From 0344b168276f80189e2254c75a762aff5b517b6b Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 22 May 2016 06:32:57 -0400
Subject: [PATCH] Fix priority icon(s) position
---
plugins/enigma/lib/enigma_engine.php | 176 ++++++++++++++++++++++++++++++++++++++++++++++------------
1 files changed, 138 insertions(+), 38 deletions(-)
diff --git a/plugins/enigma/lib/enigma_engine.php b/plugins/enigma/lib/enigma_engine.php
index 584a5b2..c970933 100644
--- a/plugins/enigma/lib/enigma_engine.php
+++ b/plugins/enigma/lib/enigma_engine.php
@@ -4,7 +4,7 @@
+-------------------------------------------------------------------------+
| Engine of the Enigma Plugin |
| |
- | Copyright (C) 2010-2015 The Roundcube Dev Team |
+ | Copyright (C) 2010-2016 The Roundcube Dev Team |
| |
| Licensed under the GNU General Public License version 3 or |
| any later version with exceptions for skins & plugins. |
@@ -33,6 +33,8 @@
public $decryptions = array();
public $signatures = array();
public $encrypted_parts = array();
+
+ const ENCRYPTED_PARTIALLY = 100;
const SIGN_MODE_BODY = 1;
const SIGN_MODE_SEPARATE = 2;
@@ -311,6 +313,33 @@
}
/**
+ * Handler for attaching public key to a message
+ *
+ * @param Mail_mime Original message
+ *
+ * @return bool True on success, False on failure
+ */
+ function attach_public_key(&$message)
+ {
+ $headers = $message->headers();
+ $from = rcube_mime::decode_address_list($headers['From'], 1, false, null, true);
+ $from = $from[1];
+
+ // find my key
+ if ($from && ($key = $this->find_key($from))) {
+ $pubkey_armor = $this->export_key($key->id);
+
+ if (!$pubkey_armor instanceof enigma_error) {
+ $pubkey_name = '0x' . enigma_key::format_id($key->id) . '.asc';
+ $message->addAttachment($pubkey_armor, 'application/pgp-keys', $pubkey_name, false, '7bit');
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ /**
* Handler for message_part_structure hook.
* Called for every part of the message.
*
@@ -385,14 +414,74 @@
$body = $this->get_part_body($p['object'], $part);
}
- // @TODO: big message body could be a file resource
- // PGP signed message
- if (preg_match('/^-----BEGIN PGP SIGNED MESSAGE-----/', $body)) {
- $this->parse_plain_signed($p, $body);
+ // In this way we can use fgets on string as on file handle
+ // Don't use php://temp for security (body may come from an encrypted part)
+ $fd = fopen('php://memory', 'r+');
+ if (!$fd) {
+ return;
}
- // PGP encrypted message
- else if (preg_match('/^-----BEGIN PGP MESSAGE-----/', $body)) {
- $this->parse_plain_encrypted($p, $body);
+
+ fwrite($fd, $body);
+ rewind($fd);
+
+ $body = '';
+ $prefix = '';
+ $mode = '';
+ $tokens = array(
+ 'BEGIN PGP SIGNED MESSAGE' => 'signed-start',
+ 'END PGP SIGNATURE' => 'signed-end',
+ 'BEGIN PGP MESSAGE' => 'encrypted-start',
+ 'END PGP MESSAGE' => 'encrypted-end',
+ );
+ $regexp = '/^-----(' . implode('|', array_keys($tokens)) . ')-----[\r\n]*/';
+
+ while (($line = fgets($fd)) !== false) {
+ if ($line[0] === '-' && $line[4] === '-' && preg_match($regexp, $line, $m)) {
+ switch ($tokens[$m[1]]) {
+ case 'signed-start':
+ $body = $line;
+ $mode = 'signed';
+ break;
+
+ case 'signed-end':
+ if ($mode === 'signed') {
+ $body .= $line;
+ }
+ break 2; // ignore anything after this line
+
+ case 'encrypted-start':
+ $body = $line;
+ $mode = 'encrypted';
+ break;
+
+ case 'encrypted-end':
+ if ($mode === 'encrypted') {
+ $body .= $line;
+ }
+ break 2; // ignore anything after this line
+ }
+
+ continue;
+ }
+
+ if ($mode === 'signed') {
+ $body .= $line;
+ }
+ else if ($mode === 'encrypted') {
+ $body .= $line;
+ }
+ else {
+ $prefix .= $line;
+ }
+ }
+
+ fclose($fd);
+
+ if ($mode === 'signed') {
+ $this->parse_plain_signed($p, $body, $prefix);
+ }
+ else if ($mode === 'encrypted') {
+ $this->parse_plain_encrypted($p, $body, $prefix);
}
}
@@ -416,8 +505,7 @@
// including a set of appropriate content headers describing the data.
// The second body MUST contain the PGP digital signature. It MUST be
// labeled with a content type of "application/pgp-signature".
- else if ($struct->ctype_parameters['protocol'] == 'application/pgp-signature'
- && count($struct->parts) == 2
+ else if (count($struct->parts) == 2
&& $struct->parts[1] && $struct->parts[1]->mimetype == 'application/pgp-signature'
) {
$this->parse_pgp_signed($p, $body);
@@ -434,7 +522,7 @@
$struct = $p['structure'];
// S/MIME
- if ($struct->mimetype == 'application/pkcs7-mime') {
+ if ($p['mimetype'] == 'application/pkcs7-mime') {
$this->parse_smime_encrypted($p);
}
// PGP/MIME: RFC3156
@@ -443,8 +531,7 @@
// This body contains the control information.
