msg = email.message.Message()
msg.set_payload( payloads )
return encrypt_payload( msg, gpg_to_cmdline ).as_string()
for payload in payloads:
if( type( payload.get_payload() ) == list ):
encrypted_payloads.append( encrypt_all_payloads( payload.get_payload(), gpg_to_cmdline ) )
else:
encrypted_payloads.append( [encrypt_payload( payload, gpg_to_cmdline )] )
return sum(encrypted_payloads, [])
def get_msg( message ):
if not message.is_multipart():
return message.get_payload()
return '\n\n'.join( [str(m) for m in message.get_payload()] )
keys = GnuPG.public_keys( cfg['gpg']['keyhome'] )
gpg_to = list()
ungpg_to = list()
for enc in encrypted_to_addrs:
domain = enc.split('@')[1]
if domain in cfg['default']['domains'].split(','):
if enc in keys:
gpg_to.append( (enc, enc) )
elif cfg.has_key('keymap') and cfg['keymap'].has_key(enc):
gpg_to.append( (enc, cfg['keymap'][enc]) )
else:
ungpg_to.append(enc);
for to in to_addrs:
domain = to.split('@')[1]
if domain in cfg['default']['domains'].split(','):
if raw_message['Subject']:
out.write('Subject: ' + raw_message['Subject'] + '\n')
if cfg['default'].has_key(
'add_header') and cfg['default']['add_header'] == 'yes':
out.write('X-GPG-Mailgate: Encrypted by GPG Mailgate\n')
s.write(out, p7)
log("Sending message from " + from_addr + " to " + str(recipients))
raw_msg = out.read()
send_msg(raw_msg, recipients)
else:
log("Unable to find valid S/MIME recipient")
send_msg(raw_message.as_string(), recipients)
return None
keys = GnuPG.public_keys(cfg['gpg']['keyhome'])
gpg_to = list()
ungpg_to = list()
for to in to_addrs:
if to in keys and not (cfg['default'].has_key('keymap_only')
and cfg['default']['keymap_only'] == 'yes'):
gpg_to.append((to, to))
elif cfg.has_key('keymap') and cfg['keymap'].has_key(to):
gpg_to.append((to, cfg['keymap'][to]))
else:
if verbose:
log("Recipient (%s) not in PGP domain list." % to)
ungpg_to.append(to)
if gpg_to == list():
def gpg_encrypt(raw_message, recipients):
if not get_bool_from_cfg('gpg', 'keyhome'):
log("No valid entry for gpg keyhome. Encryption aborted.")
return recipients
keys = GnuPG.public_keys(cfg['gpg']['keyhome'])
for fingerprint in keys:
keys[fingerprint] = sanitize_case_sense(keys[fingerprint])
gpg_to = list()
ungpg_to = list()
for to in recipients:
# Check if recipient is in keymap
if get_bool_from_cfg('enc_keymap', to):
log("Encrypt keymap has key '%s'" % cfg['enc_keymap'][to])
# Check we've got a matching key!
if cfg['enc_keymap'][to] in keys:
gpg_to.append((to, cfg['enc_keymap'][to]))
continue
else:
log("Key '%s' in encrypt keymap not found in keyring for email address '%s'."
% (cfg['enc_keymap'][to], to))
# Check if key in keychain is present
if to in keys.values() and not get_bool_from_cfg(
'default', 'enc_keymap_only', 'yes'):
gpg_to.append((to, to))
continue
# Check if there is a default key for the domain
splitted_to = to.split('@')
if len(splitted_to) > 1:
domain = splitted_to[1]
if get_bool_from_cfg('enc_domain_keymap', domain):
log("Encrypt domain keymap has key '%s'" %
cfg['enc_dec_keymap'][domain])
# Check we've got a matching key!
if cfg['enc_domain_keymap'][domain] in keys:
log("Using default domain key for recipient '%s'" % to)
gpg_to.append((to, cfg['enc_domain_keymap'][domain]))
continue
else:
log("Key '%s' in encrypt domain keymap not found in keyring for email address '%s'."
