X-Git-Url: http://git.madism.org/?p=apps%2Fmadmutt.git;a=blobdiff_plain;f=lib-crypt%2Fcrypt.c;h=dd2eb02e4b3c897792235231af9bb144edd0fcdc;hp=e4457a8c341f07bc0a4a77857d5fef7acbcfafe7;hb=9ed7a487e3a922f2cbb222961c2c9710c3a65f91;hpb=dbb9a1e16d03a2d4664d6dc6a30c721b889d4982 diff --git a/lib-crypt/crypt.c b/lib-crypt/crypt.c index e4457a8..dd2eb02 100644 --- a/lib-crypt/crypt.c +++ b/lib-crypt/crypt.c @@ -12,47 +12,27 @@ * please see the file GPL in the top level source directory. */ -#if HAVE_CONFIG_H -# include "config.h" -#endif +#include -#include -#include -#include -#include -#include +#ifdef HAVE_LOCALE_H +# include +#endif +#ifdef HAVE_SYS_RESOURCE_H +# include +#endif #include #include +#include -#include "mutt.h" +#include "alias.h" #include "handler.h" #include "copy.h" #include "crypt.h" #include "pgp.h" - -#include -#include -#include -#include -#include -#include -#include - -#ifdef HAVE_LOCALE_H -#include -#endif - -#ifdef HAVE_SYS_TIME_H -# include -#endif - -#ifdef HAVE_SYS_RESOURCE_H -# include -#endif - +static int crypt_write_signed (BODY *, STATE *, FILE *); /* print the current time to avoid spoofing of the signature output */ void crypt_current_time (STATE * s, const char *app_name) @@ -84,7 +64,7 @@ void crypt_forget_passphrase (void) } -#if defined(HAVE_SETRLIMIT) && (!defined(DEBUG)) +#if defined(HAVE_SETRLIMIT) static void disable_coredumps (void) { @@ -104,7 +84,7 @@ int crypt_valid_passphrase (int flags) { int ret = 0; -# if defined(HAVE_SETRLIMIT) &&(!defined(DEBUG)) +# if defined(HAVE_SETRLIMIT) disable_coredumps (); # endif @@ -142,10 +122,8 @@ int mutt_protect (HEADER * msg, char *keylist) } /* otherwise inline won't work...ask for revert */ - if ((i = - query_quadoption (OPT_PGPMIMEAUTO, - _ - ("Message can't be sent inline. Revert to using PGP/MIME?"))) + if ((i = query_quadoption(OPT_PGPMIMEAUTO, + _("Message can't be sent inline. Revert to using PGP/MIME?"))) != M_YES) { mutt_error _("Mail not sent."); @@ -197,7 +175,7 @@ int mutt_protect (HEADER * msg, char *keylist) which tmp_smime_pbody->parts after signing. */ tmp_smime_pbody->parts = tmp_smime_pbody->parts->next; msg->content->next = NULL; - mutt_free_body (&tmp_smime_pbody); + body_list_wipe(&tmp_smime_pbody); } pbody = tmp_pbody; } @@ -211,7 +189,7 @@ int mutt_protect (HEADER * msg, char *keylist) /* remove the outer multipart layer */ tmp_pgp_pbody = mutt_remove_multipart (tmp_pgp_pbody); /* get rid of the signature */ - mutt_free_body (&tmp_pgp_pbody->next); + body_list_wipe(&tmp_pgp_pbody->next); } return (-1); @@ -223,7 +201,7 @@ int mutt_protect (HEADER * msg, char *keylist) */ if (flags != msg->security) { tmp_pgp_pbody = mutt_remove_multipart (tmp_pgp_pbody); - mutt_free_body (&tmp_pgp_pbody->next); + body_list_wipe(&tmp_pgp_pbody->next); } } } @@ -235,162 +213,6 @@ int mutt_protect (HEADER * msg, char *keylist) } - - -int mutt_is_multipart_signed (BODY * b) -{ - char *p; - - if (!b || !(b->type == TYPEMULTIPART) || - !b->subtype || ascii_strcasecmp (b->subtype, "signed")) - return 0; - - if (!(p = mutt_get_parameter ("protocol", b->parameter))) - return 0; - - if (!(ascii_strcasecmp (p, "multipart/mixed"))) - return SIGN; - - if (!(ascii_strcasecmp (p, "application/pgp-signature"))) - return PGPSIGN; - - if (!(ascii_strcasecmp (p, "application/x-pkcs7-signature"))) - return SMIMESIGN; - if (!