mail-gpg 0.4.2 → 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA256:
3
- metadata.gz: b7e6ef944bc641fa51f189b379859528044939a7eeca16d44cdeab8f46fdbc0c
4
- data.tar.gz: aaa67237e62a803b4d369f81a70d71511e55b175c4ba95714137d6a0aa649cfe
2
+ SHA1:
3
+ metadata.gz: 62b5362e85b38c7c385a84c56270dea80710517a
4
+ data.tar.gz: 78e3dacfe29c126d91089b380083d32edfd35d9f
5
5
  SHA512:
6
- metadata.gz: 3c5224711ba09fe1b59cfb6076fe4c8c09838e0915411411fe044b5b04d76949bb74eb81e8e9a0242c8996a5be6c380c43d2662942fe58714c1d838c71ecf756
7
- data.tar.gz: 25e41d97a17fc966d4839f96b7c827432c1e7f60905d9675238633660efa5a930c4ff9028c91c84ab8db66f0884601fb0ff5fc8b760c194ceae37fab261f09e8
6
+ metadata.gz: 36cadc855dc15bc8dbab934a44602d97c8a8831c575970ed61c4e3c3cce7bf86ac2d2cc956b910d0916aa53dd1702af001d57986d055e048e12f4868833c7931
7
+ data.tar.gz: d3a34b8a693ebf7b4e52aaff895af7275b01b335eac7c537443bab7eed61ceee1b86b5d7266fc35941e482d7ddd4e2044a42b8ad60f0e2189a4c7763bcd93c55
@@ -1,3 +1,8 @@
1
+ == 0.4.3 2020-02-12
2
+
3
+ * fix bad signatures of some mails with Mail 2.7.1 by always enforcing
4
+ base64 encoding for signed content
5
+
1
6
  == 0.4.2 2019-09-02
2
7
 
3
8
  * do not die on invalid content-transfer encodings when checking if a message
@@ -24,19 +24,8 @@ module Mail
24
24
  return false
25
25
  end
26
26
 
27
- # Work around the problem that plain_part.raw_source prefixes an
28
- # erroneous CRLF, <https://github.com/mikel/mail/issues/702>.
29
- if ! plain_part.raw_source.empty?
30
- plaintext = [ plain_part.header.raw_source,
31
- "\r\n\r\n",
32
- plain_part.body.raw_source
33
- ].join
34
- else
35
- plaintext = plain_part.encoded
36
- end
37
-
38
27
  signature = signature_part.body.encoded
39
- GpgmeHelper.sign_verify(plaintext, signature, options)
28
+ GpgmeHelper.sign_verify(plain_part.encoded, signature, options)
40
29
  end
41
30
  end
42
31
  end
@@ -8,7 +8,7 @@ module Mail
8
8
 
9
9
  def self.build(cleartext_mail)
10
10
  new do
11
- if cleartext_mail.body.multipart?
11
+ if cleartext_mail.multipart?
12
12
  if cleartext_mail.content_type =~ /^(multipart[^;]+)/
13
13
  # preserve multipart/alternative etc
14
14
  content_type $1
@@ -16,11 +16,18 @@ module Mail
16
16
  content_type 'multipart/mixed'
17
17
  end
18
18
  cleartext_mail.body.parts.each do |p|
19
- add_part p
19
+ add_part Mail::Gpg::SignedPart.build(p)
20
20
  end
21
21
  else
22
22
  content_type cleartext_mail.content_type
23
- body cleartext_mail.body.raw_source
23
+ if disposition = cleartext_mail.content_disposition
24
+ content_disposition disposition
25
+ end
26
+
27
+ # brute force approach to avoid messed up line endings that break
28
+ # signatures with Mail 2.7
29
+ body Mail::Encodings::Base64.encode cleartext_mail.body.to_s
30
+ body.encoding = 'base64'
24
31
  end
25
32
  end
26
33
  end
@@ -1,5 +1,5 @@
1
1
  module Mail
2
2
  module Gpg
3
- VERSION = "0.4.2"
3
+ VERSION = "0.4.3"
4
4
  end
5
5
  end
@@ -38,24 +38,96 @@ class MessageTest < MailGpgTestCase
38
38
  end
39
39
  end
40
40
 
41
+ context "with multi line utf-8 body and gpg signing only" do
42
+ setup do
43
+ @mail.charset = 'UTF-8'
44
+ @body = <<-END
45
+ one
46
+ two
47
+ euro €
48
+ three
49
+ END
50
+
51
+ @mail.body = @body
52
+ @mail.gpg sign: true, password: 'abc'
53
+ @mail.deliver
54
+ @signed = Mail.new @mails.first.to_s
55
+ @verified = @signed.verify
56
+ # Mail gem from 2.7.1 onwards converts "\n" to "\r\n"
57
+ @body = Mail::Utilities.to_crlf(@body)
58
+ end
59
+
60
+ should 'keep body unchanged' do
61
+ body = @verified.body.to_s.force_encoding 'UTF-8'
62
+ assert_equal @body, body
63
+ end
64
+
65
+ should 'verify signed mail' do
66
+ refute @signed.encrypted?
67
+ assert @signed.multipart?, "message should be multipart"
68
+ assert @signed.signed?, "message should be signed"
69
+ assert sign_part = @signed.parts.last
70
+ GPGME::Crypto.new.verify(sign_part.body.to_s, signed_text: @signed.parts.first.encoded) do |sig|
71
+ assert sig.valid?, "Signature is not valid"
72
+ end
73
+
74
+ assert @verified.signature_valid?, "Signature check failed!"
75
+ refute @verified.multipart?
76
+ end
77
+
78
+ end
79
+
41
80
  context "with gpg signing only" do
42
81
  setup do
43
82
  @mail.gpg sign: true, password: 'abc'
44
83
  end
45
84
 
