NeoMutt  2025-12-11-769-g906513
Teaching an old dog new tricks
 		DOXYGEN
Loading...
Searching...
No Matches
Functions
application_handler()
Crypto API

Manage the MIME type "application/pgp" or "application/smime". More...

+ Collaboration diagram for application_handler():

Functions

int pgp_gpgme_application_handler (struct Body *b, struct State *state)
 Manage the MIME type "application/pgp" or "application/smime" - Implements CryptModuleSpecs::application_handler() -.
 
int smime_gpgme_application_handler (struct Body *b, struct State *state)
 Manage the MIME type "application/pgp" or "application/smime" - Implements CryptModuleSpecs::application_handler() -.
 
int pgp_class_application_handler (struct Body *b, struct State *state)
 Manage the MIME type "application/pgp" or "application/smime" - Implements CryptModuleSpecs::application_handler() -.
 
int smime_class_application_handler (struct Body *b, struct State *state)
 Manage the MIME type "application/pgp" or "application/smime" - Implements CryptModuleSpecs::application_handler() -.
 

Detailed Description

Manage the MIME type "application/pgp" or "application/smime".

Parameters
bBody of the email
stateState of text being processed
Return values
0Success
-1Error

Function Documentation

◆ pgp_gpgme_application_handler()

int pgp_gpgme_application_handler ( struct Body * b,
struct State * state )

Manage the MIME type "application/pgp" or "application/smime" - Implements CryptModuleSpecs::application_handler() -.

Definition at line 2479 of file crypt_gpgme.c.

