[usit-rt.git] / lib / RT / Interface / Email / Auth / GnuPG.pm

# BEGIN BPS TAGGED BLOCK {{{
#
# COPYRIGHT:
#
# This software is Copyright (c) 1996-2012 Best Practical Solutions, LLC
#                                          <sales@bestpractical.com>
#
# (Except where explicitly superseded by other copyright notices)
#
#
# LICENSE:
#
# This work is made available to you under the terms of Version 2 of
# the GNU General Public License. A copy of that license should have
# been provided with this software, but in any event can be snarfed
# from www.gnu.org.
#
# This work is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301 or visit their web page on the internet at
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
#
#
# CONTRIBUTION SUBMISSION POLICY:
#
# (The following paragraph is not intended to limit the rights granted
# to you to modify and distribute this software under the terms of
# the GNU General Public License and is only of importance to you if
# you choose to contribute your changes and enhancements to the
# community by submitting them to Best Practical Solutions, LLC.)
#
# By intentionally submitting any modifications, corrections or
# derivatives to this work, or any other work intended for use with
# Request Tracker, to Best Practical Solutions, LLC, you confirm that
# you are the copyright holder for those contributions and you grant
# Best Practical Solutions,  LLC a nonexclusive, worldwide, irrevocable,
# royalty-free, perpetual, license to use, copy, create derivative
# works based on those contributions, and sublicense and distribute
# those contributions and any derivatives thereof.
#
# END BPS TAGGED BLOCK }}}

package RT::Interface::Email::Auth::GnuPG;

use strict;
use warnings;

=head2 GetCurrentUser

To use the gnupg-secured mail gateway, you need to do the following:

Set up a GnuPG key directory with a pubring containing only the keys
you care about and specify the following in your SiteConfig.pm

    Set(%GnuPGOptions, homedir => '/opt/rt4/var/data/GnuPG');
    Set(@MailPlugins, 'Auth::MailFrom', 'Auth::GnuPG', ...other filter...);

=cut

sub ApplyBeforeDecode { return 1 }

use RT::Crypt::GnuPG;
use RT::EmailParser ();

sub GetCurrentUser {
    my %args = (
        Message       => undef,
        RawMessageRef => undef,
        @_
    );

    foreach my $p ( $args{'Message'}->parts_DFS ) {
        $p->head->delete($_) for qw(
            X-RT-GnuPG-Status X-RT-Incoming-Encryption
            X-RT-Incoming-Signature X-RT-Privacy
            X-RT-Sign X-RT-Encrypt
        );
    }

    my $msg = $args{'Message'}->dup;

    my ($status, @res) = VerifyDecrypt(
        Entity => $args{'Message'}, AddStatus => 1,
    );
    if ( $status && !@res ) {
        $args{'Message'}->head->replace(
            'X-RT-Incoming-Encryption' => 'Not encrypted'
        );

        return 1;
    }

    # FIXME: Check if the message is encrypted to the address of
    # _this_ queue. send rejecting mail otherwise.

    unless ( $status ) {
        $RT::Logger->error("Had a problem during decrypting and verifying");
        my $reject = HandleErrors( Message => $args{'Message'}, Result => \@res );
        return (0, 'rejected because of problems during decrypting and verifying')
            if $reject;
    }

    # attach the original encrypted message
    $args{'Message'}->attach(
        Type        => 'application/x-rt-original-message',
        Disposition => 'inline',
        Data        => ${ $args{'RawMessageRef'} },
    );

    $args{'Message'}->head->replace( 'X-RT-Privacy' => 'PGP' );

    foreach my $part ( $args{'Message'}->parts_DFS ) {
        my $decrypted;

        my $status = $part->head->get( 'X-RT-GnuPG-Status' );
        if ( $status ) {
            for ( RT::Crypt::GnuPG::ParseStatus( $status ) ) {
                if ( $_->{Operation} eq 'Decrypt' && $_->{Status} eq 'DONE' ) {
                    $decrypted = 1;
                }
                if ( $_->{Operation} eq 'Verify' && $_->{Status} eq 'DONE' ) {
                    $part->head->replace(
                        'X-RT-Incoming-Signature' => $_->{UserString}
                    );
                }
            }
        }

