gpg-remailer-3.00.01/CLASSES0000644000175000017500000000011212253050330014215 0ustar frankfrankremailer mail gpg gpgmail cleartextmail mailer headers spawn logexception gpg-remailer-3.00.01/Copyright-notice0000644000175000017500000000244712214671023016371 0ustar frankfrank-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 gpg-remailer forwards PGP/GPG encrypted/signed mail to a group Copyright (C) 2006-2013 Frank B. Brokken (f.b.brokken@rug.nl) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQEVAwUBUjNs/32yqL7q5NiqAQhadwf6A7XiQywHmiucsTXMOiAIPPSeypZpNr6R b23BEg2Po/qGdTX7J1lpjHVxRuGH51XCPyfYlWdSl06tjANR3qvZBz/spuwj+dlv edCqTLjPHoEVVHqCHGtNwWfokyEpm8gW9o93Rm7S8mg0SzThBvPxKK7YSqQXwF5Q ELWLJSXGcLF1Z9bRgi9iOxAxkyGwM4HBghFnQ72/MiQcHEvhTKpfL/y4Q1o4K7VC YI3gaBnOQgCLgxKPFSGNdNQfBlAfz3jwjUcTi8aT5oXCoPLidEWUOj/0HBxjhbTb eoW+OQrgPTGaEe2elwZBAOTa+Pt0O+CN6lwRAx5Tc9MXbA2M2HOo/A== =h6EW -----END PGP SIGNATURE----- gpg-remailer-3.00.01/INSTALL0000644000175000017500000000177312215046566014262 0ustar frankfrankTo Install skeleton by hand instead of using the binary distribution perform the following steps: 0. To build the gpg-remailer the following programs/packages must be available: libbobcat3 (>= 3.16.00), libbobcat-dev (>= 3.16.00), icmake (>= 7.21.00), g++ (>= 4.8.1), and yodl (>= 3.00.0) if you want to create the man-page. To use the gpg-remailer /usr/bin/gpg and /usr/bin/mail must be available. 1. Inspect the values of the variables in the file INSTALL.im Modify these when necessary. The default destinations are: * For the man-page: /usr/share/man/man1/ * For additional documentation: /usr/share/doc/gpg-remailer/ 2. The binary program is at ./tmp/bin/binary. Using the 'build' script it can be installed in a directory of your choice. To see build's options call ./build without arguments. 3. ./build program creates the program ./build man creates the man-page gpg-remailer-3.00.01/INSTALL.im0000644000175000017500000000202312251347165014652 0ustar frankfrank // Specify the name of the program created by this project: #define PROGRAM "gpg-remailer" // When defined, these overrule COMPILER and COMPILER_OPTIONS // COMPILER and COMPILER_OPTIONS are now obsolete // Instead of CXX and CXXFLAGS, CC and CFLAGS can be used. // Their #define values are overruled by identically named environment // variables. #define CXX "g++" // the compiler to use. #define CXXFLAGS "--std=c++0x -Wall -O2 -g" // the compiler options to use. #define LDFLAGS "" // flags passed to the linker // ========================================================================= // The following locations are overruled by `build install' arguments #define BINARY "/usr/bin/"${PROGRAM} // the full path of the final program #define MAN "/usr/share/man/man1" // the directory whre the manual page is stored #define STD "/usr/share/doc/"${PROGRAM} // the directory where the standard documentation is stored gpg-remailer-3.00.01/LICENSE0000644000175000017500000010451312253536055014231 0ustar frankfrank GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: Copyright (C) This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see . The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read . gpg-remailer-3.00.01/TODO0000644000175000017500000000001112120110325013655 0ustar frankfrankall done gpg-remailer-3.00.01/VERSION0000644000175000017500000000006612253323542014265 0ustar frankfrank#define VERSION "3.00.01" #define YEARS "2006-2013" gpg-remailer-3.00.01/VERSION.h0000644000175000017500000000010412120110325014466 0ustar frankfrank#include "VERSION" SUBST(_CurVers_)(VERSION) SUBST(_CurYrs_)(YEARS) gpg-remailer-3.00.01/build0000755000175000017500000000462012120110325014224 0ustar frankfrank#!/usr/bin/icmake -qt/tmp/gpg-remailer #include "icmconf" #include "icmake/setopt" #include "icmake/run" #include "icmake/md" #include "icmake/special" #include "icmake/clean" #include "icmake/manpage" #include "icmake/install" string g_cwd = chdir(""); // initial working directory void main(int argc, list argv) { string option; string strip; option = argv[1]; if (option == "clean") clean(0); if (option == "distclean") clean(1); if (option == "install") install(argv[2], argv[3]); if (option != "") special(); if (option == "sourceforge") exit(0); if (option == "man") manpage(); if (option == "library") { // library(1); system("icmbuild library"); exit(0); } if (argv[2] == "strip") strip = "strip"; if (option == "program") { system("icmbuild program " + strip); exit(0); } if (option == "oxref") { system("icmbuild program " + strip); run("oxref -fxs tmp/lib" LIBRARY ".a > " PROGRAM ".xref"); exit(0); } printf("Usage: build what\n" "Where `what' is one of:\n" " clean - clean up remnants of previous " "compilations\n" " distclean - clean + fully remove tmp/\n" " library - build " PROGRAM "'s library\n" " man - build the man-page (requires Yodl)\n" " program [strip] - build " PROGRAM " (optionally strip the\n" " executable)\n" " oxref [strip] - same a `program', also builds xref file\n" " using oxref\n" " install program [path] - install the program at `path'\n" " (by default at `" BINARY "')\n" " install man [base] - install the man pages below `base'\n" " (by default below `" MAN "')\n" " install std [base] - install standard docs below `base'\n" " (by default below `" STD "')\n" " sourceforge - prepare sourceforge's index update\n" "\n" "If the environment variable DRYRUN is defined, no commands are\n" "actually executed\n" "\n" ); exit(1); } gpg-remailer-3.00.01/changelog0000644000175000017500000000742612253332675015105 0ustar frankfrankgpg-remailer (3.00.01) * Repaired error in exception handling. Because of this, version 3.00.00 is not released by itself. Instead, use this 3.00.01 release. * Added option --umask -- Frank B. Brokken Sun, 15 Dec 2013 14:59:14 +0100 gpg-remailer (3.00.00) * The remailer can be configured to accept clear-text messages, in addition to GPG/PGP encrypted messages. * Added configuration file options `clear-text' ((dis)allowing clear-text mail) and `envelope' (specifying from which envelope addresses clear-text mail is accepted). * The `relax' option and configuration parameter is no longer interpreted. A warning is logged if it is used. Instead of using `relax' the pseudo account used for remailing should set `umask 077' at shell-startup. * Long encrypted messages broke the remailer. Repaired by simplifying child process handling in a separate class `Spawn'. * Added additional comment to various remailer/ source files, and to remailer/remailer.h -- Frank B. Brokken Sat, 14 Dec 2013 13:37:43 +0100 gpg-remailer (2.56.00) * Repaired handling of multiple -m or -r options: now all -m and -r options are recognized. Each -m or -r option should contain just one e-mail address. -- Frank B. Brokken Thu, 09 Oct 2013 21:27:25 +0200 gpg-remailer (2.55.01) * Added missing -pthread flag to icmconf: without it, compiling succeeds, but execution ends in a Fatal exception. -- Frank B. Brokken Mon, 30 Sep 2013 16:06:56 +0200 gpg-remailer (2.55.00) * As per RFC 2822 (pg. 8), multiple subject lines in incoming e-mail are now recognized. * remailer/sendmail.cc and remailer/gpg.cc no longer uses /bin/sh. * NTBSs escaping \- or "-chars were converted to Raw String Literals where considered sensible. * Added PGP signed file (Copyright-notice) stating that the files of the gpg-remailer package are all free software in accordance with the GPL V. 3. * Updated the man-page * Gzipped documents were generated using the -n flag to avoid timestamps -- Frank B. Brokken Sat, 14 Sep 2013 13:33:20 +0200 gpg-remailer (2.54.01) * The distribution is now provided with a (GPL) LICENCE file -- Frank B. Brokken Wed, 04 Sep 2013 15:07:26 +0200 gpg-remailer (2.54.00) * Sources adapted to Bobcat 3.12.00 * Program renamed to gpg-remailer, default configuration file now etc/gpg-remailer.rc -- Frank B. Brokken Tue, 12 Mar 2013 13:42:48 +0100 remailer (2.53.00) * Sources adapted to Bobcat 3.00.00 -- Frank B. Brokken Fri, 04 May 2012 16:18:41 +0200 remailer (2.52.00) * Used lambda functions and modifications required for amd64 architectures -- Frank B. Brokken Wed, 07 Sep 2011 17:00:07 +0200 remailer (2.51.00) * Adapted sources to bobcat 2.13.0 -- Frank B. Brokken Fri, 04 Feb 2011 22:23:52 +0100 remailer (2.50.1) * Multiple changes see the svn diffs, Using the --std=c++0x compiler option. -- Frank B. Brokken Mon, 12 Oct 2009 09:52:11 +0200 remailer (2.41.0) * Repaired --no-mail handling, recompilation for new Process class -- Frank B. Brokken Mon, 27 Oct 2008 17:05:19 +0100 remailer (2.40.0) * -- Frank B. Brokken remailer (2.32.1) * Initial 'Content-Type:' line section is written before the signature. If no such section is found, then the signature is shown first. -- Frank B. Brokken Tue, 30 Sep 2008 09:42:38 +0200 remailer (2.32.0) * Conversion from remailerScript to C++ program -- Frank B. Brokken Sun, 28 Sep 2008 19:39:08 +0200 gpg-remailer-3.00.01/cleartextmail/0000755000175000017500000000000012253050330016041 5ustar frankfrankgpg-remailer-3.00.01/cleartextmail/label.cc0000644000175000017500000000014312253050330017425 0ustar frankfrank#include "cleartextmail.ih" string ClearTextMail::label() const { return "Clear text mail"; } gpg-remailer-3.00.01/cleartextmail/cleartextmail.h0000644000175000017500000000141412253050330021050 0ustar frankfrank#ifndef INCLUDED_CLEARTEXTMAIL_ #define INCLUDED_CLEARTEXTMAIL_ namespace FBB { class Log; } #include "../mailer/mailer.h" class Headers; class ClearTextMail: public Mailer { Headers &d_headers; std::string const &d_mailName; std::string const &d_replyTo; public: ClearTextMail(FBB::Log &log, Headers &headers, std::string const &mailName, std::string const &replyTo, std::string const &step ); private: std::string headers() const; std::string label() const override; std::string mailCommand(std::string const &recipient) const override; void writeMailContents(std::string const &mailData) const override; }; #endif gpg-remailer-3.00.01/cleartextmail/mailcommand.cc0000644000175000017500000000040212253050330020625 0ustar frankfrank#include "cleartextmail.ih" string ClearTextMail::mailCommand(string const &recipient) const { return "/usr/bin/mail -s '" + subject() + "' " "-a \"Reply-To: " + d_replyTo + "\" " + headers() + " " + recipient; } gpg-remailer-3.00.01/cleartextmail/cleartextmail.ih0000644000175000017500000000023112253050330021215 0ustar frankfrank#include "cleartextmail.h" #include #include #include "../headers/headers.h" using namespace std; using namespace FBB; gpg-remailer-3.00.01/cleartextmail/writemailcontents.cc0000644000175000017500000000035712253050330022130 0ustar frankfrank#include "cleartextmail.ih" void ClearTextMail::writeMailContents(std::string const &mailData) const { ifstream in; Exception::open(in, mailData); ofstream out; Exception::open(out, d_mailName); out << in.rdbuf(); } gpg-remailer-3.00.01/cleartextmail/cleartextmail1.cc0000644000175000017500000000053312253050330021270 0ustar frankfrank#include "cleartextmail.ih" ClearTextMail::ClearTextMail(Log &log, Headers &headers, string const &mailName, string const &replyTo, string const &step) : Mailer(log, headers, mailName, step), d_headers(headers), d_mailName(mailName), d_replyTo(replyTo) { } gpg-remailer-3.00.01/cleartextmail/headers.cc0000644000175000017500000000256412253050330017772 0ustar frankfrank#include "cleartextmail.ih" string ClearTextMail::headers() const { string mime = d_headers.getHeader("MIME-Version"); string contentHdr; if (not mime.empty()) contentHdr = R"(-a ")" + String::escape(mime) + '"'; d_headers.setHeaderIterator("Content-", MailHeaders::CASE_INITIAL); for ( auto begin = d_headers.beginh(), end = d_headers.endh(); begin != end; ++begin ) { string header(*begin); char const *headerCp = header.c_str(); if ( strcasestr(headerCp, "Content-Type") == headerCp || strcasestr(headerCp, "Content-Disposition") == headerCp ) { while (true) { size_t pos0 = header.find('\n'); // any newline? if (pos0 == string::npos) // no: done break; // pos. of 1st non-blank // beyond the \n size_t pos1 = header.find_first_not_of(" \t\n", pos0); // e.g. 