diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2b9e40e --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +kuvert_submit diff --git a/GPL b/GPL new file mode 100644 index 0000000..e77696a --- /dev/null +++ b/GPL @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 675 Mass Ave, Cambridge, MA 02139, USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) 19yy + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) 19yy name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..3e060bc --- /dev/null +++ b/Makefile @@ -0,0 +1,30 @@ +# well, a simpler makefile is hardly imaginable... +DESTDIR= + +# the version number of the package +VERSION=$(shell sed -n '1s/^.*(\(.*\)).*$$/\1/p' debian/changelog) + +CPPFLAGS:=$(shell dpkg-buildflags --get CPPFLAGS) +CFLAGS:=$(shell dpkg-buildflags --get CFLAGS) +CXXFLAGS:=$(shell dpkg-buildflags --get CXXFLAGS) +LDFLAGS:=$(shell dpkg-buildflags --get LDFLAGS) + +all: kuvert_submit + +clean: + -rm -f kuvert_submit kuvert.tmp + +install: kuvert_submit kuvert + install -d $(DESTDIR)/usr/bin $(DESTDIR)/usr/share/man/man1 \ + $(DESTDIR)/usr/share/perl5/Net/Server/Mail/ESMTP/ + install kuvert_submit $(DESTDIR)/usr/bin +# fix the version number + sed 's/INSERT_VERSION/$(VERSION)/' kuvert > kuvert.tmp + install kuvert.tmp $(DESTDIR)/usr/bin/kuvert + -rm kuvert.tmp + install plainAUTH.pm $(DESTDIR)/usr/share/perl5/Net/Server/Mail/ESMTP/ + pod2man --center="User Commands" -r Mail kuvert $(DESTDIR)/usr/share/man/man1/kuvert.1 + pod2man --center="User Commands" -r Mail kuvert_submit.pod $(DESTDIR)/usr/share/man/man1/kuvert_submit.1 + +test: + echo $(VERSION) diff --git a/THANKS b/THANKS new file mode 100644 index 0000000..7a4c89a --- /dev/null +++ b/THANKS @@ -0,0 +1,7 @@ +My thanks go to + +Robert Bihlmeyer +Norbert Preining +Robert Waldner + +for valuable hints and suggestions regarding this piece of software. \ No newline at end of file diff --git a/kuvert b/kuvert index bc45681..c61ad31 100755 --- a/kuvert +++ b/kuvert @@ -19,7 +19,6 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. # -# $Id: kuvert,v 2.32 2014/07/15 10:55:55 az Exp az $ #-- use strict; diff --git a/kuvert.man b/kuvert.man deleted file mode 100644 index 66c1af8..0000000 --- a/kuvert.man +++ /dev/null @@ -1,407 +0,0 @@ -.Dd February 16, 2003 -.Dt KUVERT 1 -.Os Unix -.Sh NAME -kuvert \- automatically sign and/or encrypt mail based on the recipients -.Sh SYNOPSIS -.Nm kuvert -.Op Fl d -.Op Fl b -.Op Fl r | Fl k | Fl n | Fl v -.Sh DESCRIPTION -.Nm kuvert -reads mails from its queue, analyzes the recipients, decides to whom -it should encrypt and/or sign the mail using the PGP-MIME framework -defined in RFC3156 and sends the mail using your real MTA. kuvert can use -both old-style 2.x -.Xr pgp 1 -and modern -.Xr gpg 1 -at the same time, or can -coerce gpg into producing pgp-2.x-compatible signatures/encrypted data. -.Pp -The mail submission into the queue is usually done by -.Xr kuvert_mta_wrapper "1". -.Pp -The option -.Fl r -causes an already running -.Nm kuvert -process to reload the configuration file and the keyring(s). -This is done by sending a SIGUSR1 to the running process. -.Pp -The option -.Fl d -activates debugging output to syslog. -.Nm kuvert -does not fork when in debugging mode and processes just the -first mail in the queue, after which it terminates. -.Pp -If the option -.Fl b -is given, then -.Nm kuvert -will send an error mail to the user whenever fatal errors are encountered. -.Pp -The option -.Fl k -makes -.Nm kuvert -kill an already running process. -.Pp -With the option -.Fl n -.Nm kuvert -does not -.Xr fork 2 -but keeps running in the foreground. -.Pp -The option -.Fl v -makes -.Nm kuvert -output its version number and exit immediately. -.Pp -At startup -.Nm kuvert -reads the keyring(s) and