        $part->head->replace(
            'X-RT-Incoming-Encryption' => 
                $decrypted ? 'Success' : 'Not encrypted'
        );
    }

    return 1;
}

sub HandleErrors {
    my %args = (
        Message => undef,
        Result => [],
        @_
    );

    my $reject = 0;

    my %sent_once = ();
    foreach my $run ( @{ $args{'Result'} } ) {
        my @status = RT::Crypt::GnuPG::ParseStatus( $run->{'status'} );
        unless ( $sent_once{'NoPrivateKey'} ) {
            unless ( CheckNoPrivateKey( Message => $args{'Message'}, Status => \@status ) ) {
                $sent_once{'NoPrivateKey'}++;
                $reject = 1 if RT->Config->Get('GnuPG')->{'RejectOnMissingPrivateKey'};
            }
        }
        unless ( $sent_once{'BadData'} ) {
            unless ( CheckBadData( Message => $args{'Message'}, Status => \@status ) ) {
                $sent_once{'BadData'}++;
                $reject = 1 if RT->Config->Get('GnuPG')->{'RejectOnBadData'};
            }
        }
    }
    return $reject;
}

sub CheckNoPrivateKey {
    my %args = (Message => undef, Status => [], @_ );
    my @status = @{ $args{'Status'} };

    my @decrypts = grep $_->{'Operation'} eq 'Decrypt', @status;
    return 1 unless @decrypts;
    foreach my $action ( @decrypts ) {
        # if at least one secrete key exist then it's another error
        return 1 if
            grep !$_->{'User'}{'SecretKeyMissing'},
                @{ $action->{'EncryptedTo'} };
    }

    $RT::Logger->error("Couldn't decrypt a message: have no private key");

    my $address = (RT::Interface::Email::ParseSenderAddressFromHead( $args{'Message'}->head ))[0];
    my ($status) = RT::Interface::Email::SendEmailUsingTemplate(
        To        => $address,
        Template  => 'Error: no private key',
        Arguments => {
            Message   => $args{'Message'},
            TicketObj => $args{'Ticket'},
        },
        InReplyTo => $args{'Message'},
    );
    unless ( $status ) {
        $RT::Logger->error("Couldn't send 'Error: no private key'");
    }
    return 0;
}

sub CheckBadData {
    my %args = (Message => undef, Status => [], @_ );
    my @bad_data_messages = 
        map $_->{'Message'},
        grep $_->{'Status'} ne 'DONE' && $_->{'Operation'} eq 'Data',
        @{ $args{'Status'} };
    return 1 unless @bad_data_messages;

    $RT::Logger->error("Couldn't process a message: ". join ', ', @bad_data_messages );

    my $address = (RT::Interface::Email::ParseSenderAddressFromHead( $args{'Message'}->head ))[0];
    my ($status) = RT::Interface::Email::SendEmailUsingTemplate(
        To        => $address,
        Template  => 'Error: bad GnuPG data',
        Arguments => {
            Messages  => [ @bad_data_messages ],
            TicketObj => $args{'Ticket'},
        },
        InReplyTo => $args{'Message'},
    );
    unless ( $status ) {
        $RT::Logger->error("Couldn't send 'Error: bad GnuPG data'");
    }
    return 0;
}

sub VerifyDecrypt {
    my %args = (
        Entity => undef,
        @_
    );

    my @res = RT::Crypt::GnuPG::VerifyDecrypt( %args );
    unless ( @res ) {
        $RT::Logger->debug("No more encrypted/signed parts");
        return 1;
    }

    $RT::Logger->debug('Found GnuPG protected parts');

    # return on any error
    if ( grep $_->{'exit_code'}, @res ) {
        $RT::Logger->debug("Error during verify/decrypt operation");
        return (0, @res);
    }

    # nesting
    my ($status, @nested) = VerifyDecrypt( %args );
    return $status, @res, @nested;
}

RT::Base->_ImportOverlays();

