mail-gpg 0.4.4 → 0.4.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 96edf0fbe3f22c01808d60328a9d316d4cab6588
-  data.tar.gz: dbe492f6351962e3696eb13a8185bc99f0ded52a
+SHA256:
+  metadata.gz: c21d99f46e1cf61f5f6b528d75189d90dd0543c6937c346d0435ad5dc23b9d25
+  data.tar.gz: a33073e63f6353184d87188a81996147ffcff43a98818fc46c07bcf9ac2e5d7b
 SHA512:
-  metadata.gz: 6ef811441d350386921a18d46d5b4aff71867eacb346565a5a1583eb8e516c3f0643b065cb1e02cca46db7cfa0333b5ed82435aab6da6bed4a9ecf5b34c054aa
-  data.tar.gz: 2588e6bbce89a8dd1fde81c582352c40b694a8a9c1de1b71ec57fbbf50bbf75cb770f75da3b822e25034abace1d210958a557bf7b224e8e305cbcaf2c2e7887f
+  metadata.gz: edc5a48bad65750933dba1cc7d50c157c3c38a96d101e4106af284389199ea74564ed92689583a17a537f357a823dec9c8c301f7aca437c6f5dc9caf3030e109
+  data.tar.gz: e6040cb3fb89303a145a4a5158134437e66b52beca5628e6b154baf41560b53386b3e60bb93b915af4bc228b173b0d8f4f45e9cbbb4185f1387120d2e111159f

data/.github/workflows/test.yml

@@ -0,0 +1,60 @@
+name: Tests
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    branches: [master]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby-version: ["2.7", "3.0", "3.1", "3.2", "3.3", "3.4"]
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install GPG
+        run: sudo apt-get update && sudo apt-get install -y gnupg
+
+      - name: Set up Ruby ${{ matrix.ruby-version }}
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+          bundler-cache: true
+
+      - name: Run tests
+        run: bundle exec rake
+
+  test-with-rails:
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - ruby-version: "3.2"
+            rails-version: "7.1"
+          - ruby-version: "3.4"
+            rails-version: "7.2"
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install GPG
+        run: sudo apt-get update && sudo apt-get install -y gnupg
+
+      - name: Set up Ruby ${{ matrix.ruby-version }}
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+          bundler-cache: true
+
+      - name: Run tests with Rails ${{ matrix.rails-version }}
+        env:
+          RAILS: ${{ matrix.rails-version }}
+        run: bundle update && bundle exec rake

data/History.txt

@@ -1,3 +1,10 @@
+== 0.4.5 2026-01-20
+
+* fix HKP client for Ruby 3.0+ (replaced deprecated URI.escape/decode)
+* change default keyserver from defunct pool.sks-keyservers.net to
+  keyserver.ubuntu.com
+* fix HKP client redirect handling
+
 == 0.4.4 2020-07-30
 
 * preserve Content-ID header of signed parts (relevant for inline images in

data/README.md

@@ -1,4 +1,4 @@
-# Mail::Gpg [![Build Status](https://travis-ci.org/jkraemer/mail-gpg.png?branch=master)](https://travis-ci.org/jkraemer/mail-gpg)
+# Mail::Gpg [![Tests](https://github.com/jkraemer/mail-gpg/actions/workflows/test.yml/badge.svg)](https://github.com/jkraemer/mail-gpg/actions/workflows/test.yml)
 
 This gem adds GPG/MIME encryption capabilities to the [Ruby Mail
 Library](https://github.com/mikel/mail)

data/lib/hkp.rb

@@ -49,7 +49,16 @@ class Hkp
           if redirect_depth >= MAX_REDIRECTS
             raise TooManyRedirects
           else
-            http_get response['location'], redirect_depth + 1
+            location = URI.parse(response['location'])
+            if location.host && (location.host != @host || location.port != @port)
+              # Cross-host redirect - create new client for the target server
+              redirect_client = Client.new(response['location'], ssl_verify_mode: @ssl_verify_mode)
+              return redirect_client.get(location.request_uri, redirect_depth + 1)
+            else
+              # Same-host redirect (relative path or same host)
+              redirect_path = location.respond_to?(:request_uri) ? location.request_uri : response['location']
+              return get(redirect_path, redirect_depth + 1)
+            end
           end
         else
           raise InvalidResponse, response.code
@@ -65,7 +74,7 @@ class Hkp
     if String === options
       options = { keyserver: options }
     end
-    @keyserver = options.delete(:keyserver) || lookup_keyserver || 'http://pool.sks-keyservers.net:11371'
+    @keyserver = options.delete(:keyserver) || lookup_keyserver || 'hkp://keyserver.ubuntu.com'
     @options = { raise_errors: true }.merge options
   end
 
