[git] GpgOL - branch, nomapi, updated. gpgol-1.4.0-90-g5c7b1ba
by Andre Heinecke
cvs at cvs.gnupg.org
Tue Oct 18 09:54:24 CEST 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG extension for MS Outlook".
The branch, nomapi has been updated
via 5c7b1ba75cb929b9caa9b1805215eaf1768efc66 (commit)
via 95012778c925908aff80a4df2705d32549de53fc (commit)
via cbfe240a04e9ca530c7ba6050616a099f946f522 (commit)
via 13f607ec249e7b923b15af0aa6b1eaba73ba1d75 (commit)
via 015d515c6b591e73f54c275fe4e664b7a49e605e (commit)
from 0499861a0dda3fd159d93e3638550e7fcd768501 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5c7b1ba75cb929b9caa9b1805215eaf1768efc66
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Tue Oct 18 09:53:15 2016 +0200
Extend signature status display
* src/mail.cpp (get_uid_for_sender): Factored out of get_valid_sig.
(Mail::get_valid_sig): Improve tofu handling.
(Mail::get_signature_status): Handle more states.
diff --git a/src/mail.cpp b/src/mail.cpp
index e50b466..4e06a88 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -49,6 +49,11 @@ static std::map<std::string, Mail*> g_uid_map;
#define COPYBUFSIZE (8 * 1024)
+/* Our own basic trust level for tofu.
+ GnuPG's can't be trusted. See comment
+ in get_valid_sig why.*/
+#define GPGOL_BASIC_TOFU_TRUST 10
+
/* TODO: Localize this once it is less bound to change.
TODO: Use a dedicated message for failed decryption. */
#define HTML_TEMPLATE \
@@ -872,6 +877,46 @@ Mail::close_inspector ()
return 0;
}
+static const UserID
+get_uid_for_sender (const Key k, const char *sender)
+{
+ UserID ret;
+
+ if (!sender)
+ {
+ return ret;
+ }
+
+ if (!k.numUserIDs())
+ {
+ log_debug ("%s:%s: Key without uids",
+ SRCNAME, __func__);
+ return ret;
+ }
+
+ for (const auto uid: k.userIDs())
+ {
+ if (!uid.email())
+ {
+ continue;
+ }
+ auto normalized_uid = uid.addrSpec();
+ auto normalized_sender = UserID::addrSpecFromString(sender);
+
+ if (normalized_sender.empty() || normalized_uid.empty())
+ {
+ log_error ("%s:%s: normalizing '%s' or '%s' failed.",
+ SRCNAME, __func__, uid.email(), sender);
+ continue;
+ }
+ if (normalized_sender == normalized_uid)
+ {
+ ret = uid;
+ }
+ }
+ return ret;
+}
+
const std::pair <Signature, UserID>
Mail::get_valid_sig ()
{
@@ -907,45 +952,36 @@ Mail::get_valid_sig ()
/* For our category we only care about trusted sigs. */
continue;
}
- Key k = sig.key();
- for (const auto uid: k.userIDs())
+ const auto uid = get_uid_for_sender (sig.key(), sender);
+ if (sig.validity() == Signature::Validity::Marginal)
{
- if (!uid.email())
- {
- TRACEPOINT;
- continue;
- }
- auto normalized_uid = uid.addrSpec();
- auto normalized_sender = UserID::addrSpecFromString(sender);
-
- if (normalized_sender.empty() || normalized_uid.empty())
+ const auto tofu = uid.tofuInfo();
+ if (tofu.isNull() ||
+ (tofu.validity() != TofuInfo::Validity::LittleHistory &&
+ tofu.validity() != TofuInfo::Validity::BasicHistory &&
+ tofu.validity() != TofuInfo::Validity::LargeHistory))
{
- log_error ("%s:%s: normalizing '%s' or '%s' failed.",
- SRCNAME, __func__, uid.email(), sender);
+ /* Marginal is not good enough without tofu.
+ We also wait for basic trust. */
+ log_debug ("%s:%s: Discarding marginal signature.",
+ SRCNAME, __func__);
continue;
}
-
- if (normalized_sender == normalized_uid)
- {
- if (sig.validity() == Signature::Validity::Marginal)
- {
- const auto tofu = uid.tofuInfo();
- if (tofu.isNull() ||
- (tofu.validity() != TofuInfo::Validity::BasicHistory &&
- tofu.validity() != TofuInfo::Validity::LargeHistory))
- {
- /* Marginal is not good enough without tofu.
