| Commit message (Collapse) | Author | Age |
... | |
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PKCS#7 offers a signed-only mode which is distinct from
multipart/signed. This mode is more robust to breakage by
transforming MTAs, but it is also unreadable *unless* the receiver
knows how to cope with S/MIME.
See https://tools.ietf.org/html/rfc8551#section-3.5 for more details
about the different formats.
email-print-mime-structure should now be able to handle these messages
and display the structure of their content as well.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
|
|
| |
I plan to use the same harness to try to transform other leaf subparts
that might be extractable into a MIME subtree, not just decryption.
So give it a more generic name.
No functional change.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
|
| |
If the user supplies a secret key like the ones found in
https://www.ietf.org/id/draft-dkg-lamps-samples-01.html, then
email-print-mime-structure will try to use that for decryption of
CMS-encrypted (S/MIME) message parts.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
|
| |
Decrypt ciphertext using gpgsm if the user has indicated that it's ok.
This includes a new element in the test suite, which uses secret key
material from https://www.ietf.org/id/draft-dkg-lamps-samples-01.html
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
| |
No functional change.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
| |
No functional change.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
| |
Fully decode the encrypted part before passing it to any decryption
mechanism.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
| |
See dh_elpa_test(1).
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
| |
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
|
|
|
| |
The secret key material in this test comes from
https://datatracker.ietf.org/doc/draft-bre-openpgp-samples/
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
|
|
|
| |
I want to ensure that any changes don't ultimately break the behavior
of email-print-mime-structure.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
| |
As we prepare for S/MIME decryption, we want to identify pgp
decryption as just one type of decryption. There is no functional
change here.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
| |
This allows the user to avoid being affected by any future change in
the default.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Turns out that type=bool doesn't really do what we want it to do (see
https://bugs.python.org/issue37564), and there is no built-in easy
answer for argparse to accept a boolean value sensibly
(e.g. type='bool', which might be able to handle "yes" and "no" and
"1" and "0" and "on" and "off" as well as "true" and "false", etc)
So rather than implement all of that here, we'll just have
--use-gpg-agent as a simple flag. This is an API change, but the
previous API has only been out for a few days, and the tool is
documented for interactive use.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
|
|
|
| |
Thanks to Daniel Kahn Gillmor for taking the time to verify that no
changes are required.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
| |
This is modeled after the use of argcomplete in diffoscope, and it
should be possible to use it for any other pythonic mailscript that
uses argparse.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
| |
See discussion in #944340.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
| |
RFC 3156 documents PGP/MIME structural assumptions
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In some cases, the user may want to try to use their own GnuPG secret
keys to decrypt encrypted parts of the message.
By default it is disabled so that we aren't accidentally triggering
the use of user secret key material.
Note that gpg(1) says:
It is highly recommended to use [--batch] along with the options
--status-fd and --with-colons for any unattended use of gpg.
I am deliberately choosing to not use either --status-fd or
--with-colons for email-print-mime-structure.
I'm not using --with-colons because there is no output from GnuPG that
we expect to be machine-readable -- we're just looking for the cleartext
of whatever ciphertext is in the message part.
I'm not using --status-fd because there is nothing actionable we can do
with GnuPG status messages, and asking for them would require switching
from subprocess.run to subprocess.Popen to take advantage of the
pass_fds argument, which in turn would make the script only work in a
POSIX environment (I believe, but have not tested, that the script can
currently be used on Windows).
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
|
|
|
|
| |
No functional change here: this just prepares for adding other
decryption capabilities.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
| |
This has no functional changes, it's just a reorganization for easier
readability. Thanks to Sean Whitton for the suggestion.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
| |
We want to make sure we're decrypting the thing that we expect. This
typecheck should keep us honest.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
| |
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 3d33e7c0483bb9ab8de3ffd6a0372c8d2a0bffa0.
Commit 7360648, which allows the user to suppress branch checkout, is
a better way to let the user override their configured
mailscripts-extract-patches-branch-prefix.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
|
|
| |
This reverts commit 34f83d0d1ce17e6ef05dfe16f9a70c937cf2df56.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
|
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|