1;
Commit	Line	Data
84fb5b46 MKG	1	# BEGIN BPS TAGGED BLOCK {{{
	2	#
	3	# COPYRIGHT:
	4	#
	5	# This software is Copyright (c) 1996-2012 Best Practical Solutions, LLC
	6	# <sales@bestpractical.com>
	7	#
	8	# (Except where explicitly superseded by other copyright notices)
	9	#
	10	#
	11	# LICENSE:
	12	#
	13	# This work is made available to you under the terms of Version 2 of
	14	# the GNU General Public License. A copy of that license should have
	15	# been provided with this software, but in any event can be snarfed
	16	# from www.gnu.org.
	17	#
	18	# This work is distributed in the hope that it will be useful, but
	19	# WITHOUT ANY WARRANTY; without even the implied warranty of
	20	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	21	# General Public License for more details.
	22	#
	23	# You should have received a copy of the GNU General Public License
	24	# along with this program; if not, write to the Free Software
	25	# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
	26	# 02110-1301 or visit their web page on the internet at
	27	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
	28	#
	29	#
	30	# CONTRIBUTION SUBMISSION POLICY:
	31	#
	32	# (The following paragraph is not intended to limit the rights granted
	33	# to you to modify and distribute this software under the terms of
	34	# the GNU General Public License and is only of importance to you if
	35	# you choose to contribute your changes and enhancements to the
	36	# community by submitting them to Best Practical Solutions, LLC.)
	37	#
	38	# By intentionally submitting any modifications, corrections or
	39	# derivatives to this work, or any other work intended for use with
	40	# Request Tracker, to Best Practical Solutions, LLC, you confirm that
	41	# you are the copyright holder for those contributions and you grant
	42	# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
	43	# royalty-free, perpetual, license to use, copy, create derivative
	44	# works based on those contributions, and sublicense and distribute
	45	# those contributions and any derivatives thereof.
	46	#
	47	# END BPS TAGGED BLOCK }}}
	48
	49	package RT::Interface::Email::Auth::GnuPG;
	50
	51	use strict;
	52	use warnings;
	53
	54	=head2 GetCurrentUser
	55
	56	To use the gnupg-secured mail gateway, you need to do the following:
	57
	58	Set up a GnuPG key directory with a pubring containing only the keys
	59	you care about and specify the following in your SiteConfig.pm
	60
	61	Set(%GnuPGOptions, homedir => '/opt/rt4/var/data/GnuPG');
	62	Set(@MailPlugins, 'Auth::MailFrom', 'Auth::GnuPG', ...other filter...);
	63
	64	=cut
65
66	sub ApplyBeforeDecode { return 1 }
67
68	use RT::Crypt::GnuPG;
69	use RT::EmailParser ();
70
71	sub GetCurrentUser {
72	my %args = (
73	Message => undef,
74	RawMessageRef => undef,
75	@_
76	);
77
78	foreach my $p ( $args{'Message'}->parts_DFS ) {
79	$p->head->delete($_) for qw(
86404187	80	X-RT-GnuPG-Status X-RT-Incoming-Encryption
84fb5b46	81	X-RT-Incoming-Signature X-RT-Privacy
86404187	82	X-RT-Sign X-RT-Encrypt
84fb5b46 MKG	83	);
	84	}
	85
	86	my $msg = $args{'Message'}->dup;
	87
	88	my ($status, @res) = VerifyDecrypt(
	89	Entity => $args{'Message'}, AddStatus => 1,
	90	);
	91	if ( $status && !@res ) {
	92	$args{'Message'}->head->replace(
	93	'X-RT-Incoming-Encryption' => 'Not encrypted'
	94	);
	95
	96	return 1;
	97	}
	98
	99	# FIXME: Check if the message is encrypted to the address of
	100	# _this_ queue. send rejecting mail otherwise.
	101
	102	unless ( $status ) {
	103	$RT::Logger->error("Had a problem during decrypting and verifying");
	104	my $reject = HandleErrors( Message => $args{'Message'}, Result => \@res );
	105	return (0, 'rejected because of problems during decrypting and verifying')
	106	if $reject;
	107	}
	108
	109	# attach the original encrypted message
	110	$args{'Message'}->attach(
	111	Type => 'application/x-rt-original-message',
	112	Disposition => 'inline',
	113	Data => ${ $args{'RawMessageRef'} },
	114	);