@@ -83,7 +92,7 @@ class Hkp
   # and what info they return besides the key id
   def search(name)
     [].tap do |results|
-      result = hkp_client.get "/pks/lookup?options=mr&search=#{URI.escape name}"
+      result = hkp_client.get "/pks/lookup?op=index&options=mr&search=#{URI.encode_www_form_component(name)}"
 
       result.each_line do |l|
         components = l.strip.split(':')
@@ -101,7 +110,7 @@ class Hkp
 
   # returns the key data as returned from the server as a string
   def fetch(id)
-    result = hkp_client.get "/pks/lookup?options=mr&op=get&search=0x#{URI.escape id}"
+    result = hkp_client.get "/pks/lookup?op=get&options=mr&search=0x#{URI.encode_www_form_component(id)}"
     return clean_key(result) if result
 
   rescue Exception
@@ -142,7 +151,7 @@ class Hkp
   def lookup_keyserver
     url = nil
     if res = exec_cmd("gpgconf --list-options gpgs 2>&1 | grep keyserver 2>&1")
-      url = URI.decode(res.split(":").last.split("\"").last.strip)
+      url = URI.decode_www_form_component(res.split(":").last.split("\"").last.strip)
     elsif res = exec_cmd("gpg --gpgconf-list 2>&1 | grep gpgconf-gpg.conf 2>&1")
       conf_file = res.split(":").last.split("\"").last.strip
       if res = exec_cmd("cat #{conf_file} 2>&1 | grep ^keyserver 2>&1")

data/lib/mail/gpg/version.rb

@@ -1,5 +1,5 @@
 module Mail
   module Gpg
-    VERSION = "0.4.4"
+    VERSION = "0.4.5"
   end
 end

data/mail-gpg.gemspec

@@ -26,4 +26,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "actionmailer", ">= 3.2.0"
   spec.add_development_dependency "byebug"
   spec.add_development_dependency "shoulda-context", '~> 1.1'
+  spec.add_development_dependency "webmock", '~> 3.0'
 end

data/test/hkp_test.rb

@@ -4,7 +4,7 @@ require 'hkp'
 
 class HkpTest < MailGpgTestCase
 
-  context "hpk client" do
+  context "hkp client" do
     {
       "http://pool.sks-keyservers.net:11371" => {
         host: 'pool.sks-keyservers.net',
@@ -99,4 +99,222 @@ class HkpTest < MailGpgTestCase
 