'n x': pos0 = 0, pos1 = 2 -> erase 1 char header.erase(pos0, pos1 - pos0 - 1); header[pos0] = ' '; } contentHdr += R"( -a ")" + String::escape(header) + '"'; } } return contentHdr; } gpg-remailer-3.00.01/documentation/0000755000175000017500000000000012120110325016046 5ustar frankfrankgpg-remailer-3.00.01/documentation/man/0000755000175000017500000000000012253331061016632 5ustar frankfrankgpg-remailer-3.00.01/documentation/man/gpg-remailer.yo0000644000175000017500000006302712253331060021565 0ustar frankfrankNOUSERMACRO(recipient member) COMMENT(includefile(../../release.yo)) htmlbodyopt(text)(#27408B) htmlbodyopt(bgcolor)(#FFFAF0) whenhtml(mailto(Frank B. Brokken: f.b.brokken@rug.nl)) DEFINEMACRO(lsoption)(3)(\ bf(--ARG1)=tt(ARG3) (bf(-ARG2))\ ) DEFINEMACRO(laoption)(2)(\ bf(--ARG1)=tt(ARG2)\ ) DEFINEMACRO(loption)(1)(\ bf(--ARG1)\ ) DEFINEMACRO(soption)(1)(\ bf(-ARG1)\ ) DELETEMACRO(tt) DEFINEMACRO(tt)(1)(em(ARG1)) COMMENT( man-request, section, date, distribution file, general name) manpage(gpg-remailer)(1)(_CurYrs_)(gpg-remailer._CurVers_.tar.gz) (gpg-remailer - reencrypt PGP/GPG maill) COMMENT( man-request, larger title ) manpagename(gpg-remailer) (forward re-encrypted/signed PGP/GPG encrypted/signed mail to a group) COMMENT( all other: add after () ) manpagesynopsis() bf(gpg-remailer) [OPTIONS] manpagedescription() Gpg-remailer decrypts received PGP/GPG messages, verifies the received signature, and re-encrypts the e-mail for a well defined group of recipients. Gpg-remailer can also be configured so as to process clear-text e-mail. Using gpg-remailer the list of members of a group of people who want to exchange encrypted and authenticated e-mails (and maybe also clear-text messages) can be maintained at one location, allowing the members of the group to specify just one e-mail address to send PGP/GPG signed and encrypted (or optionally clear-text) e-mail to. Gpg-remailer reads incoming e-mail from its standard input stream. If the incoming e-mail is clear-text, it resends the e-mail to one or more configurable e-mail addresses. If the incoming e-mail is PGP/GPG encrypted (and optionally signed) it re-encrypts the received information for every member of a configurable group, and send the re-encrypted information to one or more configurable e-mail addresses. By itself, gpg-remailer is not a mailing list. However, the configured recipient address could be, e.g., a mailing list address, for further distribution of the processed e-mail. Gpg-remailer is a em(remailer): it uses the message's data, but not its headers. Having received an e-mail it resends, rather than forwards, the received e-mail. The e-mail that is received via gpg-remailer therefore contains a completely new set of e-mail headers. A configuration file as well as command line options can be used to fine-tune gpg-remailer's behavior. manpagesection(RETURN VALUE) Gpg-remailer always returns 0 to the operating system to prevent tt(unknown mailer error) messages in the MTA's logs. However, when gpg-remailer ends prematurely an error message is written to the standard error stream. manpagesection(REQUIREMENTS) In order to use gpg-remailer the following requirements must be met (all commands should be issued by the tt(root) user): itemization( it() Since multiple groups may use gpg-remailer it is advised to define functional accounts handling e-mail to be processed by gpg-remailer. A functional account tt(secmail) can be defined using a command like this: verb( adduser --home /var/lib/secmail --disabled-password secmail ) it() All locations used by the gpg-remailer must be given highly restrictive permissions. E.g., the functional accounts should set tt(umask 077). It is the responsibility of the user to make sure that the access rights are correctly configured. it() Consider making all functional gpg-remailer accounts members of a special group (e.g., tt(gpg-remailer)) and allow execution of tt(/usr/sbin/gpg-remailer) only my members of that group: verb( addgroup gpg-remailer adduser secmail gpg-remailer chown root.gpg-remailer /usr/sbin/gpg-remailer chmod o-rx /usr/bin/gpg-remailer ) it() To allow the functional account to handle incoming e-mail bf(sudo)(1) can be used. In the file tt(/etc/sudoers) the following lines can be entered (tt(REMAILERS) can be given a comma separated list of functional account names, tt(mailhost.org) should be replaced by the name of the host handling incoming e-mail): verb( Runas_Alias REMAILERS = secmail mail mailhost.org=(REMAILERS) NOPASSWD: /usr/sbin/gpg-remailer ) E.g., if gpg-remailer runs on a computer named tt(remailer.mydomain.nl) which may receive incoming e-mails, then specify tt(remailer.mydomain.nl) for tt(mailhost.org). it() An e-mail address must be defined to where the mail to reencrypt must be sent to. This e-mail address must be known by the members of the group who want to use the gpg-remailer. Such an account could be, e.g., tt(secmail@mailhost.org), appearing as a defined mail address in, e.g., tt(/etc/mail/aliases). The address for this example would be entered in the tt(/etc/mail/aliases) file (some installations use tt(/etc/aliases)) in this way: verb( secmail: "|sudo -u secmail /usr/sbin/gpg-remailer" ) ) manpagesection(THE PSEUDO USER'S PGP KEY RINGS) itemization( it() The functional account must be provided with a GPG/PGP keypair. Its public key must be distributed over the people who are allowed to send mail to the gpg-remailer (which may be the world if the public key is published at a PGP key server). Since the gpg-remailer must be able to act on its own, the secret key must not require a passphrase. The key can be created as follows (after the initial command, which is specified by tt(root), the remaining commands through the final tt(exit) command at the end of this section are executed by the pseudo-user tt(secmail)): verb( su - secmail gpg --gen-key ) At the tt(gpg --gen-key) command the tt(gpg) program asks for some details. Accept the defaults unless you have reason not to, but make sure you do not require a pass-phrase: press tt(Enter) twice when asked for one. ) bf(Some additional suggestions:) itemization( it() Details for defining a PGP key without password: define default RSA key, size 2048, never to expire+nl() real name: secmail gpg-remailer functional account+nl() email address: secmail@mailhost.org+nl() No passphrase required: press Enter twice.+nl() it() Specify the key-id of the just created gpg-key as the default key in the file tt(~/.gnupg/gpg.conf) (or tt(~/.gnupg/options), whichever is used). E.g., verb( default-key 1234ABCD ) it() Also add a line containing verb( force-mdc ) to tt(~/.gnupg/gpg.conf). This prevents the warning verb( WARNING: message was not integrity protected ) it() If you want to allow non-group members to send e-mail to the gpg-remailer consider adding a key server specification to tt(~/.gnupg/gpg.conf) as well, to allow the automatic retrieval of missing public keys. E.g., add a line like verb( keyserver keys.gnupg.net ) to tt(~/.gnupg/gpg.conf). it() Next use tt(gpg --search-keys), tt(gpg --recv-keys) or tt(gpg --import) (see the bf(gpg)(1) man-page for the required formats of these commands) to already add the public keys of all the members of the group who will be using gpg-remailer to the pseudo user's public key ring. it() If a group member exists who has signed the GPG/PGP keys of all other members, then consider to trust this member fully, to prevent warnings resulting from using untrusted keys. it() Once the gpg-remailer's GPG key pair has been created, provide the remailer's public key to the members of the group. These members should import the public key and they should be advised to sign the remailer's public key to prevent warnings about using an unverified public key. The remailer's public key can be be exported to file using verb( gpg --armor --export secmail > secmail.pub ) and the members of the group can import the remailer's public key using: verb( gpg --import secmail.pub ) it() When a new member is added to the group he/she should add the remailer's public key to his/her public key ring and provide his/her public key for import into the functional account's public key ring. it() Gpg-remailer requires the existence of a configuration file and of a directory to store its temporary files in. See the section bf(CONFIGURATION FILE) below. it() Having prepared the pseudo user's PGP key rings, the command tt(exit) takes you back to the tt(root) user's session. ) manpageoptions() If available, single letter options are listed between parentheses following their associated long-option variants. Single letter options require arguments if their associated long options require arguments as well. itemization( it() loption(debug) (soption(d)) nl() When specified, debug messages are logged to the log-file (see below). When this option is specified the files written by gpg-remailer are not removed after gpg-remailer has processed an incoming e-mail. it() loption(help) (soption(h)) nl() A short summary of the usage is displayed to the standard output after which gpg-remailer terminates. it() lsoption(logfile)(l)(filename)nl() Specifies the file on which gpg-remailer's log messages are written (by default tt(~/etc/gpg-remailer.log)). it() lsoption(loglevel)(L)(level)nl() LogLevel 0 provides extensive debug output as well as all other logmessages;nl() LogLevel 1 logs the executed commands and the default messages;nl() LogLevel 2 logs the default messages (characteristics of incoming and outgoing e-mail) (default);nl() Higher levels will suppress logging. it() lsoption(member)(m)(PGP e-mail address) nl() The PGP-key e-mail address to re-encrypt the message for. Overrides the member(s) listed in the configuration file. This option may be specified multiple times when multiple members must be specified on the command line. With each tt(--member) option only provide one e-mail address (e.g., tt(member@domain.iso). This format is not checked by bf(gpg-remailer), but a failure to comply may result in bf(gpg-remailer) being unable to re-encrypt or e-mail messages. The tt(--member) specifications can also be used to specify a set of e-mail envelope addresses from where clear-text e-mail is accepted, using the tt(envelope: members) and tt(clear-text: envelope) configuration file specifications. it() loption(noMail)nl() When specified no mail is sent. it() lsoption(nr)(n)(file-number) nl() Files created by the gpg-remailer while processing incoming e-mails are kept, and receive suffix tt(file-number), which should be a number. it() lsoption(recipient)(r)(e-mail address) nl() The recipient address(es) of the (re-encrypted or plain) resent e-mail. Overrides the recipient(s) listed in the configuration file. As with the tt(--members) option, multiple recipients may be specified by providing multiple tt(--recipient) options. These addresses may or may not be unique. If multiple identical addresses are specified gpg-remailer will send e-mail to each of these multiply specified addresses. Each tt(--recipient) option should normally only define one plain e-mail address (e.g., tt(recipient@domain.iso), but multiple tt(--recipient) options are also accepted. The format of the e-mail addresses is not checked by bf(gpg-remailer), but providing any information in addition to or differing from a plain e-mail address may result in bf(gpg-remailer) being unable to re-encrypt or resend e-mail messages. In addition to plain e-mail addresses, the specification tt(--recipient members) can be used to indicate that the re-encrypted mail must be sent to all e-mail addresses specified using tt(member) specifications. it() laoption(step)(name)nl() Perform the indicated step of the remailing process. Step names are:nl() tt(hdrs) (write the mail headers),nl() tt(org) (write the mail data),nl() tt(dec) (only for PGP encrypted e-mail: write the decrypted info),nl() tt(doc) (only for PGP encrypted e-mail: create the info to send),nl() tt(enc) (only for PGP encrypted e-mail: encrypt the info to send),nl() tt(clearmail) (send clear-text mail),nl() tt(clearmail:address) (send mail only to the provided address, ignore recipient(s) specified otherwise). tt(pgpmail) (send pgp-encrypted mail),nl() tt(pgpmail:address) (send pgp-encrypted mail only to the provided address, ignore recipient(s) specified otherwise).nl() Step tt(hdrs) is completely optional. Later steps depend on earlier steps. E.g., tt(--step doc) can only be requested after having specified tt(--step dec) in a previous run. With clear-text e-mail steps tt(dec, doc, enc) and tt(pgpmail) should not be provided. With PGP encrypted mail step tt(clearmail) should not be provided. it() lsoption(tmp)(t)(path) nl() The path of the directory where the temporary files are written (by default: tt($HOME/tmp)). This should be an absolute path. it() laoption(umask)(octalValue)nl() By default, gpg-remailer uses umask 077 for all files it creates: only the pseudo-user has read and write permissions. In normal circumstances there should be no reason for changing this umask value, but if necessary the tt(--umask) option can be used, providing an octal value, to specify an alternative umask value. it() loption(version) (soption(v))nl() Gpg-remailer's