/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */ /* * Authors: Nathan Thompson-Amato * Dan Winship * Jeffrey Stedfast * * Copyright (C) Helix Code, Inc. (www.helixcode.com) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ #ifdef HAVE_CONFIG_H # include #endif #include /* for _() macro */ #include "openpgp-utils.h" #include "mail-session.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define d(x) struct _PgpValidity { gboolean valid; gchar *description; }; static const gchar *pgp_path = NULL; static PgpType pgp_type = PGP_TYPE_NONE; static const gchar * pgp_get_type_as_string (PgpType type) { switch (pgp_type) { case PGP_TYPE_GPG: return "GnuPG"; case PGP_TYPE_PGP5: return "PGP5"; case PGP_TYPE_PGP2: return "PGP2.x"; default: g_assert_not_reached (); return NULL; } } static gchar * pgp_get_passphrase (const gchar *userid) { gchar *passphrase, *prompt; const char *type; type = pgp_get_type_as_string (pgp_type); if (userid) prompt = g_strdup_printf (_("Please enter your %s passphrase for %s"), type, userid); else prompt = g_strdup_printf (_("Please enter your %s passphrase"), type); /* Use the userid as a key if possible, else be generic and use the type */ passphrase = mail_session_request_dialog (prompt, TRUE, userid ? userid : type, FALSE); g_free (prompt); return passphrase; } static void pgp_forget_passphrase (const char *key) { if (!key) key = pgp_get_type_as_string (pgp_type); mail_session_forget_password (key); } /** * openpgp_init: * @path: path to pgp * @type: pgp program type * * Initializes pgp variables **/ void openpgp_init (const gchar *path, PgpType type) { pgp_path = path; pgp_type = type; } /** * openpgp_detect: * @text: input text * * Returns TRUE if it is found that the text contains a PGP encrypted * block otherwise returns FALSE. **/ gboolean openpgp_detect (const gchar *text) { if (strstr (text, "-----BEGIN PGP MESSAGE-----")) return TRUE; return FALSE; } /** * openpgp_sign_detect: * @text: input text * * Returns TRUE if it is found that the text contains a PGP signed * block otherwise returns FALSE. **/ gboolean openpgp_sign_detect (const gchar *text) { if (strstr (text, "-----BEGIN PGP SIGNED MESSAGE-----")) return TRUE; return FALSE; } static int cleanup_child (pid_t child) { int status; pid_t wait_result; sigset_t mask, omask; /* PGP5 closes fds before exiting, meaning this might be called * too early. So wait a bit for the result. */ sigemptyset (&mask); sigaddset (&mask, SIGALRM); sigprocmask (SIG_BLOCK, &mask, &omask); alarm (1); wait_result = waitpid (child, &status, 0); alarm (0); sigprocmask (SIG_SETMASK, &omask, NULL); if (wait_result == -1 && errno == EINTR) { /* The child is hanging: send a friendly reminder. */ kill (child, SIGTERM); sleep (1); wait_result = waitpid (child, &status, WNOHANG); if (wait_result == 0) { /* Still hanging; use brute force. */ kill (child, SIGKILL); sleep (1); wait_result = waitpid (child, &status, WNOHANG); } } if (wait_result != -1 && WIFEXITED (status)) return WEXITSTATUS (status); else return -1; } static void cleanup_before_exec (int fd) { int maxfd, i; maxfd = sysconf (_SC_OPEN_MAX); if (maxfd < 0) return; /* Loop over all fds. */ for (i = 0; i < maxfd; i++) { if ((STDIN_FILENO != i) && (STDOUT_FILENO != i) && (STDERR_FILENO != i) && (fd != i)) close (i); } } static int crypto_exec_with_passwd (const char *path, char *argv[], const char *input, int inlen, int passwd_fds[], const char *passphrase, char **output, int *outlen, char **diagnostics) { fd_set fdset, write_fdset; int ip_fds[2], op_fds[2], diag_fds[2]; int select_result, read_len, write_len; size_t tmp_len; pid_t child; char *buf, *diag_buf; const char *passwd_next, *input_next; size_t size, alloc_size, diag_size, diag_alloc_size; gboolean eof_seen, diag_eof_seen, passwd_eof_seen, input_eof_seen; size_t passwd_remaining, passwd_incr, input_remaining, input_incr; struct timeval timeout; if ((pipe (ip_fds) < 0 ) || (pipe (op_fds) < 0 ) || (pipe (diag_fds) < 0 )) { *diagnostics = g_strdup_printf ("Couldn't create pipe to %s: " "%s", pgp_path, g_strerror (errno)); return 0; } if (!(child = fork ())) { /* In child */ if ((dup2 (ip_fds[0], STDIN_FILENO) < 0 ) || (dup2 (op_fds[1], STDOUT_FILENO) < 0 ) || (dup2 (diag_fds[1], STDERR_FILENO) < 0 )) { _exit (255); } /* Dissociate from evolution-mail's controlling * terminal so that pgp/gpg won't be able to read from * it: PGP 2 will fall back to asking for the password * on /dev/tty if the passed-in password is incorrect. * This will make that fail rather than hanging. */ setsid (); /* Close excess fds */ cleanup_before_exec (passwd_fds[0]); execvp (path, argv); fprintf (stderr, "Could not execute %s: %s\n", argv[0], g_strerror (errno)); _exit (255); } else if (child < 0) { *diagnostics = g_strdup_printf ("Cannot fork %s: %s", argv[0], g_strerror (errno)); return 0; } /* Parent */ close (ip_fds[0]); close (op_fds[1]); close (diag_fds[1]); close (passwd_fds[0]); timeout.tv_sec = 10; /* timeout in seconds */ timeout.tv_usec = 0; size = diag_size = 0; alloc_size = 4096; diag_alloc_size = 1024; eof_seen = diag_eof_seen = FALSE; buf = g_malloc (alloc_size); diag_buf = g_malloc (diag_alloc_size); passwd_next = passphrase; passwd_remaining = passphrase ? strlen (passphrase) : 0; passwd_incr = fpathconf (passwd_fds[1], _PC_PIPE_BUF); /* Use a reasonable default value on error. */ if (passwd_incr <= 0) passwd_incr = 1024; passwd_eof_seen = FALSE; input_next = input; input_remaining = inlen; input_incr = fpathconf (ip_fds[1], _PC_PIPE_BUF); if (input_incr <= 0) input_incr = 1024; input_eof_seen = FALSE; while (!(eof_seen && diag_eof_seen)) { FD_ZERO (&fdset); if (!eof_seen) FD_SET (op_fds[0], &fdset); if (!diag_eof_seen) FD_SET (diag_fds[0], &fdset); FD_ZERO (&write_fdset); if (!passwd_eof_seen) FD_SET (passwd_fds[1], &write_fdset); if (!input_eof_seen) FD_SET (ip_fds[1], &write_fdset); select_result = select (FD_SETSIZE, &fdset, &write_fdset, NULL, &timeout); if (select_result < 0) { if (errno == EINTR) continue; break; } if (select_result == 0) { /* timeout */ break; } if (FD_ISSET (op_fds[0], &fdset)) { /* More output is available. */ if (size + 4096 > alloc_size) { alloc_size += 4096; buf = g_realloc (buf , alloc_size); } read_len = read (op_fds[0], &buf[size], alloc_size - size - 1); if (read_len < 0) { if (errno == EINTR) continue; break; } if (read_len == 0) eof_seen = TRUE; size += read_len; } if (FD_ISSET(diag_fds[0], &fdset) ) { /* More stderr is available. */ if (diag_size + 1024 > diag_alloc_size) { diag_alloc_size += 1024; diag_buf = g_realloc (diag_buf, diag_alloc_size); } read_len = read (diag_fds[0], &diag_buf[diag_size], diag_alloc_size - diag_size - 1); if (read_len < 0) { if (errno == EINTR) continue; break; } if (read_len == 0) diag_eof_seen = TRUE; diag_size += read_len; } if (FD_ISSET(passwd_fds[1], &write_fdset)) { /* Ready for more password input. */ tmp_len = passwd_incr; if (tmp_len > passwd_remaining) tmp_len = passwd_remaining; write_len = write (passwd_fds[1], passwd_next, tmp_len); if (write_len < 0) { if (errno == EINTR) continue; break; } passwd_next += write_len; passwd_remaining -= write_len; if (passwd_remaining == 0) { close (passwd_fds[1]); passwd_eof_seen = TRUE; } } if (FD_ISSET(ip_fds[1], &write_fdset)) { /* Ready for more ciphertext input. */ tmp_len = input_incr; if (tmp_len > input_remaining) tmp_len = input_remaining; write_len = write (ip_fds[1], input_next, tmp_len); if (write_len < 0) { if (errno == EINTR) continue; break; } input_next += write_len; input_remaining -= write_len; if (input_remaining == 0 ) { close (ip_fds[1]); input_eof_seen = TRUE; } } } buf[size] = 0; diag_buf[diag_size] = 0; close (op_fds[0]); close (diag_fds[0]); *output = buf; if (outlen) *outlen = size; *diagnostics = diag_buf; return cleanup_child (child); } /*----------------------------------------------------------------------* * Public crypto functions *----------------------------------------------------------------------*/ /** * openpgp_decrypt: * @ciphertext: ciphertext to decrypt * @cipherlen: ciphertext length * @outlen: output length of the decrypted data (to be set by #openpgp_decrypt) * @ex: exception * * Returns an allocated buffer containing the decrypted ciphertext. If * the cleartext is plain text then you may treat it like a normal * string as it will be NUL terminated, however #outlen is also set in * the case that the cleartext is a binary stream. **/ gchar * openpgp_decrypt (const gchar *ciphertext, gint cipherlen, gint *outlen, CamelException *ex) { char *argv[15]; char *plaintext = NULL; char *diagnostics = NULL; char *passphrase; int passwd_fds[2]; char passwd_fd[32]; int retval, i; if (pgp_type == PGP_TYPE_NONE) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("No GPG/PGP program available.")); return NULL; } passphrase = pgp_get_passphrase (NULL); if (!passphrase) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("No password provided.")); return NULL; } if (pipe (passwd_fds) < 0) { g_free (passphrase); pgp_forget_passphrase (NULL); camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("Couldn't create pipe to GPG/PGP: %s"), g_strerror (errno)); return NULL; } i = 0; switch (pgp_type) { case PGP_TYPE_GPG: argv[i++] = "gpg"; argv[i++] = "--verbose"; argv[i++] = "--yes"; argv[i++] = "--batch"; argv[i++] = "--output"; argv[i++] = "-"; /* output to stdout */ argv[i++] = "--decrypt"; argv[i++] = "--passphrase-fd"; sprintf (passwd_fd, "%d", passwd_fds[0]); argv[i++] = passwd_fd; break; case PGP_TYPE_PGP5: argv[i++] = "pgpv"; argv[i++] = "-f"; argv[i++] = "+batchmode=1"; sprintf (passwd_fd, "PGPPASSFD=%d", passwd_fds[0]); putenv (passwd_fd); break; case PGP_TYPE_PGP2: argv[i++] = "pgp"; argv[i++] = "-f"; sprintf (passwd_fd, "PGPPASSFD=%d", passwd_fds[0]); putenv (passwd_fd); break; default: break; } argv[i++] = NULL; retval = crypto_exec_with_passwd (pgp_path, argv, ciphertext, cipherlen, passwd_fds, passphrase, &plaintext, outlen, &diagnostics); g_free (passphrase); if (retval != 0 || !*plaintext) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, "%s", diagnostics); g_free (plaintext); g_free (diagnostics); pgp_forget_passphrase (NULL); return NULL; } g_free (diagnostics); return plaintext; } /** * openpgp_encrypt: * @in: data to encrypt * @inlen: input length of input data * @recipients: An array of recipient ids * @sign: TRUE if you want to sign as well as encrypt * @userid: userid to use when signing (assuming #sign is TRUE) * @ex: exception * * Returns an allocated string containing the ciphertext. **/ gchar * openpgp_encrypt (const gchar *in, gint inlen, const GPtrArray *recipients, gboolean sign, const gchar *userid, CamelException *ex) { GPtrArray *recipient_list = NULL; GPtrArray *argv = NULL; int retval, r; char *ciphertext = NULL; char *diagnostics = NULL; int passwd_fds[2]; char passwd_fd[32]; char *passphrase = NULL; if (pgp_type == PGP_TYPE_NONE) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("No GPG/PGP program available.")); return NULL; } if (sign) { /* we only need a passphrase if we intend on signing */ passphrase = pgp_get_passphrase (NULL); if (!passphrase) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("No password provided.")); return NULL; } } if (pipe (passwd_fds) < 0) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("Couldn't create pipe to GPG/PGP: %s"), g_strerror (errno)); if (sign) { g_free (passphrase); pgp_forget_passphrase (NULL); } return NULL; } /* check to make sure we have recipients */ if (recipients->len == 0) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("No recipients specified")); if (sign) { g_free (passphrase); pgp_forget_passphrase (NULL); } return NULL; } argv = g_ptr_array_new (); recipient_list = g_ptr_array_new (); switch (pgp_type) { case PGP_TYPE_GPG: for (r = 0; r < recipients->len; r++) { char *buf, *recipient; recipient = recipients->pdata[r]; buf = g_strdup_printf ("-r %s", recipient); g_ptr_array_add (recipient_list, buf); g_free (recipient); } g_ptr_array_add (argv, "gpg"); g_ptr_array_add (argv, "--verbose"); g_ptr_array_add (argv, "--yes"); g_ptr_array_add (argv, "--batch"); g_ptr_array_add (argv, "--armor"); for (r = 0; r < recipient_list->len; r++) g_ptr_array_add (argv, recipient_list->pdata[r]); g_ptr_array_add (argv, "--output"); g_ptr_array_add (argv, "-"); /* output to stdout */ g_ptr_array_add (argv, "--encrypt"); if (sign) { g_ptr_array_add (argv, "--sign"); g_ptr_array_add (argv, "-u"); g_ptr_array_add (argv, (gchar *) userid); g_ptr_array_add (argv, "--passphrase-fd"); sprintf (passwd_fd, "%d", passwd_fds[0]); g_ptr_array_add (argv, passwd_fd); } break; case PGP_TYPE_PGP5: for (r = 0; r < recipients->len; r++) { char *buf, *recipient; recipient = recipients->pdata[r]; buf = g_strdup_printf ("-r %s", recipient); g_ptr_array_add (recipient_list, buf); g_free (recipient); } g_ptr_array_add (argv, "pgpe"); for (r = 0; r < recipient_list->len; r++) g_ptr_array_add (argv, recipient_list->pdata[r]); g_ptr_array_add (argv, "-f"); g_ptr_array_add (argv, "-z"); g_ptr_array_add (argv, "-a"); g_ptr_array_add (argv, "-o"); g_ptr_array_add (argv, "-"); /* output to stdout */ if (sign) { g_ptr_array_add (argv, "-s"); g_ptr_array_add (argv, "-u"); g_ptr_array_add (argv, (gchar *) userid); sprintf (passwd_fd, "PGPPASSFD=%d", passwd_fds[0]); putenv (passwd_fd); } break; case PGP_TYPE_PGP2: for (r = 0; r < recipients->len; r++) { char *buf, *recipient; recipient = recipients->pdata[r]; buf = g_strdup (recipient); g_ptr_array_add (recipient_list, buf); g_free (recipient); } g_ptr_array_add (argv, "pgp"); g_ptr_array_add (argv, "-f"); g_ptr_array_add (argv, "-e"); g_ptr_array_add (argv, "-a"); g_ptr_array_add (argv, "-o"); g_ptr_array_add (argv, "-"); for (r = 0; r < recipient_list->len; r++) g_ptr_array_add (argv, recipient_list->pdata[r]); if (sign) { g_ptr_array_add (argv, "-s"); g_ptr_array_add (argv, "-u"); g_ptr_array_add (argv, (gchar *) userid); sprintf (passwd_fd, "PGPPASSFD=%d", passwd_fds[0]); putenv (passwd_fd); } break; default: break; } g_ptr_array_add (argv, NULL); retval = crypto_exec_with_passwd (pgp_path, (char **) argv->pdata, in, inlen, passwd_fds, passphrase, &ciphertext, NULL, &diagnostics); g_free (passphrase); g_ptr_array_free (argv, TRUE); if (retval != 0 || !*ciphertext) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, "%s", diagnostics); g_free (ciphertext); ciphertext = NULL; if (sign) pgp_forget_passphrase (NULL); } if (recipient_list) { for (r = 0; r < recipient_list->len; r++) g_free (recipient_list->pdata[r]); g_ptr_array_free (recipient_list, TRUE); } g_free (diagnostics); return ciphertext; } /** * openpgp_clearsign: * @plaintext: plain readable text to clearsign * @userid: userid to sign with * @hash: Preferred hash function (md5 or sha1) * @ex: exception * * Returns an allocated string containing the clearsigned plaintext * using the preferred hash. **/ gchar * openpgp_clearsign (const gchar *plaintext, const gchar *userid, PgpHashType hash, CamelException *ex) { char *argv[15]; char *ciphertext = NULL; char *diagnostics = NULL; char *passphrase = NULL; char *hash_str = NULL; int passwd_fds[2]; char passwd_fd[32]; int retval, i; if (pgp_type == PGP_TYPE_NONE) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("No GPG/PGP program available.")); return NULL; } passphrase = pgp_get_passphrase (userid); if (!passphrase) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("No password provided.")); return NULL; } if (pipe (passwd_fds) < 0) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("Couldn't create pipe to GPG/PGP: %s"), g_strerror (errno)); g_free (passphrase); pgp_forget_passphrase (userid); return NULL; } switch (hash) { case PGP_HASH_TYPE_MD5: hash_str = "MD5"; break; case PGP_HASH_TYPE_SHA1: hash_str = "SHA1"; break; default: break; } i = 0; switch (pgp_type) { case PGP_TYPE_GPG: argv[i++] = "gpg"; argv[i++] = "--clearsign"; if (hash_str) { argv[i++] = "--digest-algo"; argv[i++] = hash_str; } if (userid) { argv[i++] = "-u"; argv[i++] = (char *) userid; } argv[i++] = "--verbose"; argv[i++] = "--yes"; argv[i++] = "--batch"; argv[i++] = "--armor"; argv[i++] = "--output"; argv[i++] = "-"; /* output to stdout */ argv[i++] = "--passphrase-fd"; sprintf (passwd_fd, "%d", passwd_fds[0]); argv[i++] = passwd_fd; break; case PGP_TYPE_PGP5: /* FIXME: modify to respect hash */ argv[i++] = "pgps"; if (userid) { argv[i++] = "-u"; argv[i++] = (char *) userid; } argv[i++] = "-f"; argv[i++] = "-z"; argv[i++] = "-a"; argv[i++] = "-o"; argv[i++] = "-"; /* output to stdout */ sprintf (passwd_fd, "PGPPASSFD=%d", passwd_fds[0]); putenv (passwd_fd); break; case PGP_TYPE_PGP2: /* FIXME: modify to respect hash */ argv[i++] = "pgp"; if (userid) { argv[i++] = "-u"; argv[i++] = (char *) userid; } argv[i++] = "-f"; argv[i++] = "-a"; argv[i++] = "-o"; argv[i++] = "-"; argv[i++] = "-st"; sprintf (passwd_fd, "PGPPASSFD=%d", passwd_fds[0]); putenv (passwd_fd); break; default: break; } argv[i++] = NULL; retval = crypto_exec_with_passwd (pgp_path, argv, plaintext, strlen (plaintext), passwd_fds, passphrase, &ciphertext, NULL, &diagnostics); g_free (passphrase); if (retval != 0 || !*ciphertext) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, "%s", diagnostics); g_free (ciphertext); ciphertext = NULL; pgp_forget_passphrase (userid); } g_free (diagnostics); return ciphertext; } /** * openpgp_sign: * @in: input data to sign * @inlen: length of input data * @userid: userid to sign with * @hash: preferred hash type (md5 or sha1) * @ex: exception * * Returns an allocated string containing the detached signature using * the preferred hash. **/ gchar * openpgp_sign (const gchar *in, gint inlen, const gchar *userid, PgpHashType hash, CamelException *ex) { char *argv[20]; char *ciphertext = NULL; char *diagnostics = NULL; char *passphrase = NULL; char *hash_str = NULL; int passwd_fds[2]; char passwd_fd[32]; int retval, i; if (pgp_type == PGP_TYPE_NONE) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("No GPG/PGP program available.")); return NULL; } passphrase = pgp_get_passphrase (userid); if (!passphrase) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("No password provided.")); return NULL; } if (pipe (passwd_fds) < 0) { g_free (passphrase); pgp_forget_passphrase (userid); camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("Couldn't create pipe to GPG/PGP: %s"), g_strerror (errno)); return NULL; } switch (hash) { case PGP_HASH_TYPE_MD5: hash_str = "MD5"; break; case PGP_HASH_TYPE_SHA1: hash_str = "SHA1"; break; default: break; } i = 0; switch (pgp_type) { case PGP_TYPE_GPG: argv[i++] = "gpg"; argv[i++] = "--sign"; argv[i++] = "-b"; if (hash_str) { argv[i++] = "--digest-algo"; argv[i++] = hash_str; } if (userid) { argv[i++] = "-u"; argv[i++] = (char *) userid; } argv[i++] = "--verbose"; argv[i++] = "--yes"; argv[i++] = "--batch"; argv[i++] = "--armor"; argv[i++] = "--output"; argv[i++] = "-"; /* output to stdout */ argv[i++] = "--passphrase-fd"; sprintf (passwd_fd, "%d", passwd_fds[0]); argv[i++] = passwd_fd; break; case PGP_TYPE_PGP5: /* FIXME: respect hash */ argv[i++] = "pgps"; if (userid) { argv[i++] = "-u"; argv[i++] = (char *) userid; } argv[i++] = "-b"; argv[i++] = "-f"; argv[i++] = "-z"; argv[i++] = "-a"; argv[i++] = "-o"; argv[i++] = "-"; /* output to stdout */ sprintf (passwd_fd, "PGPPASSFD=%d", passwd_fds[0]); putenv (passwd_fd); break; case PGP_TYPE_PGP2: /* FIXME: respect hash */ argv[i++] = "pgp"; if (userid) { argv[i++] = "-u"; argv[i++] = (char *) userid; } argv[i++] = "-f"; argv[i++] = "-a"; argv[i++] = "-o"; argv[i++] = "-"; argv[i++] = "-sb"; /* create a detached signature */ sprintf (passwd_fd, "PGPPASSFD=%d", passwd_fds[0]); putenv (passwd_fd); break; default: break; } argv[i++] = NULL; retval = crypto_exec_with_passwd (pgp_path, argv, in, inlen, passwd_fds, passphrase, &ciphertext, NULL, &diagnostics); g_free (passphrase); if (retval != 0 || !*ciphertext) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, "%s", diagnostics); g_free (ciphertext); ciphertext = NULL; pgp_forget_passphrase (userid); } g_free (diagnostics); return ciphertext; } static char * swrite (const char *data, int len) { char *template; int fd; template = g_strdup ("/tmp/evolution-pgp.XXXXXX"); fd = mkstemp (template); if (fd == -1) { g_free (template); return NULL; } write (fd, data, len); close (fd); return template; } PgpValidity * openpgp_verify (const gchar *in, gint inlen, const gchar *sigin, gint siglen, CamelException *ex) { char *argv[20]; char *cleartext = NULL; char *diagnostics = NULL; int passwd_fds[2]; char *sigfile = NULL; int retval, i, clearlen; PgpValidity *valid = NULL; if (pgp_type == PGP_TYPE_NONE) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("No GPG/PGP program available.")); return NULL; } if (pipe (passwd_fds) < 0) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("Couldn't create pipe to GPG/PGP: %s"), g_strerror (errno)); return NULL; } if (sigin != NULL && siglen) { /* We are going to verify a detached signature so save the signature to a temp file. */ sigfile = swrite (sigin, siglen); if (!sigfile) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, _("Couldn't create temp file: %s"), g_strerror (errno)); return NULL; } } i = 0; switch (pgp_type) { case PGP_TYPE_GPG: argv[i++] = "gpg"; argv[i++] = "--verify"; argv[i++] = "--no-tty"; /*argv[i++] = "--verbose";*/ /*argv[i++] = "--yes";*/ /*argv[i++] = "--batch";*/ if (sigin != NULL && siglen) argv[i++] = sigfile; argv[i++] = "-"; break; case PGP_TYPE_PGP5: argv[i++] = "pgpv"; argv[i++] = "-z"; if (sigin != NULL && siglen) argv[i++] = sigfile; argv[i++] = "-f"; break; case PGP_TYPE_PGP2: argv[i++] = "pgp"; if (sigin != NULL && siglen) argv[i++] = sigfile; argv[i++] = "-f"; break; default: break; } argv[i++] = NULL; clearlen = 0; retval = crypto_exec_with_passwd (pgp_path, argv, in, inlen, passwd_fds, NULL, &cleartext, &clearlen, &diagnostics); /* cleanup */ if (sigfile) { unlink (sigfile); g_free (sigfile); } valid = openpgp_validity_new (); if (retval != 0) { camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM, "%s", diagnostics); openpgp_validity_set_valid (valid, FALSE); } else { openpgp_validity_set_valid (valid, TRUE); } if (diagnostics) { char *charset; const char *buf; char *desc, *outbuf; iconv_t cd; size_t len, outlen; charset = getenv ("CHARSET"); if (!charset) charset = "US-ASCII"; cd = iconv_open ("UTF-8", charset); len = strlen (diagnostics); outlen = 2 * len; outbuf = desc = g_malloc0 (outlen + 1); buf = diagnostics; if (cd == (iconv_t) -1 || iconv (cd, &buf, &len, &outbuf, &outlen) == -1) { g_free (desc); desc = g_strdup (diagnostics); } if (cd != (iconv_t) -1) iconv_close (cd); openpgp_validity_set_description (valid, desc); g_free (desc); } g_free (diagnostics); g_free (cleartext); return valid; } /* PGP Validity */ PgpValidity * openpgp_validity_new (void) { PgpValidity *validity; validity = g_new (PgpValidity, 1); validity->valid = FALSE; validity->description = NULL; return validity; } void openpgp_validity_init (PgpValidity *validity) { g_assert (validity != NULL); validity->valid = FALSE; validity->description = NULL; } gboolean openpgp_validity_get_valid (PgpValidity *validity) { if (validity == NULL) return FALSE; return validity->valid; } void openpgp_validity_set_valid (PgpValidity *validity, gboolean valid) { g_assert (validity != NULL); validity->valid = valid; } gchar * openpgp_validity_get_description (PgpValidity *validity) { if (validity == NULL) return NULL; return validity->description; } void openpgp_validity_set_description (PgpValidity *validity, const gchar *description) { g_assert (validity != NULL); g_free (validity->description); validity->description = g_strdup (description); } void openpgp_validity_clear (PgpValidity *validity) { g_assert (validity != NULL); validity->valid = FALSE; g_free (validity->description); validity->description = NULL; } void openpgp_validity_free (PgpValidity *validity) { if (validity == NULL) return; g_free (validity->description); g_free (validity); } tions'>+43 * [patch] Unbreak port: games/CaribbeanStudedwin2003-09-2812-16/+317 * Updated Port 'games/scummvm' to 0.5.1edwin2003-09-282-5/+5 * Update Maria-sama ga Miteru to 0.50.nork2003-09-273-3/+59 * Update to 4.0.0 release.demon2003-09-272-7/+4 * - Update of games/nwnusers to version 1.4 due to protocolkrion2003-09-272-3/+3 * - ECHO -> ECHO_MSGedwin2003-09-274-18/+18 * . Update nethack web page.glewis2003-09-271-1/+1 * . Update Moria web page location.glewis2003-09-271-1/+1 * update: games/linux-nwserver 1.30 -> 1.31daichi2003-09-262-5/+5 * This is a port of QWDtools For UNIX, very useful utility tokrion2003-09-256-0/+58 * This is a new port of tetris game, written almost 15 years ago,krion2003-09-2510-0/+159 * - Update to version 0.0.3krion2003-09-242-2/+2 * Use ${STRIP_CMD} instead of strip.osa2003-09-241-1/+1 * - Change MASTER_SITESkrion2003-09-243-15/+4 * Make portlint(1) happy by changing strip to ${STRIP_CMD}osa2003-09-249-9/+9 * Report our platform as FreeBSD, not Linnexedwin2003-09-241-0/+11 * Remove a MASTER_SITE with a corrupt DISTFILE as reported by bento.tom2003-09-241-2/+1 * - Fix build converting port to use bsd.gnome.mk [1]bland2003-09-211-15/+3 * - Fix build converting port to use bsd.gnome.mkbland2003-09-211-5/+2 * - Fix buildkrion2003-09-191-1/+1 * Upgrade to Qt 3.2.1 / KDE 3.1.4. See x11/kde3/Makefile rev 1.64 for details.will2003-09-182-2/+2 * Add dependency on automake.edwin2003-09-181-0/+1 * Update to GNOME 2.4.0. For all the goodies on what's changed, known issues,marcus2003-09-1822-597/+349 * Chase multimedia/xmms library bump.edwin2003-09-182-5/+5 * . Treat carriage returns the same as linefeeds when entering data. Thisglewis2003-09-104-0/+78 * s/DOCSDIR/DATADIR/nork2003-09-101-1339/+1339 * Fix typo.nork2003-09-101-1/+1 * Update Maria-sama ga Miteru to 0.30 [1].nork2003-09-103-1292/+1342 * [PATCH] add xaw3d build option to games/xboardedwin2003-09-081-1/+7 * upgrade games/cgoban to 1.9.13edwin2003-09-088-23/+1002 * [maintainer update] train director to 1.18eedwin2003-09-0815-108/+136 * new-port: game, train control simulationedwin2003-09-0814-0/+215 * adventure.6 man-page, add section AUTHORSedwin2003-09-082-0/+22 * Update port: games/gnomermind to 1.0.1edwin2003-09-084-28/+20 * Update port: games/madbomberedwin2003-09-081-2/+2 * - Fix MASTER_SITESdinoex2003-09-071-1/+3 * . Add a port of the LDMud driver (with optional 2.4.5 mudlib).glewis2003-09-068-0/+1128 * - Silence GCC warnings on 5.x (missing \n at EOF)krion2003-09-051-5/+12 * Allow configure to find SDL_mixer headers and libraries, and useadamw2003-09-051-0/+2 * [Maintainer Update] games/gl-117 0.9 -> 1.0edwin2003-09-045-33/+304 * Upgrade to 4.82.tg2003-09-043-91/+91 * Update games/bsdtris portedwin2003-09-044-15/+14 * Update to version 4.0 RC3.demon2003-09-032-7/+6 * - Update to version 0.8.3krion2003-09-032-2/+2 * - Fix build on -currentkrion2003-09-031-0/+33 * - Update to version 0.4.0krion2003-09-0312-106/+36 * Add p5-Games-Bingo-Print 0.01,mat2003-09-015-0/+59 * Add p5-Games-Bingo-Bot 0.01,mat2003-09-015-0/+55 * Add p5-Games-Bingo 0.08, a bingo game Perl implementation.mat2003-09-015-0/+52 * Update port:osa2003-09-018-26/+227 * - Update games/grhino to 0.8.2krion2003-09-016-36/+32 * - don't clobber any given LDFLAGSdinoex2003-09-011-2/+2 * [patch] fix pygame detection in games/joolsedwin2003-08-312-0/+19 * - Fix build on -current (varargs -> stdarg)krion2003-08-301-6/+86 * - Argh, author applied patches to sources andkrion2003-08-294-44/+2 * - Update to version 1.4.5krion2003-08-294-2/+45 * Update to 3.4osa2003-08-283-7/+3 * make master port for japanese/quit.nork2003-08-281-3/+5 * - use new hook USE_GNUSTEP in bsd.port.mkdinoex2003-08-282-13/+6 * - Fix MASTER_SITESkrion2003-08-283-39/+41 * Respect CFLAGS, use sound (unless WITHOUT_SOUND is requested).mi2003-08-272-0/+16 * - Update to version 2.10krion2003-08-278-83/+34 * Bump the PORTREVISION for the ports directly affected by the gettext upgrade.marcus2003-08-275-2/+5 * - Remove BROKEN mark (distfile is fetchable)krion2003-08-262-6/+7 * - Fix WWW: linekrion2003-08-263-26/+14 * - Fix MASTER_SITESkrion2003-08-262-16/+14 * Update to version 1.14.0.demon2003-08-266-8/+28 * Update to 2.0lioux2003-08-263-19/+614 * Update to 1.1.1.blioux2003-08-263-60/+71 * o Update MASTER_SITESlioux2003-08-262-5/+3 * Update WWW taglioux2003-08-261-1/+1 * Mark IGNORE since current version is not available for Linux yetlioux2003-08-261-0/+2 * Update MASTER_SITESlioux2003-08-261-1/+1 * Mark IGNORE as current version is no longer available anywherelioux2003-08-261-0/+2 * More MASTER_SITESlioux2003-08-261-1/+2 * New Port: games/quit A bicycle with traillers like "sl".edwin2003-08-255-0/+38 * Chase the libintl.so shared lib version.marcus2003-08-257-7/+7 * - fix pkg-plistkrion2003-08-252-60/+357 * * Correct the info filenamemarcus2003-08-241-8/+3 * - Update to version 0.3.5krion2003-08-243-3/+4 * Update to build 35.mdodd2003-08-2466-258/+1322 * Upgrade criticalmass to 0.98, also fixing gcc 3 build problems.nbm2003-08-233-11/+6 * . Only #define HUNGER_STR_LEN once.glewis2003-08-222-4/+2 * . Bump PORTREVISION for rogue save file overflow fix.glewis2003-08-222-0/+2 * . Fix a potential buffer overflow in restoring rogue save files.glewis2003-08-2216-0/+390 * . Fix a spelling error in a game message.glewis2003-08-222-0/+26 * update games/linux-nwserver: some fixesdaichi2003-08-192-0/+50 * Fix building on -current.tg2003-08-181-0/+57 * Fix compilation with new GCC (abuse of pasting in macros).anholt2003-08-183-0/+165 * - Support USE_GETOPT_LONGkrion2003-08-181-6/+7 * add xfce4-panel to RUN_DEPENDS toooliver2003-08-171-0/+1 * take maintainershipoliver2003-08-171-1/+1 * Use INFO.marcus2003-08-172-3/+2 * Switch to tcl/tk 8.4, add tk84 and tcl84 virtual categories and bumpkris2003-08-171-6/+7 * - Support USE_GETOPT_LONG propelrykrion2003-08-172-239/+231 * Update maintainers email address.arved2003-08-161-3/+2 * Start using the new xfce sub-categoryoliver2003-08-161-1/+1 * Reset bouncing maintainer address.kris2003-08-162-2/+2 * Reset bouncing maintainer address ("User unknown")kris2003-08-161-1/+1 * . Include <time.h> instead of doing a bogus declaration of time(3). Thisglewis2003-08-151-6/+17 * . Use our own fixed width types (from <sys/types.h>) instead of assumingglewis2003-08-151-0/+23 * . Enable rogue.glewis2003-08-146-0/+82 * - Add contributed Daemon-themealex2003-08-143-1/+17 * . Use %%PORTDOCS%% and %%DOCSDIR%% in the packing list now that we areglewis2003-08-141-12/+12 * . Don't declare getlogin(), pull in the prototype from unistd.h.glewis2003-08-141-0/+25 * - Update MASTER_SITES and WWW: linekrion2003-08-133-18/+18 * . Don't override the CFLAGS and CC settings.glewis2003-08-132-13/+47 * . Install extra docs.glewis2003-08-123-0/+36 * Sign maintainership over to gnome@. Thanks for your work on these, Martin.marcus2003-08-121-1/+1 * - Unbreak this portkrion2003-08-126-3/+57 * Resign as maintainereivind2003-08-111-1/+1 * Set USE_GCC=2.95 to fix build on 5.x. Mark musicbox and icqnix as BROKENkris2003-08-101-0/+1 * Update to 3.0pat2003-08-106-58/+32 * Update mastersite.obrien2003-08-101-2/+2 * Update to 1.7bpat2003-08-104-25/+21 * Update to 1.0b and bump PORTEPOCHpat2003-08-103-727/+970 * Update to 2.50.56apat2003-08-103-11/+11 * Make use of cs_i386.so from halflifeserver port and update some sites.pat2003-08-102-7/+2 * Update to 3.1.1.1.d. This resolves the security issue.pat2003-08-103-5/+16 * Update to 0.5.4.netchild2003-08-0814-179/+98 * BROKEN: Does not fetchkris2003-08-081-0/+2 * . Fix alignment of the experience display when you have > 1,000,000glewis2003-08-081-0/+40 * . Some missed instances where we should be using time_t rather than longglewis2003-08-081-0/+40 * . Make this compile cleanly on current. Mainly we want to use time_tglewis2003-08-083-0/+103 * BROKEN: Does not configurekris2003-08-071-0/+2 * Update to 0.2.3krion2003-08-075-80/+41 * Update to 0.7.0krion2003-08-072-9/+15 * . Add a port of moria. For those too young to have played moria:glewis2003-08-079-0/+197 * Utilize USE_SDLkrion2003-08-071-4/+2 * Update to 1.4.4krion2003-08-063-15/+2 * update games/ltris: 1.0.1 -> 1.0.4daichi2003-08-052-9/+9 * update games/digger-vgl: 1.0 -> 20020314daichi2003-08-0512-362/+18 * Unbreak on -currentkrion2003-08-043-0/+26 * Switch to MASTER_SITE_DEBIAN_POOLkris2003-08-042-4/+2 * - Fix sound initialisation problemdinoex2003-08-046-160/+101 * Typo in pkg-descredwin2003-08-041-3/+3 * Fix build on gcc-3.3.xmaho2003-08-021-0/+19 * bumped PORTREVISIONoliver2003-07-311-0/+1 * Add missing dependenciesoliver2003-07-311-1/+2 * Add missing MASTER_SITE_SUBDIRkrion2003-07-311-4/+4 * Import Xcheckers 2.1.naddy2003-07-318-0/+114 * bnetd development was abandoned 17 months ago for legal reasons.kris2003-07-316-139/+0 * No need to set IGNORE as well as RESTRICTED to prevent bento fromkris2003-07-311-4/+0 * * Utilize USE_SDLkrion2003-07-311-4/+2 * Change NO_PACKAGE to RESTRICTEDkris2003-07-311-1/+1 * use %%DOCSDIR%%oliver2003-07-311-8/+8 * utilize USE_SDLoliver2003-07-311-3/+1 * Let be hohest: I really don't have a time now to properly maintain allsobomax2003-07-2919-19/+19 * Update KDE to the latest official release, KDE 3.1.3lofi2003-07-294-4/+14 * Upgrade to version 0.10.0edwin2003-07-296-31/+76 * Update to 0.3.4krion2003-07-293-2/+3 * Add xfce4-toys-3.99.2, Toys for the XFce 4 paneloliver2003-07-295-0/+66 * GNU Backgammon 0.13.0.maho2003-07-285-0/+93 * fix games/freebsd-games: Trivial fix to unbreak it on -CURRENTdaichi2003-07-2814-0/+144 * There is no stdint.h in STABLE.arved2003-07-271-1/+10 * Fix build.arved2003-07-271-0/+2 * Update to tome 2.2.2kris2003-07-273-3/+4 * - flat layoutdinoex2003-07-262-10/+10 * parse LDFLAGS to unbreak -STABLE with (SDL without EsounD).sf2003-07-251-3/+8 * Release maintainership.adamw2003-07-251-1/+1 * Fix CFLAGS handling.naddy2003-07-251-0/+11 * Fix build on -currentkrion2003-07-2510-0/+101 * update games/tractorgen:daichi2003-07-242-0/+99 * Fix build on 5.x.naddy2003-07-242-0/+22 * finish the removal of newkindoliver2003-07-231-1/+0 * fix MASTER_SITESoliver2003-07-221-1/+1 * fix MASTER_SITESoliver2003-07-221-1/+1 * Change my mail to @FreeBSD.orgkrion2003-07-227-7/+7 * Update rocksndiamonds to 2.1.1oliver2003-07-2210-165/+500 * port is no longer available.oliver2003-07-225-148/+0 * split MASTER_SITES in "where to find the wad file" and "where to findoliver2003-07-221-4/+4 * Follow SDL_gfx updatesedwin2003-07-211-1/+1 * I no longer have time to maintain these ports.des2003-07-213-3/+3 * - prune descriptionnaddy2003-07-191-19/+5 * Fix on -CURRENT.mph2003-07-191-2/+2 * Fix build, remove BROKEN and refuce newline.osa2003-07-194-11/+33 * Update to 1.1.1.naddy2003-07-182-2/+2 * Add NO_PACKAGE.mdodd2003-07-181-0/+1 * The Linux client for "A Tale in the Desert".mdodd2003-07-188-0/+183 * Fix build on -CURRENT (gcc 3.3)osa2003-07-181-0/+57 * fix games/linux-nwserver:daichi2003-07-181-0/+2 * update games/linux-nwserver: 1.29 -> 1.30daichi2003-07-183-5/+4 * Left out a line in previous commit.des2003-07-173-0/+6 * update games/netrek-BRMH-bin: typo in pkg-descrdaichi2003-07-171-1/+1 * Update to latest stable version.lev2003-07-164-359/+789 * fix games/glchess: incorrect referencesdaichi2003-07-161-1/+1 * Begin the de-orbit burn of the GNOME 1.4 desktop. This is phase I. Allmarcus2003-07-1614-1160/+0 * Upgrade to 0.9.2.des2003-07-1515-246/+1848 * update games/asc: 1.13.5.1 -> 1.13.7daichi2003-07-14