	115
	116	$args{'Message'}->head->replace( 'X-RT-Privacy' => 'PGP' );
	117
	118	foreach my $part ( $args{'Message'}->parts_DFS ) {
	119	my $decrypted;
	120
	121	my $status = $part->head->get( 'X-RT-GnuPG-Status' );
	122	if ( $status ) {
	123	for ( RT::Crypt::GnuPG::ParseStatus( $status ) ) {
	124	if ( $_->{Operation} eq 'Decrypt' && $_->{Status} eq 'DONE' ) {
	125	$decrypted = 1;
	126	}
	127	if ( $_->{Operation} eq 'Verify' && $_->{Status} eq 'DONE' ) {
	128	$part->head->replace(
	129	'X-RT-Incoming-Signature' => $_->{UserString}
	130	);
	131	}
	132	}
	133	}
	134
	135	$part->head->replace(
	136	'X-RT-Incoming-Encryption' =>
	137	$decrypted ? 'Success' : 'Not encrypted'
	138	);
	139	}
	140
	141	return 1;
	142	}
	143
	144	sub HandleErrors {
	145	my %args = (
	146	Message => undef,
147	Result => [],
148	@_
149	);
150
151	my $reject = 0;
152
153	my %sent_once = ();
154	foreach my $run ( @{ $args{'Result'} } ) {
155	my @status = RT::Crypt::GnuPG::ParseStatus( $run->{'status'} );
156	unless ( $sent_once{'NoPrivateKey'} ) {
157	unless ( CheckNoPrivateKey( Message => $args{'Message'}, Status => \@status ) ) {
158	$sent_once{'NoPrivateKey'}++;
159	$reject = 1 if RT->Config->Get('GnuPG')->{'RejectOnMissingPrivateKey'};
160	}
161	}
162	unless ( $sent_once{'BadData'} ) {
163	unless ( CheckBadData( Message => $args{'Message'}, Status => \@status ) ) {
164	$sent_once{'BadData'}++;
165	$reject = 1 if RT->Config->Get('GnuPG')->{'RejectOnBadData'};
166	}
167	}
168	}
169	return $reject;
170	}
171
172	sub CheckNoPrivateKey {
173	my %args = (Message => undef, Status => [], @_ );
174	my @status = @{ $args{'Status'} };
175
176	my @decrypts = grep $_->{'Operation'} eq 'Decrypt', @status;
177	return 1 unless @decrypts;
178	foreach my $action ( @decrypts ) {
179	# if at least one secrete key exist then it's another error
180	return 1 if
181	grep !$_->{'User'}{'SecretKeyMissing'},
182	@{ $action->{'EncryptedTo'} };
183	}
184
185	$RT::Logger->error("Couldn't decrypt a message: have no private key");
186
187	my $address = (RT::Interface::Email::ParseSenderAddressFromHead( $args{'Message'}->head ))[0];
188	my ($status) = RT::Interface::Email::SendEmailUsingTemplate(
189	To => $address,
190	Template => 'Error: no private key',
191	Arguments => {
192	Message => $args{'Message'},
193	TicketObj => $args{'Ticket'},
194	},
195	InReplyTo => $args{'Message'},
196	);
197	unless ( $status ) {
198	$RT::Logger->error("Couldn't send 'Error: no private key'");
199	}
200	return 0;
201	}
202
203	sub CheckBadData {
204	my %args = (Message => undef, Status => [], @_ );
205	my @bad_data_messages =
206	map $_->{'Message'},
207	grep $_->{'Status'} ne 'DONE' && $_->{'Operation'} eq 'Data',
208	@{ $args{'Status'} };
209	return 1 unless @bad_data_messages;
210
211	$RT::Logger->error("Couldn't process a message: ". join ', ', @bad_data_messages );
212
213	my $address = (RT::Interface::Email::ParseSenderAddressFromHead( $args{'Message'}->head ))[0];
214	my ($status) = RT::Interface::Email::SendEmailUsingTemplate(
215	To => $address,
216	Template => 'Error: bad GnuPG data',
217	Arguments => {
218	Messages => [ @bad_data_messages ],
219	TicketObj => $args{'Ticket'},
220	},
221	InReplyTo => $args{'Message'},
222	);
223	unless ( $status ) {
224	$RT::Logger->error("Couldn't send 'Error: bad GnuPG data'");
225	}
226	return 0;
227	}
228
229	sub VerifyDecrypt {
230	my %args = (
231	Entity => undef,
232	@_
233	);
234
235	my @res = RT::Crypt::GnuPG::VerifyDecrypt( %args );
236	unless ( @res ) {
237	$RT::Logger->debug("No more encrypted/signed parts");
238	return 1;
239	}
240
241	$RT::Logger->debug('Found GnuPG protected parts');
242
243	# return on any error
244	if ( grep $_->{'exit_code'}, @res ) {
245	$RT::Logger->debug("Error during verify/decrypt operation");
246	return (0, @res);
247	}
248
249	# nesting
250	my ($status, @nested) = VerifyDecrypt( %args );
251	return $status, @res, @nested;
252	}
253
254	RT::Base->_ImportOverlays();
255
256	1;
257