version number is is written to the standard output stream after which gpg-remailer terminates. ) manpagesection(CONFGURATION FILE) The default configuration file is tt(~/etc/gpg-remailer.rc) under the pseudo user's home directory. Its path may be altered using a program option. Empty lines are ignored. Information at and beyond tt(#)-characters is interpreted as comment and is ignored as well. All directives in the configuration file obey the pattern verb( directive: value ) A line may at most contain one directive, but white space (including comment at the end of the line) is OK. Several directives may be specified multiple times; otherwise the first occurrence of a directive is used. All directives are interpreted em(case insensitively), but their values are used as specified. E.g., tt(DeBUG: true) is as good as tt(debug: true), but tt(debug: TRUE) is not recognized. Non-empty lines not starting with a recognized directive are silently ignored. The following directives are supported (default values are shown between parentheses; when none is specified there is no default). When equivalent command line options are used then they overrule the configuration file specifications. itemization( it() bf(debug:) tt(logic) (false)nl() When tt(logic) is specified as tt(true) debug messages will be logged to the log-file (see below). Command line options: tt(--debug, -d). When this option is specified the files written by gpg-remailer will not be removed when gpg-remailer terminates. it() bf(clear-text:) tt(specification) (rejected)nl() By default, the gpg-remailer does not accept clear-text e-mail. This can explicitly be indicated in the configuration file using the tt(clear-text: rejected) specification. If clear-text e-mail should be allowed specify tt(clear-text: accepted) It is also possible to specify the envelope addresses that are accepted for received clear-text e-mail. If this is required, specify tt(clear-text: envelope) and define the accepted envelope e-mail addresses using the tt(envelope:) configuration option. it() bf(envelope:) tt(e-mail address) nl() The tt(envelope) specifications are only interpreted when tt(clear-text: envelope) has been specified. When tt(clear-text: envelope) was specified only clear-text e-mail using one of the configured tt(envelope) addresses will be re-mailed to the configured recipients. The special envelope specification tt(envelope: members) may be used to indicate that envelope addresses which are equal to the addresses specified using tt(member) specifications are all accepted. All envelope addresses are interpreted case-insensitively. By default (if no tt(envelope) specification has been provided) all envelope addresses are accepted, in which case the specification tt(clear-text: envelope) reduces to tt(clear-text: accepted). it() bf(keepFiles:) tt(nr) nl() When a number is specified all files written by gpg-remailer use the specified number and are not removed when gpg-remailer terminates. When this option is not specified the files receive a random numeric extension resulting in the creation of new, as yet non-existing tt(*.) files. it() bf(logfile:) tt(filename) (etc/gpg-remailer.log)nl() The file on which gpg-remailer's log messages are written. it() bf(loglevel:) tt(value) (2)nl() LogLevel 0 provides extensive debug output as well as all other logmessages;nl() LogLevel 1 logs the executed commands and the default messages;nl() LogLevel 2 logs the default messages (characteristics of incoming and outgoing e-mail);nl() With higher levels logging is suppressed. it() bf(member:) tt(address) nl() Multiple members may be specified. Each tt(member) specification specifies a PGP-key e-mail address to re-encrypt the message for. The addresses should be plain e-mail addresses (e.g., tt(member@domain.iso)), and should not contain other elements (like the name of the person using the address). This format is not checked by bf(gpg-remailer), but a failure to comply may result in bf(gpg-remailer) being unable to re-encrypt or e-mail messages. The tt(member) specifications can also be used to specify a set of e-mail envelope addresses from where clear-text e-mail is accepted, using the tt(envelope: members) and tt(clear-text: envelope) specifications. it() bf(noMail:) tt(logic) (false)nl() When specified as tt(true) no mail is sent. it() bf(recipient:) tt(e-mail address) nl() The recipient address(es) of the (re-encrypted or plain) resent e-mail. Multiple recipients may be specified. These addresses may or may not be unique. If multiple identical addresses are specified gpg-remailer will send e-mail to each of these multiply specified addresses. Recipients should be specified using plain e-mail addresses (e.g., tt(destination@some.host.org)). The re-encrypted mail is sent to each recipient in turn. The specification tt(recipient: members) can be used to indicate that the re-encrypted mail must be sent to all e-mail addresses specified using tt(member) specifications. it() bf(replyTo:) tt(full address) nl() The reply to address may be any e-mail reply-to address. The reply-to becomes the default reply address for the recipient receiving gpg-remailer's e-mail message. Quotes and double quotes are removed from the reply to address. A reply-to specification could be, e.g., verb( SECMAIL signed AND encrypted ) This specification should be according to the requirements defined in RFC 822: em(Standard for ARPA Internet Text Messages). Failing to comply with RFC 822 may result in the e-mail sending program rejecting the e-mail that is submitted by the gpg-remailer. it() bf(signature:) tt(requirement) (required)nl() This option is used to control signature checking. Recognized values are:nl() tt(none) (or not specified): no signature checking is performed;nl() tt(required): a PGP signature must have been provided;nl() tt(good): the PGP signature must be recognized as a a `good signature'. it() bf(tmp) tt(directory) (tmp/)nl() The directory into which gpg-remailer writes its temporary files. ) ) manpagesection(FORMATS) Although using PGP/GPG in e-mail is established technology, various formats of the e-mail are possible. Currently gpg-remailer recognizes the following formats: itemization( it() Simple encrypted messages, consisting of an encrypted e-mail body; it() Multi-part encrypted messages; it() Encrypted messages containing detached signatures. ) Below a description is given of the actual contents of PGP encrypted en decrypted files. All PGP encrypted e-mail shows the following headers (the boundary values will differ over different e-mail messages): verb( Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="+QahgC5+KEYLbs62" Content-Disposition: inline ) All PGP encrypted e-mail shows the following organization (the lines are used to separate the e-mail organization from the text of this man-page and are not actually present in the e-mail or in the decrypted information; empty lines, where shown, are required): verb( ---------------------------------------------------------------------- mail headers --+QahgC5+KEYLbs62 Content-Type: application/pgp-encrypted Content-Disposition: attachment Version: 1 --+QahgC5+KEYLbs62 Content-Type: application/octet-stream Content-Disposition: inline; filename="msg.asc" -----BEGIN PGP MESSAGE----- ... -----END PGP MESSAGE----- --+QahgC5+KEYLbs62-- ---------------------------------------------------------------------- ) Note that boundaries consist of itemization( it() a new line character it() two dashes followed by the boundary text it() the last boundary is followed by two dashes it() a new line character ) The various PGP encrypted e-mail formats differ in the way they organize the decrypted information. bf(Simple Encrypted Messages.) During decryption the signature is verified, and the result of the verification is written to the standard error stream. The decrypted message itself contains but one message, organized as follows: verb( ---------------------------------------------------------------------- Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable decrypted text of the message ---------------------------------------------------------------------- ) bf(Multi-part Encrypted Messages.) During decryption the signature is verified, and the result of the verification is written to the standard error stream. The decrypted message itself contains multiple messages, organized as follows: verb( ---------------------------------------------------------------------- Content-Type: multipart/mixed; boundary="f+W+jCU1fRNres8c" Content-Disposition: inline --f+W+jCU1fRNres8c Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Text of the first attachment --f+W+jCU1fRNres8c Content-Type: application/pdf Content-Disposition: attachment; filename="attachment.pdf" Content-Transfer-Encoding: base64 text of the attachment.pdf in base64 encoding --f+W+jCU1fRNres8c-- ---------------------------------------------------------------------- ) Multiple attachments might follow in the same way. bf(Encrypted Messages Containing Detached Signatures.) During decryption the signature is em(not) verified (but the recipient(s) is (are) shown) and the decrypted file is organized as follows: verb( ---------------------------------------------------------------------- Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-TNwuMvq+TfajHhvqBuO7" --=-TNwuMvq+TfajHhvqBuO7 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Text of the message --=-TNwuMvq+TfajHhvqBuO7 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- ... signature text -----END PGP SIGNATURE----- --=-TNwuMvq+TfajHhvqBuO7-- ---------------------------------------------------------------------- ) The last part represents the detached signature, The contents section must be separated from the decrypted file (named, e.g., tt(decrypted)) (creating, e.g., the file tt(contents)). That latter file's signature may then be verified using the command verb( gpg --verify decrypted contents ) resulting in the signature verification written to the standard error (as usual). The contents start immediately following the first boundary, and continues up to, but not including, the new line just before the next boundary. ) COMMENT( manpagesection(EXAMPLES) To do END) manpagefiles() Default locations are shown. Configuration options may change these locations. itemization( it() tt(/etc/mail/aliases): defines the mail accounts used by gpg-remailer. it() tt(etc/gpg-remailer.rc): gpg-remailer's configuration file. it() tt(/etc/sudoers): defines actions executed by the MTA. it() tt(tmp/decrypted.): the decrypted original text. it() tt(tmp/err.): a file containing errors generated when processing the original text. The tt(tmp/signature.) may contain gog-decryption errors. it() tt(tmp/hdrs.): the headers of the received e-mail. it() tt(tmp/mail.): the mail sent to the recipient(s). it() tt(tmp/org.): a copy of the received e-mail. When random file numbers are used a tt(org.) file will not overwrite an existing tt(org.*) file. it() tt(tmp/reencrypt.): the (as yet unencrypted) file to return to the the recipient(s). it() tt(tmp/reencrypted.): the reencrypted file to return to the the recipient(s). it() tt(tmp/signature.): the signature found in the original text. ) manpageseealso() bf(addgroup)(1), bf(adduser)(1), bf(chmod)(1), bf(chown)(1), bf(gpg)(1), bf(sudo)(1), bf(umask)(1), manpagebugs() None reported manpageauthor() Frank B. Brokken (f.b.brokken@rug.nl). gpg-remailer-3.00.01/documentation/remailerScript.orig0000755000175000017500000003052512120110325021725 0ustar frankfrank#!