   end
 
+  context 'with mocked server' do
+    setup do
+      WebMock.disable_net_connect!
+      @keyserver = 'hkp://keys.example.com'
+      @hkp = Hkp.new(keyserver: @keyserver)
+    end
+
+    teardown do
+      WebMock.allow_net_connect!
+    end
+
+    context 'search' do
+      should 'include op=index parameter in request' do
+        stub_request(:get, "http://keys.example.com:11371/pks/lookup")
+          .with(query: hash_including('op' => 'index'))
+          .to_return(status: 200, body: "info:1:1\npub:ABC123:1:2048:1234567890::\nuid:Test User <test@example.com>:1234567890::")
+
+        result = @hkp.search('test@example.com')
+        assert_requested :get, "http://keys.example.com:11371/pks/lookup",
+          query: hash_including('op' => 'index', 'search' => 'test@example.com')
+      end
+
+      should 'properly encode special characters in search query' do
+        stub_request(:get, /keys\.example\.com/)
+          .to_return(status: 200, body: "info:1:1\npub:ABC123:1:2048:1234567890::\n")
+
+        @hkp.search('test+user@example.com')
+
+        # Should use proper URL encoding, + should become %2B
+        assert_requested :get, "http://keys.example.com:11371/pks/lookup",
+          query: hash_including('search' => 'test+user@example.com')
+      end
+
+      should 'parse machine readable response' do
+        stub_request(:get, /keys\.example\.com/)
+          .to_return(status: 200, body: <<~RESPONSE)
+            info:1:2
+            pub:ABC123DEF456:1:2048:1234567890::
+            uid:Test User <test@example.com>:1234567890::
+            pub:789GHI012JKL:1:4096:1234567891::
+            uid:Another User <another@example.com>:1234567891::
+          RESPONSE
+
+        result = @hkp.search('example.com')
+
+        assert_equal 2, result.size
+        assert_equal 'ABC123DEF456', result[0][0]
+        assert_equal '789GHI012JKL', result[1][0]
+      end
+
+      should 'return empty array when no keys found' do
+        stub_request(:get, /keys\.example\.com/)
+          .to_return(status: 200, body: "info:1:0\n")
+
+        result = @hkp.search('nonexistent@example.com')
+
+        assert_equal [], result
+      end
+
+      should 'raise error on server error when raise_errors is true' do
+        stub_request(:get, /keys\.example\.com/)
+          .to_return(status: 500, body: "Internal Server Error")
+
+        assert_raises(Hkp::InvalidResponse) do
+          @hkp.search('test@example.com')
+        end
+      end
+
+      should 'return nil on server error when raise_errors is false' do
+        hkp = Hkp.new(keyserver: @keyserver, raise_errors: false)
+        stub_request(:get, /keys\.example\.com/)
+          .to_return(status: 500, body: "Internal Server Error")
+
+        result = hkp.search('test@example.com')
+
+        assert_nil result
+      end
+    end
+
+    context 'fetch' do
+      should 'include op=get parameter in request' do
+        stub_request(:get, "http://keys.example.com:11371/pks/lookup")
+          .with(query: hash_including('op' => 'get'))
+          .to_return(status: 200, body: <<~KEY)
+            -----BEGIN PGP PUBLIC KEY BLOCK-----
+            mQENBFxxxxxxx
+            -----END PGP PUBLIC KEY BLOCK-----
+          KEY
+
+        result = @hkp.fetch('ABC123')
+        assert_requested :get, "http://keys.example.com:11371/pks/lookup",
+          query: hash_including('op' => 'get', 'search' => '0xABC123')
+      end
+
+      should 'properly encode key id with special characters' do
+        stub_request(:get, /keys\.example\.com/)
+          .to_return(status: 200, body: <<~KEY)
+            -----BEGIN PGP PUBLIC KEY BLOCK-----
+            mQENBFxxxxxxx
+            -----END PGP PUBLIC KEY BLOCK-----
+          KEY
+
+        # Key IDs shouldn't normally have special chars, but testing encoding anyway
+        @hkp.fetch('ABC+123')
+
+        assert_requested :get, "http://keys.example.com:11371/pks/lookup",
+          query: hash_including('search' => '0xABC+123')
+      end
+
+      should 'extract key from response' do
+        stub_request(:get, /keys\.example\.com/)
+          .to_return(status: 200, body: <<~RESPONSE)
+            Some header text
+            -----BEGIN PGP PUBLIC KEY BLOCK-----
+
+            mQENBFxxxxxxx
+            =xxxx
+            -----END PGP PUBLIC KEY BLOCK-----
+            Some footer text
+          RESPONSE
+
+        result = @hkp.fetch('ABC123')
+
+        assert result.start_with?('-----BEGIN PGP PUBLIC KEY BLOCK-----')
+        assert result.end_with?('-----END PGP PUBLIC KEY BLOCK-----')
+        refute result.include?('Some header text')
+        refute result.include?('Some footer text')
+      end
+
+      should 'return nil when key not found' do
+        stub_request(:get, /keys\.example\.com/)
+          .to_return(status: 404, body: "Not Found")
+
+        hkp = Hkp.new(keyserver: @keyserver, raise_errors: false)
+        result = hkp.fetch('NONEXISTENT')
+
+        assert_nil result
+      end
+
+      should 'return nil when response has no valid key block' do
+        stub_request(:get, /keys\.example\.com/)
+          .to_return(status: 200, body: "No key here")
+
+        result = @hkp.fetch('ABC123')
+
+        assert_nil result
+      end
+    end
+
+    context 'redirects' do
+      should 'follow same-host redirects' do
+        stub_request(:get, "http://keys.example.com:11371/pks/lookup")
+          .with(query: hash_including('op' => 'index', 'search' => 'test'))
+          .to_return(status: 302, headers: { 'Location' => '/pks/lookup?op=index&options=mr&search=test&new=1' })
+
+        stub_request(:get, "http://keys.example.com:11371/pks/lookup")
+          .with(query: hash_including('op' => 'index', 'new' => '1'))
+          .to_return(status: 200, body: "info:1:1\npub:ABC123:1:2048:1234567890::\n")
+
+        result = @hkp.search('test')
+        assert_equal 1, result.size
+        assert_equal 'ABC123', result[0][0]
+      end
+
+      should 'follow cross-host redirects' do
+        stub_request(:get, "http://keys.example.com:11371/pks/lookup")
+          .with(query: hash_including('op' => 'index'))
+          .to_return(status: 302, headers: { 'Location' => 'http://keys2.example.com/pks/lookup?op=index&options=mr&search=test' })
+
+        stub_request(:get, "http://keys2.example.com:80/pks/lookup")
+          .with(query: hash_including('op' => 'index'))
+          .to_return(status: 200, body: "info:1:1\npub:DEF456:1:2048:1234567890::\n")
+
+        result = @hkp.search('test')
+        assert_equal 1, result.size
+        assert_equal 'DEF456', result[0][0]
+      end
+
+      should 'raise TooManyRedirects after MAX_REDIRECTS' do
+        stub_request(:get, /keys\.example\.com/)
+          .to_return(status: 302, headers: { 'Location' => 'http://keys.example.com:11371/pks/lookup?op=index&search=test' })
+
+        assert_raises(Hkp::TooManyRedirects) do
+          @hkp.search('test')
+        end
+      end
+    end
+  end
+
+  context 'lookup_keyserver' do
+    setup do
+      WebMock.disable_net_connect!
+    end
+
+    teardown do
+      WebMock.allow_net_connect!
+    end
+
+    should 'decode percent-encoded keyserver URL from gpgconf' do
+      # Create a testable subclass that stubs exec_cmd
+      hkp_class = Class.new(Hkp) do
+        def exec_cmd(cmd)
+          if cmd.include?('gpgconf --list-options')
+            # Simulated gpgconf output with percent-encoded URL
+            # Format: name:flags:value (value may be quoted)
+            "keyserver:0:hkp%3A%2F%2Fkeys.example.com\n"
+          else
+            nil
+          end
+        end
+      end
+
+      hkp = hkp_class.new
+      keyserver = hkp.instance_variable_get('@keyserver')
+      assert_equal 'hkp://keys.example.com', keyserver
+    end
+  end
+
 end

