New variable.
nnimap.el (nnimap-open-connection): Revert the auto-network->starttls code.
nnimap.el (nnimap-request-set-mark): Erase the buffer before issuing commands.
nnimap.el (nnimap-split-rule): Mark as obsolete.
gnus-sum.el (gnus-valid-move-group-p): Make sure that `group' is a symbol.
nnimap.el (nnimap-split-incoming-mail): Allow `default' as nnimap-split-methods value.
nnimap.el (nnimap-request-article): Downcase the NILs so that they are nil.
nndoc.el (nndoc-retrieve-groups): New function.
gnus.texi: Fix Gravatar documentation.
2010-09-30 08:39:23 +00:00
|
|
|
(ecase (read (gnus-completing-read
|
|
|
|
|
"Fetch certificate from"
|
2010-10-04 22:26:51 +00:00
|
|
|
'("dns" "ldap" "file") t nil nil
|
Merge changes made in Gnus trunk.
nndraft.el (nndraft-request-expire-articles): Use the group name instead if "nndraft".
gnus.texi (Using IMAP): Remove the @acronyms from the headings.
nnregistry.el: Added.
nnimap.el (nnimap-insert-partial-structure): Be way more permissive when interpreting the structures.
GNUS-NEWS: Minor error in GNUS-NEWS - password-cache.el.
nnimap.el (nnimap-request-accept-article): Add \r\n to the lines to make this work with Cyrus.
gnus-registry.el: Don't prompt on load, which makes it impossible to build Gnus.
gnus-gravatar.el: Add gnus-gravatar-properties.
gnus-agent.el, gnus-art.el, gnus-bookmark.el, gnus-dired.el, gnus-group.el,\
gnus-int.el, gnus-msg.el, gnus-registry.el, gnus-score.el, gnus-srvr.el,\
gnus-sum.el, gnus-topic.el, gnus-util.el, gnus.el, mm-decode.el, mm-util.el,\
mm-view.el, mml-smime.el, mml.el, nnmairix.el, nnrss.el, smime.el:\
Introduce gnus-completing-read.
gnus-util.el: Make completing-read function configurable.
gnus-util.el: Add requires and fix history for iswitchb.
webmail.el: Remove netscape/my-deja, since they no longer exist.
gnus.el (gnus-local-domain): Declare variable obsolete.
nnimap.el (nnimap-insert-partial-structure): Get the type from the correct slot, too.
pop3.el (pop3-send-streaming-command, pop3-stream-length): New variable.
nnimap.el (nnimap-open-connection): Revert the auto-network->starttls code.
nnimap.el (nnimap-request-set-mark): Erase the buffer before issuing commands.
nnimap.el (nnimap-split-rule): Mark as obsolete.
gnus-sum.el (gnus-valid-move-group-p): Make sure that `group' is a symbol.
nnimap.el (nnimap-split-incoming-mail): Allow `default' as nnimap-split-methods value.
nnimap.el (nnimap-request-article): Downcase the NILs so that they are nil.
nndoc.el (nndoc-retrieve-groups): New function.
gnus.texi: Fix Gravatar documentation.