2480{
2481 int needpass = -1;
2482 bool pgp_keyblock = false;
2483 bool clearsign = false;
2484 long bytes;
2485 LOFF_T last_pos;
2486 LOFF_T block_begin;
2487 LOFF_T block_end;
2488 char buf[8192] = { 0 };
2489 FILE *fp_out = NULL;
2490
2491 gpgme_error_t err = GPG_ERR_NO_ERROR;
2492 gpgme_data_t armored_data = NULL;
2493
2494 bool maybe_goodsig = true;
2495 bool have_any_sigs = false;
2496
2497 char body_charset[256] = { 0 }; /* Only used for clearsigned messages. */
2498 char *gpgcharset = NULL;
2499
2500 mutt_debug(LL_DEBUG2, "Entering handler\n");
2501
2502 /* For clearsigned messages we won't be able to get a character set
2503 * but we know that this may only be text thus we assume Latin-1 here. */
2504 if (!mutt_body_get_charset(b, body_charset, sizeof(body_charset)))
2505 mutt_str_copy(body_charset, "iso-8859-1", sizeof(body_charset));
2506
2507 if (!mutt_file_seek(state->fp_in, b->offset, SEEK_SET))
2508 {
2509 return -1;
2510 }
2511 last_pos = b->offset;
2512
2513 for (bytes = b->length; bytes > 0;)
2514 {
2515 // record before the fgets in case it is a BEGIN block
2516 block_begin = last_pos;
2517
2518 if (!fgets(buf, sizeof(buf), state->fp_in))
2519 break;
2520
2521 LOFF_T offset = ftello(state->fp_in);
2522 if (offset < 0)
2523 {
2524 mutt_debug(LL_DEBUG1, "ftello() failed on fd %d\n", fileno(state->fp_in));
2525 offset = 0;
2526 }
2527 bytes -= (offset - last_pos); /* don't rely on mutt_str_len(buf) */
2528 last_pos = offset;
2529
2530 size_t plen = mutt_str_startswith(buf, "-----BEGIN PGP ");
2531 if (plen != 0)
2532 {
2533 needpass = 0;
2534 clearsign = false;
2535 pgp_keyblock = false;
2536
2537 if (MESSAGE(buf + plen))
2538 {
2539 needpass = 1;
2540 }
2541 else if (SIGNED_MESSAGE(buf + plen))
2542 {
2543 clearsign = true;
2544 }
2545 else if (PUBLIC_KEY_BLOCK(buf + plen))
2546 {
2547 pgp_keyblock = true;
2548 }
2549 else
2550 {
2551 /* XXX we may wish to recode here */
2552 if (state->prefix)
2553 state_puts(state, state->prefix);
2554 state_puts(state, buf);
2555 continue;
2556 }
2557
2558 /* Find the end of armored block. */
2559 while ((bytes > 0) && (fgets(buf, sizeof(buf) - 1, state->fp_in) != NULL))
2560 {
2561 offset = ftello(state->fp_in);
2562 if (offset < 0)
2563 {
2564 mutt_debug(LL_DEBUG1, "ftello() failed on fd %d\n", fileno(state->fp_in));
2565 offset = 0;
2566 }
2567 bytes -= (offset - last_pos); /* don't rely on mutt_strlen(buf) */
2568 last_pos = offset;
2569
2570 if (needpass && mutt_str_equal("-----END PGP MESSAGE-----\n", buf))
2571 {
2572 break;
2573 }
2574
2575 if (!needpass && (mutt_str_equal("-----END PGP SIGNATURE-----\n", buf) ||
2576 mutt_str_equal("-----END PGP PUBLIC KEY BLOCK-----\n", buf)))
2577 {
2578 break;
2579 }
2580
2581 // remember optional Charset: armor header as defined by rfc4880
2582 if (mutt_strn_equal("Charset: ", buf, 9))
2583 {
2584 size_t l = 0;
2585 FREE(&gpgcharset);
2586 gpgcharset = mutt_str_dup(buf + 9);
2587 if ((l = mutt_str_len(gpgcharset)) > 0 && gpgcharset[l - 1] == '\n')
2588 gpgcharset[l - 1] = 0;
2589 if (!mutt_ch_check_charset(gpgcharset, 0))
2590 mutt_str_replace(&gpgcharset, "UTF-8");
2591 }
2592 }
2593 block_end = ftello(state->fp_in);
2594 if (block_end < 0)
2595 {
2596 mutt_debug(LL_DEBUG1, "ftello() failed on fd %d\n", fileno(state->fp_in));
2597 block_end = 0;
2598 }
2599
2600 have_any_sigs = (have_any_sigs || (clearsign && (state->flags & STATE_VERIFY)));
2601
2602 /* Copy PGP material to an data container */
2603 armored_data = file_to_data_object(state->fp_in, block_begin, block_end - block_begin);
2604 fseeko(state->fp_in, block_end, 0);
2605
2606 /* Invoke PGP if needed */
2607 if (pgp_keyblock)
2608 {
2609 pgp_gpgme_extract_keys(armored_data, &fp_out);
2610 }
2611 else if (!clearsign || (state->flags & STATE_VERIFY))
2612 {
2613 gpgme_data_t plaintext = create_gpgme_data();
2614 gpgme_ctx_t ctx = create_gpgme_context(false);
2615
2616 if (clearsign)
2617 {
2618 err = gpgme_op_verify(ctx, armored_data, NULL, plaintext);
2619 }
2620 else
2621 {
2622 err = gpgme_op_decrypt_verify(ctx, armored_data, plaintext);
2623 if (gpg_err_code(err) == GPG_ERR_NO_DATA)
2624 {
2625 /* Decrypt verify can't handle signed only messages. */
2626 gpgme_data_seek(armored_data, 0, SEEK_SET);
2627 /* Must release plaintext so that we supply an uninitialized object. */
2628 gpgme_data_release(plaintext);
2629 plaintext = create_gpgme_data();
2630 err = gpgme_op_verify(ctx, armored_data, NULL, plaintext);