data/test/message_test.rb

@@ -53,8 +53,6 @@ class MessageTest < MailGpgTestCase
         @mail.deliver
         @signed = Mail.new @mails.first.to_s
         @verified = @signed.verify
-        # Mail gem from 2.7.1 onwards converts "\n" to "\r\n"
-        @body = Mail::Utilities.to_crlf(@body)
       end
 
       should 'keep body unchanged' do
@@ -88,7 +86,7 @@ class MessageTest < MailGpgTestCase
             body "and\nanother part euro €"
           end
           @mail.add_part p
-          # if we do not force it to binary, the line ending is changed to CRLF. WTF?
+          # attachment bodies are returned as binary
           @attachment_data = "this is\n € not an image".force_encoding(Encoding::BINARY)
           @mail.attachments['test.jpg'] = { mime_type: 'image/jpeg',
                                             content: @attachment_data }
@@ -106,7 +104,7 @@ class MessageTest < MailGpgTestCase
         should 'have original three parts' do
           assert_equal 3, @verified.parts.size
           assert_equal 'i am unencrypted', @verified.parts[0].body.to_s
-          assert_equal "and\r\nanother part euro €", @verified.parts[1].body.to_s.force_encoding('UTF-8')
+          assert_equal "and\nanother part euro €", @verified.parts[1].body.to_s.force_encoding('UTF-8')
           assert attachment = @verified.parts[2]
           assert attachment.attachment?
           assert_equal "attachment; filename=test.jpg", attachment.content_disposition
@@ -141,8 +139,8 @@ class MessageTest < MailGpgTestCase
           assert_equal 3, @mail.parts.size
           assert_equal 3, @verified.parts.size
           assert_equal 'i am unencrypted', @verified.parts[0].body.to_s
-          assert_equal "and\r\nanother part euro €", @verified.parts[1].body.to_s.force_encoding('UTF-8')
-          assert_equal "and an\r\nHTML part €", @verified.parts[2].body.to_s.force_encoding('UTF-8')
+          assert_equal "and\nanother part euro €", @verified.parts[1].body.to_s.force_encoding('UTF-8')
+          assert_equal "and an\nHTML part €", @verified.parts[2].body.to_s.force_encoding('UTF-8')
         end
       end
 
@@ -227,7 +225,7 @@ class MessageTest < MailGpgTestCase
         assert decrypted = m.decrypt(:password => 'abc', verify: true)
         assert_equal 'test', decrypted.subject
         assert decrypted == @mail
-        assert_equal "one\r\neuro €", decrypted.body.to_s.force_encoding('UTF-8')
+        assert_equal "one\neuro €", decrypted.body.to_s.force_encoding('UTF-8')
         assert decrypted.signature_valid?
         assert_equal 1, decrypted.signatures.size
       end

data/test/test_helper.rb

@@ -1,11 +1,15 @@
 require 'open3'
 require 'test/unit'
 require 'shoulda/context'
+require 'webmock/test_unit'
 require 'mail-gpg'
 require 'action_mailer'
 require 'securerandom'
 require 'byebug'
 
+# Allow real connections by default, individual tests can disable
+WebMock.allow_net_connect!
+
 Mail.defaults do
   delivery_method :test
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mail-gpg
 version: !ruby/object:Gem::Version
-  version: 0.4.4
+  version: 0.4.5
 platform: ruby
 authors:
 - Jens Kraemer
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-30 00:00:00.000000000 Z
+date: 2026-01-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mail
@@ -134,6 +134,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
 description: |-
   GPG/MIME encryption plugin for the Ruby Mail Library
   This tiny gem adds GPG capabilities to Mail::Message and ActionMailer::Base. Because privacy matters.
@@ -143,8 +157,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/test.yml"
 - ".gitignore"
-- ".travis.yml"
 - Gemfile
 - History.txt
 - LICENSE.txt
@@ -179,7 +193,6 @@ files:
 - test/gpghome/gpg-agent.conf
 - test/gpghome/pubring.gpg
 - test/gpghome/pubring.gpg~
-- test/gpghome/random_seed
 - test/gpghome/secring.gpg
 - test/gpghome/trustdb.gpg
 - test/gpgme_helper_test.rb
@@ -194,7 +207,7 @@ homepage: https://github.com/jkraemer/mail-gpg
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -209,9 +222,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.14.4
-signing_key: 
+rubygems_version: 3.5.22
+signing_key:
 specification_version: 4
 summary: GPG/MIME encryption plugin for the Ruby Mail Library
 test_files:
@@ -222,7 +234,6 @@ test_files:
 - test/gpghome/gpg-agent.conf
 - test/gpghome/pubring.gpg
 - test/gpghome/pubring.gpg~
-- test/gpghome/random_seed
 - test/gpghome/secring.gpg
 - test/gpghome/trustdb.gpg
 - test/gpgme_helper_test.rb

data/.travis.yml

@@ -1,21 +0,0 @@
-language: ruby
-rvm:
-  - 2.6.3
-  - 2.5.5
-  - 2.4.6
-env:
-  - RAILS=4.2.11.1 GPG_BIN=/usr/bin/gpg2
-  - RAILS=4.2.11.1 GPG_BIN=/usr/bin/gpg
-  - RAILS=5.2.3 GPG_BIN=/usr/bin/gpg2
-  - RAILS=5.2.3 GPG_BIN=/usr/bin/gpg
-matrix:
-  exclude:
-before_install:
-  - gem install bundler -v "~> 2.0"
-  - sudo apt install -y gnupg gnupg2
-cache: bundler
-dist: xenial
-addons:
-  apt:
-    update: true
-