85
+ context 'with attachment' do
86
+ setup do
87
+ p = Mail::Part.new do
88
+ body "and\nanother part euro €"
89
+ end
90
+ @mail.add_part p
91
+ # if we do not force it to binary, the line ending is changed to CRLF. WTF?
92
+ @attachment_data = "this is\n € not an image".force_encoding(Encoding::BINARY)
93
+ @mail.attachments['test.jpg'] = { mime_type: 'image/jpeg',
94
+ content: @attachment_data }
95
+
96
+ @mail.deliver
97
+ @signed = Mail.new @mails.first.to_s
98
+ @verified = @signed.verify
99
+ end
100
+
101
+ should 'verify signature' do
102
+ assert @verified.signature_valid?
103
+ end
104
+
105
+ should 'have original three parts' do
106
+ assert_equal 3, @verified.parts.size
107
+ assert_equal 'i am unencrypted', @verified.parts[0].body.to_s
108
+ assert_equal "and\r\nanother part euro €", @verified.parts[1].body.to_s.force_encoding('UTF-8')
109
+ assert attachment = @verified.parts[2]
110
+ assert attachment.attachment?
111
+ assert_equal "attachment; filename=test.jpg", attachment.content_disposition
112
+ assert_equal @attachment_data, attachment.body.to_s
113
+ end
114
+
115
+ end
116
+
46
117
  context 'with multiple parts' do
47
118
  setup do
48
119
  p = Mail::Part.new do
49
- body 'and another part'
120
+ body "and\nanother part euro €"
50
121
  end
51
122
  @mail.add_part p
52
123
  p = Mail::Part.new do
53
- body 'and a third part'
124
+ content_type "text/html; charset=UTF-8"
125
+ body "and an\nHTML part €"
54
126
  end
55
127
  @mail.add_part p
56
128
 
57
129
  @mail.deliver
58
- @signed = @mails.first
130
+ @signed = Mail.new @mails.first.to_s
59
131
  @verified = @signed.verify
60
132
  end
61
133
 
@@ -67,8 +139,8 @@ class MessageTest < MailGpgTestCase
67
139
  assert_equal 3, @mail.parts.size
68
140
  assert_equal 3, @verified.parts.size
69
141
  assert_equal 'i am unencrypted', @verified.parts[0].body.to_s
70
- assert_equal 'and another part', @verified.parts[1].body.to_s
71
- assert_equal 'and a third part', @verified.parts[2].body.to_s
142
+ assert_equal "and\r\nanother part euro €", @verified.parts[1].body.to_s.force_encoding('UTF-8')
143
+ assert_equal "and an\r\nHTML part €", @verified.parts[2].body.to_s.force_encoding('UTF-8')
72
144
  end
73
145
  end
74
146
 
@@ -133,25 +205,42 @@ class MessageTest < MailGpgTestCase
133
205
  end
134
206
  end
135
207
 
136
- context 'with encryption and signing' do
208
+ context 'utf-8 with encryption and signing' do
137
209
  setup do
210
+ @body = "one\neuro €"
211
+ @mail.charset = 'UTF-8'
212
+ @mail.body @body
138
213
  @mail.gpg encrypt: true, sign: true, password: 'abc'
139
214
  @mail.deliver
215
+ assert_equal 1, @mails.size
216
+ assert m = @mails.first
217
+ @received = Mail.new m.to_s
140
218
  end
141
219
 
142
220
  should 'decrypt and check signature' do
143
- assert_equal 1, @mails.size
144
- assert m = @mails.first
221
+ m = @received
145
222
  assert_equal 'test', m.subject
146
223
  assert m.multipart?
147
224
  assert m.encrypted?
148
225
  assert decrypted = m.decrypt(:password => 'abc', verify: true)
149
226
  assert_equal 'test', decrypted.subject
150
227
  assert decrypted == @mail
151
- assert_equal 'i am unencrypted', decrypted.body.to_s
228
+ assert_equal "one\r\neuro €", decrypted.body.to_s.force_encoding('UTF-8')
152
229
  assert decrypted.signature_valid?
153
230
  assert_equal 1, decrypted.signatures.size
154
231
  end
232
+
233
+ should 'preserve headers in raw_source output' do
234
+ m = @received
235
+ assert decrypted = m.decrypt(:password => 'abc', verify: true)
236
+ assert s = decrypted.raw_source
237
+ assert s.include?('From: joe@foo.bar')
238
+ assert s.include?('To: jane@foo.bar')
239
+ assert s.include?('Subject: test')
240
+
241
+ body = decrypted.body.to_s.force_encoding('UTF-8')
242
+ assert body.include?('euro €'), s
243
+ end
155
244
  end
156
245
 
157
246
  context "with gpg turned on" do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mail-gpg
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.2
4
+ version: 0.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jens Kraemer
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-09-06 00:00:00.000000000 Z
11
+ date: 2020-02-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: mail
@@ -210,7 +210,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
210
210
  version: '0'
211
211
  requirements: []
212
212
  rubyforge_project:
213
- rubygems_version: 2.7.6
213
+ rubygems_version: 2.6.14.4
214
214
  signing_key:
215
215
  specification_version: 4
216
216
  summary: GPG/MIME encryption plugin for the Ruby Mail Library