the configuration file, -then usually forks and runs the queue once every 60 seconds. -Whenever there is a file with a name consisting of digits only in the -queue, -.Nm kuvert -will parse the mime structure into a temporary directory using -.Xr MIME::Parser "3pm". -.Pp -.Nm kuvert -then decides whether the mail shall be left as is, clear-text signed -or signed and encrypted according to RFC3156. -This decision is done independently for every recipient of the -mail and works as follows: -.Bl -bullet -.It -If a public key of the recipient is known, sign and encrypt. -.It -If no public key of the recipient is known, just sign. -.El -.Pp -There are some options governing or overriding this basic setup, see -the section -.Sx CONFIGURATION -for details. -.Pp -Please note that -.Nm kuvert uses the -.Ql To: , -.Ql Cc: -and -.Ql Bcc: -headers to determine -the recipients. -Recipients listed in a -.Ql Bcc: -header are handled separately from all other recipients and do not affect -the choice of actions for other recipients (ie. handling of -.Ar -force -options). -Additionally, if there is a -.Ql Resend-To: -header, -.Nm kuvert -will do no signing/encryption and send the mail just as it -is to the recipients indicated in the -.Ql Resend-To: -header. -.Pp -Afterwards the parsed MIME entity is amended with the signature or -replaced with the encrypted data and is sent off using the MTA. -The temporary directory is cleaned and -.Nm kuvert -processes either the -next queued message or waits for new messages. -.Pp -If there are problems, kuvert disables further processing of the respective -queuefile (it adds a -.Ql \&. -at the beginning of the filename, thus making the file ignored for further -queue-runs) -and sends an error message back to the sender. -.Sh CONFIGURATION -.Nm kuvert -needs some configuration directives in its configuration file -.Pa ~/.kuvert . -This file is read at startup and whenever you have -.Nm kuvert -reread things using -.Fl r. -Empty lines and lines starting with -.Ql # -are ignored, as well as lines containing directives -.Nm kuvert -can not interpret. -.Pp -Directives can either be: -.Bl -bullet -.It -a directive name followed by whitespace and then a value, -.It -or a regular expression matching an email address, followed by whitespace and an action keyword. -.El -.Pp -The list of directives kuvert understands: -.Bl -tag -.It Ar PGPPATH Pa path -defines the old-style compatible pgp executable to be used. -Default: -.Pa /usr/bin/pgp -.It Ar GPGPATH Pa path -defines the gnupg-compatible new-style pgp executable to be used. -Default: -.Pa /usr/bin/gpg -.It Ar USEPGP number -if number is not 0, kuvert will use the old-style pgp executable to generate -old-style encryption/signatures. If it is 0, -.Nm kuvert -will use gpg in a -compatibility mode to produce the old-style stuff. Please note: gpg needs -the gnupg-extension gpg-idea for this compatibility mode. You also -have to setup gpg to automatically load this extension. -Default: 0 -.It Ar MTA Pa path-and-args -defines the Mail Transfer Agent -.Nm kuvert -should use. The MTA must read the mail text from stdin, support the flag -.Fl t , -and also support multiple recipients given in separate arguments. -Default: /usr/lib/sendmail -om -oi -oem -.It Ar SECRETONDEMAND number -If SECRETONDEMAND is 1, -.Nm kuvert -will ask for the -key passphrases on demand and just before signing. If SECRETONDEMAND is 0, -then -.Nm kuvert -will query for passphrases on startup and store them itself (which is not very secure). -SECRETONDEMAND is automatically set to 0 if GETSECRET or DELSECRET are not set. -Default: 0 -.It Ar GETSECRET Pa path-and-args -.It Ar DELSECRET Pa path-and-args -define what program to run to deal with externally stored passphrases, if SECRETONDEMAND is