def _create_outgoing_mail(self):
return OutgoingMail(str(self._smtp_config.account_email),
self._keymanager,
self._smtp_config.cert_path,
self._smtp_config.cert_path,
str(self._smtp_config.remote_smtp_host),
int(self._smtp_config.remote_smtp_port))
def init_outgoing_and_proto(_):
self.outgoing_mail = OutgoingMail(self.fromAddr, self._km,
self._config['cert'],
self._config['key'],
self._config['host'],
self._config['port'])
self.proto = SMTPFactory(u'*****@*****.**', self._km,
self._config['encrypted_only'],
self.outgoing_mail).buildProtocol(
('127.0.0.1', 0))
self.dest = User(ADDRESS, 'gateway.leap.se', self.proto, ADDRESS_2)
def setup_smtp_gateway(port, userid, keymanager, smtp_host, smtp_port,
smtp_cert, smtp_key, encrypted_only):
"""
Setup SMTP gateway to run with Twisted.
This function sets up the SMTP gateway configuration and the Twisted
reactor.
:param port: The port in which to run the server.
:type port: int
:param userid: The user currently logged in
:type userid: str
:param keymanager: A Key Manager from where to get recipients' public
keys.
:type keymanager: leap.common.keymanager.KeyManager
:param smtp_host: The hostname of the remote SMTP server.
:type smtp_host: str
:param smtp_port: The port of the remote SMTP server.
:type smtp_port: int
:param smtp_cert: The client certificate for authentication.
:type smtp_cert: str
:param smtp_key: The client key for authentication.
:type smtp_key: str
:param encrypted_only: Whether the SMTP gateway should send unencrypted
mail or not.
:type encrypted_only: bool
:returns: tuple of SMTPFactory, twisted.internet.tcp.Port
"""
# configure the use of this service with twistd
outgoing_mail = OutgoingMail(userid, keymanager, smtp_cert, smtp_key,
smtp_host, smtp_port)
factory = SMTPFactory(userid, keymanager, encrypted_only, outgoing_mail)
try:
tport = reactor.listenTCP(port, factory, interface="localhost")
emit(catalog.SMTP_SERVICE_STARTED, str(port))
return factory, tport
except CannotListenError:
logger.error("STMP Service failed to start: "
"cannot listen in port %s" % port)
emit(catalog.SMTP_SERVICE_FAILED_TO_START, str(port))
except Exception as exc:
logger.error("Unhandled error while launching smtp gateway service")
logger.exception(exc)
def test_message_sign(self):
"""
Test if message is signed with sender key.
"""
# mock the key fetching
self._km._fetch_keys_from_server = Mock(
return_value=fail(errors.KeyNotFound()))
recipient = User('*****@*****.**', 'gateway.leap.se',
self.proto, ADDRESS)
self.outgoing_mail = OutgoingMail(self.fromAddr, self._km,
self._config['cert'],
self._config['key'],
self._config['host'],
self._config['port'])
def check_signed(res):
message, _ = res
self.assertTrue('Content-Type' in message)
self.assertEqual('multipart/signed', message.get_content_type())
self.assertEqual('application/pgp-signature',
message.get_param('protocol'))
self.assertEqual('pgp-sha512', message.get_param('micalg'))
# assert content of message
body = (message.get_payload(0).get_payload(0).get_payload(
decode=True))
self.assertEqual(self.expected_body, body)
# assert content of signature
self.assertTrue(
message.get_payload(1).get_payload().startswith(
'-----BEGIN PGP SIGNATURE-----\n'),
'Message does not start with signature header.')
self.assertTrue(
message.get_payload(1).get_payload().endswith(
'-----END PGP SIGNATURE-----\n'),
'Message does not end with signature footer.')
return message
def verify(message):
# replace EOL before verifying (according to rfc3156)
fp = StringIO()
g = RFC3156CompliantGenerator(fp,
mangle_from_=False,
maxheaderlen=76)
g.flatten(message.get_payload(0))
signed_text = re.sub('\r?\n', '\r\n', fp.getvalue())
def assert_verify(key):
self.assertTrue(ADDRESS_2 in key.address,
'Signature could not be verified.')
d = self._km.verify(
signed_text,
ADDRESS_2,
openpgp.OpenPGPKey,
detached_sig=message.get_payload(1).get_payload())
d.addCallback(assert_verify)
return d
d = self.outgoing_mail._maybe_encrypt_and_sign(self.raw, recipient)
d.addCallback(check_signed)
d.addCallback(verify)
return d