2631 }
2632 }
2633 redraw_if_needed(ctx);
2634
2635 gpgme_decrypt_result_t result = gpgme_op_decrypt_result(ctx);
2636 if (result && (state->flags & STATE_DISPLAY))
2637 show_encryption_info(state, result);
2638
2639 if (err != GPG_ERR_NO_ERROR)
2640 {
2641 char errbuf[200] = { 0 };
2642
2643 snprintf(errbuf, sizeof(errbuf) - 1,
2644 _("Error: decryption/verification failed: %s\n"), gpgme_strerror(err));
2645 state_puts(state, errbuf);
2646 }
2647 else
2648 {
2649 /* Decryption/Verification succeeded */
2650
2651 mutt_message(_("PGP message successfully decrypted"));
2652
2653 bool sig_stat = false;
2654 char *tmpfname = NULL;
2655
2656 /* Check whether signatures have been verified. */
2657 gpgme_verify_result_t verify_result = gpgme_op_verify_result(ctx);
2658 if (verify_result->signatures)
2659 sig_stat = true;
2660
2661 have_any_sigs = false;
2662 maybe_goodsig = false;
2663 if ((state->flags & STATE_DISPLAY) && sig_stat)
2664 {
2665 int res, idx;
2666 bool anybad = false;
2667
2668 state_attach_puts(state, _("[-- Begin signature information --]\n"));
2669 have_any_sigs = true;
2670 for (idx = 0; (res = show_one_sig_status(ctx, idx, state)) != -1; idx++)
2671 {
2672 if (res == 1)
2673 anybad = true;
2674 }
2675 if (!anybad && idx)
2676 maybe_goodsig = true;
2677
2678 state_attach_puts(state, _("[-- End signature information --]\n\n"));
2679 }
2680
2681 tmpfname = data_object_to_tempfile(plaintext, &fp_out);
2682 if (tmpfname)
2683 {
2684 unlink(tmpfname);
2685 FREE(&tmpfname);
2686 }
2687 else
2688 {
2689 mutt_file_fclose(&fp_out);
2690 state_puts(state, _("Error: copy data failed\n"));
2691 }
2692 }
2693 gpgme_data_release(plaintext);
2694 gpgme_release(ctx);
2695 }
2696
2697 /* Now, copy cleartext to the screen. NOTE - we expect that PGP
2698 * outputs utf-8 cleartext. This may not always be true, but it
2699 * seems to be a reasonable guess. */
2700 if (state->flags & STATE_DISPLAY)
2701 {
2702 if (needpass)
2703 state_attach_puts(state, _("[-- BEGIN PGP MESSAGE --]\n\n"));
2704 else if (pgp_keyblock)
2705 state_attach_puts(state, _("[-- BEGIN PGP PUBLIC KEY BLOCK --]\n"));
2706 else
2707 state_attach_puts(state, _("[-- BEGIN PGP SIGNED MESSAGE --]\n\n"));
2708 }
2709
2710 if (clearsign)
2711 {
2712 copy_clearsigned(armored_data, state, body_charset);
2713 }
2714 else if (fp_out)
2715 {
2716 int c;
2717 char *expected_charset = gpgcharset && *gpgcharset ? gpgcharset : "utf-8";
2718 rewind(fp_out);
2719 struct FgetConv *fc = mutt_ch_fgetconv_open(fp_out, expected_charset,
2720 cc_charset(), MUTT_ICONV_HOOK_FROM);
2721 while ((c = mutt_ch_fgetconv(fc)) != EOF)
2722 {
2723 state_putc(state, c);
2724 if ((c == '\n') && state->prefix)
2725 state_puts(state, state->prefix);
2726 }
2727 mutt_ch_fgetconv_close(&fc);
2728 }
2729
2730 if (state->flags & STATE_DISPLAY)
2731 {
2732 state_putc(state, '\n');
2733 if (needpass)
2734 state_attach_puts(state, _("[-- END PGP MESSAGE --]\n"));
2735 else if (pgp_keyblock)
2736 state_attach_puts(state, _("[-- END PGP PUBLIC KEY BLOCK --]\n"));
2737 else
2738 state_attach_puts(state, _("[-- END PGP SIGNED MESSAGE --]\n"));
2739 }
2740
2741 // Multiple PGP blocks can exist, so clean these up in each loop
2742 gpgme_data_release(armored_data);
2743 mutt_file_fclose(&fp_out);
2744 }
2745 else
2746 {
2747 /* A traditional PGP part may mix signed and unsigned content */
2748 /* XXX we may wish to recode here */
2749 if (state->prefix)
2750 state_puts(state, state->prefix);
2751 state_puts(state, buf);
2752 }
2753 }
2754 FREE(&gpgcharset);
2755
2756 b->goodsig = (maybe_goodsig && have_any_sigs);
2757
2758 if (needpass == -1)
2759 {
2760 state_attach_puts(state, _("[-- Error: could not find beginning of PGP message --]\n\n"));
2761 return 1;
2762 }
2763 mutt_debug(LL_DEBUG2, "Leaving handler\n");
2764
2765 return err;
2766}
cc_charset
const char * cc_charset(void)
Get the cached value of $charset.
Definition config_cache.c:116
show_encryption_info
static void show_encryption_info(struct State *state, gpgme_decrypt_result_t result)
Show encryption information.
Definition crypt_gpgme.c:1438
create_gpgme_data
static gpgme_data_t create_gpgme_data(void)
Create a new GPGME data object.
Definition crypt_gpgme.c:394
create_gpgme_context
gpgme_ctx_t create_gpgme_context(bool for_smime)
Create a new GPGME context.
Definition crypt_gpgme.c:355
SIGNED_MESSAGE
#define SIGNED_MESSAGE(_y)
Definition crypt_gpgme.c:96
