schleuder 4.0.3 → 5.0.0

data/lib/schleuder/version.rb

@@ -1,3 +1,3 @@
 module Schleuder
-  VERSION = '4.0.3'
+  VERSION = '5.0.0'
 end

data/lib/schleuder/vks_client.rb

@@ -0,0 +1,24 @@
+module Schleuder
+  class VksClient < Http
+    VKS_PATH = '/vks/v1'
+
+    class << self
+      def get(type, input)
+        if type.to_s == 'fingerprint'
+          input = normalize_fingerprint(input)
+        end
+        super(url(type, input))
+      end
+
+      private
+
+      def normalize_fingerprint(input)
+        input.gsub(/^0x/, '').gsub(/\s/, '').upcase
+      end
+
+      def url(type, input)
+        "#{Conf.vks_keyserver}/#{VKS_PATH}/by-#{type}/#{CGI.escape(input)}"
+      end
+    end
+  end
+end

data/lib/schleuder-api-daemon/routes/key.rb

@@ -14,7 +14,28 @@ class SchleuderApiDaemon < Sinatra::Base
       if ! input.match('BEGIN PGP')
         input = Base64.decode64(input)
       end
-      json list(requested_list_id).import_key(input)
+      @list = list(requested_list_id)
+      import_result = @list.import_key(input)
+      keys = []
+      messages = []
+      import_result.imports.each do |import_status|
+        if import_status.action == 'error'
+          messages << "The key with the fingerprint #{import_status.fingerprint} could not be imported for unknown reasons"
+        else
+          key = @list.gpg.find_distinct_key(import_status.fingerprint)
+          if key
+            keys << key_to_hash(key).merge({import_action: import_status.action})
+          end
+        end
+      end
+      set_x_messages(messages)
+      # Use a Hash as single response object to stay more REST-like. (also,
+      # ActiveResource chokes if we return an array here).
+      # The 'type' attribute is only necessary to keep ActiveResource from
+      # complaining about "expected attributes to be able to convert to Hash",
+      # which for some reason is raised without it (or some other, similar
+      # attribute).
+      json({type: 'keys', keys: keys})
     end
 
     get '/check_keys.json' do

data/lib/schleuder.rb

@@ -15,15 +15,15 @@ require 'syslog/logger'
 require 'logger'
 require 'open3'
 require 'socket'
+require 'base64'
 
 # Require mandatory libs. The database-layer-lib is required below.
-require 'mail-gpg'
+require 'mail'
+require 'gpgme'
 require 'active_record'
 require 'active_support'
 require 'active_support/core_ext/string'
-
-# An extra from mail-gpg
-require 'hkp'
+require 'typhoeus'
 
 # Load schleuder
 libdir = Pathname.new(__FILE__).dirname.realpath
@@ -34,13 +34,12 @@ $:.unshift libdir
 require 'schleuder/mail/parts_list.rb'
 require 'schleuder/mail/message.rb'
 require 'schleuder/mail/gpg.rb'
-require 'schleuder/mail/gpg/encrypted_part.rb'
-require 'schleuder/mail/gpg/sign_part.rb'
 require 'schleuder/gpgme/import_status.rb'
 require 'schleuder/gpgme/key.rb'
 require 'schleuder/gpgme/sub_key.rb'
 require 'schleuder/gpgme/ctx.rb'
 require 'schleuder/gpgme/user_id.rb'
+require 'schleuder/gpgme/key_extractor'
 
 # The Code[tm]
 require 'schleuder/errors/base'
@@ -50,6 +49,10 @@ end
 # Load schleuder/conf before the other classes, it defines constants!
 require 'schleuder/conf'
 require 'schleuder/version'
+require 'schleuder/http'
+require 'schleuder/key_fetcher'
+require 'schleuder/vks_client'
+require 'schleuder/sks_client'
 require 'schleuder/logger_notifications'
 require 'schleuder/logger'
 require 'schleuder/listlogger'
@@ -66,6 +69,7 @@ require 'schleuder/runner'
 require 'schleuder/list'
 require 'schleuder/list_builder'
 require 'schleuder/subscription'
+require 'schleuder/email_key_importer'
 
 # Setup
 ENV['SCHLEUDER_CONFIG'] ||= '/etc/schleuder/schleuder.yml'
@@ -88,6 +92,6 @@ I18n.load_path += Dir["#{rootdir}/locales/*.yml"]
 I18n.enforce_available_locales = true
 I18n.default_locale = :en
 