// The second MIME body part MUST contain the actual encrypted data. It
// must be labeled with a content type of "application/octet-stream".
- else if ($struct->ctype_parameters['protocol'] == 'application/pgp-encrypted'
- && count($struct->parts) == 2
+ else if (count($struct->parts) == 2
&& $struct->parts[0] && $struct->parts[0]->mimetype == 'application/pgp-encrypted'
&& $struct->parts[1] && $struct->parts[1]->mimetype == 'application/octet-stream'
) {
@@ -458,8 +545,9 @@
*
* @param array Reference to hook's parameters
* @param string Message (part) body
+ * @param string Body prefix (additional text before the encrypted block)
*/
- private function parse_plain_signed(&$p, $body)
+ private function parse_plain_signed(&$p, $body, $prefix = '')
{
if (!$this->rc->config->get('enigma_signatures', true)) {
return;
@@ -473,23 +561,21 @@
$sig = $this->pgp_verify($body);
}
- // @TODO: Handle big bodies using (temp) files
-
// In this way we can use fgets on string as on file handle
- $fh = fopen('php://memory', 'br+');
- // @TODO: fopen/fwrite errors handling
- if ($fh) {
- fwrite($fh, $body);
- rewind($fh);
+ // Don't use php://temp for security (body may come from an encrypted part)
+ $fd = fopen('php://memory', 'r+');
+ if (!$fd) {
+ return;
}
+
+ fwrite($fd, $body);
+ rewind($fd);
$body = $part->body = null;
$part->body_modified = true;
// Extract body (and signature?)
- while (!feof($fh)) {
- $line = fgets($fh, 1024);
-
+ while (($line = fgets($fd, 1024)) !== false) {
if ($part->body === null)
$part->body = '';
else if (preg_match('/^-----BEGIN PGP SIGNATURE-----/', $line))
@@ -498,17 +584,22 @@
$part->body .= $line;
}
+ fclose($fd);
+
// Remove "Hash" Armor Headers
$part->body = preg_replace('/^.*\r*\n\r*\n/', '', $part->body);
// de-Dash-Escape (RFC2440)
$part->body = preg_replace('/(^|\n)- -/', '\\1-', $part->body);
- // Store signature data for display
- if (!empty($sig)) {
- $this->signatures[$part->mime_id] = $sig;
+ if ($prefix) {
+ $part->body = $prefix . $part->body;
}
- fclose($fh);
+ // Store signature data for display
+ if (!empty($sig)) {
+ $sig->partial = !empty($prefix);
+ $this->signatures[$part->mime_id] = $sig;
+ }
}
/**
@@ -575,8 +666,9 @@
*
* @param array Reference to hook's parameters
* @param string Message (part) body
+ * @param string Body prefix (additional text before the encrypted block)
*/
- private function parse_plain_encrypted(&$p, $body)
+ private function parse_plain_encrypted(&$p, $body, $prefix = '')
{
if (!$this->rc->config->get('enigma_decryption', true)) {
return;
@@ -603,15 +695,18 @@
// Parse decrypted message
if ($result === true) {
- $part->body = $body;
+ $part->body = $prefix . $body;
$part->body_modified = true;
+
+ // it maybe PGP signed inside, verify signature
+ $this->parse_plain($p, $body);
// Remember it was decrypted
$this->encrypted_parts[] = $part->mime_id;
- // PGP signed inside? verify signature
- if (preg_match('/^-----BEGIN PGP SIGNED MESSAGE-----/', $body)) {
- $this->parse_plain_signed($p, $body);
+ // Inform the user that only a part of the body was encrypted
+ if ($prefix) {
+ $this->decryptions[$part->mime_id] = self::ENCRYPTED_PARTIALLY;
}
// Encrypted plain message may contain encrypted attachments
@@ -676,7 +771,7 @@
$struct = $this->parse_body($body);
// Modify original message structure
- $this->modify_structure($p, $struct);
+ $this->modify_structure($p, $struct, strlen($body));
// Parse the structure (there may be encrypted/signed parts inside
$this->part_structure(array(
@@ -1143,10 +1238,11 @@
/**
* Replace message encrypted structure with decrypted message structure
*
- * @param array
- * @param rcube_message_part
+ * @param array Hook arguments
+ * @param rcube_message_part Part structure
+ * @param int Part size
*/
- private function modify_structure(&$p, $struct)
+ private function modify_structure(&$p, $struct, $size = 0)
{
// modify mime_parts property of the message object
$old_id = $p['structure']->mime_id;
@@ -1156,6 +1252,11 @@
unset($p['object']->mime_parts[$idx]);
}
}
+
+ // set some part params used by Roundcube core
+ $struct->headers = array_merge($p['structure']->headers, $struct->headers);
+ $struct->size = $size;
+ $struct->filename = $p['structure']->filename;
// modify the new structure to be correctly handled by Roundcube
$this->modify_structure_part($struct, $p['object'], $old_id);
@@ -1184,7 +1285,6 @@
// Cache the fact it was decrypted
$this->encrypted_parts[] = $part->mime_id;
-
$msg->mime_parts[$part->mime_id] = $part;
// modify sub-parts
--
Gitblit v1.9.1