(ascii_strcasecmp (p, "application/pkcs7-signature"))) - return SMIMESIGN; - - return 0; -} - - -int mutt_is_multipart_encrypted (BODY * b) -{ - char *p; - - if (!b || b->type != TYPEMULTIPART || - !b->subtype || ascii_strcasecmp (b->subtype, "encrypted") || - !(p = mutt_get_parameter ("protocol", b->parameter)) || - ascii_strcasecmp (p, "application/pgp-encrypted")) - return 0; - - return PGPENCRYPT; -} - - -int mutt_is_application_pgp (BODY * m) -{ - int t = 0; - char *p; - - if (m->type == TYPEAPPLICATION) { - if (!ascii_strcasecmp (m->subtype, "pgp") - || !ascii_strcasecmp (m->subtype, "x-pgp-message")) { - if ((p = mutt_get_parameter ("x-action", m->parameter)) - && (!ascii_strcasecmp (p, "sign") - || !ascii_strcasecmp (p, "signclear"))) - t |= PGPSIGN; - - if ((p = mutt_get_parameter ("format", m->parameter)) && - !ascii_strcasecmp (p, "keys-only")) - t |= PGPKEY; - - if (!t) - t |= PGPENCRYPT; /* not necessarily correct, but... */ - } - - if (!ascii_strcasecmp (m->subtype, "pgp-signed")) - t |= PGPSIGN; - - if (!ascii_strcasecmp (m->subtype, "pgp-keys")) - t |= PGPKEY; - } - else if (m->type == TYPETEXT && ascii_strcasecmp ("plain", m->subtype) == 0) { - if (((p = mutt_get_parameter ("x-mutt-action", m->parameter)) - || (p = mutt_get_parameter ("x-action", m->parameter)) - || (p = mutt_get_parameter ("action", m->parameter))) - && !ascii_strncasecmp ("pgp-sign", p, 8)) - t |= PGPSIGN; - else if (p && !ascii_strncasecmp ("pgp-encrypt", p, 11)) - t |= PGPENCRYPT; - else if (p && !ascii_strncasecmp ("pgp-keys", p, 7)) - t |= PGPKEY; - } - if (t) - t |= PGPINLINE; - - return t; -} - -int mutt_is_application_smime (BODY * m) -{ - char *t = NULL; - int len, complain = 0; - - if (!m) - return 0; - - if ((m->type & TYPEAPPLICATION) && m->subtype) { - /* S/MIME MIME types don't need x- anymore, see RFC2311 */ - if (!ascii_strcasecmp (m->subtype, "x-pkcs7-mime") || - !ascii_strcasecmp (m->subtype, "pkcs7-mime")) { - if ((t = mutt_get_parameter ("smime-type", m->parameter))) { - if (!ascii_strcasecmp (t, "enveloped-data")) - return SMIMEENCRYPT; - else if (!ascii_strcasecmp (t, "signed-data")) - return (SMIMESIGN | SMIMEOPAQUE); - else - return 0; - } - /* Netscape 4.7 uses - * Content-Description: S/MIME Encrypted Message - * instead of Content-Type parameter - */ - if (!ascii_strcasecmp (m->description, "S/MIME Encrypted Message")) - return SMIMEENCRYPT; - complain = 1; - } - else if (ascii_strcasecmp (m->subtype, "octet-stream")) - return 0; - - t = mutt_get_parameter ("name", m->parameter); - - if (!t) - t = m->d_filename; - if (!t) - t = m->filename; - if (!t) { - if (complain) - mutt_message (_ - ("S/MIME messages with no hints on content are unsupported.")); - return 0; - } - - /* no .p7c, .p10 support yet. */ - - len = m_strlen(t) - 4; - if (len > 0 && *(t + len) == '.') { - len++; - if (!ascii_strcasecmp ((t + len), "p7m")) -#if 0 - return SMIMEENCRYPT; -#else - /* Not sure if this is the correct thing to do, but - it's required for compatibility with Outlook */ - return (SMIMESIGN | SMIMEOPAQUE); -#endif - else if (!ascii_strcasecmp ((t + len), "p7s")) - return (SMIMESIGN | SMIMEOPAQUE); - } - } - - return 0; -} - - - - - - int crypt_query (BODY * m) { int t = 0; @@ -443,20 +265,12 @@ int crypt_query (BODY * m) } - - -int crypt_write_signed (BODY * a, STATE * s, const char *tempfile) +static int crypt_write_signed (BODY * a, STATE * s, FILE *fp) { - FILE *fp; int c; short hadcr; size_t bytes; - if (!(fp = safe_fopen (tempfile, "w"))) { - mutt_perror (tempfile); - return -1; - } - fseeko (s->fpin, a->hdr_offset, 0); bytes = a->length + a->offset - a->hdr_offset; hadcr = 0; @@ -478,7 +292,6 @@ int crypt_write_signed (BODY * a, STATE * s, const char *tempfile) fputc (c, fp); } - fclose (fp); return 0; } @@ -514,8 +327,6 @@ void convert_to_7bit (BODY * a) } - - void crypt_extract_keys_from_messages (HEADER * h) { int i; @@ -523,9 +334,9 @@ void crypt_extract_keys_from_messages (HEADER * h) address_t *tmp = NULL; FILE *fpout; - mutt_mktemp (tempfname); - if (!(fpout = safe_fopen (tempfname, "w"))) { - mutt_perror (tempfname); + fpout = m_tempfile(tempfname, sizeof(tempfname), NONULL(Tempdir), NULL); + if (!fpout) { + mutt_error(_("Could not create temporary file")); return; } @@ -538,7 +349,7 @@ void crypt_extract_keys_from_messages (HEADER * h) if (Context->hdrs[Context->v2r[i]]->security & ENCRYPT && !crypt_valid_passphrase (Context->hdrs[Context->v2r[i]]-> security)) { - fclose (fpout); + m_fclose(&fpout); break; } @@ -609,7 +420,7 @@ void crypt_extract_keys_from_messages (HEADER * h) } } - fclose (fpout); + m_fclose(&fpout); if (isendwin ()) mutt_any_key_to_continue (NULL); @@ -671,6 +482,7 @@ static void crypt_fetch_signatures (BODY ***signatures, BODY * a, int *n) int mutt_signed_handler (BODY * a, STATE * s) { char tempfile[_POSIX_PATH_MAX]; + FILE * tempfp; char *protocol; int protocol_major = TYPEOTHER; char *protocol_minor = NULL; @@ -682,7 +494,7 @@ int mutt_signed_handler (BODY * a, STATE * s) short goodsig = 1; int rc = 0; - protocol = mutt_get_parameter ("protocol", a->parameter); + protocol = parameter_getval(a->parameter, "protocol"); a = a->parts; /* extract the protocol information */ @@ -731,31 +543,36 @@ int mutt_signed_handler (BODY * a, STATE * s) crypt_fetch_signatures (&signatures, a->next, &sigcnt); if (sigcnt) { - mutt_mktemp (tempfile); - if (crypt_write_signed (a, s, tempfile) == 0) { - for (i = 0; i < sigcnt; i++) { - if (signatures[i]->type == TYPEAPPLICATION - && !m_strcasecmp(signatures[i]->subtype, "pgp-signature")) { - if (crypt_pgp_verify_one (signatures[i], s, tempfile) != 0) - goodsig = 0; - - continue; - } - - if (signatures[i]->type == TYPEAPPLICATION - && (!m_strcasecmp(signatures[i]->subtype, "x-pkcs7-signature") - || !m_strcasecmp(signatures[i]->subtype, "pkcs7-signature"))) - { - if (crypt_smime_verify_one (signatures[i], s, tempfile) != 0) - goodsig = 0; - - continue; - } - - state_printf (s, _("[-- Warning: " - "We can't verify %s/%s signatures. --]\n\n"), - TYPE (signatures[i]), signatures[i]->subtype); + tempfp = m_tempfile(tempfile, sizeof(tempfile), NONULL(Tempdir), NULL); + if (!tempfp) { + mutt_error(_("Could not create temporary file")); + } else { + if (crypt_write_signed (a, s, tempfp) == 0) { + for (i = 0; i < sigcnt; i++) { + if (signatures[i]->type == TYPEAPPLICATION + && !m_strcasecmp(signatures[i]->subtype, "pgp-signature")) { + if (crypt_pgp_verify_one (signatures[i], s, tempfile) != 0) + goodsig = 0; + + continue; + } + + if (signatures[i]->type == TYPEAPPLICATION + && (!m_strcasecmp(signatures[i]->subtype, "x-pkcs7-signature") + || !m_strcasecmp(signatures[i]->subtype, "pkcs7-signature"))) + { + if (crypt_smime_verify_one (signatures[i], s, tempfile) != 0) + goodsig = 0; + + continue; + } + + state_printf (s, _("[-- Warning: " + "We can't verify %s/%s signatures. --]\n\n"), + TYPE (signatures[i]), signatures[i]->subtype); + } } + m_fclose(&tempfp); } mutt_unlink (tempfile);