% (cfg['enc_domain_keymap'][domain], to))
# At this point no key has been found
if verbose:
log("Recipient (%s) not in PGP domain list for encrypting." % to)
ungpg_to.append(to)
if gpg_to != list():
log("Encrypting email to: %s" % ' '.join(map(lambda x: x[0], gpg_to)))
# Getting PGP style for recipient
gpg_to_smtp_mime = list()
gpg_to_cmdline_mime = list()
gpg_to_smtp_inline = list()
gpg_to_cmdline_inline = list()
for rcpt in gpg_to:
# Checking pre defined styles in settings first
if get_bool_from_cfg('pgp_style', rcpt[0], 'mime'):
gpg_to_smtp_mime.append(rcpt[0])
gpg_to_cmdline_mime.extend(rcpt[1].split(','))
elif get_bool_from_cfg('pgp_style', rcpt[0], 'inline'):
gpg_to_smtp_inline.append(rcpt[0])
gpg_to_cmdline_inline.extend(rcpt[1].split(','))
else:
# Log message only if an unknown style is defined
if get_bool_from_cfg('pgp_style', rcpt[0]):
log("Style %s for recipient %s is not known. Use default as fallback."
% (cfg['pgp_style'][rcpt[0]], rcpt[0]))
# If no style is in settings defined for recipient, use default from settings
if get_bool_from_cfg('default', 'mime_conversion', 'yes'):
gpg_to_smtp_mime.append(rcpt[0])
gpg_to_cmdline_mime.extend(rcpt[1].split(','))
else:
gpg_to_smtp_inline.append(rcpt[0])
gpg_to_cmdline_inline.extend(rcpt[1].split(','))
if gpg_to_smtp_mime != list():
# Encrypt mail with PGP/MIME
raw_message_mime = copy.deepcopy(raw_message)
if get_bool_from_cfg('default', 'add_header', 'yes'):
raw_message_mime[
'X-GPG-Mailgate'] = 'Encrypted by GPG Mailgate'
encrypted_payloads = encrypt_all_payloads_mime(
raw_message_mime, gpg_to_cmdline_mime)
raw_message_mime.set_payload(encrypted_payloads)
send_msg(raw_message_mime.as_string(), gpg_to_smtp_mime)
if gpg_to_smtp_inline != list():
# Encrypt mail with PGP/INLINE
raw_message_inline = copy.deepcopy(raw_message)
if get_bool_from_cfg('default', 'add_header', 'yes'):
raw_message_inline[
'X-GPG-Mailgate'] = 'Encrypted by GPG Mailgate'
encrypted_payloads = encrypt_all_payloads_inline(
raw_message_inline, gpg_to_cmdline_inline)
raw_message_inline.set_payload(encrypted_payloads)
send_msg(raw_message_inline.as_string(), gpg_to_smtp_inline)
return ungpg_to
for payload in message.get_payload():
if type(payload.get_payload()) == list:
encrypted_payloads.extend(encrypt_all_payloads(payload, gpg_to_cmdline))
else:
encrypted_payloads.append(encrypt_payload(payload, gpg_to_cmdline))
return encrypted_payloads
def get_msg(message):
if not message.is_multipart():
return message.get_payload()
return "\n\n".join([str(m) for m in message.get_payload()])
keys = GnuPG.public_keys(cfg["gpg"]["keyhome"])
gpg_to = list()
ungpg_to = list()
for to in to_addrs:
if to in keys.values() and not (cfg["default"].has_key("keymap_only") and cfg["default"]["keymap_only"] == "yes"):
gpg_to.append((to, to))
elif cfg.has_key("keymap") and cfg["keymap"].has_key(to):
log("Keymap has key '%s'" % cfg["keymap"][to])
# Check we've got a matching key! If not, decline to attempt encryption.
if not keys.has_key(cfg["keymap"][to]):
log(
"Key '%s' in keymap not found in keyring for email address '%s'. Won't encrypt."
% (cfg["keymap"][to], to)
)
ungpg_to.append(to)
def gpg_encrypt( raw_message, recipients ):
if not get_bool_from_cfg('gpg', 'keyhome'):
log("No valid entry for gpg keyhome. Encryption aborted.")
return recipients
keys = GnuPG.public_keys( cfg['gpg']['keyhome'] )
for fingerprint in keys:
keys[fingerprint] = sanitize_case_sense(keys[fingerprint])
gpg_to = list()
ungpg_to = list()
for to in recipients:
# Check if recipient is in keymap
if get_bool_from_cfg('enc_keymap', to):
log("Encrypt keymap has key '%s'" % cfg['enc_keymap'][to] )
# Check we've got a matching key!
if cfg['enc_keymap'][to] in keys:
gpg_to.append( (to, cfg['enc_keymap'][to]) )
continue
else:
log("Key '%s' in encrypt keymap not found in keyring for email address '%s'." % (cfg['enc_keymap'][to], to))
# Check if key in keychain is present
if to in keys.values() and not get_bool_from_cfg('default', 'enc_keymap_only', 'yes'):
gpg_to.append( (to, to) )
continue
# Check if there is a default key for the domain
splitted_to = to.split('@')
if len(splitted_to) > 1:
domain = splitted_to[1]
if get_bool_from_cfg('enc_domain_keymap', domain):
log("Encrypt domain keymap has key '%s'" % cfg['enc_dec_keymap'][domain] )
# Check we've got a matching key!
if cfg['enc_domain_keymap'][domain] in keys:
log("Using default domain key for recipient '%s'" % to)
gpg_to.append( (to, cfg['enc_domain_keymap'][domain]) )
continue
else:
log("Key '%s' in encrypt domain keymap not found in keyring for email address '%s'." % (cfg['enc_domain_keymap'][domain], to))
# At this point no key has been found
if verbose:
log("Recipient (%s) not in PGP domain list for encrypting." % to)
ungpg_to.append(to)
if gpg_to != list():
log("Encrypting email to: %s" % ' '.join( map(lambda x: x[0], gpg_to) ))
# Getting PGP style for recipient
gpg_to_smtp_mime = list()
gpg_to_cmdline_mime = list()
gpg_to_smtp_inline = list()
gpg_to_cmdline_inline = list()
for rcpt in gpg_to:
# Checking pre defined styles in settings first
if get_bool_from_cfg('pgp_style', rcpt[0], 'mime'):
gpg_to_smtp_mime.append(rcpt[0])
gpg_to_cmdline_mime.extend(rcpt[1].split(','))
elif get_bool_from_cfg('pgp_style', rcpt[0], 'inline'):
gpg_to_smtp_inline.append(rcpt[0])
gpg_to_cmdline_inline.extend(rcpt[1].split(','))
else:
# Log message only if an unknown style is defined
if get_bool_from_cfg('pgp_style', rcpt[0]):
log("Style %s for recipient %s is not known. Use default as fallback." % (cfg['pgp_style'][rcpt[0]], rcpt[0]))
# If no style is in settings defined for recipient, use default from settings
if get_bool_from_cfg('default', 'mime_conversion', 'yes'):
gpg_to_smtp_mime.append(rcpt[0])
gpg_to_cmdline_mime.extend(rcpt[1].split(','))
else:
gpg_to_smtp_inline.append(rcpt[0])
gpg_to_cmdline_inline.extend(rcpt[1].split(','))
if gpg_to_smtp_mime != list():
# Encrypt mail with PGP/MIME
raw_message_mime = copy.deepcopy(raw_message)
if get_bool_from_cfg('default', 'add_header', 'yes'):
raw_message_mime['X-GPG-Mailgate'] = 'Encrypted by GPG Mailgate'
encrypted_payloads = encrypt_all_payloads_mime( raw_message_mime, gpg_to_cmdline_mime )
raw_message_mime.set_payload( encrypted_payloads )
send_msg( raw_message_mime.as_string(), gpg_to_smtp_mime )
if gpg_to_smtp_inline != list():
# Encrypt mail with PGP/INLINE
raw_message_inline = copy.deepcopy(raw_message)
if get_bool_from_cfg('default', 'add_header', 'yes'):
raw_message_inline['X-GPG-Mailgate'] = 'Encrypted by GPG Mailgate'
encrypted_payloads = encrypt_all_payloads_inline( raw_message_inline, gpg_to_cmdline_inline )
raw_message_inline.set_payload( encrypted_payloads )
send_msg( raw_message_inline.as_string(), gpg_to_smtp_inline )
return ungpg_to