-File.umask(0027)
+File.umask(Schleuder::Conf.umask)
 
 include Schleuder

data/locales/de.yml

@@ -25,6 +25,9 @@ de:
 
       Freundliche Grüße,
       Dein Schleuder-System.
+
+      (Wenn du Hilfe brauchst lies bitte die Dokumentation <https://schleuder.org/schleuder/docs/>
+      (auf englisch) oder frage deine Listen- oder System-Admins.)
     decryption_failed: |
       Deine Email konnnte nicht entschlüsselt werden.
       Emails an diese Adresse müssen mit diesem Schlüssel verschlüsselt werden:
@@ -202,7 +205,7 @@ de:
         Als Admin musst du um deinen eigenen Fingerabdruck zu entfernen, noch zusätzlich das Argument force mitgeben. bspw.:
         X-UNSET-FINGERPRINT: adminsubscription2@hostname force
       subscribe_requires_arguments: |
-        Fehler: Du hast zu dem Schlüsselwort 'SUBSCRIBE' keinen Wert angegeben.
+        Fehler: Du hast zu dem Schlüsselwort 'SUBSCRIBE' keine passenden Werte angegeben.
 
         Mindestens ein Wert ist nötig, drei weitere sind optional. Bspw.:
         X-SUBSCRIBE: new-subscription@hostname
@@ -246,7 +249,12 @@ de:
   key_unusable: |
     Dieser Schlüssel ist %{usability_issue}:
     %{key_summary}
-  missed_message_due_to_unusable_key: "Du hast eine Email von %{list_email} verpasst weil deiner Mitgliedschaft kein (benutzbarer) OpenPGP-Schlüssel zugewiesen ist. Bitte kümmere dich darum."
+  missed_message_due_to_unusable_key: |
+    Du hast eine Email von %{list_email} verpasst weil deiner Mitgliedschaft kein (benutzbarer) OpenPGP-Schlüssel zugewiesen ist. Bitte kümmere dich darum.
+
+    Das kannst du mit dem Schlüsselwort X-SET-FINGERPRINT tun. Siehe <https://schleuder.org/schleuder/docs/subscribers.html#special-keywords> (englisch) für Details.
+
+    Falls "schleuder-web" für dieses Schleuder-System eingerichtet wurde kannst du es auch über den Browser lösen (das wissen deine Listen- oder System-Admins).
   refresh_keys: Schlüsselaktualisierung
   refresh_keys_intro: "Die Aktualisierung aller Schlüssel des Schlüsselrings für Liste %{email} ergab dies:"
   key_updated: |
@@ -261,8 +269,19 @@ de:
     new_uids: neue User-IDs
     new_subkeys: neue Unterschlüssel
     new_signatures: neue Signaturen
-  fetch_key:
+  key_fetcher:
     invalid_input: "Ungültige Angabe. Gültig sind: URLs, OpenPGP-Fingerabdrücke, oder Emailadressen."
+    not_found: "Fehler: Keinen Schlüssel für '%{input}' gefunden."
+    url_not_found: "Fehler: Unter <%{url}> wurde nichts gefunden (404 Not Found)."
+    general_error: "Fehler beim Holen der Daten aus dem Netz: %{error}"
+    import_error: "Fehler beim Importieren der geholten Daten: %{error}"
+  email_key_importer:
+    key_already_present: "Für die Absenderadresse dieser Email hat diese Liste schon einen anderen Schlüssel, daher wurde der Schlüssel aus dieser Email nicht hinzugefügt."
+    import_error: "Fehler beim Import von Schlüssel %{fingerprint} aus dieser Email: %{import_states}."
+    technical_error: "Beim Schlüsselimport aus dieser Email ist ein unerwarteter Fehler aufgetreten."
+    key_added: "Dieser Schlüssel wurde aus dieser Email neu hinzugefügt: %{key_summary}"
+    key_unchanged: "Dieser Schlüssel wurde aus dieser Email nicht verändert: %{key_summary}."
+    key_updated: "Dieser Schlüssel wurde aus dieser Email aktualisiert: %{key_summary}."
   pseudoheaders:
     scrubbed_message: Diese Email enthielt ungültige Zeichen, die aus Verarbeitungsgründen möglicherweise entfernt wurden.
     stripped_html_from_multialt: Diese Email enthielt einen alternativen HTML-Teil, der PGP-Daten beinhaltete. Der HTML-Teil wurde entfernt, um die Email sauberer analysieren zu können.

data/locales/en.yml

@@ -25,6 +25,9 @@ en:
 
       Kind regards,
       Your Schleuder system.
+
+      (If you need help please read the documentation <https://schleuder.org/schleuder/docs/>
+      or ask your list- or server-admins.)
     decryption_failed: |
       Decrypting your message failed.
       Messages to this address must be encrypted with the following key:
@@ -206,7 +209,7 @@ en:
         As an admin to unset your own fingerprint you must additionally pass the argument force. E.g.:
         X-UNSET-FINGERPRINT: adminsubscription2@hostname force
       subscribe_requires_arguments: |
-        Error: You did not send any arguments for the keyword 'SUBSCRIBE'.
+        Error: You did not send proper arguments for the keyword 'SUBSCRIBE'.
 