file_to_data_object
static gpgme_data_t file_to_data_object(FILE *fp, long offset, size_t length)
Create GPGME data object from file.
Definition crypt_gpgme.c:487
PUBLIC_KEY_BLOCK
#define PUBLIC_KEY_BLOCK(_y)
Definition crypt_gpgme.c:97
data_object_to_tempfile
static char * data_object_to_tempfile(gpgme_data_t data, FILE **fp_ret)
Copy a data object to a temporary file.
Definition crypt_gpgme.c:557
redraw_if_needed
static void redraw_if_needed(gpgme_ctx_t ctx)
Accommodate for a redraw if needed.
Definition crypt_gpgme.c:115
pgp_gpgme_extract_keys
static int pgp_gpgme_extract_keys(gpgme_data_t keydata, FILE **fp)
Write PGP keys to a file.
Definition crypt_gpgme.c:2121
copy_clearsigned
static void copy_clearsigned(gpgme_data_t data, struct State *state, char *charset)
Copy a clearsigned message.
Definition crypt_gpgme.c:2423
show_one_sig_status
static int show_one_sig_status(gpgme_ctx_t ctx, int idx, struct State *state)
Show information about one signature.
Definition crypt_gpgme.c:1463
MESSAGE
#define MESSAGE(_y)
Definition crypt_gpgme.c:95
mutt_body_get_charset
char * mutt_body_get_charset(struct Body *b, char *buf, size_t buflen)
Get a body's character set.
Definition body.c:133
mutt_file_seek
bool mutt_file_seek(FILE *fp, LOFF_T offset, int whence)
Wrapper for fseeko with error handling.
Definition file.c:648
mutt_file_fclose
#define mutt_file_fclose(FP)
Definition file.h:139
mutt_message
#define mutt_message(...)
Definition logging2.h:93
mutt_debug
#define mutt_debug(LEVEL,...)
Definition logging2.h:91
LL_DEBUG2
@ LL_DEBUG2
Log at debug level 2.
Definition logging2.h:46
LL_DEBUG1
@ LL_DEBUG1
Log at debug level 1.
Definition logging2.h:45
FREE
#define FREE(x)
Free memory and set the pointer to NULL.
Definition memory.h:68
mutt_ch_check_charset
bool mutt_ch_check_charset(const char *cs, bool strict)
Does iconv understand a character set?
Definition charset.c:880
mutt_ch_fgetconv
int mutt_ch_fgetconv(struct FgetConv *fc)
Convert a file's character set.
Definition charset.c:966
mutt_ch_fgetconv_open
struct FgetConv * mutt_ch_fgetconv_open(FILE *fp, const char *from, const char *to, uint8_t flags)
Prepare a file for charset conversion.
Definition charset.c:919
mutt_ch_fgetconv_close
void mutt_ch_fgetconv_close(struct FgetConv **ptr)
Close an fgetconv handle.
Definition charset.c:948
MUTT_ICONV_HOOK_FROM
#define MUTT_ICONV_HOOK_FROM
apply charset-hooks to fromcode
Definition charset.h:67
_
#define _(a)
Definition message.h:28
state_attach_puts
void state_attach_puts(struct State *state, const char *t)
Write a string to the state.
Definition state.c:104
state_puts
#define state_puts(STATE, STR)
Definition state.h:58
STATE_DISPLAY
#define STATE_DISPLAY
Output is displayed to the user.
Definition state.h:33
state_putc
#define state_putc(STATE, STR)
Definition state.h:59
STATE_VERIFY
#define STATE_VERIFY
Perform signature verification.
Definition state.h:34
mutt_str_dup
char * mutt_str_dup(const char *str)
Copy a string, safely.
Definition string.c:257
mutt_str_equal
bool mutt_str_equal(const char *a, const char *b)
Compare two strings.
Definition string.c:665
mutt_strn_equal
bool mutt_strn_equal(const char *a, const char *b, size_t num)
Check for equality of two strings (to a maximum), safely.
Definition string.c:429
mutt_str_startswith
size_t mutt_str_startswith(const char *str, const char *prefix)
Check whether a string starts with a prefix.
Definition string.c:234
mutt_str_len
size_t mutt_str_len(const char *a)
Calculate the length of a string, safely.
Definition string.c:503
mutt_str_copy
size_t mutt_str_copy(char *dest, const char *src, size_t dsize)
Copy a string into a buffer (guaranteeing NUL-termination)
Definition string.c:586
mutt_str_replace
char * mutt_str_replace(char **p, const char *s)
Replace one string with another.
Definition string.c:284
Body::offset
LOFF_T offset
offset where the actual data begins
Definition body.h:52
Body::length
LOFF_T length
length (in bytes) of attachment
Definition body.h:53
Body::goodsig
bool goodsig
Good cryptographic signature.
Definition body.h:45
FgetConv
Cursor for converting a file's encoding.
Definition charset.h:45
State::flags
StateFlags flags
Flags, e.g. STATE_DISPLAY.
Definition state.h:52
State::fp_in
FILE * fp_in
File to read from.
Definition state.h:49
State::prefix
const char * prefix
String to add to the beginning of each output line.
Definition state.h:51
+ Here is the call graph for this function:

◆ smime_gpgme_application_handler()

int smime_gpgme_application_handler ( struct Body * b,
struct State * state )

Manage the MIME type "application/pgp" or "application/smime" - Implements CryptModuleSpecs::application_handler() -.

Definition at line 2864 of file crypt_gpgme.c.

2865{
2866 int is_signed = 0;
2867 int rc = 0;
2868
2869 mutt_debug(LL_DEBUG2, "Entering handler\n");
2870
2871 /* clear out any mime headers before the handler, so they can't be spoofed. */
2872 mutt_env_free(&b->mime_headers);
2873 b->warnsig = false;
2874 FILE *fp_out = mutt_file_mkstemp();
2875 if (!fp_out)
2876 {
2877 mutt_perror(_("Can't create temporary file"));
2878 if (state->flags & STATE_DISPLAY)
2879 {
2880 state_attach_puts(state, _("[-- Error: could not create temporary file --]\n"));
2881 }
2882 return -1;
2883 }
2884
2885 struct Body *tattach = decrypt_part(b, state, fp_out, true, &is_signed);
2886 if (tattach)
2887 {
2888 tattach->goodsig = is_signed > 0;
2889
2890 if (state->flags & STATE_DISPLAY)
2891 {
2892 state_attach_puts(state, is_signed ?
2893 _("[-- The following data is S/MIME signed --]\n") :
2894 _("[-- The following data is S/MIME encrypted --]\n"));
2895 mutt_protected_headers_handler(tattach, state);
2896 }
2897
2898 /* Store any protected headers in the parent so they can be
2899 * accessed for index updates after the handler recursion is done.
2900 * This is done before the handler to prevent a nested encrypted
2901 * handler from freeing the headers. */
2902 mutt_env_free(&b->mime_headers);
2903 b->mime_headers = tattach->mime_headers;
2904 tattach->mime_headers = NULL;
2905
2906 FILE *fp_save = state->fp_in;
2907 state->fp_in = fp_out;
2908 rc = mutt_body_handler(tattach, state);
2909 state->fp_in = fp_save;
2910
2911 /* Embedded multipart signed protected headers override the
2912 * encrypted headers. We need to do this after the handler so
2913 * they can be printed in the pager. */
2914 if (mutt_is_multipart_signed(tattach) && tattach->parts && tattach->parts->mime_headers)
2915 {
2916 mutt_env_free(&b->mime_headers);
2917 b->mime_headers = tattach->parts->mime_headers;
2918 tattach->parts->mime_headers = NULL;
2919 }
2920
2921 /* if a multipart/signed is the _only_ sub-part of a multipart/encrypted,
2922 * cache signature verification status. */
2923 if (mutt_is_multipart_signed(tattach) && !tattach->next)
2924 {
2925 b->goodsig = tattach->goodsig;
2926 if (!b->goodsig)
2927 b->warnsig = tattach->warnsig;
2928 }
2929 else if (tattach->goodsig)
2930 {
2931 b->goodsig = true;
2932 b->warnsig = tattach->warnsig;
2933 }
2934
2935 if (state->flags & STATE_DISPLAY)
2936 {
2937 state_attach_puts(state, is_signed ? _("[-- End of S/MIME signed data --]\n") :
2938 _("[-- End of S/MIME encrypted data --]\n"));
2939 }
2940
2941 mutt_body_free(&tattach);
2942 }
2943
2944 mutt_file_fclose(&fp_out);
2945 mutt_debug(LL_DEBUG2, "Leaving handler\n");
2946
2947 return rc;
2948}
mutt_is_multipart_signed
SecurityFlags mutt_is_multipart_signed(struct Body *b)
Is a message signed?
Definition crypt.c:408
decrypt_part
static struct Body * decrypt_part(struct Body *b, struct State *state, FILE *fp_out, bool is_smime, int *r_is_signed)
Decrypt a PGP or SMIME message.
Definition crypt_gpgme.c:1741
mutt_body_free
void mutt_body_free(struct Body **ptr)
Free a Body.
Definition body.c:58
mutt_env_free
void mutt_env_free(struct Envelope **ptr)
Free an Envelope.
Definition envelope.c:125
mutt_protected_headers_handler
int mutt_protected_headers_handler(struct Body *b_email, struct State *state)
Handler for protected headers - Implements handler_t -.
Definition crypt.c:1122
mutt_perror
#define mutt_perror(...)
Definition logging2.h:95
mutt_body_handler
int mutt_body_handler(struct Body *b, struct State *state)
Handler for the Body of an email.
Definition handler.c:1664
Body
The body of an email.
Definition body.h:36
Body::parts
struct Body * parts
parts of a multipart or message/rfc822
Definition body.h:73
Body::mime_headers
struct Envelope * mime_headers
Memory hole protected headers.
Definition body.h:76
Body::next
struct Body * next
next attachment in the list
Definition body.h:72
Body::warnsig
bool warnsig
Maybe good signature.
Definition body.h:48
mutt_file_mkstemp
#define mutt_file_mkstemp()
Definition tmp.h:36
+ Here is the call graph for this function:

◆ pgp_class_application_handler()

int pgp_class_application_handler ( struct Body * b,
struct State * state )

Manage the MIME type "application/pgp" or "application/smime" - Implements CryptModuleSpecs::application_handler() -.

Definition at line 469 of file pgp.c.