/bin/sh # Version 2.31 # This script may be called with an argument, in which case it is requested to # check a detached signature. # For debugging purposes: Enter an initial -d for debugging as first # argument, then call remailer as # su pseudouser -c "/usr/local/bin/remailer process-nr" < mail-file # files in the pseudouser's tmp directory will start with the provided # process-id # if the argument following -d equals -H a local head file in the current # working directory is expected, and no change of directory is performed # Set to 0 to keep files in the tmp subdir, set to 1 to remove on # on successful completion REMOVE_TMP_FILES=1 HEAD=/usr/local/lib/remailer/head if [ "$1" != "-d" ] then ID=$$ else DEBUG=yes ID=$2 shift 2 fi if [ "$1" == "-H" ] then H_OPTION=$1 HEAD=head shift fi # 0. Preliminaries: # - Create a group remailer, and store this script in # /usr/local/bin, root.remailer, chmod 0750 # - Make sure `sudo' (or comparable software) is available # # 1. Define an entry for pseudo (the pseudo user) in the mail aliases # /etc/mail/aliases: # pseudo: "|sudo -u pseudo /usr/local/bin/remailer" # and rerun `newaliases' # # Add an entry allowing `mail' to call the remailer to /etc/sudoers: # mail host.domain.xx=(pseudo) NOPASSWD: /usr/local/bin/remailer # (host.domain.xx is the name of the host on which the remailer is # installed. `ALL' instead of `host.domain.xx' may also be # specified) # # Having thus set-up the `pseudo' user, /usr/local/bin/bin/remailer (this # script) will be activated for `pseudo' when called by `mail', using the id # `pseudo', group `remailer'. Now we're ready to send mail to `pseudo', # which is then handled by this script. # # 2. Create a pseudo account for the `pseudo' user. E.g., # adduser --home /var/lib/pseudo --shell /usr/bin/tcsh # --ingroup remailer --disabled-password pseudo # Chmod the account to 0700 # Make sure the account does not expire: # /etc/shadow: # pseudo:!:12797:0:99999:7::: # ^^^^^ # Change identity to the pseudo user. # Define gpg keys for the pseudo user: # gpg --gen-key # - decrypting key without password # - define default DSA key, size 1024, never to expire # - real name: `Pseudo' remailer # - email address: pseudo@host.name (this is the address # from where mail is sent by the remailer) # - no passphrase required: press 2 x enter. # - edit this gpg key, and add a subkey, EIGamal for encryption only # (addkey) # - Use --search-keys or --recv-keys or --import to provide the pseudo # user's public key ring with the group member's public keys, and # add the names or key-ids to the `members' definition in # ~/gnupg/gpg.conf # - Add an element like the following to gpg.conf: # force-mdc # to prevent the `WARNING: message was not integrity protected' # warning. # - Add an element like the following to gpg.conf: # keyserver wwwkeys.eu.pgp.net # (maybe not: there may be no need for the remailer to access # a keyserver. A maintainer should be the agent # monitoring the keys of the pseudo-user # - create a tmp/ directory under this account # - Create a directory etc/ under this account and store in here the # following two files: # remailer.rc # This file may contain standard shell-comment and # empty lines, but must contain the following lines: # remailTo="address(es)" to where the reencrypted mail # will be sent. This may be the address of # (e.g.) a mailing list or the plain word # `members' in which case all members listed # in the file members (see below) will # receive the mail. The double quotes are # required when multiple addresses are used. # Use a blank to separate multiple addresses. # Also, a form like the following can be used # (without the #-chars at the begin of the # lines, of course): # remailTo="\ # first@address1\ # second@address2\ # " # replyTo="name
" # The name and address to appear in the # Reply-To header # acceptFrom=patternFile # This entry is optional. If specified it contains regular # expressions (1 per line) of all from-addresses who are # allowed to send signed and encrypted mail to the # remailer. The members are by default allowed. To allow # everybody to send e-mail (encrypted and signed) specify .* # Note that keyserver must probably be specified when public # keys of senders should be retrievable from a pgp # keyserver. # members # This file may contain standard shell-comment and empty # lines but must contain the addresses of the members for # whom the received mail will be encrypted. Addresses must # be separated by white space (blanks, tabs, newlines). The # e-mail addresses must be the addresses mentioned in the # public keyring of the pseudo user. # 3. Optionally give ultimate trust to a member who has signed all other # member's keys, as this will prevent warnings the use of `--trust-model # always' # # 4. Export the public key, members should import the pseudo user's public # key and sign it. # (gpg --armor --export pseudo > pseudo.pub) # (gpg --import pseudo.pub) # # Adding new members involves: # 1. obtain their public key # 2. insert it to the pseudo user's public keyring # 3. add their name or id to the `members' definition in # ~/etc/members # 4. provide the new user with the new key # # Removing members involves: # 1. remove their name or id from the `members' definition in # ~/etc/members # 2. optionally remove their public key # 3. optionally, distribute a new subkey, and invalidate the current # subkey # # Questions, remarks to Frank. # If provided: non-option $1 is the name of the file containing the # detached sig, and the script should read $1 from stdin as well. pseudouser=`/usr/bin/id -nu` # common arguments for all gpg calls. Call gpg as $gpg gpg="gpg --homedir /var/lib/$pseudouser/.gnupg" [ "$DEBUG" != "yes" ] && gpg="$gpg --quiet --batch" GOODSIGNATURE="gpg: Good signature from" checkSig() { while : # skip until the first boundary do read LINE || break echo "$LINE" | grep "$BOUND" > /dev/null && break done while : # save all lines, up to, but excluding do # the line just before the next boundary read LAST || break echo "$LAST" | grep "$BOUND" > /dev/null && break ALL="${ALL}${PREV}" PREV="$LAST " done echo -n "$ALL" > /tmp/message # check for the signature echo -n "$ALL" | $gpg --verify $1 - 2>&1 | grep "$GOODSIGNATURE" >/dev/null return $? } detachedSignature() { while : do read LINE || break # find the boundary echo $LINE | grep 'boundary="[^"]\+"' > /dev/null if [ "$?" == "0" ] then # keep it in BOUND BOUND=`echo $LINE | sed 's/[[:space:]]*boundary="\([^"]\+\)".*/\1/'` checkSig $1 # check the signature return $? fi done return 1 } if [ $# != 0 ] then detachedSignature $1 exit $? fi [ "$DEBUG" == "yes" ] && echo "Pseudouser: $pseudouser" >> /tmp/remailer # this script is /usr/local/bin/remailer. # .gnupg/ contains the configuration and keyrings for GPG # tmp/ is used for temporary file processing. # etc/ contains configuration files # the account /var/lib/pseudo was chmod-ed 700. failed() { echo "Failed `date`: $*" >> tmp/${ID}.log exit 0 } # We're at the root directory, not at the home dir. home/HOME is not # available # go to the psuedo user's home directory [ "$H_OPTION" != "" ] || cd /var/lib/$pseudouser || failed cd /var/lib/$pseudouser [ "$DEBUG" == "yes" ] && ls >> /tmp/remailer # check the existence of the relevant files [ -e etc/members -a -e etc/remailer.rc ] || failed missing etc/members and/or /etc/remailer.rc # source the configuration file . etc/remailer.rc # determine all members, store them as a single line. members=`grep -v '^[[:space:]]*\(#.*\)*$' etc/members | tr '\n' ' '` echo " Remail To: $remailTo Reply-To: $replyTo Members list: \"$members\" " > tmp/${ID}.members # save the received mail on a file if [ "$DEBUG" == "yes" ] then cp tmp/${ID}.members tmp/${ID}.debug fi /usr/local/bin/remailerunhex > tmp/${ID}.org || failed no original message # determine the subject of the mail, removing double quotes # to prevent nested double quotes in the eventually sent subject. SUBJECT=`grep Subject: tmp/${ID}.org | sed 's/Subject: //' | tr '"' "'"` # decrypt the mail if [ "$H_OPTION" != "" ] then gpg --decrypt tmp/${ID}.decrypted 2>tmp/${ID}.signature || failed decrypting to .decrypted and .signature else $gpg --decrypt tmp/${ID}.decrypted 2>tmp/${ID}.signature || failed decrypting to .decrypted and .signature fi # # verify the signature # # grep "$GOODSIGNATURE" tmp/${ID}.signature > tmp/${ID}.debug # if [ "$?" != "0" ] # signature not yet verified # then # $0 $H_OPTION tmp/${ID}.decrypted < tmp/${ID}.decrypted # fi # [ "$?" == "0" ] || failed signature $? not verifiable # re-encrypt the mail if [ "$H_OPTION" != "" ] then (echo ""; echo ""; cat tmp/${ID}.signature tmp/${ID}.decrypted) | gpg --trust-model always --armor --encrypt --sign \ --group ads="$members" -r ads \ > tmp/${ID}.encrypted 2>tmp/${ID}.reencrypt || failed reencrypting to members else (echo ""; echo ""; cat tmp/${ID}.signature tmp/${ID}.decrypted) | $gpg --trust-model always --armor --encrypt --sign \ --group ads="$members" -r ads \ > tmp/${ID}.encrypted 2>tmp/${ID}.reencrypt || failed reencrypting to members fi # next make sure the proper content type headers etc. are added boundary=`date | md5sum | cut -f1 -d' '` sed 's/@/'$boundary'/' < $HEAD \ > tmp/${ID}.mail || failed generating the boundary cat tmp/${ID}.encrypted >> tmp/${ID}.mail || failed constructing the e-mail if [ "$DEBUG" == "yes" ] ; then echo "Recipients: $remailTo" >> tmp/${ID}.remailer echo "Mail in tmp/${ID}.mail" >> tmp/${ID}.remailer echo Debug completed see tmp/${ID}.remailer exit 0 fi # finally send the mail for sendTo in `echo $remailTo` do mail -s "$SUBJECT" -a \ "Reply-To: $replyTo"\ -a 'Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="'$boundary'"' \ $sendTo < tmp/${ID}.mail || failed mailing the re-encrypted e-mail done echo "Completed `date`: $*" >> tmp/${ID}.log [ "$REMOVE_TMP_FILES" == "1" -a "$DEBUG" != "yes" ] && rm -f tmp/${ID}.* exit 0 gpg-remailer-3.00.01/enums/0000755000175000017500000000000012251347165014347 5ustar frankfrankgpg-remailer-3.00.01/enums/enums.h0000644000175000017500000000055112251347165015650 0ustar frankfrank#ifndef INCLUDED_ENUMS_ #define INCLUDED_ENUMS_ struct Enums { enum LOGLEVELS { LOGDEBUG, LOGCOMMANDS, LOGDEFAULT }; enum MailType { UNKNOWN, // at step-processing CLEAR, ENCRYPTED }; enum ClearText { ACCEPTED, REJECTED }; }; #endif gpg-remailer-3.00.01/gpg/0000755000175000017500000000000012253050330013760 5ustar frankfrankgpg-remailer-3.00.01/gpg/run.cc0000644000175000017500000000067712253050330015105 0ustar frankfrank#include "gpg.ih" void GPG::run(string command, string const &in, string const &out, string const &err) { command = "/usr/bin/gpg " + d_options + " --homedir " + d_homedir + ".gnupg " + command; d_log << level(LOGCOMMANDS) << command << " < " << in << " > " << out << " 2> " << err << '\n'; Spawn gpg(command, in, out, err); gpg.fork(); } gpg-remailer-3.00.01/gpg/gpg1.cc0000644000175000017500000000021412251347165015137 0ustar frankfrank#include "gpg.ih" GPG::GPG(Log &log, string const &homedir) : d_log(log), d_homedir(homedir), d_options("--quiet --batch") {} gpg-remailer-3.00.01/gpg/decrypt.cc0000644000175000017500000000020612251347165015754 0ustar frankfrank#include "gpg.ih" void GPG::decrypt(string const &in, string const &out, string const &err) { run("--decrypt ", in, out, err); } gpg-remailer-3.00.01/gpg/encrypt.cc0000644000175000017500000000046312251347165015773 0ustar frankfrank#include "gpg.ih" void GPG::encrypt(string const &recipients, string const &in, string const &out, string const &err) { run( R"(--trust-model always --armor --group members=")" + recipients + R"(" -r members --encrypt --sign)", in, out, err ); } gpg-remailer-3.00.01/gpg/gpg.h0000644000175000017500000000173112251347165014725 0ustar frankfrank#ifndef INCLUDED_GPG_ #define INCLUDED_GPG_ #include #include "../enums/enums.h" namespace FBB { class Log; }; class GPG: private Enums { FBB::Log &d_log; std::string d_homedir; std::string d_options; public: GPG(FBB::Log &log, std::string const &homedir); void debug(); void decrypt(std::string const &in, std::string const &out, std::string const &err); void verify(std::string const &detachedSig, std::string const &signedMessage, std::string const &signatureOutput); void encrypt(std::string const &recipients, std::string const &in, std::string const &out, std::string const &err); private: void run(std::string command, std::string const &in, std::string const &out, std::string const &err); }; inline void GPG::debug() { d_options.clear(); } #endif gpg-remailer-3.00.01/gpg/verify.cc0000644000175000017500000000036112251347165015610 0ustar frankfrank#include "gpg.ih" void GPG::verify(string const &detachedSig, string const &signedMessage, string const &signatureOutput) { run("--verify " + detachedSig + " " + signedMessage, "", "", signedMessage ); } gpg-remailer-3.00.01/gpg/gpg.ih0000644000175000017500000000023612251347165015075 0ustar frankfrank#include "gpg.h" #include #include #include #include "../spawn/spawn.h" using namespace std; using namespace FBB; gpg-remailer-3.00.01/gpg-remailer.rc0000644000175000017500000000361612253314426016123 0ustar frankfrank# All keywords are interpreted case insensitively # logfile: name of the logfile (absolute or relative to $HOME) # logfile: etc/remailer.log # loglevel: 0: debug, 1: commands, 2: default # loglevel: 2 # debug: true has the same effect as the --debug or -d flag # debug: false # noMail: if true no mail is sent (same effect as the --no-mail flag) # noMail: true # keepfiles keeps the files, and requires sufix nr of files to write keepfiles: 1 # tmp: location tmp dir (absolute or relative to $HOME) #tmp: tmp # The Reply-To header (one line, no (double) quotes) #replyTo: Fill in your reply-to replyTo: Frank # reencrypt to which