         At least one argument is required, three more are optional. E.g.:
         X-SUBSCRIBE: new-subscription@hostname
@@ -250,7 +253,12 @@ en:
   key_unusable: |
     This key is %{usability_issue}:
     %{key_summary}
-  missed_message_due_to_unusable_key: "You missed an email from %{list_email} because your subscription isn't associated with a (usable) OpenPGP key. Please fix this."
+  missed_message_due_to_unusable_key: |
+    You missed an email from %{list_email} because your subscription isn't associated with a (usable) OpenPGP key. Please fix this.
+
+    To do that you can use the keyword X-SET-FINGERPRINT, see <https://schleuder.org/schleuder/docs/subscribers.html#special-keywords> for further explanation.
+
+    If "schleuder-web" has been setup for this host you might also use your browser (your list- or system-admins can tell you that).
   refresh_keys: Keys update
   refresh_keys_intro: "Refreshing all keys from the keyring of list %{email} resulted in this:"
   key_updated: |
@@ -265,8 +273,19 @@ en:
     new_uids: new user-IDs
     new_subkeys: new subkeys
     new_signatures: new signatures
-  fetch_key:
+  key_fetcher:
     invalid_input: "Invalid input. Allowed are: URLs, OpenPGP-fingerprints, or email-addresses."
+    not_found: "Error: No key could be found for '%{input}'."
+    url_not_found: "Error: There's nothing at <%{url}> (404 Not Found)."
+    general_error: "Error while fetching data from the internet: %{error}"
+    import_error: "Error while importing the fetched data: %{error}"
+  email_key_importer:
+    key_already_present: "The list already knows a different key for this email's sender address, therefore the key from this email was not added."
+    import_error: "Error while importing key %{fingerprint} from this email: %{import_states}."
+    technical_error: "Unexpected technical error while importing key from this email."
+    key_added: "This key was newly added from this email: %{key_summary}."
+    key_unchanged: "This key was unchanged from this email: %{key_summary}."
+    key_updated: "This key was updated from this email: %{key_summary}."
   pseudoheaders:
     scrubbed_message: This message included invalid characters, which might have been removed to be able to process the message properly.
     stripped_html_from_multialt: This message included an alternating HTML-part that contained PGP-data. The HTML-part was removed to enable parsing the message more properly.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: schleuder
 version: !ruby/object:Gem::Version
-  version: 4.0.3
+  version: 5.0.0
 platform: ruby
 authors:
 - schleuder dev team
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-12 00:00:00.000000000 Z
+date: 2024-11-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 6.1.3
+        version: '7.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 6.1.3
+        version: '7.1'
 - !ruby/object:Gem::Dependency
   name: bcrypt
   requirement: !ruby/object:Gem::Requirement
@@ -78,28 +78,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.7.1
+        version: 2.8.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.7.1
+        version: 2.8.1
 - !ruby/object:Gem::Dependency
-  name: mail-gpg
+  name: net-smtp
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.3'
+        version: 0.3.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.3'
+        version: 0.3.1
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -120,42 +120,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
+        version: 3.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
+        version: 3.1.0
 - !ruby/object:Gem::Dependency
   name: sinatra-contrib
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
+        version: 3.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
+        version: 3.1.0
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.4.2
+        version: 1.6.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.4.2
+        version: 1.6.0
 - !ruby/object:Gem::Dependency
   name: thin
   requirement: !ruby/object:Gem::Requirement