- We also wait for basic trust. */
- log_debug ("%s:%s: Discarding marginal signature.",
- SRCNAME, __func__);
- continue;
- }
- }
- log_debug ("%s:%s: Classified sender as verified",
+ /* GnuPG uses the encrypt cound to determine validity.
+ This does not make sense for us. E.g. Drafts may have
+ been encrypted and encryption is no communication so
+ it does not track communication.
+ So basically "Our" Tofu validity is then more then 10 messages
+ have been exchanged. */
+ if (!tofu.isNull() && tofu.signCount() <= GPGOL_BASIC_TOFU_TRUST) {
+ log_debug ("%s:%s: Tofu signcount too small.",
SRCNAME, __func__);
- return std::pair<Signature, UserID> (sig, uid);
- }
+ continue;
+ }
}
+ log_debug ("%s:%s: Classified sender as verified",
+ SRCNAME, __func__);
+ return std::pair<Signature, UserID> (sig, uid);
}
log_debug ("%s:%s: No signature with enough trust.",
SRCNAME, __func__);
@@ -1021,18 +1057,22 @@ Mail::get_signature_status()
std::string message;
if (!is_signed())
{
- return _("This message is not signed.\nYou cannot be sure who wrote the message.");
+ message =_("This message is not signed.\n");
+ message += _("You cannot be sure who wrote the message.");
+ return message;
}
const auto pair = get_valid_sig ();
- const auto sig = pair.first;
- const auto uid = pair.second;
+ bool keyFound = false;
char *buf;
- bool isOpenPGP = sig.key().protocol() == Protocol::OpenPGP;
- if (!sig.isNull () && !uid.isNull ())
+ bool isOpenPGP = pair.first.key().protocol() == Protocol::OpenPGP;
+ if (!pair.first.isNull () && !pair.second.isNull ())
{
+ const auto sig = pair.first;
+ const auto uid = pair.second;
/* We are valid */
- gpgrt_asprintf (&buf, _("The signature is valid because:\n\nThe used %s %s"),
+ keyFound = true;
+ gpgrt_asprintf (&buf, _("The sender is verified because:\n\nThe used %s %s"),
isOpenPGP ? _("key") : _("certificate"),
sig.validity() == Signature::Validity::Ultimate ?
_("is marked as your own.") :
@@ -1050,15 +1090,128 @@ Mail::get_signature_status()
}
else if (sig.validity() == Signature::Validity::Marginal)
{
- gpgrt_asprintf (&buf, _("was consistently used for %i messages since %lu."),
- uid.tofuInfo().signCount (), uid.tofuInfo().signFirst());
+ char *time = format_date_from_gpgme (uid.tofuInfo().signFirst());
+ gpgrt_asprintf (&buf, _("was consistently used for %i messages since %s."),
+ uid.tofuInfo().signCount (), time);
+ xfree (time);
message += buf;
xfree (buf);
}
}
+ else
+ {
+ if (m_verify_result.numSignatures() > 1)
+ {
+ log_debug ("%s:%s: More then one signature found on %p",
+ SRCNAME, __func__, m_mailitem);
+ }
+ /* We only handle the first signature. */
+ const auto sig = m_verify_result.signature (0);
+ keyFound = !(sig.summary() & Signature::Summary::KeyMissing);
+
+ log_debug ("%s:%s: Formatting sig. Validity: %x Summary: %x",
+ SRCNAME, __func__, sig.validity(), sig.summary());
+
+ /* There is a signature but we don't accepted it as fully valid. */
+ message += _("The sender is not verified because:\n\n");
+
+ /* First the general stuff. */
+ if (sig.summary() & Signature::Summary::Red)
+ {
+ message += _("The signature is invalid.\n");
+ message += _("You cannot be sure who wrote the message.");
+ }
+ else if (sig.summary() & Signature::Summary::SysError ||
+ m_verify_result.numSignatures() < 1)
+ {
+ message += _("There was an error verifying the signature.\n");
+ message += _("You cannot be sure who wrote the message.");
+ }
+ else if (sig.summary() & Signature::Summary::SigExpired)
+ {
+ message += _("The signature is expired.\n");
+ }
+ else
+ {
+ gpgrt_asprintf (&buf, _("The used %s "),
