-
Notifications
You must be signed in to change notification settings - Fork 0
/
openpgpkey.py
309 lines (240 loc) · 9.31 KB
/
openpgpkey.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
VERSION = '0.4'
ANCHOR = '/var/lib/unbound/root.anchor'
OPENPGPKEY = 61
import Milter
import StringIO
import time
import email
import sys
import os
import shutil
import argparse
from hashlib import sha224
from socket import AF_INET6
from Milter.utils import parse_addr
if True:
from multiprocessing import Process as Thread, Queue
else:
from threading import Thread
from Queue import Queue
logq = Queue(maxsize=4)
from syslog import syslog, openlog, LOG_MAIL
try:
openlog('openpgpkey-milter', facility=LOG_MAIL)
except:
# for python 2.6
openlog('openpgpkey-milter', LOG_MAIL)
try:
import setproctitle
setproctitle.setproctitle("openpgpkey-milter")
except:
syslog('openpgpkey-milter: failed to setproctitle - python-setproctitle missing?')
import unbound
ctx = unbound.ub_ctx()
ctx.resolvconf('/etc/resolv.conf')
try:
if os.path.isfile(ANCHOR):
ctx.add_ta_file(ANCHOR)
except:
pass
spool_dir = '/var/spool/openpgpkey-milter'
import gnupg
class myMilter(Milter.Base):
def __init__(self):
self.id = Milter.uniqueID()
@Milter.noreply
def connect(
self,
IPname,
family,
hostaddr,
):
self.IP = hostaddr[0]
self.port = hostaddr[1]
if family == AF_INET6:
self.flow = hostaddr[2]
self.scope = hostaddr[3]
else:
self.flow = None
self.scope = None
self.IPname = IPname
self.H = None
self.fp = None
self.receiver = self.getsymval('j')
syslog('connect from %s at %s' % (IPname, hostaddr))
return Milter.CONTINUE
def hello(self, heloname):
self.H = heloname
return Milter.CONTINUE
def envfrom(self, mailfrom, *str):
self.F = mailfrom
self.R = []
self.fromparms = Milter.dictfromlist(str)
self.user = self.getsymval('{auth_authen}')
self.fp = StringIO.StringIO()
self.canon_from = '@'.join(parse_addr(mailfrom))
self.fp.write('From %s %s\n' % (self.canon_from, time.ctime()))
return Milter.CONTINUE
@Milter.noreply
def envrcpt(self, to, *str):
rcptinfo = (to, Milter.dictfromlist(str))
self.R.append(rcptinfo)
return Milter.CONTINUE
@Milter.noreply
def header(self, name, hval):
self.fp.write('%s: %s\n' % (name, hval))
return Milter.CONTINUE
@Milter.noreply
def eoh(self):
self.fp.write('\n')
return Milter.CONTINUE
@Milter.noreply
def body(self, chunk):
self.fp.write(chunk)
return Milter.CONTINUE
def eom(self):
self.fp.seek(0)
subject = 'none'
self.addheader('X-OPENPGPKEY', 'Message passed unmodified' , 1)
msg = email.message_from_file(self.fp)
if msg.is_multipart():
syslog('Multipart message type passed unmodified')
return Milter.CONTINUE
gpgdir = '%s/%s' % (spool_dir, self.id)
if os.path.isdir(gpgdir):
shutil.rmtree(gpgdir)
os.mkdir(gpgdir)
tos = msg.get_all('to', [])
ccs = msg.get_all('cc', [])
all_recipients = email.utils.getaddresses(tos + ccs)
recipients = []
for entry in all_recipients:
recipients.append(entry[1])
gpg = gnupg.GPG(gnupghome=gpgdir)
gpg.decode_errors="ignore"
for recipient in recipients:
(username, domainname) = recipient.split('@')
rfcname = sha224(username).hexdigest()
qname = '%s._openpgpkey.%s' % (rfcname, domainname)
(status, result) = ctx.resolve(qname, OPENPGPKEY,
unbound.RR_CLASS_IN)
if status != 0:
syslog("unbound openpgpkey lookup for '%s' returned non-zero status, deferring" % recipient)
return Milter.TEMPFAIL
if result.rcode_str == 'serv fail':
syslog("unbound openpgpkey lookup for '%s' returned SERVFAIL, deferring" % recipient)
return Milter.TEMPFAIL
if result.bogus:
syslog("unbound openpgpkey lookup for '%s' returned with INVALID DNSSEC data, deferring" % recipient)
return Milter.TEMPFAIL
if not result.secure:
syslog("unbound openpgpkey lookup for '%s' ignored as the domain is not signed with DNSSEC - letting go plaintext" % recipient)
return Milter.CONTINUE
if not result.havedata:
syslog("unbound openpgpkey lookup for '%s' succeeded but no OpenPGP key publishd - letting go plaintext" % recipient)
return Milter.CONTINUE
for openpgpkey in result.data.raw:
import_result = gpg.import_keys(openpgpkey)
fingerprints = []
imported_keys = gpg.list_keys()
for ikey in imported_keys:
syslog('Received DNSSEC secured OPENPGPKEY for %s: Key-ID:%s Fingerprint:%s'
% (recipient, ikey['keyid'], ikey['fingerprint']))
fingerprints.append(ikey['fingerprint'])
fpliststr = ','.join(fingerprints)
if 'subject' in msg:
subject = msg['subject']
msgstr = '''Subject:%s %s''' % (subject, msg)
if '-----BEGIN PGP MESSAGE-----' in msgstr:
syslog('Message already encrypted - letting it go unmodified')
return Milter.CONTINUE
gpg = gnupg.GPG(gnupghome=gpgdir)
gpg.decode_errors="ignore"
syslog('Will encrypt message to fingerprints:%s' % fpliststr)
enc_msg = gpg.encrypt(msgstr, fingerprints, always_trust=True)
if enc_msg.data == '':
syslog('Encryption to %s failed - failing message for retry later' % fpliststr)
return Milter.TEMPFAIL
self.chgheader('User-Agent', 1, 'dkim-openpgpkey')
self.chgheader('Subject', 1, '[openpgpkey-milter encrypted message]')
self.chgheader('X-OPENPGPKEY', 1, 'Encrypted to key(s): %s ' % fpliststr)
self.replacebody(enc_msg.data)
return Milter.ACCEPT
def close(self):
gpgdir = '%s/%s' % (spool_dir, self.id)
if os.path.isdir(gpgdir):
shutil.rmtree(gpgdir)
return Milter.CONTINUE
def abort(self):
return Milter.CONTINUE
def background():
while True:
t = logq.get()
if not t:
break
(msg, mid, ts) = t
mymsgs = ''
for i in msg:
mymsgs += '%s ' % i
syslog('backgrounding [%d] ' % mid, mymsgs)
## ===
def main():
global spool_dir
global ctx
parser = \
argparse.ArgumentParser(description='OPENPGPKEY milter application'
, epilog='For bugs. see paul@nohats.ca')
parser.add_argument('--anchor', '-a', action='store', default='',
help='location of the unbound DNSSEC trust anchor file (default /var/lib/unbound/root.anchor')
parser.add_argument('--port', '-p', action='store', default='8890',
help='port on localhost to use (default 8890)')
parser.add_argument('--pid', '-P', action='store', default='',
help='pidfile to create (default no pid file is created')
parser.add_argument('--rrtype', '-r', action='store',
default='65280',
help='RRtype allocation (default private use 65280)')
parser.add_argument('--spool', '-s', action='store',
default='/var/spool/openpgpkey-milter',
help='spool dir for tmp files (default /var/spool/openpgpkey-milter)')
parser.add_argument('--timeout', '-t', action='store', default=600,
help='timeout (default 600)')
parser.add_argument('--version', action='store_true',
help='show version and exit')
args = parser.parse_args()
if args.version:
print 'openpgpkey-milter version %s by Paul Wouters <paul@cypherpunks.ca>' % VERSION
print ' options: --rrtype %s --spool %s --port %s --timeout %s --pid <pidfile>' % (args.rrtype, args.spool, args.port, args.timeout)
sys.exit()
if args.anchor:
if not os.path.isfile(args.anchor):
sys.exit("anchor file '%s' does not exist"%args.anchor)
ctx.add_ta_file(args.anchor)
socketname = 'inet:%s@127.0.0.1' % args.port
spool_dir = args.spool
bt = Thread(target=background)
bt.start()
# Register to have the Milter factory create instances of your class:
Milter.factory = myMilter
flags = Milter.CHGBODY + Milter.CHGHDRS + Milter.ADDHDRS
flags += Milter.ADDRCPT
flags += Milter.DELRCPT
Milter.set_flags(flags)
mypid = str(os.getpid())
if args.pid:
try:
fp = open(args.pid,"w")
fp.write(mypid)
fp.close()
except:
sys.exit("Failed to write pid, aborted")
syslog('starting daemon [%s] version %s on port %s at %s with timeout %s'
% (mypid, VERSION, args.port, args.spool, args.timeout))
sys.stdout.flush()
Milter.runmilter('pythonfilter', socketname, args.timeout)
logq.put(None)
bt.join()
syslog('shutting down daemon')
if os.path.isfile(args.pid) and not os.path.islink(args.pid):
os.unlink(args.pid)
if __name__ == '__main__':
main()