470{
471 struct NcryptModuleData *mod_data = neomutt_get_module_data(NeoMutt, MODULE_ID_NCRYPT);
472 bool could_not_decrypt = false;
473 int decrypt_okay_rc = 0;
474 int needpass = -1;
475 bool pgp_keyblock = false;
476 bool clearsign = false;
477 int rc = -1;
478 int c = 1;
479 long bytes;
480 LOFF_T last_pos, offset;
481 char buf[8192] = { 0 };
482 FILE *fp_pgp_out = NULL, *fp_pgp_in = NULL, *fp_pgp_err = NULL;
483 FILE *fp_tmp = NULL;
484 pid_t pid;
485 struct Buffer *tempfile = buf_pool_get();
486
487 bool maybe_goodsig = true;
488 bool have_any_sigs = false;
489
490 char *gpgcharset = NULL;
491 char body_charset[256] = { 0 };
492 mutt_body_get_charset(b, body_charset, sizeof(body_charset));
493
494 if (!mutt_file_seek(state->fp_in, b->offset, SEEK_SET))
495 {
496 return -1;
497 }
498 last_pos = b->offset;
499
500 for (bytes = b->length; bytes > 0;)
501 {
502 if (!fgets(buf, sizeof(buf), state->fp_in))
503 break;
504
505 offset = ftello(state->fp_in);
506 bytes -= (offset - last_pos); /* don't rely on mutt_str_len(buf) */
507 last_pos = offset;
508
509 size_t plen = mutt_str_startswith(buf, "-----BEGIN PGP ");
510 if (plen != 0)
511 {
512 needpass = false;
513 clearsign = false;
514 could_not_decrypt = false;
515 decrypt_okay_rc = 0;
516
517 if (mutt_str_startswith(buf + plen, "MESSAGE-----\n"))
518 {
519 needpass = 1;
520 }
521 else if (mutt_str_startswith(buf + plen, "SIGNED MESSAGE-----\n"))
522 {
523 clearsign = true;
524 }
525 else if (mutt_str_startswith(buf + plen, "PUBLIC KEY BLOCK-----\n"))
526 {
527 pgp_keyblock = true;
528 }
529 else
530 {
531 /* XXX we may wish to recode here */
532 if (state->prefix)
533 state_puts(state, state->prefix);
534 state_puts(state, buf);
535 continue;
536 }
537
538 have_any_sigs = have_any_sigs || (clearsign && (state->flags & STATE_VERIFY));
539
540 /* Copy PGP material to temporary file */
541 buf_mktemp(tempfile);
542 fp_tmp = mutt_file_fopen(buf_string(tempfile), "w+");
543 if (!fp_tmp)
544 {
545 mutt_perror("%s", buf_string(tempfile));
546 FREE(&gpgcharset);
547 goto out;
548 }
549
550 fputs(buf, fp_tmp);
551 while ((bytes > 0) && fgets(buf, sizeof(buf) - 1, state->fp_in))
552 {
553 offset = ftello(state->fp_in);
554 bytes -= (offset - last_pos); /* don't rely on mutt_str_len(buf) */
555 last_pos = offset;
556
557 fputs(buf, fp_tmp);
558
559 if ((needpass && mutt_str_equal("-----END PGP MESSAGE-----\n", buf)) ||
560 (!needpass && (mutt_str_equal("-----END PGP SIGNATURE-----\n", buf) ||
561 mutt_str_equal("-----END PGP PUBLIC KEY BLOCK-----\n", buf))))
562 {
563 break;
564 }
565 /* remember optional Charset: armor header as defined by RFC4880 */
566 if (mutt_str_startswith(buf, "Charset: "))
567 {
568 size_t l = 0;
569 FREE(&gpgcharset);
570 gpgcharset = mutt_str_dup(buf + 9);
571 l = mutt_str_len(gpgcharset);
572 if ((l > 0) && (gpgcharset[l - 1] == '\n'))
573 gpgcharset[l - 1] = 0;
574 if (!mutt_ch_check_charset(gpgcharset, false))
575 mutt_str_replace(&gpgcharset, "UTF-8");
576 }
577 }
578
579 /* leave fp_tmp open in case we still need it - but flush it! */
580 fflush(fp_tmp);
581
582 /* Invoke PGP if needed */
583 if (!clearsign || (state->flags & STATE_VERIFY))
584 {
585 fp_pgp_out = mutt_file_mkstemp();
586 if (!fp_pgp_out)
587 {
588 mutt_perror(_("Can't create temporary file"));
589 goto out;
590 }
591
592 fp_pgp_err = mutt_file_mkstemp();
593 if (!fp_pgp_err)
594 {
595 mutt_perror(_("Can't create temporary file"));
596 goto out;
597 }
598
599 pid = pgp_invoke_decode(&fp_pgp_in, NULL, NULL, -1, fileno(fp_pgp_out),
600 fileno(fp_pgp_err), buf_string(tempfile),
601 (needpass != 0));
602 if (pid == -1)
603 {
604 mutt_file_fclose(&fp_pgp_out);
605 maybe_goodsig = false;
606 fp_pgp_in = NULL;
607 state_attach_puts(state, _("[-- Error: unable to create PGP subprocess --]\n"));
608 }
609 else /* PGP started successfully */
610 {
611 if (needpass)
612 {
613 if (!pgp_class_valid_passphrase())
614 pgp_class_void_passphrase();
615 if (pgp_use_gpg_agent())
616 *mod_data->pgp_pass = '\0';
617 fprintf(fp_pgp_in, "%s\n", mod_data->pgp_pass);
618 }
619
620 mutt_file_fclose(&fp_pgp_in);
621
622 int wait_filter_rc = filter_wait(pid);
623
624 fflush(fp_pgp_err);
625 /* If we are expecting an encrypted message, verify status fd output.