+ isOpenPGP ? _("key") : _("certificate"));
+ message += buf;
+ xfree (buf);
+ }
+
+ const auto uid = get_uid_for_sender (sig.key(), get_sender());
+ /* Now the key problems */
+ if ((sig.summary() & Signature::Summary::KeyMissing))
+ {
+ message += _("is not in your keyring.");
+ }
+ else if ((sig.summary() & Signature::Summary::KeyRevoked))
+ {
+ message += _("is revoked.");
+ }
+ else if ((sig.summary() & Signature::Summary::KeyExpired))
+ {
+ message += _("is expired.");
+ }
+ else if ((sig.summary() & Signature::Summary::BadPolicy))
+ {
+ message += _("is not meant for signing.");
+ }
+ else if ((sig.summary() & Signature::Summary::CrlMissing))
+ {
+ message += _("could not be checked for revocation.");
+ }
+ else if ((sig.summary() & Signature::Summary::CrlTooOld))
+ {
+ message += _("could not be checked for revocation.");
+ }
+ else if ((sig.summary() & Signature::Summary::TofuConflict))
+ {
+ message += _("conflicts with another key that was used in the past by the sender.");
+ }
+ else if (uid.isNull())
+ {
+ gpgrt_asprintf (&buf, _("does not claim the address: \"%s\"."),
+ get_sender());
+ message += buf;
+ xfree (buf);
+ }
+ else if ((sig.validity() & Signature::Validity::Marginal))
+ {
+ const auto tofuInfo = uid.tofuInfo();
+ if (tofuInfo.isNull() || !tofuInfo.signCount())
+ {
+ message += _("is not certified by enough trusted keys.");
+ }
+ else
+ {
+ message += _("does not have enough history for basic trust.");
+ }
+ }
+ else if ((sig.validity() & Signature::Validity::Undefined) ||
+ (sig.validity() & Signature::Validity::Unknown) ||
+ (sig.summary() == Signature::Summary::None) ||
+ (sig.validity() == 0))
+ {
+ /* Bit of a catch all for weird results. */
+ message += _("is not ceritified by any trusted key.");
+ }
+ else if ((sig.validity() & Signature::Validity::Never))
+ {
+ message += _("is explicitly marked as invalid.");
+ }
+ }
message += "\n\n";
- gpgrt_asprintf (&buf, _("Click here for details about the %s."),
+ if (keyFound)
+ {
+ gpgrt_asprintf (&buf, _("Click here for details about the %s."),
isOpenPGP ? _("key") : _("certificate."));
+ }
+ else
+ {
+ gpgrt_asprintf (&buf, _("Click here to search the %s on a public keyserver."),
+ isOpenPGP ? _("key") : _("certificate."));
+ }
message += buf;
xfree (buf);
return message;
commit 95012778c925908aff80a4df2705d32549de53fc
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Tue Oct 18 09:50:35 2016 +0200
Also update key if a signature already has key
* src/parsecontroller.cpp (ParseController::parse): Update key
if a signature has a key.
diff --git a/src/parsecontroller.cpp b/src/parsecontroller.cpp
index cf4adab..a7fa842 100644
--- a/src/parsecontroller.cpp
+++ b/src/parsecontroller.cpp
@@ -288,6 +288,12 @@ ParseController::parse()
SRCNAME, __func__, m_decrypt_result.error().code(),
m_verify_result.error().code());
+ /* Ensure that the Keys for the signatures are available */
+ for (const auto sig: m_verify_result.signatures())
+ {
+ sig.key(true, true);
+ }
+
if (opt.enable_debug)
{
std::stringstream ss;
@@ -295,12 +301,6 @@ ParseController::parse()
log_debug ("Decrypt / Verify result: %s", ss.str().c_str());
}
- /* Ensure that the Keys for the signatures are available */
- for (const auto sig: m_verify_result.signatures())
- {
- sig.key(true, false);
- }
-
return;
}
commit cbfe240a04e9ca530c7ba6050616a099f946f522
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Mon Oct 17 18:41:08 2016 +0200
Add helper to format epoch time with windows
* src/common.c (epoch_to_file_time): New.
(format_date_from_gpgme): New.