@@ -176,28 +176,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: typhoeus
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.4'
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10'
+        version: '11'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10'
+        version: '11'
 - !ruby/object:Gem::Dependency
   name: database_cleaner
   requirement: !ruby/object:Gem::Requirement
@@ -240,6 +254,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: irb
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
@@ -329,6 +357,7 @@ files:
 - db/migrate/20200118170110_add_set_reply_to_to_sender_and_munge_from.rb
 - db/migrate/20211106112020_change_boolean_values_to_integers.rb
 - db/migrate/20211107151309_add_limits_to_string_columns.rb
+- db/migrate/20220910170110_add_key_auto_import_from_email.rb
 - db/schema.rb
 - etc/init.d/schleuder-api-daemon
 - etc/list-defaults.yml
@@ -352,6 +381,7 @@ files:
 - lib/schleuder/cli/schleuder_cert_manager.rb
 - lib/schleuder/cli/subcommand_fix.rb
 - lib/schleuder/conf.rb
+- lib/schleuder/email_key_importer.rb
 - lib/schleuder/errors/active_model_error.rb
 - lib/schleuder/errors/base.rb
 - lib/schleuder/errors/decryption_failed.rb
@@ -375,6 +405,7 @@ files:
 - lib/schleuder/filters/post_decryption/10_request.rb
 - lib/schleuder/filters/post_decryption/20_max_message_size.rb
 - lib/schleuder/filters/post_decryption/30_forward_to_owner.rb
+- lib/schleuder/filters/post_decryption/35_key_auto_import_from_attachments.rb
 - lib/schleuder/filters/post_decryption/40_receive_admin_only.rb
 - lib/schleuder/filters/post_decryption/50_receive_authenticated_only.rb
 - lib/schleuder/filters/post_decryption/60_receive_signed_only.rb
@@ -386,12 +417,16 @@ files:
 - lib/schleuder/filters/pre_decryption/30_send_key.rb
 - lib/schleuder/filters/pre_decryption/40_fix_exchange_messages.rb
 - lib/schleuder/filters/pre_decryption/50_strip_html_from_alternative.rb
+- lib/schleuder/filters/pre_decryption/60_key_auto_import_from_autocrypt_header.rb
 - lib/schleuder/filters_runner.rb
 - lib/schleuder/gpgme/ctx.rb
 - lib/schleuder/gpgme/import_status.rb
 - lib/schleuder/gpgme/key.rb
+- lib/schleuder/gpgme/key_extractor.rb
 - lib/schleuder/gpgme/sub_key.rb
 - lib/schleuder/gpgme/user_id.rb
+- lib/schleuder/http.rb
+- lib/schleuder/key_fetcher.rb
 - lib/schleuder/keyword_handlers/attach_list_key.rb
 - lib/schleuder/keyword_handlers/base.rb
 - lib/schleuder/keyword_handlers/get_version.rb
@@ -407,11 +442,24 @@ files:
 - lib/schleuder/logger.rb
 - lib/schleuder/logger_notifications.rb
 - lib/schleuder/mail/gpg.rb
+- lib/schleuder/mail/gpg/decrypted_part.rb
+- lib/schleuder/mail/gpg/delivery_handler.rb
 - lib/schleuder/mail/gpg/encrypted_part.rb
+- lib/schleuder/mail/gpg/gpgme_ext.rb
+- lib/schleuder/mail/gpg/gpgme_helper.rb
+- lib/schleuder/mail/gpg/inline_decrypted_message.rb
+- lib/schleuder/mail/gpg/inline_signed_message.rb
+- lib/schleuder/mail/gpg/mime_signed_message.rb
+- lib/schleuder/mail/gpg/missing_keys_error.rb
 - lib/schleuder/mail/gpg/sign_part.rb
+- lib/schleuder/mail/gpg/signed_part.rb
+- lib/schleuder/mail/gpg/verified_part.rb
+- lib/schleuder/mail/gpg/verify_result_attribute.rb
+- lib/schleuder/mail/gpg/version_part.rb
 - lib/schleuder/mail/message.rb
 - lib/schleuder/mail/parts_list.rb
 - lib/schleuder/runner.rb
+- lib/schleuder/sks_client.rb
 - lib/schleuder/subscription.rb
 - lib/schleuder/validators/boolean_validator.rb
 - lib/schleuder/validators/email_validator.rb
@@ -419,6 +467,7 @@ files:
 - lib/schleuder/validators/greater_than_zero_validator.rb
 - lib/schleuder/validators/no_line_breaks_validator.rb
 - lib/schleuder/version.rb
+- lib/schleuder/vks_client.rb
 - locales/de.yml
 - locales/en.yml
 homepage: https://schleuder.org/
@@ -441,16 +490,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.5.0
+      version: 3.1.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6.2
-signing_key: 
+rubygems_version: 3.5.14
+signing_key:
 specification_version: 4
 summary: Schleuder is an encrypting mailing list manager with remailing-capabilities.
 test_files: []