address(es)? (multiple members OK) member: user1@mailhost.org member: user2@mailhost.org # clear-text mail is not handled. #clear-text: rejected # any clear-text is accepted clear-text: accepted # clear-text is accepted from configured envelope addresses #clear-text: envelope # multiple envelope addresses may be specified: addresses from where # clear-text e-mail is accepted if 'clear-text: envelope' was specified # accept all member addresses as envelope addresses # envelope: members # to accept clear-text email from address@domain: # envelope: address@domain # signature setting ignored for clear-text mail # signature specs may be: absent: none required, # required: the encrypted file must have been signed # good: the signature must have been recognized as # good # signature: good signature: required # Where will the reencrypted mail be sent to (multiple recipients OK)? # # all members receive the reencrypted mail # recipient: members # # add a specific recipient # recipient: frank@localhost # # send the reencrypted mail to some mailing list # recipient: mailing.list@somehost.org gpg-remailer-3.00.01/gpg-remailer.xref0000644000175000017500000001706412215044756016471 0ustar frankfrankoxref by Frank B. Brokken (f.b.brokken@rug.nl) oxref V0.91.00 2012-2013 CREATED Sat, 14 Sep 2013 11:35:10 +0000 CROSS REFERENCE FOR: -fxs tmp/libmodules.a ---------------------------------------------------------------------- collect(std::ostream*, std::istream*) Full name: Remailer::collect(std::ostream*, std::istream*) Source: collect.cc Used By: gpg.cc: Remailer::gpg(std::string const&, std::string const&, std::string const&, std::string const&) gpg2.cc: Remailer::gpg(std::string const&, std::string const&) configField(std::string const&) Full name: Remailer::configField(std::string const&) Source: configfield.cc Used By: mail.cc: Remailer::mail() preparations.cc: Remailer::preparations() setfilenames.cc: Remailer::setFilenames() setlog.cc: Remailer::setLog() copySignature(std::ostream&, std::string const&) Full name: Remailer::copySignature(std::ostream&, std::string const&) Source: copysignature.cc Used By: multipart.cc: Remailer::multipart(Remailer::IOContext&) multipartsigned.cc: Remailer::multipartSigned(Remailer::IOContext&) simple.cc: Remailer::simple(Remailer::IOContext&) copyToBoundary(std::ostream&, std::istream&) Full name: Remailer::copyToBoundary(std::ostream&, std::istream&) Source: copytoboundary.cc Used By: copytoboundary2.cc: Remailer::copyToBoundary(std::string const&, std::istream&) multipart.cc: Remailer::multipart(Remailer::IOContext&) multipartsigned.cc: Remailer::multipartSigned(Remailer::IOContext&) copyToBoundary(std::string const&, std::istream&) Full name: Remailer::copyToBoundary(std::string const&, std::istream&) Source: copytoboundary2.cc Used By: multipartsigned.cc: Remailer::multipartSigned(Remailer::IOContext&) encryptionType(Remailer::IOContext&) Full name: Remailer::encryptionType(Remailer::IOContext&) Source: encryptiontype.cc Used By: filetoreencrypt.cc: Remailer::fileToReencrypt() fileToReencrypt() Full name: Remailer::fileToReencrypt() Source: filetoreencrypt.cc Used By: reencrypt.cc: Remailer::reencrypt() filter(std::ostream&) Full name: Remailer::filter(std::ostream&) Source: filter.cc Used By: unhex.cc: Remailer::unhex() findBoundary(Remailer::IOContext&) Full name: Remailer::findBoundary(Remailer::IOContext&) Source: findboundary.cc Used By: multipartsigned.cc: Remailer::multipartSigned(Remailer::IOContext&) gpg(std::string const&, std::string const&) Full name: Remailer::gpg(std::string const&, std::string const&) Source: gpg2.cc Used By: multipartsigned.cc: Remailer::multipartSigned(Remailer::IOContext&) gpg(std::string const&, std::string const&, std::string const&, std::string const&) Full name: Remailer::gpg(std::string const&, std::string const&, std::string const&, std::string const&) Source: gpg.cc Used By: decrypt.cc: Remailer::decrypt() writereencrypted.cc: Remailer::writeReencrypted() hasBoundary(std::string const&, std::string const&) Full name: Remailer::hasBoundary(std::string const&, std::string const&) Source: hasboundary.cc Used By: encryptiontype.cc: Remailer::encryptionType(Remailer::IOContext&) findboundary.cc: Remailer::findBoundary(Remailer::IOContext&) hexChar(std::ostream&, std::istream&) Full name: Remailer::hexChar(std::ostream&, std::istream&) Source: hexchar.cc Used By: inspect.cc: Remailer::inspect(std::ostream&, std::string const&) inspect(std::ostream&, std::string const&) Full name: Remailer::inspect(std::ostream&, std::string const&) Source: inspect.cc Used By: filter.cc: Remailer::filter(std::ostream&) makeBoundary() Full name: Remailer::makeBoundary() Source: makeboundary.cc Used By: mail.cc: Remailer::mail() multiField(std::vector >&, char const*, int) Full name: Remailer::multiField(std::vector >&, char const*, int) Source: multifield.cc Used By: preparations.cc: Remailer::preparations() multipart(Remailer::IOContext&) Full name: Remailer::multipart(Remailer::IOContext&) Source: multipart.cc Used By: data.cc: GLOBALS data.cc 1data.o multipartSigned(Remailer::IOContext&) Full name: Remailer::multipartSigned(Remailer::IOContext&) Source: multipartsigned.cc Used By: data.cc: GLOBALS data.cc 1data.o open(std::basic_ofstream >&, std::string const&, Remailer::ExistingFile) Full name: Remailer::open(std::basic_ofstream >&, std::string const&, Remailer::ExistingFile) Source: open.cc Used By: copytoboundary2.cc: Remailer::copyToBoundary(std::string const&, std::istream&) filetoreencrypt.cc: Remailer::fileToReencrypt() gpg.cc: Remailer::gpg(std::string const&, std::string const&, std::string const&, std::string const&) gpg2.cc: Remailer::gpg(std::string const&, std::string const&) unhex.cc: Remailer::unhex() writemail.cc: Remailer::writeMail(std::string const&) PGPmessage(std::ostream&) Full name: Remailer::PGPmessage(std::ostream&) Source: pgpmessage.cc Used By: unhex.cc: Remailer::unhex() rmQuotes(std::string&) const Full name: Remailer::rmQuotes(std::string&) const Source: rmquotes.cc Used By: pgpmessage.cc: Remailer::PGPmessage(std::ostream&) preparations.cc: Remailer::preparations() s_reEncrypt Full name: Remailer::s_reEncrypt Source: data.cc Used By: filetoreencrypt.cc: Remailer::fileToReencrypt() sendMail(std::string const&, Remailer::MailStruct const&) Full name: Remailer::sendMail(std::string const&, Remailer::MailStruct const&) Source: sendmail.cc Used By: mail.cc: Remailer::mail() setFilenames() Full name: Remailer::setFilenames() Source: setfilenames.cc Used By: preparations.cc: Remailer::preparations() setLog() Full name: Remailer::setLog() Source: setlog.cc Used By: preparations.cc: Remailer::preparations() setSuffixNr() Full name: Remailer::setSuffixNr() Source: setsuffixnr.cc Used By: setfilenames.cc: Remailer::setFilenames() signatureFilter(std::string const&, Remailer::SigStruct&) Full name: Remailer::signatureFilter(std::string const&, Remailer::SigStruct&) Source: signaturefilter.cc Used By: copysignature.cc: Remailer::copySignature(std::ostream&, std::string const&) simple(Remailer::IOContext&) Full name: Remailer::simple(Remailer::IOContext&) Source: simple.cc Used By: data.cc: GLOBALS data.cc 1data.o step(char const*) Full name: Remailer::step(char const*) Source: step.cc Used By: decrypt.cc: Remailer::decrypt() filetoreencrypt.cc: Remailer::fileToReencrypt() mail.cc: Remailer::mail() unhex.cc: Remailer::unhex() writereencrypted.cc: Remailer::writeReencrypted() testPermissions(std::string const&, unsigned int) Full name: Remailer::testPermissions(std::string const&, unsigned int) Source: testpermissions.cc Used By: preparations.cc: Remailer::preparations() setfilenames.cc: Remailer::setFilenames() setlog.cc: Remailer::setLog() version Full name: version Source: version.cc Used By: usage.cc: usage(std::string const&) writeMail(std::string const&) Full name: Remailer::writeMail(std::string const&) Source: writemail.cc Used By: mail.cc: Remailer::mail() writeReencrypted() Full name: Remailer::writeReencrypted() Source: writereencrypted.cc Used By: reencrypt.cc: Remailer::reencrypt() year Full name: year Source: version.cc Used By: usage.cc: usage(std::string const&) gpg-remailer-3.00.01/gpgmail/0000755000175000017500000000000012253050330014623 5ustar frankfrankgpg-remailer-3.00.01/gpgmail/label.cc0000644000175000017500000000013212253050330016205 0ustar frankfrank#include "gpgmail.ih" string GPGMail::label() const { return "GPG encrypted mail"; } gpg-remailer-3.00.01/gpgmail/makeboundary.cc0000644000175000017500000000066012253050330017615 0ustar frankfrank#include "gpgmail.ih" string GPGMail::makeBoundary() { string boundary; IRandStream rs(' ' + 1, '~', time(0)); for (int idx = 0; idx != 16; ++idx) { while (true) { size_t value; rs >> value; if (isalnum(value)) { boundary += static_cast(value); break; } } } return boundary; } gpg-remailer-3.00.01/gpgmail/gpgmail.h0000644000175000017500000000133712253050330016420 0ustar frankfrank#ifndef INCLUDED_GPGMAIL_ #define INCLUDED_GPGMAIL_ #include #include "../mailer/mailer.h" namespace FBB { class Log; } class Headers; class GPGMail: public Mailer { std::string const &d_mailName; std::string const &d_replyTo; std::string d_boundary; public: GPGMail(FBB::Log &log, Headers &headers, std::string const &mailName, std::string const &replyTo, std::string const &step); private: static std::string makeBoundary(); virtual void writeMailContents(std::string const &mailData) const; virtual std::string mailCommand(std::string const &recipients) const; virtual std::string label() const; }; #endif gpg-remailer-3.00.01/gpgmail/mailcommand.cc0000644000175000017500000000063312253050330017415 0ustar frankfrank#include "gpgmail.ih" string GPGMail::mailCommand(string const &recipient) const { return "/usr/bin/mail -s '" + subject() + "' " "-a \"Reply-To: " + d_replyTo + "\" " "-a 'Content-Type: multipart/encrypted; " R"(protocol="application/pgp-encrypted"; )" R"(boundary=")" + d_boundary + R"("' )" + recipient; } gpg-remailer-3.00.01/gpgmail/gpgmail1.cc0000644000175000017500000000043112253050330016631 0ustar frankfrank#include "gpgmail.ih" GPGMail::GPGMail(Log &log, Headers &headers, string const &mailName, string const &replyTo, string const &step) : Mailer(log, headers, mailName, step), d_mailName(mailName), d_replyTo(replyTo), d_boundary(makeBoundary()) { } gpg-remailer-3.00.01/gpgmail/gpgmail.ih0000644000175000017500000000037512253050330016572 0ustar frankfrank#include "gpgmail.h" #include #include #include #include #include #include #include #include using namespace std; using namespace FBB; gpg-remailer-3.00.01/gpgmail/writemailcontents.cc0000644000175000017500000000126212253050330020706 0ustar frankfrank#include "gpgmail.ih" void GPGMail::writeMailContents(string const &mailData) const { ifstream in; Exception::open(in, mailData); ofstream out; Exception::open(out, d_mailName); out << "\n" // create the mail to send. "--" << d_boundary << "\n" "Content-Type: application/pgp-encrypted\n" "Content-Transfer-Encoding: 7bit\n" "\n" "Version: 1\n" "\n" "--" << d_boundary << "\n" "Content-Type: application/octet-stream; name=gpg.asc\n" "Content-Transfer-Encoding: 7bit\n" "\n" << in.rdbuf() << "\n" "\n" "--" << d_boundary << "--\n"; } gpg-remailer-3.00.01/headers/0000755000175000017500000000000012253040505014621 5ustar frankfrankgpg-remailer-3.00.01/headers/headers.ih0000644000175000017500000000012612252120463016556 0ustar frankfrank#include "headers.h" #include using namespace std; using namespace FBB; gpg-remailer-3.00.01/headers/getheader.cc0000644000175000017500000000030112252120463017053 0ustar frankfrank#include "headers.ih" string Headers::getHeader(char const *hdr) { string ret; auto begin = mailHeader(hdr); if (begin != endh()) ret = *begin; return ret; } gpg-remailer-3.00.01/headers/headers.h0000644000175000017500000000044612252120463016412 0ustar frankfrank#ifndef INCLUDED_HEADERS_ #define INCLUDED_HEADERS_ #include class Headers: public FBB::MailHeaders { public: Headers(); const_hdr_iterator mailHeader(char const *hdr); std::string getHeader(char const *hdr); private: }; #endif gpg-remailer-3.00.01/headers/headers1.cc0000644000175000017500000000011112252120463016616 0ustar frankfrank#include "headers.ih" Headers::Headers() : FBB::MailHeaders(cin) {} gpg-remailer-3.00.01/headers/mailheader.cc0000644000175000017500000000023012252120463017217 0ustar frankfrank#include "headers.ih" Headers::const_hdr_iterator Headers::mailHeader(char const *hdr) { setHeaderIterator(hdr, CASE_FULL); return beginh(); } gpg-remailer-3.00.01/icmake/0000755000175000017500000000000012214671023014441 5ustar frankfrankgpg-remailer-3.00.01/icmake/setopt0000644000175000017500000000034112120110325015665 