2010-09-30 08:39:23 +00:00
|
|
|
"ldap"))
|
2004-09-04 13:13:48 +00:00
|
|
|
(dns (setq certs (append certs
|
|
|
|
|
(mml-smime-get-dns-cert))))
|
2007-10-28 09:18:39 +00:00
|
|
|
(ldap (setq certs (append certs
|
|
|
|
|
(mml-smime-get-ldap-cert))))
|
2004-09-04 13:13:48 +00:00
|
|
|
(file (setq certs (append certs
|
|
|
|
|
(mml-smime-get-file-cert)))))
|
|
|
|
|
(setq done (not (y-or-n-p "Add more recipients? "))))
|
|
|
|
|
certs))
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-openssl-verify (handle ctl)
|
2004-09-04 13:13:48 +00:00
|
|
|
(with-temp-buffer
|
|
|
|
|
(insert-buffer-substring (mm-handle-multipart-original-buffer ctl))
|
|
|
|
|
(goto-char (point-min))
|
|
|
|
|
(insert (format "Content-Type: %s; " (mm-handle-media-type ctl)))
|
|
|
|
|
(insert (format "protocol=\"%s\"; "
|
|
|
|
|
(mm-handle-multipart-ctl-parameter ctl 'protocol)))
|
|
|
|
|
(insert (format "micalg=\"%s\"; "
|
|
|
|
|
(mm-handle-multipart-ctl-parameter ctl 'micalg)))
|
|
|
|
|
(insert (format "boundary=\"%s\"\n\n"
|
|
|
|
|
(mm-handle-multipart-ctl-parameter ctl 'boundary)))
|
|
|
|
|
(when (get-buffer smime-details-buffer)
|
|
|
|
|
(kill-buffer smime-details-buffer))
|
|
|
|
|
(let ((buf (current-buffer))
|
|
|
|
|
(good-signature (smime-noverify-buffer))
|
|
|
|
|
(good-certificate (and (or smime-CA-file smime-CA-directory)
|
|
|
|
|
(smime-verify-buffer)))
|
|
|
|
|
addresses openssl-output)
|
|
|
|
|
(setq openssl-output (with-current-buffer smime-details-buffer
|
|
|
|
|
(buffer-string)))
|
|
|
|
|
(if (not good-signature)
|
|
|
|
|
(progn
|
|
|
|
|
;; we couldn't verify message, fail with openssl output as message
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Failed")
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-details
|
|
|
|
|
(concat "OpenSSL failed to verify message integrity:\n"
|
|
|
|
|
"-------------------------------------------\n"
|
|
|
|
|
openssl-output)))
|
|
|
|
|
;; verify mail addresses in mail against those in certificate
|
|
|
|
|
(when (and (smime-pkcs7-region (point-min) (point-max))
|
|
|
|
|
(smime-pkcs7-certificates-region (point-min) (point-max)))
|
|
|
|
|
(with-temp-buffer
|
|
|
|
|
(insert-buffer-substring buf)
|
|
|
|
|
(goto-char (point-min))
|
|
|
|
|
(while (re-search-forward "-----END CERTIFICATE-----" nil t)
|
|
|
|
|
(when (smime-pkcs7-email-region (point-min) (point))
|
|
|
|
|
(setq addresses (append (smime-buffer-as-string-region
|
|
|
|
|
(point-min) (point)) addresses)))
|
|
|
|
|
(delete-region (point-min) (point)))
|
|
|
|
|
(setq addresses (mapcar 'downcase addresses))))
|
|
|
|
|
(if (not (member (downcase (or (mm-handle-multipart-from ctl) "")) addresses))
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Sender address forged")
|
|
|
|
|
(if good-certificate
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Ok (sender authenticated)")
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Ok (sender not trusted)")))
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-details
|
|
|
|
|
(concat "Sender claimed to be: " (mm-handle-multipart-from ctl) "\n"
|
|
|
|
|
(if addresses
|
|
|
|
|
(concat "Addresses in certificate: "
|
|
|
|
|
(mapconcat 'identity addresses ", "))
|
|
|
|
|
"No addresses found in certificate. (Requires OpenSSL 0.9.6 or later.)")
|
|
|
|
|
"\n" "\n"
|
|
|
|
|
"OpenSSL output:\n"
|
|
|
|
|
"---------------\n" openssl-output "\n"
|
|
|
|
|
"Certificate(s) inside S/MIME signature:\n"
|
|
|
|
|
"---------------------------------------\n"
|
|
|
|
|
(buffer-string) "\n")))))
|
|
|
|
|
handle)
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-openssl-verify-test (handle ctl)
|
2004-09-04 13:13:48 +00:00
|
|
|
smime-openssl-program)
|
|
|
|
|
|
* smime.el (from):
* rfc2047.el (message-posting-charset):
* qp.el (mm-use-ultra-safe-encoding):
* pop3.el (parse-time-months):
* nnrss.el (mm-text-html-renderer, mm-text-html-washer-alist):
* nnml.el (files):
* nnheader.el (gnus-newsgroup-name, nnheader-file-coding-system)
(jka-compr-compression-info-list, ange-ftp-path-format)
(efs-path-regexp):
* nndiary.el (files):
* mml2015.el (mc-default-scheme, mc-schemes, pgg-default-user-id)
(pgg-errors-buffer, pgg-output-buffer, epg-user-id-alist)
(epg-digest-algorithm-alist, inhibit-redisplay)
(password-cache-expiry):
* mml1991.el (pgg-default-user-id, pgg-errors-buffer)
(pgg-output-buffer, password-cache-expiry):
* mml.el (mml-dnd-protocol-alist, ange-ftp-name-format)
(efs-path-regexp):
* mml-smime.el (epg-user-id-alist, epg-digest-algorithm-alist)
(inhibit-redisplay):
* mm-uu.el (file-name, start-point, end-point, entry)
(gnus-newsgroup-name, gnus-newsgroup-charset):
* mm-util.el (mm-mime-mule-charset-alist, latin-unity-coding-systems)
(latin-unity-ucs-list):
* mm-bodies.el (mm-uu-yenc-decode-function, mm-uu-decode-function)
(mm-uu-binhex-decode-function):
* message.el (gnus-message-group-art, gnus-list-identifiers, )
(rmail-enable-mime-composing, gnus-local-organization)
(gnus-post-method, gnus-select-method, gnus-active-hashtb)
(gnus-read-active-file, facemenu-add-face-function)
(facemenu-remove-face-function, gnus-article-decoded-p)
(tool-bar-mode):
* mail-source.el (display-time-mail-function):
* gnus-util.el (nnmail-pathname-coding-system)
(nnmail-active-file-coding-system, gnus-emphasize-whitespace-regexp)
(gnus-original-article-buffer, gnus-user-agent)
(rmail-default-rmail-file, mm-text-coding-system, tool-bar-mode)
(xemacs-codename, sxemacs-codename, emacs-program-version):
* gnus-sum.el (tool-bar-mode, gnus-tmp-header, number):
* gnus-start.el (gnus-agent-covered-methods)
(gnus-agent-file-loading-local, gnus-agent-file-loading-cache)
(gnus-current-headers, gnus-thread-indent-array, gnus-newsgroup-name)
(gnus-newsgroup-headers, gnus-group-list-mode)
(gnus-group-mark-positions, gnus-newsgroup-data)
(gnus-newsgroup-unreads, nnoo-state-alist)
(gnus-current-select-method, mail-sources)
(nnmail-scan-directory-mail-source-once, nnmail-split-history)
(nnmail-spool-file, gnus-cache-active-hashtb):
* gnus-mh.el (mh-lib-progs):
* gnus-ems.el (gnus-tmp-unread, gnus-tmp-replied)
(gnus-tmp-score-char, gnus-tmp-indentation, gnus-tmp-opening-bracket)
(gnus-tmp-lines, gnus-tmp-name, gnus-tmp-closing-bracket)
(gnus-tmp-subject-or-nil, gnus-check-before-posting, gnus-mouse-face)
(gnus-group-buffer):
* gnus-cite.el (font-lock-defaults-computed, font-lock-keywords)
(font-lock-set-defaults):
* gnus-art.el (tool-bar-map, w3m-minor-mode-map)
(gnus-face-properties-alist, charset, gnus-summary-article-menu)
(gnus-summary-post-menu, total-parts, type, condition, length):
* gnus-agent.el (gnus-agent-read-agentview):
* flow-fill.el (show-trailing-whitespace):
* gnus-group.el (tool-bar-mode, nnrss-group-alist): Remove unnecessary
eval-and-compile wrappers for byte compiler pacifiers.
* mm-view.el (mm-inline-image-xemacs): Only do something for XEmacs.
(mm-display-inline-fontify): Check for featurep 'xemacs not
extent-list.
* mm-decode.el (mm-display-external): Check for featurep 'xemacs not
itimer-list.
(mm-create-image-xemacs): Only do something for XEmacs.
(mm-image-fit-p): Check for featurep 'xemacs not glyph-width.
* mm-util.el (mm-find-buffer-file-coding-system): Add check for XEmacs.
* gnus-registry.el (gnus-adaptive-word-syntax-table):
* gnus-fun.el (gnus-face-properties-alist): Pacify byte compiler.
* textmodes/reftex-dcr.el (reftex-start-itimer-once): Add check
for XEmacs.
* calc/calc-menu.el (calc-mode-map): Pacify byte compiler.
* doc-view.el (doc-view-resolution): Add missing :group.
2007-11-16 16:50:35 +00:00
|
|
|
(defvar epg-user-id-alist)
|
|
|
|
|
(defvar epg-digest-algorithm-alist)
|
|
|
|
|
(defvar inhibit-redisplay)
|
|
|
|
|
(defvar password-cache-expiry)
|
2007-10-28 09:18:39 +00:00
|
|
|
|
|
|
|
|
(eval-when-compile
|
* smime.el (from):
* rfc2047.el (message-posting-charset):
* qp.el (mm-use-ultra-safe-encoding):
* pop3.el (parse-time-months):
* nnrss.el (mm-text-html-renderer, mm-text-html-washer-alist):
* nnml.el (files):
* nnheader.el (gnus-newsgroup-name, nnheader-file-coding-system)
(jka-compr-compression-info-list, ange-ftp-path-format)
(efs-path-regexp):
* nndiary.el (files):
* mml2015.el (mc-default-scheme, mc-schemes, pgg-default-user-id)
(pgg-errors-buffer, pgg-output-buffer, epg-user-id-alist)
(epg-digest-algorithm-alist, inhibit-redisplay)
(password-cache-expiry):
* mml1991.el (pgg-default-user-id, pgg-errors-buffer)
(pgg-output-buffer, password-cache-expiry):
* mml.el (mml-dnd-protocol-alist, ange-ftp-name-format)
(efs-path-regexp):
* mml-smime.el (epg-user-id-alist, epg-digest-algorithm-alist)
(inhibit-redisplay):
* mm-uu.el (file-name, start-point, end-point, entry)
(gnus-newsgroup-name, gnus-newsgroup-charset):
* mm-util.el (mm-mime-mule-charset-alist, latin-unity-coding-systems)
(latin-unity-ucs-list):
* mm-bodies.el (mm-uu-yenc-decode-function, mm-uu-decode-function)
(mm-uu-binhex-decode-function):
* message.el (gnus-message-group-art, gnus-list-identifiers, )
(rmail-enable-mime-composing, gnus-local-organization)
(gnus-post-method, gnus-select-method, gnus-active-hashtb)
(gnus-read-active-file, facemenu-add-face-function)
(facemenu-remove-face-function, gnus-article-decoded-p)
(tool-bar-mode):
* mail-source.el (display-time-mail-function):
* gnus-util.el (nnmail-pathname-coding-system)
(nnmail-active-file-coding-system, gnus-emphasize-whitespace-regexp)
(gnus-original-article-buffer, gnus-user-agent)
(rmail-default-rmail-file, mm-text-coding-system, tool-bar-mode)
(xemacs-codename, sxemacs-codename, emacs-program-version):
* gnus-sum.el (tool-bar-mode, gnus-tmp-header, number):
* gnus-start.el (gnus-agent-covered-methods)
(gnus-agent-file-loading-local, gnus-agent-file-loading-cache)
(gnus-current-headers, gnus-thread-indent-array, gnus-newsgroup-name)
(gnus-newsgroup-headers, gnus-group-list-mode)
(gnus-group-mark-positions, gnus-newsgroup-data)
(gnus-newsgroup-unreads, nnoo-state-alist)
(gnus-current-select-method, mail-sources)
(nnmail-scan-directory-mail-source-once, nnmail-split-history)
(nnmail-spool-file, gnus-cache-active-hashtb):
* gnus-mh.el (mh-lib-progs):
* gnus-ems.el (gnus-tmp-unread, gnus-tmp-replied)
(gnus-tmp-score-char, gnus-tmp-indentation, gnus-tmp-opening-bracket)
(gnus-tmp-lines, gnus-tmp-name, gnus-tmp-closing-bracket)
(gnus-tmp-subject-or-nil, gnus-check-before-posting, gnus-mouse-face)
(gnus-group-buffer):
* gnus-cite.el (font-lock-defaults-computed, font-lock-keywords)
(font-lock-set-defaults):
* gnus-art.el (tool-bar-map, w3m-minor-mode-map)
(gnus-face-properties-alist, charset, gnus-summary-article-menu)
(gnus-summary-post-menu, total-parts, type, condition, length):
* gnus-agent.el (gnus-agent-read-agentview):
* flow-fill.el (show-trailing-whitespace):
* gnus-group.el (tool-bar-mode, nnrss-group-alist): Remove unnecessary
eval-and-compile wrappers for byte compiler pacifiers.
* mm-view.el (mm-inline-image-xemacs): Only do something for XEmacs.
(mm-display-inline-fontify): Check for featurep 'xemacs not
extent-list.
* mm-decode.el (mm-display-external): Check for featurep 'xemacs not
itimer-list.
(mm-create-image-xemacs): Only do something for XEmacs.
(mm-image-fit-p): Check for featurep 'xemacs not glyph-width.
* mm-util.el (mm-find-buffer-file-coding-system): Add check for XEmacs.
* gnus-registry.el (gnus-adaptive-word-syntax-table):
* gnus-fun.el (gnus-face-properties-alist): Pacify byte compiler.
* textmodes/reftex-dcr.el (reftex-start-itimer-once): Add check
for XEmacs.
* calc/calc-menu.el (calc-mode-map): Pacify byte compiler.
* doc-view.el (doc-view-resolution): Add missing :group.
2007-11-16 16:50:35 +00:00
|
|
|
(autoload 'epg-make-context "epg")
|
2007-10-28 09:18:39 +00:00
|
|
|
(autoload 'epg-context-set-armor "epg")
|
|
|
|
|
(autoload 'epg-context-set-signers "epg")
|
|
|
|
|
(autoload 'epg-context-result-for "epg")
|
|
|
|
|
(autoload 'epg-new-signature-digest-algorithm "epg")
|
|
|
|
|
(autoload 'epg-verify-result-to-string "epg")
|
|
|
|
|
(autoload 'epg-list-keys "epg")
|
|
|
|
|
(autoload 'epg-decrypt-string "epg")
|
|
|
|
|
(autoload 'epg-verify-string "epg")
|
|
|
|
|
(autoload 'epg-sign-string "epg")
|
|
|
|
|
(autoload 'epg-encrypt-string "epg")
|
|
|
|
|
(autoload 'epg-passphrase-callback-function "epg")
|
|
|
|
|
(autoload 'epg-context-set-passphrase-callback "epg")
|
|
|
|
|
(autoload 'epg-configuration "epg-config")
|
|
|
|
|
(autoload 'epg-expand-group "epg-config")
|
2007-12-04 04:04:41 +00:00
|
|
|
(autoload 'epa-select-keys "epa"))
|
2007-10-28 09:18:39 +00:00
|
|
|
|
|
|
|
|
(defvar mml-smime-epg-secret-key-id-list nil)
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-epg-passphrase-callback (context key-id ignore)
|
|
|
|
|
(if (eq key-id 'SYM)
|
|
|
|
|
(epg-passphrase-callback-function context key-id nil)
|
|
|
|
|
(let* (entry
|
|
|
|
|
(passphrase
|
|
|
|
|
(password-read
|
|
|
|
|
(if (eq key-id 'PIN)
|
|
|
|
|
"Passphrase for PIN: "
|
|
|
|
|
(if (setq entry (assoc key-id epg-user-id-alist))
|
|
|
|
|
(format "Passphrase for %s %s: " key-id (cdr entry))
|
|
|
|
|
(format "Passphrase for %s: " key-id)))
|
|
|
|
|
(if (eq key-id 'PIN)
|
|
|
|
|
"PIN"
|
|
|
|
|
key-id))))
|
|
|
|
|
(when passphrase
|
|
|
|
|
(let ((password-cache-expiry mml-smime-passphrase-cache-expiry))
|
|
|
|
|
(password-cache-add key-id passphrase))
|
|
|
|
|
(setq mml-smime-epg-secret-key-id-list
|
|
|
|
|
(cons key-id mml-smime-epg-secret-key-id-list))
|
|
|
|
|
(copy-sequence passphrase)))))
|
|
|
|
|
|
2007-12-11 05:29:49 +00:00
|
|
|
(declare-function epg-key-sub-key-list "ext:epg" (key))
|
|
|
|
|
(declare-function epg-sub-key-capability "ext:epg" (sub-key))
|
|
|
|
|
(declare-function epg-sub-key-validity "ext:epg" (sub-key))
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-epg-find-usable-key (keys usage)
|
|
|
|
|
(catch 'found
|
|
|
|
|
(while keys
|
|
|
|
|
(let ((pointer (epg-key-sub-key-list (car keys))))
|
|
|
|
|
(while pointer
|
|
|
|
|
(if (and (memq usage (epg-sub-key-capability (car pointer)))
|
|
|
|
|
(not (memq (epg-sub-key-validity (car pointer))
|
|
|
|
|
'(revoked expired))))
|
|
|
|
|
(throw 'found (car keys)))
|
|
|
|
|
(setq pointer (cdr pointer))))
|
|
|
|
|
(setq keys (cdr keys)))))
|
|
|
|
|
|
2007-12-11 05:29:49 +00:00
|
|
|
(autoload 'mml-compute-boundary "mml")
|
|
|
|
|
|
|
|
|
|
;; We require mm-decode, which requires mm-bodies, which autoloads
|
|
|
|
|
;; message-options-get (!).
|
|
|
|
|
(declare-function message-options-set "message" (symbol value))
|
|
|
|
|
|
2007-10-28 09:18:39 +00:00
|
|
|
(defun mml-smime-epg-sign (cont)
|
|
|
|
|
(let* ((inhibit-redisplay t)
|
|
|
|
|
(context (epg-make-context 'CMS))
|
|
|
|
|
(boundary (mml-compute-boundary cont))
|
|
|
|
|
signer-key
|
|
|
|
|
(signers
|
|
|
|
|
(or (message-options-get 'mml-smime-epg-signers)
|
|
|
|
|
(message-options-set
|
|
|
|
|
'mml-smime-epg-signers
|
2009-09-28 12:09:01 +00:00
|
|
|
(if (eq mm-sign-option 'guided)
|
2007-10-28 09:18:39 +00:00
|
|
|
(epa-select-keys context "\
|
|
|
|
|
Select keys for signing.
|
|
|
|
|
If no one is selected, default secret key is used. "
|
|
|
|
|
mml-smime-signers t)
|
|
|
|
|
(if mml-smime-signers
|
|
|
|
|
(mapcar
|
|
|
|
|
(lambda (signer)
|
|
|
|
|
(setq signer-key (mml-smime-epg-find-usable-key
|
|
|
|
|
(epg-list-keys context signer t)
|
|
|
|
|
'sign))
|
|
|
|
|
(unless (or signer-key
|
|
|
|
|
(y-or-n-p
|
|
|
|
|
(format "No secret key for %s; skip it? "
|
|
|
|
|
signer)))
|
|
|
|
|
(error "No secret key for %s" signer))
|
|
|
|
|
signer-key)
|
|
|
|
|
mml-smime-signers))))))
|
|
|
|
|
signature micalg)
|
|
|
|
|
(epg-context-set-signers context signers)
|
|
|
|
|
(if mml-smime-cache-passphrase
|
|
|
|
|
(epg-context-set-passphrase-callback
|
|
|
|
|
context
|
|
|
|
|
#'mml-smime-epg-passphrase-callback))
|
|
|
|
|
(condition-case error
|
|
|
|
|
(setq signature (epg-sign-string context
|
|
|
|
|
(mm-replace-in-string (buffer-string)
|
|
|
|
|
"\n" "\r\n")
|
|
|
|
|
t)
|
|
|
|
|
mml-smime-epg-secret-key-id-list nil)
|
|
|
|
|
(error
|
|
|
|
|
(while mml-smime-epg-secret-key-id-list
|
|
|
|
|
(password-cache-remove (car mml-smime-epg-secret-key-id-list))
|
|
|
|
|
(setq mml-smime-epg-secret-key-id-list
|
|
|
|
|
(cdr mml-smime-epg-secret-key-id-list)))
|
|
|
|
|
(signal (car error) (cdr error))))
|
|
|
|
|
(if (epg-context-result-for context 'sign)
|
|
|
|
|
(setq micalg (epg-new-signature-digest-algorithm
|
|
|
|
|
(car (epg-context-result-for context 'sign)))))
|
|
|
|
|
(goto-char (point-min))
|
|
|
|
|
(insert (format "Content-Type: multipart/signed; boundary=\"%s\";\n"
|
|
|
|
|
boundary))
|
|
|
|
|
(if micalg
|
|
|
|
|
(insert (format "\tmicalg=%s; "
|
|
|
|
|
(downcase
|
|
|
|
|
(cdr (assq micalg
|
|
|
|
|
epg-digest-algorithm-alist))))))
|
|
|
|
|
(insert "protocol=\"application/pkcs7-signature\"\n")
|
|
|
|
|
(insert (format "\n--%s\n" boundary))
|
|
|
|
|
(goto-char (point-max))
|
|
|
|
|
(insert (format "\n--%s\n" boundary))
|
|
|
|
|
(insert "Content-Type: application/pkcs7-signature; name=smime.p7s
|
|
|
|
|
Content-Transfer-Encoding: base64
|
|
|
|
|
Content-Disposition: attachment; filename=smime.p7s
|
|
|
|
|
|
|
|
|
|
")
|
|
|
|
|
(insert (base64-encode-string signature) "\n")
|
|
|
|
|
(goto-char (point-max))
|
|
|
|
|
(insert (format "--%s--\n" boundary))
|
|
|
|
|
(goto-char (point-max))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-epg-encrypt (cont)
|
|
|
|
|
(let ((inhibit-redisplay t)
|
|
|
|
|
(context (epg-make-context 'CMS))
|
|
|
|
|
(config (epg-configuration))
|
|
|
|
|
(recipients (message-options-get 'mml-smime-epg-recipients))
|
|
|
|
|
cipher signers
|
|
|
|
|
(boundary (mml-compute-boundary cont))
|
|
|
|
|
recipient-key)
|
|
|
|
|
(unless recipients
|
|
|
|
|
(setq recipients
|
|
|
|
|
(apply #'nconc
|
|
|
|
|
(mapcar
|
|
|
|
|
(lambda (recipient)
|
|
|
|
|
(or (epg-expand-group config recipient)
|
|
|
|
|
(list recipient)))
|
|
|
|
|
(split-string
|
|
|
|
|
(or (message-options-get 'message-recipients)
|
|
|
|
|
(message-options-set 'message-recipients
|
|
|
|
|
(read-string "Recipients: ")))
|
|
|
|
|
"[ \f\t\n\r\v,]+"))))
|
2009-09-28 12:09:01 +00:00
|
|
|
(if (eq mm-encrypt-option 'guided)
|
2007-10-28 09:18:39 +00:00
|
|
|
(setq recipients
|
|
|
|
|
(epa-select-keys context "\
|
|
|
|
|
Select recipients for encryption.
