[git] GpgOL - branch, master, updated. gpgol-1.4.0-226-g829c656
by Andre Heinecke
cvs at cvs.gnupg.org
Thu Dec 15 17:55:43 CET 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG extension for MS Outlook".
The branch, master has been updated
via 829c65658073aabc75c56442b85fe78296df6f9c (commit)
via 7d7356f0ba829f127816194203288f1c3c9decf6 (commit)
via b1251956bbf6efd7187fc0fd55304d81dbec27d5 (commit)
via 9767ec7cf6e3a8987e4df10896f6f3c76b53953d (commit)
via 671572bcb85d116ba716416d72dc6f499733c306 (commit)
via 72f6089351919ea1922b7d729bd03e7843c7e77d (commit)
via 55fd5a0109f0638dc55912cdc4d412bb01ffadc7 (commit)
via c5cd68ac9577b418aedbad81d59f2c58d25f6eac (commit)
via 1975900a147f65b6363663900bd9753adc5039c1 (commit)
from 51e10a77dcb393f80b89945d8425595cfcc4f5f8 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 829c65658073aabc75c56442b85fe78296df6f9c
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Thu Dec 15 17:55:11 2016 +0100
Don't add a dot after the tooltip
* src/ribbon-callbacks.cpp (get_sig_ttip): Remove dot.
diff --git a/src/ribbon-callbacks.cpp b/src/ribbon-callbacks.cpp
index 59859f8..079779f 100644
--- a/src/ribbon-callbacks.cpp
+++ b/src/ribbon-callbacks.cpp
@@ -1555,13 +1555,13 @@ HRESULT get_sig_ttip (LPDISPATCH ctrl, VARIANT *result)
if (mail && (mail->is_signed () || mail->is_encrypted ()))
{
char *buf;
- gpgrt_asprintf (&buf, _("%s message."), mail->get_crypto_summary ().c_str());
+ gpgrt_asprintf (&buf, _("%s message"), mail->get_crypto_summary ().c_str());
w_result = utf8_to_wchar (buf);
xfree(buf);
}
else
{
- w_result = utf8_to_wchar (_("Insecure message."));
+ w_result = utf8_to_wchar (_("Insecure message"));
}
result->bstrVal = SysAllocString (w_result);
xfree (w_result);
commit 7d7356f0ba829f127816194203288f1c3c9decf6
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Thu Dec 15 17:54:20 2016 +0100
Fix signature level for unencrypted mails
* src/mail.cpp (Mail::get_signature_level): Don't always
return 0 for unencrytped mails.
diff --git a/src/mail.cpp b/src/mail.cpp
index 53d2631..42222f6 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -1677,7 +1677,7 @@ Mail::get_crypto_details()
int
Mail::get_signature_level () const
{
- if (!m_is_signed || !is_encrypted ())
+ if (!m_is_signed)
{
return 0;
}
@@ -1708,7 +1708,7 @@ Mail::get_signature_level () const
if (m_sig.summary() & Signature::Summary::TofuConflict ||
m_uid.tofuInfo().validity() == TofuInfo::Conflict)
{
- return 1;
+ return 0;
}
return 0;
}
commit b1251956bbf6efd7187fc0fd55304d81dbec27d5
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Thu Dec 15 17:53:41 2016 +0100
Various string fixes for crypto_details
* src/mail.cpp (Mail::get_crypto_details): Various string
fixes.
diff --git a/src/mail.cpp b/src/mail.cpp
index 6b06f03..53d2631 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -1462,14 +1462,15 @@ Mail::get_crypto_details()
}
else if (is_encrypted() && !is_signed ())
{
- return _("You cannot be sure who sent the message as "
+ return _("But you cannot be sure who sent the message because "
"it is not signed.");
}
std::string message;
bool keyFound = true;
- bool isOpenPGP = m_sig.key().protocol() == Protocol::OpenPGP;
+ bool isOpenPGP = m_sig.key().isNull() ? !is_smime() :
+ m_sig.key().protocol() == Protocol::OpenPGP;
char *buf;
bool hasConflict = false;
int level = get_signature_level ();
@@ -1485,7 +1486,7 @@ Mail::get_crypto_details()
if (four_check == -1)
{
- message = _("And you signed this message.");
+ message = _("You signed this message.");
}
else if (four_check >= 0)
{
@@ -1494,6 +1495,7 @@ Mail::get_crypto_details()
And <uid with ultimate trust> certified the identity
of the sender.
*/
+ message = _("The senders identity was certified by yourself.");
}
else
{
@@ -1506,12 +1508,12 @@ Mail::get_crypto_details()
{
/* Level three is only reachable through web of trust and no
direct signature. */
- message = _("And the senders identity was certified by several trusted people.");
+ message = _("The senders identity was certified by several trusted people.");
}
else if (level == 3 && !isOpenPGP)
{
/* Level three is the only level for trusted S/MIME keys. */
- gpgrt_asprintf (&buf, _("And the senders identity is cerified by the trusted issuer:\n'%s'\n"),
+ gpgrt_asprintf (&buf, _("The senders identity is cerified by the trusted issuer:\n'%s'\n"),
m_sig.key().issuerName());
message = buf;
xfree (buf);
@@ -1531,12 +1533,12 @@ Mail::get_crypto_details()
char *time = format_date_from_gpgme (first_contact);
/* i18n note signcount is always pulral because with signcount 1 we
* would not be in this branch. */
- gpgrt_asprintf (&buf, _("And the senders address is trustworthy, because "
+ gpgrt_asprintf (&buf, _("The senders address is trustworthy, because "
"you have established a communication history "
"with this address starting on %s.\n"
- "You encrypted %i times to this address and verified %i since."),
- time, m_uid.tofuInfo().signCount (),
- m_uid.tofuInfo().encrCount());
+ "You encrypted %i and verified %i messages since."),
+ time, m_uid.tofuInfo().encrCount(),
+ m_uid.tofuInfo().signCount ());
xfree (time);
message = buf;
xfree (buf);
@@ -1545,12 +1547,16 @@ Mail::get_crypto_details()
{
/* This could be marginal trust through pgp, or tofu with little
history. */
- if (m_uid.tofuInfo ().validity() == TofuInfo::Validity::LittleHistory)
+ if (m_uid.tofuInfo ().signCount() == 1)
+ {
+ message += _("The senders signature was verified for the first time.");
+ }
+ else if (m_uid.tofuInfo ().validity() == TofuInfo::Validity::LittleHistory)
{
unsigned long first_contact = std::max (m_uid.tofuInfo().signFirst(),
m_uid.tofuInfo().encrFirst());
char *time = format_date_from_gpgme (first_contact);
- gpgrt_asprintf (&buf, _("But the senders address is not trustworthy yet because "
+ gpgrt_asprintf (&buf, _("The senders address is not trustworthy yet because "
"you only verified %i messages and encrypted %i messages to "
"it since %s."),
m_uid.tofuInfo().signCount (),
@@ -1559,10 +1565,6 @@ Mail::get_crypto_details()
message = buf;
xfree (buf);
}
- else if (m_uid.tofuInfo ().signCount() == 1)
- {
- message += _("But the senders signature was verified for the first time.");
- }
else
{
/* Marginal trust through pgp */
@@ -1574,7 +1576,8 @@ Mail::get_crypto_details()
{
/* Now we are in level 0, this could be a technical problem, no key
or just unkown. */
- message = _("But the sender address is not trustworthy because:");
+ message = is_encrypted () ? _("But the sender address is not trustworthy because:") :
+ _("The sender address is not trustworthy because:");
message += "\n\n";
keyFound = !(m_sig.summary() & Signature::Summary::KeyMissing);
@@ -1628,7 +1631,8 @@ Mail::get_crypto_details()
else if ((m_sig.summary() & Signature::Summary::TofuConflict) ||
m_uid.tofuInfo().validity() == TofuInfo::Conflict)
{
- message += _("conflicts with another key that was used in the past by the sender.");
+ message += _("is not the same as the key that was used "
+ "for this address in the past.");
hasConflict = true;
}
else if (m_uid.isNull())
@@ -1651,7 +1655,6 @@ Mail::get_crypto_details()
message += _("is marked as not trustworthy.");
}
}
- message += _("You cannot be sure who wrote or modified the message.");
message += "\n\n";
if (hasConflict)
{
commit 9767ec7cf6e3a8987e4df10896f6f3c76b53953d
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Thu Dec 15 17:52:13 2016 +0100
Invert category order
* src/mail.cpp (Mail::update_categories): Invert order.
--
This should help when outlook decides to only show one category
because now the verified sender which is more important is shown
first.
diff --git a/src/mail.cpp b/src/mail.cpp
index 6358951..6b06f03 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -1290,6 +1290,15 @@ Mail::update_categories ()
{
const char *decCategory = _("GpgOL: Encrypted Message");
const char *verifyCategory = _("GpgOL: Trusted Sender Address");
+ if (is_valid_sig())
+ {
+ add_category (m_mailitem, verifyCategory);
+ }
+ else
+ {
+ remove_category (m_mailitem, verifyCategory);
+ }
+
if (m_decrypt_result.numRecipients())
{
/* We use the number of recipients as we don't care
@@ -1302,15 +1311,6 @@ Mail::update_categories ()
categories */
remove_category (m_mailitem, decCategory);
}
-
- if (is_valid_sig())
- {
- add_category (m_mailitem, verifyCategory);
- }
- else
- {
- remove_category (m_mailitem, verifyCategory);
- }
return;
}
commit 671572bcb85d116ba716416d72dc6f499733c306
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Thu Dec 15 17:50:58 2016 +0100
Use insecure instead of signed to sum up lvl1
* src/mail.cpp (Mail::get_crypto_summary): Use insecure instead
of signed.
--
The word signed implies security and so might make phishing
easier if a signed phishing mail is shown as signed and not
as insecure.
diff --git a/src/mail.cpp b/src/mail.cpp
index dc3ac58..6358951 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -1442,7 +1442,11 @@ Mail::get_crypto_summary ()
}
if (is_signed ())
{
- return _("Signed");
+ /* Even if it is signed, if it is not validly
+ signed it's still completly insecure as anyone
+ could have signed this. So we avoid the label
+ "signed" here as this already leaves */
+ return _("Insecure");
}
return _("Insecure");
}
commit 72f6089351919ea1922b7d729bd03e7843c7e77d
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Thu Dec 15 17:50:10 2016 +0100
Fix sigstate setting
* src/mail.cpp (Mail::update_sigstate): Skip empty uids
instead of non empty ones :-)
diff --git a/src/mail.cpp b/src/mail.cpp
index 00e4244..dc3ac58 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -1234,9 +1234,9 @@ Mail::update_sigstate ()
{
m_is_signed = true;
m_uid = get_uid_for_sender (sig.key(), sender.c_str());
- if (!m_uid.isNull() && sig.validity() != Signature::Validity::Marginal &&
+ if (m_uid.isNull() || (sig.validity() != Signature::Validity::Marginal &&
sig.validity() != Signature::Validity::Full &&
- sig.validity() != Signature::Validity::Ultimate)
+ sig.validity() != Signature::Validity::Ultimate))
{
/* For our category we only care about trusted sigs. And
the UID needs to match.*/
@@ -1257,8 +1257,8 @@ Mail::update_sigstate ()
continue;
}
}
- log_debug ("%s:%s: Classified sender as verified",
- SRCNAME, __func__);
+ log_debug ("%s:%s: Classified sender as verified uid validity: %i",
+ SRCNAME, __func__, m_uid.validity());
m_sig = sig;
m_is_valid = true;
return;
commit 55fd5a0109f0638dc55912cdc4d412bb01ffadc7
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Thu Dec 15 17:48:48 2016 +0100
Pass key by reference to get_uid
* src/mail.cpp (get_uid_for_sender): Pass key by reference
to avoid a copy.
diff --git a/src/mail.cpp b/src/mail.cpp
index a872095..00e4244 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -1164,7 +1164,7 @@ Mail::get_close_triggered () const
}
static const UserID
-get_uid_for_sender (const Key k, const char *sender)
+get_uid_for_sender (const Key &k, const char *sender)
{
UserID ret;
commit c5cd68ac9577b418aedbad81d59f2c58d25f6eac
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Thu Dec 15 17:07:09 2016 +0100
Always activate the GpgOL read button
* src/gpgoladdin.cpp (getCustomUI_MIME): Always enable button.
* src/ribbon-callbacks.cpp (launch_cert_details): Open
the emailselfdefense infographic for unencrypted / unsigned
mails.
--
Maybe a bit too much, but the idea is to raise awareness
that unencrypted / unsigned mails are insecure.
diff --git a/src/gpgoladdin.cpp b/src/gpgoladdin.cpp
index eaafd18..1903ec0 100644
--- a/src/gpgoladdin.cpp
+++ b/src/gpgoladdin.cpp
@@ -833,7 +833,7 @@ GetCustomUI_MIME (BSTR RibbonID, BSTR * RibbonXml)
" supertip=\"%s\""
" getPressed=\"getSignEncryptPressed\""
" getImage=\"btnSignEncryptLarge\""
- " onAction=\"encryptSignMime\"""/>"
+ " onAction=\"encryptSignMime\"/>"
" <menu id=\"encMenu\" showLabel=\"true\">"
" <toggleButton id=\"mimeSign\""
" getImage=\"btnSignSmall\""
@@ -882,8 +882,8 @@ GetCustomUI_MIME (BSTR RibbonID, BSTR * RibbonXml)
" getLabel=\"getSigLabel\""
" getScreentip=\"getSigTip\""
" getSupertip=\"getSigSTip\""
- " onAction=\"launchDetails\""
- " getEnabled=\"getIsCrypto\"/>"
+ " onAction=\"launchDetails\"/>"
+ /* " getEnabled=\"getIsCrypto\"/>" */
" <dialogBoxLauncher>"
" <button id=\"optsBtn\""
" onAction=\"openOptions\""
@@ -925,8 +925,8 @@ GetCustomUI_MIME (BSTR RibbonID, BSTR * RibbonXml)
" getLabel=\"getSigLabel\""
" getScreentip=\"getSigTip\""
" getSupertip=\"getSigSTip\""
- " onAction=\"launchDetails\""
- " getEnabled=\"getIsCrypto\"/>"
+ " onAction=\"launchDetails\"/>"
+ /* " getEnabled=\"getIsCrypto\"/>" */
" <dialogBoxLauncher>"
" <button id=\"optsBtn_read\""
" onAction=\"openOptions\""
diff --git a/src/ribbon-callbacks.cpp b/src/ribbon-callbacks.cpp
index ae15756..59859f8 100644
--- a/src/ribbon-callbacks.cpp
+++ b/src/ribbon-callbacks.cpp
@@ -1577,7 +1577,8 @@ HRESULT get_sig_stip (LPDISPATCH ctrl, VARIANT *result)
{
wchar_t *w_result;
w_result = utf8_to_wchar (_("You cannot be sure who sent, "
- "modified and read the message in transit."));
+ "modified and read the message in transit.\n\n"
+ "Click here to learn more."));
result->bstrVal = SysAllocString (w_result);
xfree (w_result);
return S_OK;
@@ -1593,10 +1594,10 @@ HRESULT launch_cert_details (LPDISPATCH ctrl)
{
MY_MAIL_GETTER
- if (!mail)
+ if (!mail || (!mail->is_signed () && !mail->is_encrypted ()))
{
- log_debug ("%s:%s: No mail.",
- SRCNAME, __func__);
+ ShellExecuteA(NULL, NULL, "https://emailselfdefense.fsf.org/infographic",
+ 0, 0, SW_SHOWNORMAL);
return S_OK;
}
commit 1975900a147f65b6363663900bd9753adc5039c1
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Thu Dec 15 12:01:25 2016 +0100
Handle opaque signed inline pgp messages
* src/parsecontroller.cpp (ParseController::parse):
Handle opaque signed PGP Messages.
--
For signed only messages decryptandverify would create no
output we need to just verify in that case.
diff --git a/src/parsecontroller.cpp b/src/parsecontroller.cpp
index f053d87..2752fad 100644
--- a/src/parsecontroller.cpp
+++ b/src/parsecontroller.cpp
@@ -203,9 +203,19 @@ ParseController::parse()
// Wrap the input stream in an attachment / GpgME Data
Protocol protocol;
bool decrypt, verify;
- operation_for_type (m_type, &decrypt, &verify);
Data input (m_inputprovider);
+
+ if (input.type () == Data::Type::PGPSigned)
+ {
+ verify = true;
+ decrypt = false;
+ }
+ else
+ {
+ operation_for_type (m_type, &decrypt, &verify);
+ }
+
if ((m_inputprovider->signature() && is_smime (*m_inputprovider->signature())) ||
is_smime (input))
{
@@ -256,7 +266,8 @@ ParseController::parse()
if ((!m_decrypt_result.error () &&
m_verify_result.signatures ().empty() &&
m_outputprovider->signature ()) ||
- is_smime (output))
+ is_smime (output) ||
+ output.type() == Data::Type::PGPSigned)
{
/* There is a signature in the output. So we have
to verify it now as an extra step. */
@@ -315,6 +326,10 @@ ParseController::parse()
{
std::stringstream ss;
ss << m_decrypt_result << '\n' << m_verify_result;
+ for (const auto sig: m_verify_result.signatures())
+ {
+ ss << '\n' << sig.key();
+ }
log_debug ("Decrypt / Verify result: %s", ss.str().c_str());
}
TRACEPOINT;
-----------------------------------------------------------------------
Summary of changes:
src/gpgoladdin.cpp | 10 +++----
src/mail.cpp | 77 ++++++++++++++++++++++++++----------------------
src/parsecontroller.cpp | 19 ++++++++++--
src/ribbon-callbacks.cpp | 13 ++++----
4 files changed, 71 insertions(+), 48 deletions(-)
hooks/post-receive
--
GnuPG extension for MS Outlook
http://git.gnupg.org
More information about the Gnupg-commits
mailing list