0ustar frankfrankstring setOpt(string install_im, string envvar) { list optvar; string ret; optvar = getenv(envvar); if (optvar[0] == "1") ret = optvar[1]; else ret = install_im; return ret; } gpg-remailer-3.00.01/icmake/clean0000644000175000017500000000106412120110325015434 0ustar frankfrankvoid clean(int dist) { run("rm -rf " "build-stamp configure-stamp " "options/SKEL " "tmp/*.o" + " o */o release.yo tmp/lib*.a " "parser/grammar.output" ); if (dist) run("rm -rf tmp"); chdir("documentation"); run("rm -rf " "man/*.1 " "man/*.html " "manual/manual-stamp " "manual/*.html " "manual/invoking/usage " "manual/invoking/usage.txt " "usage/usage " ); exit(0); } gpg-remailer-3.00.01/icmake/manpage0000644000175000017500000000064512120110325015766 0ustar frankfrank#define MANPAGE "../../tmp/man/" ${PROGRAM} ".1" void manpage() { md("tmp/man tmp/manhtml"); special(); chdir("documentation/man"); if (PROGRAM ".yo" younger MANPAGE || "release.yo" younger MANPAGE) { run("yodl2man --no-warnings -o " MANPAGE " " PROGRAM); run("yodl2html --no-warnings " "-o ../../tmp/manhtml/" PROGRAM "man.html " PROGRAM); } exit(0); } gpg-remailer-3.00.01/icmake/md0000644000175000017500000000070612120110325014754 0ustar frankfrank// md: target should be a series of blank-delimited directories to be created // If an element is a whildcard, the directory will always be created, // using mkdir -p. // // uses: run() void md(string target) { int idx; list paths; string dir; paths = strtok(target, " "); for (idx = sizeof(paths); idx--; ) { dir = element(idx, paths); if (!exists(dir)) run("mkdir -p " + dir); } } gpg-remailer-3.00.01/icmake/special0000644000175000017500000000032212120110325015766 0ustar frankfrankvoid special() { if (! exists("release.yo") || "VERSION" newer "release.yo") { system("touch version.cc"); run("gcc -E VERSION.h | grep -v '#' | sed 's/\\\"//g' > release.yo"); } } gpg-remailer-3.00.01/icmake/run0000644000175000017500000000033012120110325015151 0ustar frankfrankint g_dryrun = setOpt("", "DRYRUN") != ""; void runP(int testValue, string cmd) { if (g_dryrun) printf(cmd, "\n"); else system(testValue, cmd); } void run(string cmd) { runP(0, cmd); } gpg-remailer-3.00.01/icmake/install0000644000175000017500000000223312214671023016032 0ustar frankfrankstring setWhere(string where, string defaultWhere) { if (where == "") where = defaultWhere; md(where); return where; } void install(string what, string where) { string path; if (what == "program") { if (where == "") where = BINARY; path = get_path(where); if (path != "") md(path); printf(" INSTALLING the executable `", where, "'\n"); run("icmbuild install program " + where); exit(0); } if (what == "man") { where = setWhere(where, MAN); printf(" INSTALLING the manual page at `", where, "'\n"); run("gzip -n -9 < tmp/man/" PROGRAM ".1 > " + where + "/" PROGRAM ".1.gz"); exit(0); } if (what == "std") { where = setWhere(where, STD); printf(" INSTALLING the changelog at `", where, "\n"); run("gzip -n -9 < changelog > " + where + "/changelog.gz"); printf(" INSTALLING the html-manual page at `", where, "\n"); run("cp tmp/manhtml/" PROGRAM "man.html " + where); exit(0); } exit(0); } gpg-remailer-3.00.01/icmconf0000644000175000017500000001056212222302433014550 0ustar frankfrank#include "INSTALL.im" // Inspect the following #defines. Change them to taste. If you don't // need a particular option, change its value into an empty string // For more information about this file: 'man 7 icmconf' // The final program and source containing main(): // =============================================== // define the name of the source containing main(): #define MAIN "main.cc" // define any additional libraries the program may need: #define ADD_LIBRARIES "bobcat" // define any additional paths (other than the standard paths) the // additional libraries are located in: #define ADD_LIBRARY_PATHS "" // Should a lexical scanner be constructed? If so, define the subdirectory // containing the scanner's specification file and see below at the // scanner section for more defines #define SCANNER_DIR "" // Should a parser be constructed? If so, define the subdirectory // containing the parser's specification file and see below at the // parser section for more defines #define PARSER_DIR "" // ================== probably no configurations required below here ========= // Uncomment to relink the binary, even when no sources were // changed (this is useful if, e.g., a library was rebuilt) #define REFRESH // Defines related to the local libraries to create: // ================================================= // Uncomment to create a local library rather (when a binary program is // built it will be linked against the library rather than the individual // object modules). Change the lib's name at you own digression (don't use // lib or an extension like .a) #define LIBRARY "modules" #define SHAREDREQ "" // #defines used for compilation and linking: // ========================================== // Uncomment to clear the screen just before starting the compilation // process //#define CLS // Uncomment to use the ALL facility and a class dependency setup in the // CLASSES file. When a directory contains a file ALL (optionally rename // this filename by providing an alternative name) then all its sources // and all sources of all classes depending on it are also compiled. // Class dependencies are indicated by the class name (as the first // word on a line) optionally followed by additional class names, which // are the classes directly depending on the line's first class name. //#define USE_ALL "a" // define the pattern to locate sources in a directory: #define SOURCES "*.cc" // Some #defines, used to create parsers and lexical scanners // ========================================================== // Lexical Scanner section // ======================= // What is the program generating the lexical scanner? #define SCANGEN "flexc++" // Flags to provide SCANGEN with: #define SCANFLAGS "" // Name of the lexical scanner specification file #define SCANSPEC "lexer" // Specify additional lexer specification files using patterns // these files are (in)directly included by SCANSPEC //#define SCANFILES "" // Name of the file generated by the lexical scanner #define SCANOUT "lex.cc" // Parser section // ============== // What is the program generating a parser? #define PARSGEN "bisonc++" // Flags to provide PARSGEN with: #define PARSFLAGS "-V" // What is the grammar specification file? #define PARSSPEC "grammar" // Specify additional grammar specification files using patterns // these files are (in)directly included by PARSSPEC. Specify patterns // relative to PARSER_DIR #define PARSFILES "inc/*" // Name of the file generated by the parser generator containing the // parser function #define PARSOUT "parse.cc" // Additional defines, which normally require no modification // ========================================================== // should commands be echoed (ON) or not (OFF) ? #define USE_ECHO ON // Directory below this directory to contain temporary results #define TMP_DIR "tmp" // The extension of object modules: #define OBJ_EXT ".o" // Use the VERSION file #define USE_VERSION gpg-remailer-3.00.01/logexception/0000755000175000017500000000000012253322471015713 5ustar frankfrankgpg-remailer-3.00.01/logexception/logexception.h0000644000175000017500000000151012253321637020564 0ustar frankfrank#ifndef INCLUDED_LOGEXCEPTION_ #define INCLUDED_LOGEXCEPTION_ #include // Any fatal situations that should be logged. If stdErr == true the // message is first written to cerr. Logging is the responsibility of the // catch handler, catching a LogException. class LogException: public FBB::Exception { template friend LogException &&operator<<(LogException &&tmp, Type const &value); bool d_stdErr; public: LogException(bool stdErr = false); char const *msg() const; }; inline LogException::LogException(bool stdErr) : d_stdErr(stdErr) {} template inline LogException &&operator<<(LogException &&tmp, Type const &value) { static_cast(std::move(tmp)) << value; return std::move(tmp); } #endif gpg-remailer-3.00.01/logexception/logexception.ih0000644000175000017500000000010612251347165020737 0ustar frankfrank#include "logexception.h" #include using namespace std; gpg-remailer-3.00.01/logexception/msg.cc0000644000175000017500000000027612253322471017015 0ustar frankfrank#include "logexception.ih" char const *LogException::msg() const { char const *cp = static_cast(*this).what(); if (d_stdErr) cerr << cp; return cp; } gpg-remailer-3.00.01/mail/0000755000175000017500000000000012253050330014125 5ustar frankfrankgpg-remailer-3.00.01/mail/mail.ih0000644000175000017500000000050712253050330015373 0ustar frankfrank#include "mail.h" #include #include #include #include #include "../logexception/logexception.h" #include "../spawn/spawn.h" #include "../headers/headers.h" #include "../cleartextmail/cleartextmail.h" #include "../gpgmail/gpgmail.h" using namespace std; using namespace FBB; gpg-remailer-3.00.01/mail/hexchar.cc0000644000175000017500000000110612251347165016071 0ustar frankfrank#include "mail.ih" void Mail::hexChar(ostream &out, istream &in) { int value; // char beyond = is not a hex-char? if (string("0123456789abcdefABCDEF").find(in.peek()) == string::npos) { out << '='; // then just put out the '=' return; } char buffer[3]; in >> setw(sizeof(buffer)) >> buffer; istringstream hexConf(buffer); hexConf >> hex >> value; if (hexConf.tellg() != 2 || !isprint(value)) out << '=' << buffer; else out << static_cast(value); } gpg-remailer-3.00.01/mail/mail1.cc0000644000175000017500000000051012253050330015433 0ustar frankfrank#include "mail.ih" Mail::Mail(Log &log, Headers &headers, string const &mailName, string const &replyTo, string const &step, vector const &recipients) : d_log(log), d_headers(headers), d_mailName(mailName), d_replyTo(replyTo), d_step(step), d_recipients(recipients) {} gpg-remailer-3.00.01/mail/writecontents.cc0000644000175000017500000000103312253317064017353 0ustar frankfrank#include "mail.ih" Enums::MailType Mail::writeContents(std::string const &contentsName) { d_log << level(LOGDEBUG) << "Original mail contents to " << contentsName << '\n'; ofstream out; LogException::open(out, contentsName); if (not PGPmessage(out)) { if (not d_clearTextAccepted) throw LogException() << "not PGP encrypted e-mail\n"; d_log << level(LOGDEFAULT) << "Clear-text mail\n"; return CLEAR; } filter(out); return ENCRYPTED; } gpg-remailer-3.00.01/mail/mail.h0000644000175000017500000000250212253050330015217 0ustar frankfrank#ifndef INCLUDED_MAIL_ #define INCLUDED_MAIL_ #include #include #include "../enums/enums.h" namespace FBB { class Log; }; class Headers; class Mail: private Enums { FBB::Log &d_log; Headers &d_headers; std::string const &d_mailName; std::string const &d_replyTo; std::string const &d_step; bool d_clearTextAccepted = false; std::string d_subject; bool d_dontSend = true; std::vector const &d_recipients; public: Mail(FBB::Log &log, Headers &headers, std::string const &mailName, std::string const &replyTo, std::string const &step, std::vector const &recipients); void writeHeaders(std::string const &hdrsName); MailType writeContents(std::string const &hdrsName); void operator()(MailType type, std::string const &mailData, bool dontSend); void setClearTextMode(ClearText mode); private: bool PGPmessage(std::ostream &out); void filter(std::ostream &out); void inspect(std::ostream &out, std::string const &line); void hexChar(std::ostream &out, std::istream &in); }; inline void Mail::setClearTextMode(ClearText mode) { d_clearTextAccepted = mode == ACCEPTED; } #endif gpg-remailer-3.00.01/mail/pgpmessage.cc0000644000175000017500000000046012252402151016570 0ustar frankfrank#include "mail.ih" bool Mail::PGPmessage(ostream &out) { string line; while (getline(cin, line)) { out << line << endl; // copy a line if (line == "-----BEGIN PGP MESSAGE-----") // found the marker return true; } return false; } gpg-remailer-3.00.01/mail/inspect.cc0000644000175000017500000000041512251347165016116 0ustar frankfrank#include "mail.ih" void Mail::inspect(ostream &out, string const &line) { istringstream in(line); char c; while (in.get(c)) { if (c != '=') out.put(c); else hexChar(out, in); } out << endl; } gpg-remailer-3.00.01/mail/writeheaders.cc0000644000175000017500000000050612253317064017135 0ustar frankfrank#include "mail.ih" void Mail::writeHeaders(std::string const &hdrsName) { ofstream out; // write the mail headers to file LogException::open(out, hdrsName); for (auto &hdr: d_headers) out << hdr << '\n'; d_log << level(LOGDEBUG) << "Headers written to " << hdrsName << '\n'; } gpg-remailer-3.00.01/mail/operatorfun.cc0000644000175000017500000000120112253050330016772 0ustar frankfrank#include "mail.ih" void Mail::operator()(MailType type, string const &mailData, bool dontSend) { d_log << level(LOGDEBUG) << "Mail to send is written to " << d_mailName << '\n'; if (type == ENCRYPTED) { GPGMail gpgMail(d_log, d_headers, d_mailName, d_replyTo, d_step); gpgMail.send(mailData, d_recipients, dontSend); } else { ClearTextMail clearTextMail(d_log, d_headers, d_mailName, d_replyTo, d_step); clearTextMail.send(mailData, d_recipients, dontSend); } } gpg-remailer-3.00.01/mail/filter.cc0000644000175000017500000000044612251347165015742 0ustar frankfrank#include "mail.ih" void Mail::filter(ostream &out) { string line; while (getline(cin, line)) { if (line != "-----END PGP MESSAGE-----") inspect(out, line); else { out << line << endl; return; } } } gpg-remailer-3.00.01/mailer/0000755000175000017500000000000012253050330014454 5ustar frankfrankgpg-remailer-3.00.01/mailer/mailer.ih0000644000175000017500000000021312253050330016243 0ustar frankfrank#include "mailer.h" #include #include #include "../spawn/spawn.h" using namespace std; using namespace FBB; gpg-remailer-3.00.01/mailer/mailer1.cc0000644000175000017500000000074612253050330016324 0ustar frankfrank#include "mailer.ih" Mailer::Mailer(Log &log, Headers &headers, string const &mailName, string const &step) : d_log(log), d_headers(headers), d_mailName(mailName), d_step(step), d_subject(d_headers.getHeader("Subject")) { if (d_subject.empty()) d_subject = "Mail from the reencrypting remailer"; d_log << level(LOGDEBUG) << "Mail to send written to " << mailName << '\n'; } gpg-remailer-3.00.01/mailer/mailer.h0000644000175000017500000000266012253050330016102 0ustar frankfrank#ifndef INCLUDED_MAILER_ #define INCLUDED_MAILER_ #include #include #include "../enums/enums.h" #include "../headers/headers.h" namespace FBB { class Log; } class Mailer: private Enums { FBB::Log &d_log; Headers &d_headers; std::string const &d_mailName; std::string const &d_step; std::string d_subject; public: Mailer(FBB::Log &log, Headers &headers, std::string const &mailName, std::string const &step); void send(std::string const &mailData, std::vector const &recipients, bool dontSend); protected: std::string const &subject() const; private: void sendMail(std::string const &command, std::string const &label, std::string const &recipient, bool dontSend); std::vector const &setRecipients( std::vector &oneRecipient, std::vector const &configuredRecipients ); virtual void writeMailContents(std::string const &mailData) const = 0; virtual std::string mailCommand(std::string const &recipients) const = 0; virtual std::string label() const = 0; }; inline std::string const &Mailer::subject() const { return d_subject; } #endif gpg-remailer-3.00.01/mailer/send.cc0000644000175000017500000000075512253050330015723 0ustar frankfrank#include "mailer.ih" void Mailer::send(std::string const &mailData, vector const &configuredRecipients, bool dontSend) { writeMailContents(mailData); vector oneRecipient; vector const &recipients = setRecipients(oneRecipient, configuredRecipients); string logLabel = label(); for (auto &recipient: recipients) sendMail(mailCommand(recipient), logLabel, recipient, dontSend); } gpg-remailer-3.00.01/mailer/sendmail.cc0000644000175000017500000000102412253050330016554 0ustar frankfrank#include "mailer.ih" void Mailer::sendMail(string const &command, string const &label, string const &recipient, bool dontSend) { d_log << level(LOGCOMMANDS) << command << '\n'; if (dontSend) { d_log << level(LOGDEBUG) << "Sending mail suppressed by config/option\n"; return; } Spawn mail(command, d_mailName, "", ""); mail.fork(); d_log << level(LOGDEFAULT) << label << " (" << d_subject << ") sent to " << recipient << '\n'; } gpg-remailer-3.00.01/mailer/setrecipients.cc0000644000175000017500000000127612253050330017652 0ustar frankfrank#include "mailer.ih" vector const &Mailer::setRecipients( vector &oneRecipient, vector const &configuredRecipients) { size_t pos = d_step.find(':'); // explicit mail recipient? if (pos == string::npos) // no, use provided recipient(s) return configuredRecipients; // yes: send the mail to that recipient oneRecipient.push_back(d_step.substr(pos + 1)); d_log << level(LOGDEFAULT) << "Ignoring recipients, mail sent to " << oneRecipient.front() << '\n'; return oneRecipient; } gpg-remailer-3.00.01/main.cc0000644000175000017500000000350212253330633014445 0ustar frankfrank#include "main.ih" using namespace FBB; namespace // the anonymous namespace can be used here { Arg::LongOption longOptions[] = { Arg::LongOption("debug", 'd'), Arg::LongOption("help", 'h'), Arg::LongOption("logfile", 'l'), Arg::LongOption("loglevel", 'L'), Arg::LongOption("member", 'm'), Arg::LongOption("no-mail"), Arg::LongOption("nr", 'n'), Arg::LongOption("recipient", 'r'), Arg::LongOption("relax"), // generates warning Arg::LongOption("step", Arg::Required), Arg::LongOption("tmp", 't'), Arg::LongOption("umask", Arg::Required), Arg::LongOption("version", 'v'), }; Arg::LongOption const *const longEnd = longOptions + sizeof(longOptions) / sizeof(Arg::LongOption); } int main(int argc, char **argv) try { Arg::initialize("dhL:l:m:n:r:t:v", longOptions, longEnd, argc, argv).versionHelp(usage, version, 0); Remailer remailer; try { remailer.preparations(); // writes .hdr remailer.mailContents(); // writes .org + sets mailtype remailer.decrypt(); // decrypts at step dec or mailtype ENCR. remailer.reencrypt(); // reencrypts at step enc or ^^idem^^ remailer.mail(); } catch (LogException const &err) { char const *msg = err.msg(); remailer.log() << "[Fatal] " << msg; // ALL exceptions return 0 to prevent unexpected mailer errors in // sendmail's logs. return 0; } } catch(exception const &err) // handle exceptions { cerr << "[Fatal] " << err.what() << '\n'; return 0; } catch(int x) { return 0; } catch (...) { cerr << "unexpected exception caught in main()\n"; return 0; } gpg-remailer-3.00.01/main.ih0000644000175000017500000000044112251347165014465 0ustar frankfrank#include #include #include #include #include "logexception/logexception.h" #include "remailer/remailer.h" extern char version[]; extern char year[]; void usage(std::string const &progname); using namespace std; using namespace FBB; gpg-remailer-3.00.01/remailer/0000755000175000017500000000000012253340545015015 5ustar frankfrankgpg-remailer-3.00.01/remailer/setlog.cc0000644000175000017500000000070312253050330016607 0ustar frankfrank#include "remailer.ih" void Remailer::setLog() { string name; if (!d_arg.option(&name, 'l')) name = configField("logFile"); if (name.empty()) name = "etc/remailer.log"; string level; if (!d_arg.option(&level, 'L')) level = configField("logLevel"); if (level.empty()) level = LOGDEFAULT; d_log.open(name); chmod(name.c_str(), S_IRUSR | S_IWUSR); d_log.setLevel(stoul(level)); } gpg-remailer-3.00.01/remailer/remailer.h0000644000175000017500000001220712253332270016764 0ustar frankfrank#ifndef _INCLUDED_REMAILER_ #define _INCLUDED_REMAILER_ #include #include #include #include #include #include "../enums/enums.h" #include "../mail/mail.h" #include "../gpg/gpg.h" namespace FBB { class Arg; }; #include "../headers/headers.h" class Remailer: private Enums { enum SigType { NO_SIGNATURE, // no signature found SIGNATURE_FOUND, // signature found GOOD_SIGNATURE // good signature found }; enum EncryptionEnum { SIMPLE, MULTIPART, MULTIPART_SIGNED }; struct IOContext { std::ifstream decrypted; std::ofstream toReencrypt; std::string line; }; struct StepStruct { std::string stepName; MailType requiredType; }; FBB::Arg &d_arg; bool d_keepFiles; FBB::ConfigFile d_config; Headers d_headers; FBB::User d_user; FBB::Log d_log; SigType d_sigRequired; MailType d_mailType = UNKNOWN; std::string d_configName; std::string d_step; std::string d_replyTo; std::string d_boundary; std::string d_nr; // nr assigned to files std::string d_decryptedName; std::string d_errName; std::string d_mailName; std::string d_multipartSignedDataName; std::string d_hdrsName; std::string d_contentsName; std::string d_reencryptName; std::string d_reencryptedName; std::string d_signatureName; std::vector d_envelope; // accepted envelope addresses // for clear-text mail. // empty means: all std::vector d_members; std::vector d_recipients; static void (Remailer::*s_reEncrypt[])(IOContext &); static StepStruct s_step[]; static StepStruct *s_stepEnd; Mail d_mail; GPG d_gpg; public: Remailer(); ~Remailer(); // main() calls these members in sequence: void preparations(); // check permissions, set config-args void mailContents(); // extracts the Subject. // With PGP mail: // convert =20 etc. hex-specs in the // received mail to chars. // Plain mail is merely copied. // The new file org.x is written. void decrypt(); // decrypts the original mail, writes new // files decrypted.x and signature.x void reencrypt(); // writes reencrypted.x and maybe // multipartsigned.x // checks signatures at fileToReencrypt -> // copySignature void mail(); // mails the re-encrypted file to the // recipient(s). Correctly specifying the // Reply-To header is the responsibility // of the user. FBB::Log &log(); // log stream to use private: void multiField(std::vector &dest, char const *keyWord, int opt, bool needElements); void setLog(); std::string configField(std::string const &field); // called from 'preparations' void setKeepFiles(); void setDebug(); void setFilenames(); void checkRelax(); void setUmask(); void setReplyTo(); void setSigRequired(); void setClearText(); void copyToBoundary(std::ostream &out, std::istream &in); bool envelopeOK(); void checkMembers(std::vector &target); void copySignature(std::ostream &out, std::string const &boundary); struct SigStruct { std::ostream &out; SigType sigType; }; static void signatureFilter(std::string const &line, SigStruct &sigStruct); void copyToBoundary(std::string const &destName, std::istream &in); void fileToReencrypt(); void writeReencrypted(); void setSuffixNr(); bool step(std::string const &stepName); bool foundIn(std::string const &text, std::string const &target) const; bool onlyWS(std::string const &text) const; EncryptionEnum encryptionType(IOContext &io); void multipart(IOContext &io); void multipartSigned(IOContext &io); void simple(IOContext &io); void findBoundary(IOContext &io); bool hasBoundary(std::string const &line, std::string const &msgTypeName); static void collect(std::ostream *dest, std::istream *in); }; inline FBB::Log &Remailer::log() { return d_log; } #endif gpg-remailer-3.00.01/remailer/preparations.cc0000644000175000017500000000116512253332323020031 0ustar frankfrank#include "remailer.ih" void Remailer::preparations() { checkRelax(); setKeepFiles(); setDebug(); d_log << level(LOGDEBUG) << "User: " << d_user.name() << " (" << d_user.userid() << ")\n"; setFilenames(); // define all used filenames multiField(d_members, "member", 'm', true); multiField(d_recipients, "recipient", 'r', true); multiField(d_envelope, "envelope", 'e', false); checkMembers(d_recipients); setReplyTo(); setSigRequired(); setUmask(); if (step("hdrs")) d_mail.writeHeaders(d_hdrsName); setClearText(); } gpg-remailer-3.00.01/remailer/destructor.cc0000644000175000017500000000076212253340545017527 0ustar frankfrank#include "remailer.ih" Remailer::~Remailer() { if (d_keepFiles) return; d_log << level(LOGDEFAULT) << "Removing all temporary files\n"; unlink(d_decryptedName.c_str()); unlink(d_errName.c_str()); unlink(d_mailName.c_str()); unlink(d_multipartSignedDataName.c_str()); unlink(d_contentsName.c_str()); unlink(d_reencryptName.c_str()); unlink(d_reencryptedName.c_str()); unlink(d_signatureName.c_str()); unlink(d_hdrsName.c_str()); } gpg-remailer-3.00.01/remailer/multifield.cc0000644000175000017500000000205412253323207017457 0ustar frankfrank#include "remailer.ih" void Remailer::multiField(vector &dest, char const *keyWord, int opt, bool needElements) { if (size_t index = d_arg.option(opt)) { for (; index--; ) { string field; d_arg.option(index, &field, opt); dest.push_back(field); } return; } string configRE( R"(^\s*)" ); (configRE += keyWord) += ":"; Pattern pattern(configRE + R"(\s*(\S+))" ); auto iters = d_config.beginEndRE(configRE); for (auto &line: ranger(iters.first, iters.second)) { if (pattern << line) dest.push_back(pattern[1]); } if (dest.size() == 0) { if (needElements) throw LogException() << "no `" << keyWord << "' specifications found in " << d_configName << '\n'; return; } ostringstream out; copy(dest.begin(), dest.end(), ostream_iterator(out, " ")); d_log << level(LOGDEBUG) << keyWord << ": " << out.str() << '\n'; } gpg-remailer-3.00.01/remailer/setkeepfiles.cc0000644000175000017500000000045312253331623020006 