|
|
|
|
|
If no one is selected, symmetric encryption will be performed. "
|
|
|
|
|
recipients))
|
|
|
|
|
(setq recipients
|
|
|
|
|
(mapcar
|
|
|
|
|
(lambda (recipient)
|
|
|
|
|
(setq recipient-key (mml-smime-epg-find-usable-key
|
|
|
|
|
(epg-list-keys context recipient)
|
|
|
|
|
'encrypt))
|
|
|
|
|
(unless (or recipient-key
|
|
|
|
|
(y-or-n-p
|
|
|
|
|
(format "No public key for %s; skip it? "
|
|
|
|
|
recipient)))
|
|
|
|
|
(error "No public key for %s" recipient))
|
|
|
|
|
recipient-key)
|
|
|
|
|
recipients))
|
|
|
|
|
(unless recipients
|
|
|
|
|
(error "No recipient specified")))
|
|
|
|
|
(message-options-set 'mml-smime-epg-recipients recipients))
|
|
|
|
|
(if mml-smime-cache-passphrase
|
|
|
|
|
(epg-context-set-passphrase-callback
|
|
|
|
|
context
|
|
|
|
|
#'mml-smime-epg-passphrase-callback))
|
|
|
|
|
(condition-case error
|
|
|
|
|
(setq cipher
|
|
|
|
|
(epg-encrypt-string context (buffer-string) recipients)
|
|
|
|
|
mml-smime-epg-secret-key-id-list nil)
|
|
|
|
|
(error
|
|
|
|
|
(while mml-smime-epg-secret-key-id-list
|
|
|
|
|
(password-cache-remove (car mml-smime-epg-secret-key-id-list))
|
|
|
|
|
(setq mml-smime-epg-secret-key-id-list
|
|
|
|
|
(cdr mml-smime-epg-secret-key-id-list)))
|
|
|
|
|
(signal (car error) (cdr error))))
|
|
|
|
|
(delete-region (point-min) (point-max))
|
|
|
|
|
(goto-char (point-min))
|
|
|
|
|
(insert "\
|
|
|
|
|
Content-Type: application/pkcs7-mime;
|
|
|
|
|
smime-type=enveloped-data;
|
|
|
|
|
name=smime.p7m
|
|
|
|
|
Content-Transfer-Encoding: base64
|
|
|
|
|
Content-Disposition: attachment; filename=smime.p7m
|
|
|
|
|
|
|
|
|
|
")
|
|
|
|
|
(insert (base64-encode-string cipher))
|
|
|
|
|
(goto-char (point-max))))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-epg-verify (handle ctl)
|
|
|
|
|
(catch 'error
|
|
|
|
|
(let ((inhibit-redisplay t)
|
|
|
|
|
context plain signature-file part signature)
|
|
|
|
|
(when (or (null (setq part (mm-find-raw-part-by-type
|
|
|
|
|
ctl (or (mm-handle-multipart-ctl-parameter
|
|
|
|
|
ctl 'protocol)
|
|
|
|
|
"application/pkcs7-signature")
|
|
|
|
|
t)))
|
2010-07-25 10:29:49 +00:00
|
|
|
(null (setq signature (or (mm-find-part-by-type
|
|
|
|
|
(cdr handle)
|
|
|
|
|
"application/pkcs7-signature"
|
|
|
|
|
nil t)
|
|
|
|
|
(mm-find-part-by-type
|
|
|
|
|
(cdr handle)
|
|
|
|
|
"application/x-pkcs7-signature"
|
|
|
|
|
nil t)))))
|
2007-10-28 09:18:39 +00:00
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Corrupted")
|
|
|
|
|
(throw 'error handle))
|
2011-08-28 22:04:32 +00:00
|
|
|
(setq part (mm-replace-in-string part "\n" "\r\n")
|
2007-10-28 09:18:39 +00:00
|
|
|
context (epg-make-context 'CMS))
|
|
|
|
|
(condition-case error
|
|
|
|
|
(setq plain (epg-verify-string context (mm-get-part signature) part))
|
|
|
|
|
(error
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info "Failed")
|
|
|
|
|
(if (eq (car error) 'quit)
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-details "Quit.")
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-details (format "%S" error)))
|
|
|
|
|
(throw 'error handle)))
|
|
|
|
|
(mm-set-handle-multipart-parameter
|
|
|
|
|
mm-security-handle 'gnus-info
|
|
|
|
|
(epg-verify-result-to-string (epg-context-result-for context 'verify)))
|
|
|
|
|
handle)))
|
|
|
|
|
|
|
|
|
|
(defun mml-smime-epg-verify-test (handle ctl)
|
|
|
|
|
t)
|
|
|
|
|
|
2004-09-04 13:13:48 +00:00
|
|
|
(provide 'mml-smime)
|
|
|
|
|
|
|
|
|
|
;;; mml-smime.el ends here
|