626 * Note that BEGIN PGP MESSAGE does not guarantee the content is encrypted,
627 * so we need to be more selective about the value of decrypt_okay_rc.
628 *
629 * -3 indicates we actively found a DECRYPTION_FAILED.
630 * -2 and -1 indicate part or all of the content was plaintext. */
631 if (needpass)
632 {
633 rewind(fp_pgp_err);
634 decrypt_okay_rc = pgp_check_decryption_okay(fp_pgp_err);
635 if (decrypt_okay_rc <= -3)
636 mutt_file_fclose(&fp_pgp_out);
637 }
638
639 if (state->flags & STATE_DISPLAY)
640 {
641 rewind(fp_pgp_err);
642 crypt_current_time(state, "PGP");
643 int checksig_rc = pgp_copy_checksig(fp_pgp_err, state->fp_out);
644
645 if (checksig_rc == 0)
646 have_any_sigs = true;
647 /* Sig is bad if
648 * gpg_good_sign-pattern did not match || pgp_decode_command returned not 0
649 * Sig _is_ correct if
650 * gpg_good_sign="" && pgp_decode_command returned 0 */
651 if (checksig_rc == -1 || (wait_filter_rc != 0))
652 maybe_goodsig = false;
653
654 state_attach_puts(state, _("[-- End of PGP output --]\n\n"));
655 }
656 if (pgp_use_gpg_agent())
657 {
658 mutt_need_hard_redraw();
659 }
660 }
661
662 /* treat empty result as sign of failure */
663 /* TODO: maybe on failure neomutt should include the original undecoded text. */
664 if (fp_pgp_out)
665 {
666 rewind(fp_pgp_out);
667 c = fgetc(fp_pgp_out);
668 ungetc(c, fp_pgp_out);
669 }
670 if (!clearsign && (!fp_pgp_out || (c == EOF)))
671 {
672 could_not_decrypt = true;
673 pgp_class_void_passphrase();
674 }
675
676 if ((could_not_decrypt || (decrypt_okay_rc <= -3)) && !(state->flags & STATE_DISPLAY))
677 {
678 mutt_error(_("Could not decrypt PGP message"));
679 goto out;
680 }
681 }
682
683 /* Now, copy cleartext to the screen. */
684 if (state->flags & STATE_DISPLAY)
685 {
686 if (needpass)
687 state_attach_puts(state, _("[-- BEGIN PGP MESSAGE --]\n\n"));
688 else if (pgp_keyblock)
689 state_attach_puts(state, _("[-- BEGIN PGP PUBLIC KEY BLOCK --]\n"));
690 else
691 state_attach_puts(state, _("[-- BEGIN PGP SIGNED MESSAGE --]\n\n"));
692 }
693
694 if (clearsign)
695 {
696 rewind(fp_tmp);
697 pgp_copy_clearsigned(fp_tmp, state, body_charset);
698 }
699 else if (fp_pgp_out)
700 {
701 struct FgetConv *fc = NULL;
702 int ch;
703 char *expected_charset = (gpgcharset && *gpgcharset) ? gpgcharset : "utf-8";
704
705 mutt_debug(LL_DEBUG3, "pgp: recoding inline from [%s] to [%s]\n",
706 expected_charset, cc_charset());
707
708 rewind(fp_pgp_out);
709 state_set_prefix(state);
710 fc = mutt_ch_fgetconv_open(fp_pgp_out, expected_charset, cc_charset(),
711 MUTT_ICONV_HOOK_FROM);
712 while ((ch = mutt_ch_fgetconv(fc)) != EOF)
713 state_prefix_putc(state, ch);
714 mutt_ch_fgetconv_close(&fc);
715 }
716
717 /* Multiple PGP blocks can exist, so these need to be closed and
718 * unlinked inside the loop. */
719 mutt_file_fclose(&fp_tmp);
720 mutt_file_unlink(buf_string(tempfile));
721 mutt_file_fclose(&fp_pgp_out);
722 mutt_file_fclose(&fp_pgp_err);
723
724 if (state->flags & STATE_DISPLAY)
725 {
726 state_putc(state, '\n');
727 if (needpass)
728 {
729 state_attach_puts(state, _("[-- END PGP MESSAGE --]\n"));
730 if (could_not_decrypt || (decrypt_okay_rc <= -3))
731 {
732 mutt_error(_("Could not decrypt PGP message"));
733 }
734 else if (decrypt_okay_rc < 0)
735 {
736 /* L10N: You will see this error message if (1) you are decrypting
737 (not encrypting) something and (2) it is a plaintext. So the
738 message does not mean "You failed to encrypt the message." */
739 mutt_error(_("PGP message is not encrypted"));
740 }
741 else
742 {
743 mutt_message(_("PGP message successfully decrypted"));
744 }
745 }
746 else if (pgp_keyblock)
747 {
748 state_attach_puts(state, _("[-- END PGP PUBLIC KEY BLOCK --]\n"));
749 }
750 else
751 {
752 state_attach_puts(state, _("[-- END PGP SIGNED MESSAGE --]\n"));
753 }
754 }
755 }
756 else
757 {
758 /* A traditional PGP part may mix signed and unsigned content */
759 /* XXX we may wish to recode here */
760 if (state->prefix)
761 state_puts(state, state->prefix);
762 state_puts(state, buf);
763 }
764 }
765
766 rc = 0;
767
768out:
769 b->goodsig = (maybe_goodsig && have_any_sigs);
770
771 if (fp_tmp)
772 {
773 mutt_file_fclose(&fp_tmp);