set; -ignored otherwise. -The path-and-args must contain "%s" which will be replaced with the key id in question. The program -must print the passphrase on its standard output. -GETSECRET is executed to retrieve a passphrase, while DELSECRET is used to delete passphrases. -Default: none -.It Ar ALWAYSTRUST number -if 1, add the alwaystrust parameter to gpg's invocation. See -.Xr gpg "1" for details about this parameter. Default: 0 -.It Ar LOGFILE Pa path -sets the file -.Nm kuvert -logs its actions to. The logs are appended to that -file. Default: -.Nm kuvert -usually logs to syslog. -.It Ar QUEUEDIR Pa path -sets the directory where kuvert_mta_wrapper and -.Nm kuvert -put the queue of -mails to be processed. Default: -.Pa ~/.kuvert_queue -.It Ar TEMPDIR Pa path -sets the directory -.Nm kuvert -uses for temporary storage of the parts of the -parsed MIME entity. -.Em Attention: This directory is cleaned after every mail handled and every file in there is removed! -Default: -.Pa /tmp/kuvert... -.It Ar INTERVAL number -sets the queue check interval. the unit of measurement is seconds. -Default: 60 seconds -.It Ar IDENTIFY number -if non-zero, -.Nm kuvert -adds a -.Ql X-mailer -header to all mails it processes. Default: 0 -.It Ar NGKEY keyid -sets the owner's key id for new-style pgp/gpg. To disable new-style pgp/gpg -completely, set the keyid to "0". Default: the first private DSA key found is used. -.It Ar STDKEY keyid -sets the owner's key id for old-style pgp. To disable old-style pgp completely, set the keyid to 0. Default: the first private RSA key found is used. -.It Ar DEFAULT action -specifies the action to be taken for unspecified recipient addresses. -See the next paragraphs for an explanation of the -.Ar action -argument. -.El -.Pp -All lines not starting with the pound sign -.Ql # -or a recognized directive -are interpreted as a -.Xr perl 1 -regular expression followed by whitespace and an -action keyword. -.Pp -The regular expressions are applied to the email address -of the recipients of the mail, and the action keyword describes how to -modify -.Nm kuvert Ns -\&'s behavious for a recipient. -.Pp -The regular expression has to be written without the bracketing -.Ql / Ns --characters. -The regular expressions are evaluated case-insensitively, -and in the order given in the configuration file. The first matching regexp -ends the evaluation sequence. -.Pp -The default action is to do not encrypt or sign at all, so you should -set a default that is reasonable for you by using the -.Ql DEFAULT -directive. -.Pp -The known action keywords are: -.Bl -tag -.It Ar none -Send it as it is, do not sign or encrypt at all. The MIME structure of -the mail is not changed in whatever way before sending. -This is the default action. -.Pp -This option is -.Em slightly special: -An explicitly set action of -.Ql none -is -.Em not affected or overridden -by any of the -.Ar -force -options or by the override header. -.It Ar std -Use just old-style pgp. If there is an old-style key known, encrypt and sign -using this old-style key and the owner's old-style key, otherwise just sign -using the owner's old-style key. -.It Ar ng -Use just new-style pgp, similar to the above. -.It Ar stdsign -Never encrypt, just sign using the owner's old-style key. -.It Ar ngsign -Never encrypt, just sign using the owner's new-style key. -.It Ar fallback -Encrypt with new-style, old-style or sign with new-style (or std-style if no new-style private key is available). -If there is a new-style key of the recipient known, encrypt and sign with -this key, else if there is an old-style key, encrypt and sign with this -key. Otherwise just sign with the owner's new-style key or (as last resort) the old-style key. -.It Ar none-force -Force no encryption/signing