schleuder 4.0.3 → 5.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c44b12c722680d91cee45a80ae2ee6a4ff47a9544dfd171cc83a5549bdd72be2
-  data.tar.gz: 77773ef59d05b1faff86cf2fe5d22ef657cd5683e6184db1a55b28d1592b07d2
+  metadata.gz: 4148fa7b166ff22d2af8980a549f08e7bc659080df8f9579d15a190cbb046033
+  data.tar.gz: edb0f987169bdb5585f9350057e5f7114e377d13cec9e9f413a6da24a4e3cd46
 SHA512:
-  metadata.gz: eb351c776f1773cf0dd5ef0f04f310fe70a0155d9344fd75eb78fce9b0d69cad0f0d9bfad664d1a8ab004a55c2d29a849cf1ea2cd0a295c61c3b56b96a25d9a8
-  data.tar.gz: 97ab8283c694fac04196ee752ffe3153f57acb1e37c8754c8c9f1840fbf5109d47fac3426aa8fa3f168341efbfcf38c8d4292e9a360b3d81dff5d9231ac9b700
+  metadata.gz: 8d86957d1b3b3e6929290f273b2fd39a65c012aa19fba80231aba12c413024c19dd513cf4a61dce7cb93af1996ade5d95de8230ef0a7e855fedaa741aa1f10a4
+  data.tar.gz: 00605d42c733d792fffd50652e1f7c7c8b8e98066006bf49eff25bf7d6c7523419229d18537e07f2735ca8b2fe4b243b043966a13079c8d8fce7d274fd2629c1

data/README.md

@@ -9,12 +9,13 @@ For more details see <https://schleuder.org/docs/>.
 
 Requirements
 ------------
-* ruby >=2.5
+* ruby >=2.7
 * gnupg >=2.2
 * gpgme
 * sqlite3
 * openssl
 * icu
+* libcurl
 
 *If you use Debian buster, CentOS 7 or Archlinux, please have a look at the [installation docs](https://schleuder.org/schleuder/docs/server-admins.html#installation). We do provide packages for those platforms, which simplify the installation a lot.*
 
@@ -36,15 +37,15 @@ Additionally these **rubygems** are required (will be installed automatically un
 Installing Schleuder
 ------------
 
-1. Download [the gem](https://schleuder.org/download/schleuder-4.0.3.gem) and [the OpenPGP-signature](https://schleuder.org/download/schleuder-4.0.3.gem.sig) and verify:
+1. Download [the gem](https://schleuder.org/download/schleuder-5.0.0.gem) and [the OpenPGP-signature](https://schleuder.org/download/schleuder-5.0.0.gem.sig) and verify:
    ```
    gpg --recv-key 0xB3D190D5235C74E1907EACFE898F2C91E2E6E1F3
-   gpg --verify schleuder-4.0.3.gem.sig
+   gpg --verify schleuder-5.0.0.gem.sig
    ```
 
 2. If all went well install the gem:
    ```
-   gem install schleuder-4.0.3.gem
+   gem install schleuder-5.0.0.gem
    ```
 
 3. Set up schleuder:
@@ -101,10 +102,6 @@ To execute the test suite run:
 
     bundle exec rspec
 
-Please note: Some of the specs use 'pgrep'. On systems that base on Debian 10 ("buster") install it via 
-
-    apt-get install procps
-
 We are working on extendig the test coverage.
 
 Contributing
@@ -134,4 +131,4 @@ GNU GPL 3.0. Please see [LICENSE.txt](LICENSE.txt).
 Alternative Download
 --------------------
 
-Alternatively to the gem-files you can download the latest release as [a tarball](https://schleuder.org/download/schleuder-4.0.3.tar.gz) and [its OpenPGP-signature](https://schleuder.org/download/schleuder-4.0.3.tar.gz.sig).
+Alternatively to the gem-files you can download the latest release as [a tarball](https://schleuder.org/download/schleuder-5.0.0.tar.gz) and [its OpenPGP-signature](https://schleuder.org/download/schleuder-5.0.0.tar.gz.sig).

data/db/migrate/20180110203100_add_sig_enc_to_headers_to_meta_defaults.rb

@@ -24,7 +24,7 @@ class AddSigEncToHeadersToMetaDefaults < ActiveRecord::Migration[4.2]
     # complexities of the actual class.
     Class.new(ActiveRecord::Base) do
       self.table_name = 'lists'
-      self.serialize :headers_to_meta, JSON
+      self.serialize :headers_to_meta, coder: JSON
     end
   end
 end

data/db/migrate/20220910170110_add_key_auto_import_from_email.rb

@@ -0,0 +1,11 @@
+class AddKeyAutoImportFromEmail < ActiveRecord::Migration[7.1]
+  def up
+    if ! column_exists?(:lists, :key_auto_import_from_email)
+      add_column :lists, :key_auto_import_from_email, :boolean, default: false
+    end
+  end
+
+  def down
+    remove_column(:lists, :key_auto_import_from_email)
+  end
+end

data/db/schema.rb

@@ -10,11 +10,10 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2021_11_07_151309) do
-
+ActiveRecord::Schema[7.1].define(version: 2022_09_10_170110) do
   create_table "lists", force: :cascade do |t|
-    t.datetime "created_at"
-    t.datetime "updated_at"
+    t.datetime "created_at", precision: nil
+    t.datetime "updated_at", precision: nil
     t.string "email", limit: 255
     t.string "fingerprint", limit: 255
     t.string "log_level", limit: 255, default: "warn"
@@ -47,6 +46,7 @@ ActiveRecord::Schema.define(version: 2021_11_07_151309) do
     t.boolean "include_autocrypt_header", default: true
     t.boolean "set_reply_to_to_sender", default: false
     t.boolean "munge_from", default: false
+    t.boolean "key_auto_import_from_email", default: false
   end
 
   create_table "subscriptions", force: :cascade do |t|
@@ -55,8 +55,8 @@ ActiveRecord::Schema.define(version: 2021_11_07_151309) do
     t.string "fingerprint", limit: 255
     t.boolean "admin", default: false
     t.boolean "delivery_enabled", default: true
-    t.datetime "created_at"
-    t.datetime "updated_at"
+    t.datetime "created_at", precision: nil
+    t.datetime "updated_at", precision: nil
     t.index ["email", "list_id"], name: "index_subscriptions_on_email_and_list_id", unique: true
     t.index ["list_id"], name: "index_subscriptions_on_list_id"
   end

data/etc/list-defaults.yml

@@ -149,3 +149,19 @@ set_reply_to_to_sender: false
 # This option can enabled for improved usability since this affect
 # mail client's displayed name.
 munge_from: false
+
+# If enabled, parse Autocrypt-header and look for attached keys in incoming emails.
+# For each found key (a), check if it contains a UID matching the From-header. In
+# case it does not, skip this key and handle the next, if any.
+# Lookup fingerprint of key (a) and check if it's already present in the keyring.
+# If present, import the key (a).
+# Otherwise, check if a key, which contains a UID matching the From-header, is present
+# in the keyring.
+# If not, import the key (a).
+# Before doing any import, ensure via a filter so that only the relevant UID is
+# kept.
+# Please be aware that this might result in a newly imported key that matches a
+# subscriber's email address, which didn't originate from the subscriber (in case
+# of forged From-header). We consider this not a serious problem because that key
+# will not be used for that subscriber's emails unless it is assigned manually.
+key_auto_import_from_email: false

data/etc/schleuder.yml

@@ -21,17 +21,28 @@ filters_dir: /usr/local/lib/schleuder/filters
 # How verbose should Schleuder log to syslog? (list-specific messages are written to the list's log-file).
 log_level: warn
 
-# Which keyserver to refresh keys from (used by `schleuder refresh_keys`, meant
-# to be run from cron or systemd weekly).
-# If you have gnupg 2.1, we strongly suggest to use a hkps-keyserver:
-#keyserver: hkps://hkps.pool.sks-keyservers.net
-# If you have gnupg 2.1 and TOR running locally, use a onion-keyserver:
-#keyserver: hkp://jirk5u4osbsr34t5.onion
-# If you have an OS-wide defined keyserver, specify a blank value to have that
-# one used:
-#keyserver: 
-# The default works for all supported versions of gnupg:
-keyserver: pool.sks-keyservers.net
+# Which verifying keyserver to fetch keys from?
+# This server must support the VKS API.
+# To disable lookup via this type of keyserver, set this to a blank value.
+# Note: This must include the procotol scheme (e.g. "https://").
+vks_keyserver: https://keys.openpgp.org
+
+# Which traditional keyserver to fetch keys from?
+# This server must support the SKS API.
+# Please consider that public SKS servers don't verify any upload, the keys
+# they deliver should not be trusted without additional verification. This is
+# important if you e.g. allow keys to be fetched automatically, or by email
+# address.
+# This keyserver is queried only if the vks_keyserver didn't have a key.
+# Note: This must include the procotol scheme (e.g. "https://").
+# Beware: Only specify https here if the server does use a commonly accepted
+#         TLS certificate. Most servers of the SKS-pool do not!
+sks_keyserver: 
+
+# Should Schleuder use a proxy for HTTP requests (to fetch OpenPGP keys)?
+# To route HTTP requests via Tor set up a local Tor daemon and enter e.g.
+# socks5h://127.0.0.1:9050 (for a typical Tor service).
+#http_proxy:
 
 # Who is maintaining the overall schleuder installation and should be
 # notified about severe problems with lists.
@@ -40,6 +51,13 @@ keyserver: pool.sks-keyservers.net
 # Is also used as an envelope sender of admin notifications.
 superadmin: root@localhost
 
+# Umask with which to create directories and files. The default (0077) lets
+# only the owners read them, no one else.
+# Only change this in special cases and if you know what you are doing!
+# (Be careful to retain the value type, it must not be quoted and it must start
+# with a zero!)
+umask: 0077
+
 # For these options see documentation for ActionMailer::smtp_settings, e.g. <http://api.rubyonrails.org/classes/ActionMailer/Base.html>.
 smtp_settings:
   address: localhost

data/lib/schleuder/cli.rb

@@ -109,7 +109,8 @@ module Schleuder
         end
       end
 
-      if ActiveRecord::SchemaMigration.table_exists?
+      # If the table for lists exists we assume the DB has been initialized before.
+      if List.table_exists?
         say shellexec("cd #{root_dir} && rake db:migrate")
       else
         say shellexec("cd #{root_dir} && rake db:init")
@@ -122,6 +123,18 @@ module Schleuder
         Schleuder::Cert.new.generate
       end
 
+      if Conf.umask == 0077
+        # The umask is set to the (new) default, let's have a look at the list-dirs.
+        list_dirs = Dir.glob("#{Conf.lists_dir}/*")
+        list_dirs.each do |list_dir|
+          perm_bits = File.stat(list_dir).mode.to_s(8)[-3..]
+          if perm_bits != '700'
+            say "WARNING: The directory '#{list_dir}' has permissions that do not match the umask as set in schleuder's config. You should probably fix that by running `chmod -R g-rwx #{list_dir}`."
+          end
+        end
+      end
+
+
       say "Schleuder has been set up. You can now create a new list using `schleuder-cli`.\nWe hope you enjoy!"
       permission_notice
     rescue => exc

data/lib/schleuder/conf.rb

@@ -10,12 +10,15 @@ module Schleuder
 
     DEFAULTS = {
       'lists_dir' => '/var/lib/schleuder/lists',
+      'umask' => 0077,
       'listlogs_dir' => '/var/lib/schleuder/lists',
       'keyword_handlers_dir' => '/usr/local/lib/schleuder/keyword_handlers',
       'filters_dir' => '/usr/local/lib/schleuder/filters',
       'log_level' => 'warn',
       'superadmin' => 'root@localhost',
-      'keyserver' => 'hkp://pool.sks-keyservers.net',
+      'vks_keyserver' => 'https://keys.openpgp.org',
+      'sks_keyserver' => 'http://pool.sks-keyservers.net',
+      'http_proxy' => '',
       'smtp_settings' => {
         'address' => 'localhost',
         'port' => 25,
@@ -48,10 +51,19 @@ module Schleuder
       @config ||= load_config(ENV['SCHLEUDER_CONFIG'])
     end
 
+    def reload!
+      @config = nil
+      config
+    end
+
     def self.lists_dir
       instance.config['lists_dir']
     end
 
+    def self.umask
+      instance.config['umask']
+    end
+
     def self.listlogs_dir
       instance.config['listlogs_dir']
     end
@@ -115,8 +127,16 @@ module Schleuder
       settings
     end
 
-    def self.keyserver
-      instance.config['keyserver']
+    def self.vks_keyserver
+      instance.config['vks_keyserver']
+    end
+
+    def self.sks_keyserver
+      instance.config['sks_keyserver']
+    end
+
+    def self.http_proxy
+      instance.config['http_proxy']
     end
 
     private

data/lib/schleuder/email_key_importer.rb

@@ -0,0 +1,91 @@
+module Schleuder
+  class EmailKeyImporter
+    class << self
+      def import_from_attachments(list, mail)
+        # Shouldn't happen, but who knows...
+        return if ! mail.from.first.match(Conf::EMAIL_REGEXP)
+        mail.attachments.map do |part|
+          if part.content_type == 'application/pgp-keys'
+            filter_and_maybe_import_keys(mail, part.body.decoded)
+          end
+        end.compact
+      end
+
+      def import_from_autocrypt_header(list, mail)
+        # Shouldn't happen, but who knows...
+        return if ! mail.from.first.match(Conf::EMAIL_REGEXP)
+        return if mail.header['Autocrypt'].blank?
+        keydata_base64 = mail.header['Autocrypt'].to_s.split('keydata=', 2)[1]
+        return if keydata_base64.blank?
+        keydata = Base64.decode64(keydata_base64)
+        return if keydata.blank?
+        filter_and_maybe_import_keys(mail, keydata)
+      end
+
+      def filter_and_maybe_import_keys(mail, keydata)
+        extracted_keys = GPGME::KeyExtractor.extract_by_email_address(mail.from.first, keydata)
+        extracted_keys.map do |fingerprint, filtered_keydata|
+          maybe_import_key(mail, fingerprint, filtered_keydata)
+        end.compact
+      end
+
+      def maybe_import_key(mail, fingerprint, filtered_keydata)
+        if mail.list.keys(fingerprint).size == 1
+          return update_key(mail, filtered_keydata)
+        end
+
+        if mail.list.keys(mail.from.first).size > 0
+          mail.add_pseudoheader('Note', I18n.t('email_key_importer.key_already_present'))
+          return
+        end
+        add_key(mail, filtered_keydata)
+      end
+
+      def add_key(mail, keydata)
+        fingerprint, import_states = import_to_list(mail, keydata)
+        return if ! fingerprint
+        if ! import_states.include?(I18n.t('import_states.new_key'))
+          mail.list.logger.error "Importing key failed! Fingerprint: #{fingerprint.inspect} -- Import-states: #{import_states.inspect}"
+          mail.add_pseudoheader('Note',
+                                I18n.t('email_key_importer.import_error',
+                                       fingerprint: fingerprint.inspect,
+                                       import_states: import_states.inspect))
+          return
+        end
+        key = mail.list.keys(fingerprint).first
+        mail.add_pseudoheader('Note', I18n.t('email_key_importer.key_added',
+                                             key_summary: key.summary))
+        fingerprint
+      end
+
+      def update_key(mail, keydata)
+        fingerprint, import_states = import_to_list(mail, keydata)
+        return if ! fingerprint
+        key = mail.list.keys(fingerprint).first
+        if import_states == ['unchanged']
+          mail.add_pseudoheader('Note',
+                                I18n.t('email_key_importer.key_unchanged',
+                                       key_summary: key.summary))
+          return
+        end
+
+        key = mail.list.keys(fingerprint).first
+        mail.add_pseudoheader('Note', I18n.t('email_key_importer.key_updated',
+                                             key_summary: key.summary))
+        fingerprint
+      end
+
+      def import_to_list(mail, keydata)
+        result = mail.list.gpg.import_filtered(keydata)
+        # At this point we expect the keydata to only contain one key, and thus
+        # only one key and value in the result.
+        if ! result.is_a?(Hash) || result.keys.size != 1 || ! result.values.first.is_a?(Array)
+          mail.list.logger.error "Unexpected result when importing key from temporary keyring => #{result.inspect}"
+          mail.add_pseudoheader('Note', I18n.t('email_key_importer.technical_error'))
+          return false
+        end
+        [result.keys.first, result.values.first]
+      end
+    end
+  end
+end

data/lib/schleuder/filters/post_decryption/35_key_auto_import_from_attachments.rb

@@ -0,0 +1,21 @@
+module Schleuder
+  module Filters
+    def self.key_auto_import_from_attachments(list, mail)
+      # Don't run if not enabled.
+      return if ! list.key_auto_import_from_email
+
+      imported_fingerprints = EmailKeyImporter.import_from_attachments(list, mail)
+      if imported_fingerprints.size > 0
+        # If the message's signature could not be validated before, re-run the
+        # validation, because after having imported new or updated keys the
+        # validation now might work.
+        if mail.signature.present? && ! mail.signature.valid?
+          # Re-validate the signature validation, now that a new key was
+          # imported that might be the previously unknown signing key.
+          mail.repeat_validation!
+        end
+      end
+    end
+  end
+end
+

data/lib/schleuder/filters/post_decryption/80_receive_from_subscribed_emailaddresses_only.rb

@@ -1,7 +1,7 @@
 module Schleuder
   module Filters
     def self.receive_from_subscribed_emailaddresses_only(list, mail)
-      if list.receive_from_subscribed_emailaddresses_only? && list.subscriptions.where(email: mail.from.first).blank?
+      if list.receive_from_subscribed_emailaddresses_only? && list.subscriptions.where(email: mail.from.first.downcase).blank?
         list.logger.info 'Rejecting mail as not from subscribed address.'
         return Errors::MessageSenderNotSubscribed.new
       end

data/lib/schleuder/filters/post_decryption/90_strip_html_from_alternative_if_keywords_present.rb

@@ -1,17 +1,49 @@
 module Schleuder
   module Filters
+
+    # If keywords are present, recurse into arbitrary levels of multipart/mixed
+    # encapsulation. If multipart/alternative is found, remove all sub-parts
+    # but the text/plain part (assuming that every multipart/alternative
+    # contains exactly one text/plain). Change the content_type from
+    # mutlipart/alternative to mutlipart/mixed.
     def self.strip_html_from_alternative_if_keywords_present(list, mail)
-      if mail[:content_type].blank? ||
-          mail[:content_type].content_type != 'multipart/alternative' ||
-          mail.keywords.blank?
+      # Only strip the text/html-part if keywords are present
+      if mail.keywords.blank? then return false end
+      return self.recursively_strip_html_from_alternative_if_keywords_present(list, mail)
+    end
+
+    def self.recursively_strip_html_from_alternative_if_keywords_present(list, mail)
+      if mail[:content_type].blank? then return false end
+      content_type = mail[:content_type].content_type
+
+      # The multipart/alternative could hide inside an arbitrary number of
+      # levels of multipart/mixed encapsulation.
+      # see also: https://www.rfc-editor.org/rfc/rfc2046#section-5.1.3
+      if content_type == 'multipart/mixed'
+        mail.parts.each do |part|
+          self.recursively_strip_html_from_alternative_if_keywords_present(list, part)
+        end
         return false
       end
 
+      # inside the mutlipart/mixed, we only care about multipart/mixed and
+      # mutlipart/alternative
+      if content_type != 'multipart/alternative' then return false end
+
+      # Inside multipart/alternative, there could be a text/html-part, or there
+      # could be a multipart/related-part which contains the text/html-part.
+      # Everything inside the multipart/alternative that is not text/plain
+      # should be deleted, since it will contain keywords and we only strip
+      # keywords from text/plain-parts.
       Schleuder.logger.debug 'Stripping html-part from multipart/alternative-message because it contains keywords'
       mail.parts.delete_if do |part|
-        part[:content_type].content_type == 'text/html'
+        content_type = part[:content_type].content_type
+        content_type != 'text/plain'
       end
+
+      # NOTE: We could instead unencapsulate it.
       mail.content_type = 'multipart/mixed'
+
       mail.add_pseudoheader(:note, I18n.t('pseudoheaders.stripped_html_from_multialt_with_keywords'))
     end
   end

data/lib/schleuder/filters/pre_decryption/60_key_auto_import_from_autocrypt_header.rb

@@ -0,0 +1,9 @@
+module Schleuder
+  module Filters
+    def self.key_auto_import_from_autocrypt_header(list, mail)
+      if list.key_auto_import_from_email
+        EmailKeyImporter.import_from_autocrypt_header(list, mail)
+      end
+    end
+  end
+end

data/lib/schleuder/gpgme/ctx.rb

@@ -7,6 +7,9 @@ module GPGME
       'new_subkeys' => 8
     }
 
+    # This differs from import_filtered() in that it doesn't filter the keys at
+    # all, and that it returns the import-results themselves, not strings based
+    # on those results.
     def keyimport(keydata)
       self.import_keys(GPGME::Data.new(keydata))
       result = self.import_result
@@ -33,13 +36,11 @@ module GPGME
     end
 
     def find_keys(input=nil, secret_only=nil)
-      _, input = clean_and_classify_input(input)
-      keys(input, secret_only)
+      keys(normalize_key_identifier(input), secret_only)
     end
 
     def find_distinct_key(input=nil, secret_only=nil)
-      _, input = clean_and_classify_input(input)
-      keys = keys(input, secret_only)
+      keys = keys(normalize_key_identifier(input), secret_only)
       if keys.size == 1
         keys.first
       else
@@ -47,16 +48,16 @@ module GPGME
       end
     end
 
-    def clean_and_classify_input(input)
+    def normalize_key_identifier(input)
       case input
       when /.*?([^ <>]+@[^ <>]+).*?/
-        [:email, "<#{$1}>"]
+        "<#{$1}>"
       when /^http/
-        [:url, input]
+        input
       when Conf::FINGERPRINT_REGEXP
-        [:fingerprint, "0x#{input.gsub(/^0x/, '')}"]
+        "0x#{input.gsub(/^0x/, '')}"
       else
-        [nil, input]
+        input
       end
     end
 
@@ -88,85 +89,23 @@ module GPGME
       GPGME::Engine.info.find {|e| e.protocol == GPGME::PROTOCOL_OpenPGP }
     end
 
-    def refresh_keys(keys)
-      # reorder keys so the update pattern is random
-      output = keys.shuffle.map do |key|
-        # Sleep a short while to make traffic analysis less easy.
-        sleep rand(1.0..5.0)
-        refresh_key(key.fingerprint).presence
-      end
-      `gpgconf --kill dirmngr`
-      output.compact.join("\n")
-    end
-
-    def refresh_key(fingerprint)
-      args = "#{keyserver_arg} #{import_filter_arg} --refresh-keys #{fingerprint}"
-      gpgerr, gpgout, exitcode = self.class.gpgcli(args)
-
-      if exitcode > 0
-        # Return filtered error messages. Include gpgkeys-messages from stdout
-        # (gpg 2.0 does that), which could e.g. report a failure to connect to
-        # the keyserver.
-        # TODO: Revisit this once we don't do network access via GPG
-        # anymore.
-        res = [
-          refresh_key_filter_messages(gpgerr),
-          refresh_key_filter_messages(gpgout).grep(/^gpgkeys: /)
-        ].flatten.compact
-        # if there was an error that we don't filter out,
-        # we better kill dirmngr, so it hopefully won't suffer
-        # from the same error during the next run.
-        # See #309 for background
-        if !res.empty?
-          `gpgconf --kill dirmngr`
-        end
-        res.join("\n")
-      else
-        lines = translate_output('key_updated', gpgout).reject do |line|
-          # Reduce the noise a little.
-          line.match(/.* \(unchanged\):$/)
+    def import_filtered(input, gpg_extra_arg='')
+      # Import through gpgcli so we can use import-filter. GPGME still does
+      # not provide that feature (as of summer 2023): <https://dev.gnupg.org/T4721> :(
+      gpgerr, gpgout, exitcode = self.class.gpgcli("#{import_filter_arg} #{gpg_extra_arg} --import") do |stdin, stdout, stderr|
+        # Wrap this into a block because gpg breaks the pipe if it encounters invalid data.
+        begin
+          stdin.print input
+        rescue Errno::EPIPE
         end
-        lines.join("\n")
+        stdin.close
+        stdout.readlines
       end
-    end
-
-    def fetch_key(input)
-      arguments, error = fetch_key_gpg_arguments_for(input)
-      return error if error
-
-      gpgerr, gpgout, exitcode = self.class.gpgcli("#{import_filter_arg} #{arguments}")
-
-      # Unfortunately gpg doesn't exit with code > 0 if `--fetch-key` fails.
-      if exitcode > 0 || gpgerr.grep(/ unable to fetch /).presence
-        "Fetching #{input} did not succeed:\n#{gpgerr.join("\n")}"
-      else
-        translate_output('key_fetched', gpgout).join("\n")
-      end
-    end
-
-    def fetch_key_gpg_arguments_for(input)
-      case input
-      when Conf::FINGERPRINT_REGEXP
-        "#{keyserver_arg} --recv-key #{input}"
-      when /^http/
-        "--fetch-key #{input}"
-      when /@/
-        # --recv-key doesn't work with email-addresses, so we use --locate-key
-        # restricted to keyservers.
-        "#{keyserver_arg} --auto-key-locate keyserver --locate-key #{input}"
+      if exitcode > 0
+        RuntimeError.new(gpgerr.join("\n"))
       else
-        [nil, I18n.t('fetch_key.invalid_input')]
-      end
-    end
-
-    def translate_output(locale_key, gpgoutput)
-      import_states = translate_import_data(gpgoutput)
-      strings = import_states.map do |fingerprint, states|
-        key = find_distinct_key(fingerprint)
-        I18n.t(locale_key, key_summary: key.summary,
-                           states: states.to_sentence)
+        translate_import_data(gpgout)
       end
-      strings
     end
 
     def translate_import_data(gpgoutput)
@@ -210,7 +149,7 @@ module GPGME
       errors = []
       output = []
       base_cmd = gpg_engine.file_name
-      base_args = '--no-greeting --no-permission-warning --quiet --armor --trust-model always --no-tty --command-fd 0 --status-fd 1'
+      base_args = '--no-greeting --quiet --armor --trust-model always --no-tty --command-fd 0 --status-fd 1'
       cmd = [base_cmd, base_args, args].flatten.join(' ')
       Open3.popen3(cmd) do |stdin, stdout, stderr, thread|
         if block_given?
@@ -223,19 +162,21 @@ module GPGME
         exitcode = thread.value.exitstatus
       end
 
+      # Don't treat warnings as errors but log them.
+      errors = errors.map do |line|
+        if line.match?(/gpg: WARNING: (unsafe permissions on homedir|using insecure memory)/i)
+          Schleuder.logger.warn(line)
+          nil
+        else
+          line
+        end
+      end.compact
+
       [errors, output, exitcode]
     rescue Errno::ENOENT
       raise 'Need gpg in $PATH or in $GPGBIN'
     end
 
-    def keyserver_arg
-      if Conf.keyserver.present?
-        "--keyserver #{Conf.keyserver}"
-      else
-        ''
-      end
-    end
-
     def import_filter_arg
       %{ --import-filter drop-sig='sig_created_d > 0000-00-00'}
     end

data/lib/schleuder/gpgme/key.rb

@@ -82,7 +82,7 @@ module GPGME
     end
 
     def self.valid_fingerprint?(fp)
-      fp =~ Schleuder::Conf::FINGERPRINT_REGEXP
+      fp.present? && fp.match?(Schleuder::Conf::FINGERPRINT_REGEXP)
     end
   end
 end