774 mutt_file_unlink(buf_string(tempfile));
775 }
776 mutt_file_fclose(&fp_pgp_out);
777 mutt_file_fclose(&fp_pgp_err);
778
779 buf_pool_release(&tempfile);
780
781 FREE(&gpgcharset);
782
783 if (needpass == -1)
784 {
785 state_attach_puts(state, _("[-- Error: could not find beginning of PGP message --]\n\n"));
786 return -1;
787 }
788
789 return rc;
790}
buf_string
static const char * buf_string(const struct Buffer *buf)
Convert a buffer to a const char * "string".
Definition buffer.h:96
crypt_current_time
void crypt_current_time(struct State *state, const char *app_name)
Print the current time.
Definition crypt.c:64
mutt_need_hard_redraw
void mutt_need_hard_redraw(void)
Force a hard refresh.
Definition curs_lib.c:102
mutt_file_unlink
void mutt_file_unlink(const char *s)
Delete a file, carefully.
Definition file.c:156
mutt_file_fopen
#define mutt_file_fopen(PATH, MODE)
Definition file.h:138
pgp_class_valid_passphrase
bool pgp_class_valid_passphrase(void)
Ensure we have a valid passphrase - Implements CryptModuleSpecs::valid_passphrase() -.
Definition pgp.c:81
pgp_class_void_passphrase
void pgp_class_void_passphrase(void)
Forget the cached passphrase - Implements CryptModuleSpecs::void_passphrase() -.
Definition pgp.c:71
mutt_error
#define mutt_error(...)
Definition logging2.h:94
LL_DEBUG3
@ LL_DEBUG3
Log at debug level 3.
Definition logging2.h:47
MODULE_ID_NCRYPT
@ MODULE_ID_NCRYPT
ModuleNcrypt, Ncrypt
Definition module_api.h:80
filter_wait
int filter_wait(pid_t pid)
Wait for the exit of a process and return its status.
Definition filter.c:228
state_prefix_putc
void state_prefix_putc(struct State *state, char c)
Write a prefixed character to the state.
Definition state.c:168
state_set_prefix
#define state_set_prefix(state)
Definition state.h:56
neomutt_get_module_data
void * neomutt_get_module_data(struct NeoMutt *n, enum ModuleId id)
Get the private data for a Module.
Definition neomutt.c:665
pgp_copy_checksig
static int pgp_copy_checksig(FILE *fp_in, FILE *fp_out)
Copy PGP output and look for signs of a good signature.
Definition pgp.c:248
pgp_copy_clearsigned
static void pgp_copy_clearsigned(FILE *fp_in, struct State *state, char *charset)
Copy a clearsigned message, stripping the signature.
Definition pgp.c:421
pgp_use_gpg_agent
bool pgp_use_gpg_agent(void)
Does the user want to use the gpg agent?
Definition pgp.c:124
pgp_check_decryption_okay
static int pgp_check_decryption_okay(FILE *fp_in)
Check GPG output for status codes.
Definition pgp.c:354
pgp_invoke_decode
pid_t pgp_invoke_decode(FILE **fp_pgp_in, FILE **fp_pgp_out, FILE **fp_pgp_err, int fd_pgp_in, int fd_pgp_out, int fd_pgp_err, const char *fname, bool need_passphrase)
Use PGP to decode a message.
Definition pgpinvoke.c:132
buf_pool_get
struct Buffer * buf_pool_get(void)
Get a Buffer from the pool.
Definition pool.c:91
buf_pool_release
void buf_pool_release(struct Buffer **ptr)
Return a Buffer to the pool.
Definition pool.c:111
Buffer
String manipulation buffer.
Definition buffer.h:36
NcryptModuleData
Ncrypt private Module data.
Definition module_data.h:38
NcryptModuleData::pgp_pass
char pgp_pass[1024]
Cached PGP Passphrase.
Definition module_data.h:50
NeoMutt
Container for Accounts, Notifications.
Definition neomutt.h:41
State::fp_out
FILE * fp_out
File to write to.
Definition state.h:50
buf_mktemp
#define buf_mktemp(buf)
Definition tmp.h:33
+ Here is the call graph for this function:

◆ smime_class_application_handler()

int smime_class_application_handler ( struct Body * b,
struct State * state )

Manage the MIME type "application/pgp" or "application/smime" - Implements CryptModuleSpecs::application_handler() -.

Definition at line 1984 of file smime.c.

1985{
1986 int rc = -1;
1987
1988 /* clear out any mime headers before the handler, so they can't be spoofed. */
1989 mutt_env_free(&b->mime_headers);
1990
1991 struct Body *tattach = smime_handle_entity(b, state, NULL);
1992 if (tattach)
1993 {
1994 rc = 0;
1995 mutt_body_free(&tattach);
1996 }
1997 return rc;
1998}
smime_handle_entity
static struct Body * smime_handle_entity(struct Body *b, struct State *state, FILE *fp_out_file)
Handle type application/pkcs7-mime.
Definition smime.c:1682
+ Here is the call graph for this function: