From: markus schnalke Date: Tue, 10 Jul 2012 18:53:05 +0000 (+0200) Subject: Added Neil Rickert's mhpgp, the companion to mhsign. X-Git-Tag: mmh-thesis-end~4 X-Git-Url: http://git.marmaro.de/?p=mmh;a=commitdiff_plain;h=58cf09aa36e9f7f352a127158bbf1c5678bc6ed8 Added Neil Rickert's mhpgp, the companion to mhsign. Currently it is only usable on the command line directly. In the future, it should be invoked by show(1) as needed. --- diff --git a/.gitignore b/.gitignore index cd4425b..768e523 100644 --- a/.gitignore +++ b/.gitignore @@ -44,6 +44,7 @@ /uip/mhpath /uip/mhshow /uip/mhsign +/uip/mhpgp /uip/mhstore /uip/mhtest /uip/mmh diff --git a/man/Makefile.in b/man/Makefile.in index 0866e0d..9e01e93 100644 --- a/man/Makefile.in +++ b/man/Makefile.in @@ -50,7 +50,7 @@ SEDMAN = $(SED) -f man.sed $< > $@ # man pages to install in $(mandir)/$(manext1) MAN1SRC = ali. anno. burst. comp. dist. flist. flists. folder. folders. \ - forw. inc. mark. mhbuild. mhl. mhlist. mhsign. mmh. mmhwrap. \ + forw. inc. mark. mhbuild. mhl. mhlist. mhsign. mhpgp. mmh. mmhwrap. \ mhmail. mhparam. mhpath. mhstore. new. fnext. \ fprev. unseen. next. packf. pick. prev. prompter. rcvdist. rcvpack. \ rcvstore. refile. repl. rmf. rmm. scan. send. sendfiles. \ diff --git a/man/mhpgp.man1 b/man/mhpgp.man1 new file mode 100644 index 0000000..7d5af3b --- /dev/null +++ b/man/mhpgp.man1 @@ -0,0 +1,63 @@ +.\" +.\" %nmhwarning% +.\" +.TH MHPGP %manext1% "%nmhdate%" MH.6.8 [%nmhversion%] +.SH NAME +mhpgp \- check PGP signatures and decrypt PGP messages using gnupg +.SH SYNOPSIS +.HP 5 +.na +.B mhpgp +.RB [ \-write ] +.RI [ msg ] +.RB [ \-Version ] +.RB [ \-help ] +.ad +.SH DESCRIPTION +.B mhpgp +is a script to simplify verifying and decrypting PGP messages, +using gnupg. +.PP +.B mhpgp +can handle signatures and encryption in MIME and plain (non-MIME) format. +Signed messages are verified. +Encrypted messages are displayed with +.B show +in decrypted form, the signature is verified as well. +.PP +With the +.B \-write +switch, the decrypted message is stored into the current folder. +.PP +If no +.I msg +is given, the current message is used. +.PP +Trailing blanks are stripped from the lines before signature verification, +because non are expected to be present as RFC 3156 requests: +.PP +.RS 5 +[...] implementations MUST make sure that no trailing +whitespace is present after the MIME encoding has been applied. +.RE +.PP +If there is trailing whitespace, it was likely added mistakenly +during mail transfer. + +.SH FILES +None + +.SH "PROFILE COMPONENTS" +None + +.SH "SEE ALSO" +mhsign(1), gpg(1) + +.SH DEFAULTS +None + +.SH CONTEXT +None + +.SH BUGS +None diff --git a/man/mmh-intro.man7 b/man/mmh-intro.man7 index 7686ac1..7f059b3 100644 --- a/man/mmh-intro.man7 +++ b/man/mmh-intro.man7 @@ -198,6 +198,7 @@ commands: ^mhmail(1)~^\- send mail (mailx replacement) ^mhparam(1)~^\- print mmh profile components ^mhpath(1)~^\- print full pathnames of mmh messages and folders +^mhpgp(1)~^\- verify and decrypt a message with gnupg ^mhsign(1)~^\- sign or encrypt a message with gnupg ^mhstore(1)~^\- store contents of MIME messages into files ^mmh(1)~^\- initialize the mmh environment diff --git a/uip/Makefile.in b/uip/Makefile.in index 12cf74e..bf23531 100644 --- a/uip/Makefile.in +++ b/uip/Makefile.in @@ -48,7 +48,7 @@ SETGID_MAIL = @SETGID_MAIL@ # commands to build CMDS = ali anno burst comp dist flist folder forw mmh mark \ - mhbuild mhl mhsign \ + mhbuild mhl mhsign mhpgp \ mhlist mhmail mhparam mhpath mhstore new packf pick \ print-mimetype prompter rcvdist rcvpack rcvstore refile repl rmf \ rmm scan send sendfiles show slocal sortm spost whatnow whom @@ -66,7 +66,7 @@ SCMDS = inc SRCS = ali.c aliasbr.c anno.c ap.c burst.c comp.c \ dist.c distsbr.c dp.c dropsbr.c flist.c fmtdump.c \ folder.c forw.c inc.c mark.c mmh.sh mmhwrap.sh mhbuild.c \ - mhfree.c mhl.c mhlist.c mhlistsbr.c mhsign.sh \ + mhfree.c mhl.c mhlist.c