for all recipients of this mail. -.It Ar fallback-force -Force a fallback-type action for the recipients of this mail: - encrypt and sign with new-style or old-style pgp if keys for -.Em all affected -recipients are available or sign with new-style pgp. Recipients with -an action set to -.Ql none -are -.Em not affected -by fallback-force. Also note that a mixture of -old-style and new-style encryption is possible with fallback-force. -.It Ar ngsign-force "," stdsign-force -Sign only for all affected recipients, with new-style or old style pgp respectively. Again recipients with action -.Ql none -are -.Em not affected. -.It Ar ng-force -Encrypt and sign for all recipients of this mail if there is a new-style key -available for all of them, otherwise just sign for all of them using -new-style pgp. The difference between this action -and -.Ar fallback-force -is that there's no mixing of old-style and new-style pgp possible here. -Again recipients with action -.Ql none -are -.Em not affected. -.It Ar std-force -like -.Ar ng-force "," -but with old-style pgp. -Again recipients with action -.Ql none -are -.Em not affected. -.El -.Pp -Additionally, you can specify an override for a single mail by -adding a header to the mail of the form -.Ql X-Kuvert: Ar action -where action is one of the action keywords just listed -above. This override will be applied to all recipients of the given -mail and will override all action specifications given in the configuration -file, except the explicit -.Ql none Ns -s. Before final sending an email -.Nm kuvert -will remove -any existing override header from the email. -.Pp -The various -.Ar -force -actions are intended for users who want to avoid sending cleartext (signed) -and encrypted variants of the same mail to different recipients: You can -either turn off encryption or signing completely, or use the maximum -amount of privacy that is possible for a given set of recipients by checking -for keys for everybody before deciding whether to encrypt or just sign. -.Pp -The special handling for -.Ql none -does break this paradigma a bit, but is -necessary to make any -.Ar -force -option a safe choice for your -.Ql DEFAULT -action: Otherwise -.Nm kuvert -would send stuff signed or encrypted to recipients you know to be -completely unable/unwilling to accept signed or encrypted mail -(like mail robots). Therefore these were made unaffected (and disregarded) -by the -.Ar -force -options. -.Pp -.Sy Please note: the first occurrence of a -force action overrides all possible other occurrences! -.Sh FILES -.Bl -tag -.It Pa ~/.kuvert -configuration file for -.Nm kuvert -and -.Xr kuvert_mta_wrapper "1". -.It Pa ~/.kuvert_queue -the default queue directory for -.Nm kuvert -if the configuration file does not specify an alternative. -.It Pa /tmp/kuvert.pid. -holds the pid of a running process. -.El -.Sh SEE ALSO -.Xr kuvert_mta_wrapper "1", -.Xr q-agent "1", -.BR gpg "1", -.BR pgp "1", -RFC3156, RFC2015, RFC2440 -.Sh AUTHORS -.An Alexander Zangerl -.Sh BUGS -Currently -.Nm kuvert -needs something sendmail-like in -.Pa /usr/lib/sendmail -that understands -.Fl t, -.Fl om, -.Fl oi -and -.Fl "oem". -.Pp -Multiple -force actions won't work. diff --git a/kuvert_mta_wrapper.c b/kuvert_mta_wrapper.c deleted file mode 100644 index 9508b6b..0000000 --- a/kuvert_mta_wrapper.c +++ /dev/null @@ -1,258 +0,0 @@ -/* - * $Id: kuvert_mta_wrapper.c,v 1.8 2007/06/23 03:14:46 az Exp az $ - * - * this file is part of kuvert, a wrapper around your mta that - * does pgp/gpg signing/signing+encrypting transparently, based - * on the content of your public keyring(s) and your preferences. - * - * copyright (c) 1999-2003 Alexander Zangerl - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define CONFFILE "/.kuvert" -#define