[turba] S/MIME related patches

Roger Håkansson hson at ludd.luth.se
Mon Apr 21 00:12:56 PDT 2003


I've come across some problems related to S/MIME lately and written some
patches  for them.
(All patches with descriptions can be found at
http://www.ludd.luth.se/~hson/horde/patches.html )

1. http://www.ludd.luth.se/~hson/horde/turba/api.php.patch.gz patches
turba/lib/api.php
When you click on "Click to Save S/MIME certificate in your Address book." a
new entry is created int your addressbook unless the "From:"-header matches
the "Name" in the addresbook.
This is not at problem if you haven't got that person in the addressbook,
but if (like in my case) a whole department/company decides to get
certificates your in trouble if you already have thoose people in your
addressbook.
Since many "From:"-headers just have the emailaddress or both address and
name ("Roger Håkansson <hson at ludd.luth.se>") I guess that many people will
change the "Name"-field to something else.
This patch will change turba's "addField"-API call so that first just the
emailaddress is checked, if its found (and is only one entry) that entry is
updated.
If more than one entry is found, it searches for both emailaddress and name
and finally emailaddress, name and fieldname.

2. http://www.ludd.luth.se/~hson/horde/imp/SMIME.php.patch.gz patches
imp/lib/SMIME.php
It seems that there are (at least) two ways to store the emailaddress in a
certificate, the original SMIME.php check for "Email" within the
"subject"-structure, but all public keys sent to me doesn't have that but
"emailAddress".
I don't know if its because all thoose certs are either Thawte or Verisign,
or because people use either Outlook or Outlook Express when they send mail
to me.

3. http://www.ludd.luth.se/~hson/horde/smime.php.combined_patch.gz patches
lib/Crypt/smime.php
Same thing as in patch2 included.
When you try to send a encrypted message, the only thing (except the
headers) in the mail is
"This+is+a+cryptographically+encrypted+message+in+MIME+format".
I'm not sure if this is the right way to fix it, but it seems to work.
Someone with more knowledge on how encrypted mails should look like might
wanna take a look at it.
The only difference(after my patch is applied) to how Outlook handles it is
that Outlook has:
Content-Disposition: attachment;
                      filename="smime.p7m"
Content-Type: application/x-pkcs7-mime;
               name="smime.p7m";
               smime-type=enveloped-data
while IMP has:
Content-Disposition: inline;
                      filename="smime.p7m"
Content-Type: application/x-pkcs7-mime;
               name="smime.p7m"

But the difference in "Content-Type" can be fixed (if it needs fixing) by
adding:
$smime_part->setContentTypeParameter('smime-type', 'enveloped-data');
to the end of encryptMIMEPart().

4. http://www.ludd.luth.se/~hson/horde/imp/compose.php.patch.gz patches
imp/compose.php
When you are sending a encrypted message you get asked for your passphrase
even though your private key is never used.



 I've made patch 3 as two separate patches at
http://www.ludd.luth.se/~hson/horde/smime.php.patch1.gz and
http://www.ludd.luth.se/~hson/horde/smime.php.patch2.gz if you prefer that.

--
Roger Håkansson



More information about the turba mailing list