--
Format's an unsinged long into a string according to the users
locale.
diff --git a/src/common.c b/src/common.c
index 557bc2a..42598f9 100644
--- a/src/common.c
+++ b/src/common.c
@@ -819,3 +819,37 @@ get_gpg4win_dir()
}
return NULL;
}
+
+
+static void
+epoch_to_file_time (unsigned long time, LPFILETIME pft)
+{
+ LONGLONG ll;
+
+ ll = Int32x32To64(time, 10000000) + 116444736000000000;
+ pft->dwLowDateTime = (DWORD)ll;
+ pft->dwHighDateTime = ll >> 32;
+}
+
+char *
+format_date_from_gpgme (unsigned long time)
+{
+ wchar_t buf[256];
+ FILETIME ft;
+ SYSTEMTIME st;
+
+ epoch_to_file_time (time, &ft);
+ FileTimeToSystemTime(&ft, &st);
+ int ret = GetDateFormatEx (NULL,
+ DATE_SHORTDATE,
+ &st,
+ NULL,
+ buf,
+ 256,
+ NULL);
+ if (ret == 0)
+ {
+ return NULL;
+ }
+ return wchar_to_utf8 (buf);
+}
diff --git a/src/common.h b/src/common.h
index 9a3887c..70b4ee7 100644
--- a/src/common.h
+++ b/src/common.h
@@ -116,6 +116,8 @@ char *percent_escape (const char *str, const char *extra);
void fix_linebreaks (char *str, int *len);
+char *format_date_from_gpgme (unsigned long time);
+
/*-- main.c --*/
const void *get_128bit_session_key (void);
const void *get_64bit_session_marker (void);
commit 13f607ec249e7b923b15af0aa6b1eaba73ba1d75
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Mon Oct 17 12:59:42 2016 +0200
Handle Explorer context in mail from control
* src/ribbon-callbacks.cpp (get_mail_from_control): Handle explorer.
--
This fixes the mail lookup if the mail is only viewed in the
preview window of outlook
diff --git a/src/ribbon-callbacks.cpp b/src/ribbon-callbacks.cpp
index 4c3ccd5..d38cfe3 100644
--- a/src/ribbon-callbacks.cpp
+++ b/src/ribbon-callbacks.cpp
@@ -1429,22 +1429,42 @@ get_mail_from_control (LPDISPATCH ctrl)
return NULL;
}
- mailitem = get_oom_object (context, "CurrentItem");
+ char *ctx_name = get_object_name (context);
+
+ if (!ctx_name)
+ {
+ log_error ("%s:%s: Failed to get context name",
+ SRCNAME, __func__);
+ gpgol_release (context);
+ return NULL;
+
+ }
+ if (!strcmp (ctx_name, "_Inspector"))
+ {
+ mailitem = get_oom_object (context, "CurrentItem");
+ }
+ else if (!strcmp (ctx_name, "_Explorer"))
+ {
+ mailitem = get_oom_object (context, "Selection.Item(1)");
+ }
+
gpgol_release (context);
if (!mailitem)
{
- log_error ("%s:%s: Failed to get mailitem.",
- SRCNAME, __func__);
+ log_error ("%s:%s: Failed to get mailitem. From %s",
+ SRCNAME, __func__, ctx_name);
+ xfree (ctx_name);
return NULL;
}
+ xfree (ctx_name);
/* Get the uid of this item. */
char *uid = get_unique_id (mailitem, 0);
- gpgol_release (mailitem);
if (!uid)
{
log_oom ("%s:%s: Failed to get uid for %p .",
SRCNAME, __func__, mailitem);
+ gpgol_release (mailitem);
return NULL;
}
commit 015d515c6b591e73f54c275fe4e664b7a49e605e
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Mon Oct 17 12:59:07 2016 +0200
Fix memleak in get context dbg output
* src/ribbon-callbacks (getContext): Release object name.
diff --git a/src/ribbon-callbacks.cpp b/src/ribbon-callbacks.cpp
index f9c47d7..4c3ccd5 100644
--- a/src/ribbon-callbacks.cpp
+++ b/src/ribbon-callbacks.cpp
@@ -56,8 +56,14 @@
HRESULT getContext (LPDISPATCH ctrl, LPDISPATCH *context)
{
*context = get_oom_object (ctrl, "get_Context");
- log_debug ("%s:%s: contextObj: %s",
- SRCNAME, __func__, get_object_name (*context));
+ if (*context)
+ {
+ char *name = get_object_name (*context);
+ log_debug ("%s:%s: contextObj: %s",
+ SRCNAME, __func__, name);
+ xfree (name);
+ }
+
return context ? S_OK : E_FAIL;
}
-----------------------------------------------------------------------
Summary of changes:
src/common.c | 34 +++++++
src/common.h | 2 +
src/mail.cpp | 237 ++++++++++++++++++++++++++++++++++++++---------
src/parsecontroller.cpp | 12 +--
src/ribbon-callbacks.cpp | 38 ++++++--
5 files changed, 269 insertions(+), 54 deletions(-)
hooks/post-receive
--
GnuPG extension for MS Outlook
http://git.gnupg.org
More information about the Gnupg-commits
mailing list