DEFAULT_QUEUEDIR "/.kuvert_queue" -#define BUFLEN 65536 -#define FALLBACKMTA "/usr/lib/sendmail" - -#define BAILOUT(a,...) {fprintf(stderr,"%s: ",argv[0]); fprintf(stderr, a "\n",##__VA_ARGS__);syslog(LOG_ERR,a,##__VA_ARGS__); exit(1);} - -int main(int argc,char **argv) -{ - struct passwd *pwentry; - /* fixme sizes */ - char filen[256],buffer[BUFLEN],dirn[256]; - int res,c,fallback=0,spaceleft; - char *p,*dirnp; - FILE *out; - FILE *cf; - struct stat statbuf; - - /* determine whether to queue stuff or to call sendmail - directly: if there is a proper config file of kuvert in $HOME, - and if the flags/args given are "consistent" with a call - to sendmail for mail submission, do queue stuff; - otherwise exec sendmail. */ - - openlog(argv[0],LOG_NDELAY|LOG_PID,LOG_MAIL); - - /* scan the arguments for options: - we understand about: no options, non-option-args, --, - -bm, -f, -i, -t, -v, -m, -oi, -d*, -e*. everything else means some special - instruction to sendmail, so we exec sendmail. */ - - /* no getopt error messages, please! */ - opterr=0; - - while ((c=getopt(argc,argv,"f:itvb:mo:"))!=-1 && !fallback) - { - switch (c) - { - case 'v': - case 'f': - case 'i': - case 't': - case 'm': /* deprecated option 'metoo', - but nmh uses this... */ - break; /* these options are ok and supported */ - case 'b': - /* just -bm is ok, other -b* are bad */ - if (!optarg || *optarg != 'm') - { - fallback=1; - syslog(LOG_INFO,"option '-%c%s' mandates fallback", - c,optarg ? optarg : ""); - } - break; - case 'o': - /* -oi, -oe*, -od* are ok */ - if (!optarg || (*optarg != 'i' && *optarg != 'e' - && *optarg != 'd')) - { - fallback=1; - syslog(LOG_INFO,"option '-%c%s' mandates fallback", - c,optarg ? optarg : ""); - } - break; - default: - /* well, there's an option we do not know, lets bail out */ - fallback=1; - syslog(LOG_INFO,"option '-%c' mandates fallback", - c=='?'?optopt:c); - break; - } - } - if (!fallback) - { - /* options seem ok, look for config file in $HOME */ - pwentry=getpwuid(getuid()); - if (!pwentry) - BAILOUT("getpwuid failed: %s",strerror(errno)); - - /* open and scan the conffile for an queue-file definition - if there is no conffile, kuvert wont work ever */ - if (snprintf(filen,sizeof(filen),"%s%s",pwentry->pw_dir,CONFFILE)==-1) - BAILOUT("overlong filename, suspicious",NULL); - if (!(cf=fopen(filen,"r"))) - { - /* no config file -> exec sendmail */ - syslog(LOG_INFO,"user has no .kuvert config file, fallback"); - fallback=1; - } - else - { - /* scan the lines for ^QUEUEDIR\s+ */ - dirnp=NULL; - while(!feof(cf)) - { - p=fgets(buffer,sizeof(buffer)-1,cf); - /* empty file? ok, we'll ignore it */ - if (!p) - break; - - if (!strncmp(buffer,"QUEUEDIR",sizeof("QUEUEDIR")-1)) - { - p=buffer+sizeof("QUEUEDIR")-1; - for(;*p && isspace(*p);++p) - ; - if (*p) - { - dirnp=p; - /* strip the newline from the string */ - for(;*p && *p != '\n';++p) - ; - if (*p == '\n') - *p=0; - /* strip eventual trailing whitespace */ - for(--p;p>dirnp && isspace(*p);--p) - *p=0; - } - /* empty dir? ignore it */ - if (strlen(dirnp)<2) - dirnp=NULL; - break; - } - } - fclose(cf); - } - } - - /* fallback to sendmail requested? */ - if (fallback) - { - /* mangle argv[0], so that it gets recognizeable by sendmail */ - argv[0]=FALLBACKMTA; - *buffer=0; - - /* bah, c stringhandling is ugly... i just want all args - in one string for a nice syslog line... */ - for(c=0,spaceleft=sizeof(buffer); - cpw_dir,DEFAULT_QUEUEDIR) - ==-1) - BAILOUT("overlong dirname, suspicous.",NULL); - dirnp=dirn; - } - - res=stat(dirnp,&statbuf); - if (res) - { - if (errno == ENOENT) - { - /* seems to be missing -> try to create it */ - if (mkdir(dirnp,0700)) - BAILOUT("mkdir %s failed: %s\n",dirnp,strerror(errno)); - } - else - BAILOUT("stat %s failed: %s\n",dirnp,strerror(errno)); - } - else if (!S_ISDIR(statbuf.st_mode)) - { - BAILOUT("%s is not a directory",dirnp); - } - else if (statbuf.st_uid != getuid()) - { - BAILOUT("%s is not owned by you - refusing to run",dirnp); - } - else if ((statbuf.st_mode & 0777) != 0700) - { - BAILOUT("%s does not have mode 0700 - refusing to run",dirnp); - } - umask(066); /* absolutely no access for group/others... */ - - /* dir does exist now */ - snprintf(filen,sizeof(filen),"%s/%d",dirnp,getpid()); - - /* file create and lock */ - if (!