[dev] Re: gpg/pgp patches (multiple recipients, search in prefs, group encryption)

Andreas Maag andreas at maagical.ch
Mon Dec 6 09:02:34 PST 2004 

Hi,
oh i see, i will continue on this projekt, an publish it on my page - maybe
someone is happy to use it - maybe in the next release...
> The timing of this is somewhat unfortunate since we're in the middle of the
> release process for Horde 3.0 and IMP 4.0 final, so changes like these are
> unlikely to be made. Michael Slusarz, who's been doing most of the encryption
> work, is the best person to look at this, as he's been touching up s/mime
> support for the releases.

maybe the following 3 patches are more for that final release.

regards
a.

=============================================================================
Subject: md5-base64 patch for Courier and exim4

using horde->-imp->imap authentication with courier (and plain
authentication of
exim4-MTA (smtp)) i had to change the md5-base64 algorith:

diff -Naur aktuell-041127-ORIG/framework/Auth/Auth.php
aktuell-041127/framework/Auth/Auth.php
--- aktuell-041127-ORIG/framework/Auth/Auth.php	2004-10-29 23:21:54.000000000
+0200
+++ aktuell-041127/framework/Auth/Auth.php	2004-12-06 07:00:38.000000000 +0100
@@ -227,7 +227,8 @@
               return (($show_encrypt) ? '{crypt}' : '') . crypt($plaintext,
$salt);

           case 'md5-base64':
-            $encrypted = base64_encode(mhash(MHASH_MD5, $plaintext));
+            // $encrypted = base64_encode(mhash(MHASH_MD5, $plaintext));
+            $encrypted = base64_encode(pack('H*',md5($plaintext)));
               return ($show_encrypt) ? '{MD5}' . $encrypted : $encrypted;

           case 'ssha':

=============================================================================
Subject: Vacation gives error
i don't know what this line is for, but it didn't work, so i had to remove it.

diff -Naur aktuell-041127-ORIG/vacation/main.php
aktuell-041127/vacation/main.php
--- aktuell-041127-ORIG/vacation/main.php	2004-11-17 15:18:30.000000000 +0100
+++ aktuell-041127/vacation/main.php	2004-12-05 20:23:09.000000000 +0100
@@ -145,6 +145,6 @@

   $title = _("Change Vacation Notices");
   require VACATION_TEMPLATES . '/common-header.inc';
-Vacation::menu();
+// Vacation::menu();
   require VACATION_TEMPLATES . '/main/main.inc';
   require $registry->get('templates', 'horde') . '/common-footer.inc';

=============================================================================
Subject: Saving encrypted messages for others (without own key)
this is more of a "point-of-view" issue, but i think it is better to allow to
locally save than to deny it (example: if i send to some person and
s/he didn't
receive it - email is not always reliable, spam etc - i have the
possibility to
send it again) - if i choose not to have a personal key this is another issue,
not really connected.

diff -Naur aktuell-041127-ORIG/imp/compose.php aktuell-041127/imp/compose.php
--- aktuell-041127-ORIG/imp/compose.php	2004-12-05 00:48:26.000000000 +0100
+++ aktuell-041127/imp/compose.php	2004-12-06 07:03:41.000000000 +0100
@@ -306,13 +306,13 @@
   /**
    * Create the base MIME_Message for sending.
    */
-function _createMimeMessage($to, $body)
+function _createMimeMessage($to, $body,$withencryption=true)
   {
       require_once 'Horde/MIME/Message.php';
       $mime_message = &new MIME_Message($GLOBALS['imp']['maildomain']);

       /* Set up the base message now. */
-    if ($GLOBALS['usePGP'] &&
+    if ($withencryption && $GLOBALS['usePGP'] &&
           in_array($GLOBALS['encrypt'], array(IMP_PGP_ENCRYPT, IMP_PGP_SIGN,
IMP_PGP_SIGNENC))) {
           if (empty($GLOBALS['imp_pgp'])) {
               require_once IMP_BASE .'/lib/Crypt/PGP.php';
@@ -350,7 +350,7 @@
           if (is_a($body, 'PEAR_Error')) {
               return PEAR::raiseError(_("PGP Error: ") . $body->getMessage());
           }
-    } elseif ($GLOBALS['useSMIME'] &&
+    } elseif ($withencryption && $GLOBALS['useSMIME'] &&
                 in_array($GLOBALS['encrypt'], array(IMP_SMIME_ENCRYPT,
IMP_SMIME_SIGN, IMP_SMIME_SIGNENC))) {
           if (empty($GLOBALS['imp_smime'])) {
               require_once IMP_BASE. '/lib/Crypt/SMIME.php';
@@ -392,7 +392,7 @@
       $mime_message->addPart($body);

       /* Append PGP signature if set in the preferences. */
-    if ($GLOBALS['usePGP'] && Util::getFormData('pgp_attach_pubkey')) {
+    if ($withencryption && $GLOBALS['usePGP'] &&
Util::getFormData('pgp_attach_pubkey')) {
           if (!isset($GLOBALS['imp_pgp'])) {
               require_once IMP_BASE . '/lib/Crypt/PGP.php';
               $GLOBALS['imp_pgp'] = &new IMP_PGP();
@@ -821,11 +821,13 @@

           /* Must target the encryption for the sender before saving 
message in
            * sent-mail. */
+        /* no! it makes sense (to me...) to store a message anyway, e.g. to
send a second time .... */
           $messageToSave = _createMimeMessage($from, $body);
           if (is_a($messageToSave, 'PEAR_Error')) {
-            $get_sig = false;
-            $notification->push($messageToSave, 'horde.error');
-            break;
+            $messageToSave = _createMimeMessage($from,$body,false);
// save as
not encrypted
+            // $get_sig = false;
+            // $notification->push($messageToSave, 'horde.error');
+            // break;
           }
       } else {
           /* No encryption - can send in clear-text all at once. */

More information about the dev mailing list