mhlistsbr.c mhsign.sh mhpgp.sh \ mhmail.c mhmisc.c mhoutsbr.c mhparam.c mhparse.c \ mhpath.c mhshow.c mhshowsbr.c mhstore.c mhtest.c \ new.c packf.c pick.c print-mimetype.sh \ @@ -138,6 +138,10 @@ mhsign: mhsign.sh cp $(srcdir)/mhsign.sh mhsign chmod +x mhsign +mhpgp: mhpgp.sh + cp $(srcdir)/mhpgp.sh mhpgp + chmod +x mhpgp + mhbuild: mhbuild.o mhoutsbr.o mhmisc.o mhfree.o mhparse.o termsbr.o $(LOCALLIBS) $(LINK) mhbuild.o mhoutsbr.o mhmisc.o mhfree.o mhparse.o $(LINKLIBS) $(TERMLIB) diff --git a/uip/mhpgp.sh b/uip/mhpgp.sh new file mode 100755 index 0000000..c562c64 --- /dev/null +++ b/uip/mhpgp.sh @@ -0,0 +1,179 @@ +#!/bin/sh +# Based on mhpgp 1.1.0.7 2005/11/29 06:25:05 by Neil Rickert +# Adjusted to mmh by markus schnalke , 2012-07 + + +# mhpgp: +# -write: Save the decrypted message to the current folder + +usage="Usage: mhpgp [-write] msg" + +# prepend the default options from the profile +set -- `mhparam -nocomp ${0##*/}` "$@" + +while : ; do + case "$1" in + -w*) + wflag=1 + ;; + -V*) + echo "${0##*/} has no own version number, thus this instead:" + folder -Version + exit 0 + ;; + -h*|-*) + echo "$usage" >&2 + exit 1 + ;; + *) + break + ;; + esac + shift +done + +TEMP=/tmp/${0##*/}.$$ +umask 077 +mkdir $TEMP || exit 1 +trap "rm -rf $TEMP" 0 1 2 15 + + +### verify a mime message +mimeverify() { + bdry=`echo "$CH" | sed -n \ + -e 's/[Bb][Oo][Uu][Nn][Dd][Aa][Rr][Yy]=/;boundary=/' \ + -e 's/.*;boundary=/boundary=/' \ + -e 's/^boundary=\([^;]*\);.*/boundary=\1/' \ + -e 's/^boundary="\([^"]*\)".*/boundary=\1/' \ + -e 's/[ ][ ]*$//' \ + -e 's/^boundary=//p'` + + xbdry=`echo "$bdry" | sed -e 's"/"\\\\/"g' -e 's"\."\\\\."g'` + + sed -e '1,/^--'"$xbdry"'[ ]*$/d' $FILE > $TEMP/body + + sed -e '/^--'"$xbdry"'[ ]*$/,$d' \ + -e 's/[ ][ ]*$//' $TEMP/body | + sed -e '$d' -e 's/$/ /' > $TEMP/msg + if grep "[ ^M ]$" $TEMP/body >/dev/null 2>&1 ; then + echo 'Warning: trailing blanks removed from message body' >&2 + fi + + sed -e '1,/^--'"$xbdry"'[ ]*$/d' $TEMP/body | + sed -n -e '/BEGIN PGP /,/END PGP /p' > $TEMP/msg.asc + + gpg --verify $TEMP/msg.asc +} + +### decrypt MIME and non-MIME messages (type is in $1) +###; invoke the pager as needed +decrypt() { + sed -n -e ':a + /^-----BEGIN PGP MESSAGE/b x + d + :x + p + /^-----END PGP MESSAGE/b y + n + b x + :y + n + b y' $FILE | gpg --decrypt >$TEMP/msg + X=`tail -1c $TEMP/msg` + if [ "$X" != "" ] ; then + # ensure trailing newline + echo >> $TEMP/msg + fi + if [ "$1" = "plain" ] ; then + sedcmd="/^[Mm][Ii][Mm][Ee]-.*:/b r" + else + sedcmd='/^-*$/q' + fi + + sed -n ':a + /^-*$/q + '"$sedcmd"' + /^[Cc][Oo][Nn][Tt][Ee][Nn][Tt]-/b r + p + n + b a + :r + n + /^[ ]/b r + b a' "$FILE" > "$TEMP/outfile" + + if [ "$1" = "plain" ] ; then echo "" >> "$TEMP/outfile" ; fi + sed -e 's/ $//' $TEMP/msg >> "$TEMP/outfile" || exit 1 + + if [ "$wflag" = "1" ] ; then + refile -file "$TEMP/outfile" @ + else + show -file "$TEMP/outfile" + fi +} + + +### Mainline processing + +case "$#" in +0) + FILE=`mhpath c` || exit 1 ;; +*) + case "$*" in + /*) FILE=`echo "$@"` ;; + *) FILE=`mhpath "$@"` || exit 1 ;; + esac ;; +esac + +set X $FILE + +if [ $# != 2 ] ; then + echo "One message at a time, please!" >&2 + exit 1 +fi + +# get mime-version and content-type headers. +CH=`sed -n -e '\ + :a + /^-*$/q + /^[Mm][Ii][Mm][Ee]-[Vv][Ee][Rr][Ss][Ii][Oo][Nn]:/b x + /^[Cc][Oo][Nn][Tt][Ee][Nn][Tt]-[Tt][Yy][Pp][Ee]:/b x + d + :x + p + n + /^[ ]/b x + b a' $FILE` + +if echo "$CH" | grep -i mime-version >/dev/null 2>&1; then + : ## nothing, this is good +else + CH= +fi + +# Handle MIME variants +case "$CH" in +*application/pgp-signature*) + mimeverify + exit + ;; +*application/pgp-encrypted*) + decrypt mime + exit + ;; +esac + +# Handle plain variants +case "`grep '^-----BEGIN PGP' $FILE 2>/dev/null`" in +*"PGP SIGNED MESSAGE"*) + gpg --verify "$FILE" + exit + ;; +*"BEGIN PGP MESSAGE"*) + decrypt plain + exit + ;; +esac + +echo "I can't find a PGP message there" >&2 +exit 1