(out=fopen(filen,"a"))) - { - BAILOUT("fopen %s failed: %s\n",filen,strerror(errno)); - } - if (flock(fileno(out),LOCK_EX)) - { - BAILOUT("flock failed: %s\n",strerror(errno)); - } - - /* and put the data there */ - do - { - res=fread(buffer,1,BUFLEN,stdin); - if (!res && ferror(stdin)) - BAILOUT("fread failure: %s",strerror(errno)); - if (fwrite(buffer,1,res,out)!=res && ferror(out)) - BAILOUT("fwrite failure: %s",strerror(errno)); - } - while (res==BUFLEN); - - if (fflush(out)==EOF) - BAILOUT("fflush failed: %s",strerror(errno)); - if (flock(fileno(out),LOCK_UN)) - { - BAILOUT("flock (unlock) failed: %s",strerror(errno)); - } - if (fclose(out)==EOF) - BAILOUT("fclose failed: %s",strerror(errno)); - return 0; -} diff --git a/kuvert_mta_wrapper.man b/kuvert_mta_wrapper.man deleted file mode 100644 index b3f635f..0000000 --- a/kuvert_mta_wrapper.man +++ /dev/null @@ -1,65 +0,0 @@ -.Dd October 25, 2001 -.Dt KUVERT_MTA_WRAPPER 1 -.Os Unix -.Sh NAME -kuvert-mta-wrapper \- wrapper around your MTA for mail submission to -.Xr kuvert 1 -.Sh SYNOPSIS -.Nm kuvert-mta-wrapper -.Op Fl options -.Op Ar args -.Sh DESCRIPTION -.Nm kuvert_mta_wrapper -submits an email either directly to your MTA or -enqueues it for -.Xr kuvert 1 -for further processing. -.Nm kuvert_mta_wrapper -should be called by your MUA -instead of your usual MTA in order to enable kuvert to intercept and -process the outgoing mails. Please see your MUA's documentation about -how to override the MTA to be used. -.Pp -The decision whether queueing or calling the MTA directly is based on -the following factors: -.Bl -enum -.It -If there are options given other than -.Fl "bm", -.Fl "f", -.Fl "i", -.Fl "t", -.Fl "v", -.Fl "oi", -.Fl "od", -.Fl "oe", -the standard MTA -.Pa /usr/lib/sendmail -is executed with the options and arguments given. The result code in this case -is the one the MTA returns. -.It -If there is a configuration file -.Pa ~/.kuvert -(See -.Xr kuvert "1" for possible configuration directives) the mail is queued for -.Xr kuvert "1". The options and arguments are ignored. -If there are problems, an error message is sent to syslog and -1 is returned. -.El -.Sh FILES -.Bl -tag -.It Pa ~/.kuvert -configuration file for -.Xr kuvert "1" and -.Xr kuvert_mta_wrapper "1". -.It Pa ~/.kuvert_queue -the default queue directory for -.Xr kuvert "1" if the configuration file does not specify an alternative. -.El -.Sh SEE ALSO -.Xr kuvert 1 -.Sh AUTHORS -.An Alexander Zangerl -.Sh BUGS -The list of allowed options and the MTA for fallback are set at compile time. -.Nm kuvert_mta_wrapper -does log only to syslog at the moment. diff --git a/kuvert_submit.c b/kuvert_submit.c index 8d0c268..dc69238 100644 --- a/kuvert_submit.c +++ b/kuvert_submit.c @@ -1,5 +1,4 @@ /* - * $Id: kuvert_submit.c,v 2.0 2008/06/01 05:15:35 az Exp az $ * * this file is part of kuvert, a wrapper around your mta that * does pgp/gpg signing/signing+encrypting transparently, based diff --git a/plainAUTH.pm b/plainAUTH.pm new file mode 100644 index 0000000..0de97a8 --- /dev/null +++ b/plainAUTH.pm @@ -0,0 +1,184 @@ +package Net::Server::Mail::ESMTP::plainAUTH; +use strict; +use base qw(Net::Server::Mail::ESMTP::Extension); +use MIME::Base64; + +use vars qw( $VERSION ); +$VERSION = '1.0'; + +# the following are required by nsme::extension +# but not documented :( +sub init +{ + my ($self,$parent)=@_; + $self->{AUTH}=(); + return $self; +} + +# the smtp operations we add +sub verb +{ + return ( [ 'AUTH' => \&handle_auth, ],); +} + +# what to add to the esmtp capabilities response +sub keyword +{ + return 'AUTH LOGIN PLAIN'; +} + +# what options to allow for mail from: auth +sub option +{ + return (['MAIL', 'AUTH' => sub { return; }]); +} + +# and the actual auth handler +sub handle_auth +{ + my ($self,$args)=@_; + my ($method,$param); + $args=~/^(LOGIN|PLAIN)\s*(.*)$/ && (($method,$param)=($1,$2)); + + if ($self->{AUTH}->{active}) + { + delete $self->{AUTH}->{active}; + $self->reply(535, "Authentication phases mixed up."); + return undef; # if rv given, server shuts conn! + } + elsif ($self->{AUTH}->{completed}) + { + $self->reply(504,"Already authenticated."); + return undef; + } + elsif (!$method) + { + $self->reply(501,"Unknown authentication method."); + return undef; + } + + $self->{AUTH}->{active}=$method; + + if ($param eq '*') + { + delete $self->{AUTH}->{active}; + $self->reply(501, "Authentication cancelled."); + return undef; + } + + if ($method eq 'PLAIN') + { + if ($param) # plain: immediate with args + { + my (undef,$user,$pwd)=split(/\0/,decode_base64($param),3); + if (!$user) + { + delete $self->{AUTH}->{active}; + $self->reply(535, "5.7.8 Authentication failed."); + return undef; + } + return run_callback($self,$user,$pwd); + } + else # plain: or empty challenge and then response + { + $self->reply(334," "); + # undocumented but crucial: direct stuff to this method + $self->next_input_to(\&process_response); + return undef; + } + } + elsif ($method eq 'LOGIN') + { + # login is always two challenges + $self->reply(334, "VXNlcm5hbWU6"); # username + $self->next_input_to(\&process_response); + return undef; + } +} + +# runs user-supplied callback on username and password +# responds success if callback succeeds +# sets complete if ok, clears active either way +sub run_callback +{ + my ($self,$user,$pass)=@_; + my $ok; + + my $ref=$self->{callback}->{AUTH}; + if (ref $ref eq 'ARRAY' && ref $ref->[0] eq 'CODE') + { + my $c=$ref->[0]; + $ok=&$c($self,$user,$pass); + } + if ($ok) + { + $self->reply(235, "Authentication successful"); + $self->{AUTH}->{completed}=1; + } + else + { + $self->reply(535,"Authentication failed."); + } + delete $self->{AUTH}->{active}; + return undef; +} + +# deals with any response, based on active method +sub process_response +{ + my ($self,$args)=@_; + + if (!$self->{AUTH}->{active} || $self->{AUTH}->{completed}) + { + delete $self->{AUTH}->{active}; + $self->reply(535, "Authentication phases mixed up."); + return undef; + } + if (!$args) + { + delete $self->{AUTH}->{active}; + $self->reply(535, "5.7.8 Authentication failed."); + return undef; + } + + if ($self->{AUTH}->{active} eq "PLAIN") + { + # plain is easy: only one response containing everything + my (undef,$user,$pwd)=split(/\0/,decode_base64($args),3); + if (!$user) + { + delete $self->{AUTH}->{active}; + $self->reply(535, "5.7.8 Authentication failed."); + return undef; + } + return run_callback($self,$user,$pwd); + } + elsif ($self->{AUTH}->{active} eq "LOGIN") + { + # uglier: two challenges for username+password + my ($input)=split(/\0/,decode_base64($args)); + + # is this the second time round? + if ($self->{AUTH}->{user}) + { + return run_callback($self,$self->{AUTH}->{user},$input); + } + else + { + # nope, first time: save username and challenge + # for password + $self->{AUTH}->{user}=$input; + $self->reply(334, "UGFzc3dvcmQ6"); # password + $self->next_input_to(\&process_response); + return undef; + } + } + else + { + delete $self->{AUTH}->{active}; + $self->reply(535, "Authentication mixed up."); + return undef; + } +} + +1;