0ustar frankfrank#include "remailer.ih" void Remailer::setKeepFiles() { d_keepFiles = d_arg.option(&d_nr, 'n'); // determine predef'd filenr if (!d_keepFiles) // try fm config file { d_nr = configField("keepfiles"); d_keepFiles = d_nr.length() > 0; } } gpg-remailer-3.00.01/remailer/multipart.cc0000644000175000017500000000216612253050330017340 0ustar frankfrank#include "remailer.ih" // Format of the decrypted PGP part (near line 427 in gpg-remailer(1)): // ---------------------------------------------------------------------- // Content-Type: multipart/mixed; boundary="f+W+jCU1fRNres8c" // Content-Disposition: inline // // --f+W+jCU1fRNres8c // Content-Type: text/plain; charset=us-ascii // Content-Disposition: inline // Content-Transfer-Encoding: quoted-printable // // Text of the first attachment // // --f+W+jCU1fRNres8c // Content-Type: application/pdf // Content-Disposition: attachment; filename="attachment.pdf" // Content-Transfer-Encoding: base64 // // text of the attachment.pdf in base64 encoding // // --f+W+jCU1fRNres8c-- // ---------------------------------------------------------------------- void Remailer::multipart(IOContext &io) { d_log << level(LOGDEBUG) << "Multipart e-mail received\n"; io.toReencrypt << io.line << endl; // line containing // Content-Type: multipart copyToBoundary(io.toReencrypt, io.decrypted); copySignature(io.toReencrypt, d_boundary); io.toReencrypt << io.decrypted.rdbuf(); } gpg-remailer-3.00.01/remailer/setsuffixnr.cc0000644000175000017500000000105012251347165017703 0ustar frankfrank#include "remailer.ih" void Remailer::setSuffixNr() { bool random = d_nr.empty(); if (random) { IRandStream rs(1, 99999, time(0)); string name(d_contentsName); size_t value; do { rs >> value; string name = d_contentsName + to_string(value); } while (Stat(name)); d_nr = to_string(value); } d_log << level(LOGDEBUG) << "File Nrs will be: " << d_nr << " (" << (random ? "random" : "via --nr") << ")\n"; } gpg-remailer-3.00.01/remailer/setsigrequired.cc0000644000175000017500000000047112253332037020362 0ustar frankfrank#include "remailer.ih" void Remailer::setSigRequired() { string signatureRequired = configField("signature"); d_sigRequired = signatureRequired == "good" ? GOOD_SIGNATURE : signatureRequired == "required" ? SIGNATURE_FOUND : NO_SIGNATURE; } gpg-remailer-3.00.01/remailer/setreplyto.cc0000644000175000017500000000076612253331355017546 0ustar frankfrank#include "remailer.ih" void Remailer::setReplyTo() { ConfigFile::const_iterator iter = d_config.findRE(R"(^\s*replyTo:)"); if (iter != d_config.end()) { d_replyTo = String::trim(*iter); d_replyTo = String::trim( d_replyTo.substr(d_replyTo.find_first_of(" \t"))); d_replyTo = String::escape(d_replyTo); } if (d_replyTo.empty()) throw LogException() << "Missing `replyTo' specification in config file"; } gpg-remailer-3.00.01/remailer/decrypt.cc0000644000175000017500000000045412251347165017004 0ustar frankfrank#include "remailer.ih" void Remailer::decrypt() { if (step("dec")) d_gpg.decrypt(d_contentsName, d_decryptedName, d_signatureName); // decrypt the original file, write new files // containing the decrypted info and the signature } gpg-remailer-3.00.01/remailer/filetoreencrypt.cc0000644000175000017500000000122412253317064020541 0ustar frankfrank#include "remailer.ih" // writes reencrypt.x void Remailer::fileToReencrypt() { if (not step("doc")) return; IOContext io; LogException::open(io.decrypted, d_decryptedName); LogException::open(io.toReencrypt, d_reencryptName); // write the file to reencrypt as // - a simple one-piece text (simple.cc) // - text consisting of multiple parts (multipart.cc) // - text consisting of multiple parts and a detached // signature (multipartsigned.cc) (this->*s_reEncrypt[ encryptionType(io) ])(io); } gpg-remailer-3.00.01/remailer/simple.cc0000644000175000017500000000201712253050330016603 0ustar frankfrank#include "remailer.ih" // Simple pgp encrypted file (near line 410 in gpg-remailer(1)) // Format: // ---------------------------------------------------------------------- // Content-Type: text/plain; charset=us-ascii // Content-Disposition: inline // Content-Transfer-Encoding: quoted-printable // // decrypted text of the message // ---------------------------------------------------------------------- void Remailer::simple(IOContext &io) { d_log << level(LOGDEBUG) << "Simple mail received: No boundary, no multipart message\n"; // if no boundary and the first line is a content-type then // insert those lines first if (io.line.find("Content-Type:") == 0) { do io.toReencrypt << io.line << endl; while (getline(io.decrypted, io.line) && not onlyWS(io.line)); io.toReencrypt << endl; } copySignature(io.toReencrypt, ""); io.toReencrypt << '\n' << io.line << '\n' << io.decrypted.rdbuf(); } gpg-remailer-3.00.01/remailer/copysignature.cc0000644000175000017500000000233312253317064020221 0ustar frankfrank#include "remailer.ih" void Remailer::copySignature(ostream &out, string const &boundary) { if (boundary.length()) out << "Content-Type: text/plain; charset=us-ascii\n" "Content-Disposition: inline\n" "Content-Transfer-Encoding: quoted-printable\n" "\n"; ifstream sig; LogException::open(sig, d_signatureName); d_log << level(LOGDEBUG) << "Signature expected on " << d_signatureName << '\n'; SigStruct sigStruct = {out, NO_SIGNATURE}; out << '\n'; for_each(istream_iterator(sig), istream_iterator(), [&](string const &line) { signatureFilter(line, sigStruct); } ); if ( (d_sigRequired == GOOD_SIGNATURE && sigStruct.sigType != GOOD_SIGNATURE) || (d_sigRequired == SIGNATURE_FOUND && sigStruct.sigType == NO_SIGNATURE) ) throw LogException() << "bad or missing signature in " << d_contentsName << '\n'; d_log << level(LOGDEBUG) << "Signature check successfully passed\n"; out << '\n' << boundary << '\n'; } gpg-remailer-3.00.01/remailer/configfield.cc0000644000175000017500000000055612214671023017576 0ustar frankfrank#include "remailer.ih" string Remailer::configField(string const &field) { static Pattern pattern( R"(^\s*\S+\s+(\S+))" ); // pick 2nd term as [1] ConfigFile::const_iterator iter = d_config.findRE(R"(^\s*)" + field + ':'); if (iter == d_config.end()) return ""; pattern << *iter; return pattern[1]; } gpg-remailer-3.00.01/remailer/envelopeok.cc0000644000175000017500000000110212253050330017453 0ustar frankfrank#include "remailer.ih" bool Remailer::envelopeOK() { if (d_mailType == CLEAR && d_envelope.size()) { istringstream envelope(d_headers[0]); string address; envelope >> address >> address; // skips 'From ' for (auto &envelope: d_envelope) { if (String::casecmp(envelope, address) == 0) return true; } d_log << level(LOGDEFAULT) << "Envelope address " << address << " not accepted for clear-text e-mail\n"; return false; } return true; } gpg-remailer-3.00.01/remailer/remailer.ih0000644000175000017500000000123212253330444017132 0ustar frankfrank#include "remailer.h" #include #include #include #include #include #include #include #include #include #include #include #include "../logexception/logexception.h" inline bool Remailer::foundIn(std::string const &text, std::string const &target) const { return text.find(target) == 0; } inline bool Remailer::onlyWS(std::string const &text) const { return text.find_first_not_of(" \t") == std::string::npos; } using namespace std; using namespace FBB; gpg-remailer-3.00.01/remailer/mail.cc0000644000175000017500000000077012253050330016240 0ustar frankfrank#include "remailer.ih" void Remailer::mail() { if (step("pgpmail")) d_mailType = ENCRYPTED; else if (step("clearmail")) d_mailType = CLEAR; else if (d_mailType == UNKNOWN) return; d_mail(d_mailType, d_mailType == CLEAR ? d_contentsName : d_reencryptedName, not envelopeOK() // specify 'dontSend' || d_arg.option(0, "no-mail") || configField("noMail") == "true" ); } gpg-remailer-3.00.01/remailer/checkmembers.cc0000644000175000017500000000064112253050330017743 0ustar frankfrank#include "remailer.ih" void Remailer::checkMembers(vector &target) { auto member = find(target.begin(), target.end(), "members"); if (member != target.end()) // accept all members { target.erase(member); // this is not an envelope address target.insert(target.end(), // add the members d_members.begin(), d_members.end()); } } gpg-remailer-3.00.01/remailer/copytoboundary.cc0000644000175000017500000000072712253317064020413 0ustar frankfrank#include "remailer.ih" void Remailer::copyToBoundary(ostream &out, istream &in) { string line[2]; string *last = &line[0]; string *next = &line[1]; getline(in, *last); while (getline(in, *next)) { if (foundIn(*next, d_boundary)) return; out << *last << endl; swap(last, next); } throw LogException() << "no " << d_boundary << " boundary separator found in multipart MIME file\n"; } gpg-remailer-3.00.01/remailer/data.cc0000644000175000017500000000111612251347165016237 0ustar frankfrank#include "remailer.ih" void (Remailer::*Remailer::s_reEncrypt[])(IOContext &) = { &Remailer::simple, &Remailer::multipart, &Remailer::multipartSigned }; Remailer::StepStruct Remailer::s_step[] = { {"hdrs", UNKNOWN}, {"org", UNKNOWN}, {"clearmail", CLEAR}, {"dec", ENCRYPTED}, {"doc", ENCRYPTED}, {"enc", ENCRYPTED}, {"pgpmail", ENCRYPTED}, }; Remailer::StepStruct *Remailer::s_stepEnd = s_step + sizeof(s_step) / sizeof(StepStruct); gpg-remailer-3.00.01/remailer/encryptiontype.cc0000644000175000017500000000074212120110325020403 0ustar frankfrank#include "remailer.ih" Remailer::EncryptionEnum Remailer::encryptionType(IOContext &io) { getline(io.decrypted, io.line); // does this line contains multipart/signed ? if (io.line.find("Content-Type: multipart/signed;") == 0) return MULTIPART_SIGNED; if (hasBoundary(io.line, "multipart")) return MULTIPART; d_log << level(LOGDEBUG) << "No boundary, no multipart message\n"; return SIMPLE; } gpg-remailer-3.00.01/remailer/setdebug.cc0000644000175000017500000000032412253331667017132 0ustar frankfrank#include "remailer.ih" void Remailer::setDebug() { if (d_arg.option('d') || configField("debug") == "true") { d_keepFiles = true; d_log.setLevel(LOGDEBUG); d_gpg.debug(); } } gpg-remailer-3.00.01/remailer/remailer1.cc0000644000175000017500000000150612253050330017175 0ustar frankfrank#include "remailer.ih" Remailer::Remailer() : d_arg(Arg::instance()), d_keepFiles(false), d_config(ConfigFile::RemoveComment, ConfigFile::SearchCaseInsensitive), d_mail(d_log, d_headers, d_mailName, d_replyTo, d_step, d_recipients), d_gpg(d_log, d_user.homedir()) { d_arg.option(&d_step, "step"); d_configName = d_arg.nArgs() == 0 ? "etc/gpg-remailer.rc" : d_arg[0]; if (chdir(d_user.homedir().c_str()) != 0) // change Homedir throw Exception() << "Failed to change dir to " << d_user.homedir(); d_config.open(d_configName); // prepare configuration file // MUST be following change to // the user's homedir setLog(); // define logging } gpg-remailer-3.00.01/remailer/hasboundary.cc0000644000175000017500000000063412214671023017641 0ustar frankfrank#include "remailer.ih" bool Remailer::hasBoundary(string const &line, string const &msgTypeName) { static Pattern d_bdry( R"(boundary="([^\"]+))" ); if (d_bdry << line) { d_boundary = "--" + d_bdry[1]; d_log << level(LOGDEBUG) << "Saw boundary " << d_boundary << ": " << msgTypeName << " message\n"; return true; } return false; } gpg-remailer-3.00.01/remailer/setumask.cc0000644000175000017500000000062512253331205017154 0ustar frankfrank#include "remailer.ih" void Remailer::setUmask() { string umaskOpt; size_t umaskValue = 077; if (d_arg.option(&umaskOpt, "umask")) { umaskValue = stoul(umaskOpt, 0, 8); d_log << level(LOGDEFAULT) << "WARNING: umask setting changed to " << oct << setfill('0') << setw(3) << umaskValue << dec << setfill(' ') << '\n'; } umask(umaskValue); } gpg-remailer-3.00.01/remailer/writereencrypted.cc0000644000175000017500000000051612251347165020730 0ustar frankfrank#include "remailer.ih" // writes reencrypted.x and err.x (should be empty) void Remailer::writeReencrypted() { if (not step("enc")) return; string members; for(auto &member: d_members) members += member + ' '; d_gpg.encrypt(members, d_reencryptName, d_reencryptedName, d_errName); } gpg-remailer-3.00.01/remailer/checkrelax.cc0000644000175000017500000000027512253331500017430 0ustar frankfrank#include "remailer.ih" void Remailer::checkRelax() { if (d_arg.option(0, "relax")) d_log << level(LOGDEFAULT) << "--relax ignored. Use `--umask' instead\n"; } gpg-remailer-3.00.01/remailer/setfilenames.cc0000644000175000017500000000171412253050330017774 0ustar frankfrank#include "remailer.ih" void Remailer::setFilenames() { string prefix; if (not d_arg.option(&prefix, 't')) prefix = configField("tmp"); if (prefix.empty()) prefix = "tmp/"; if (prefix.back() != '/') // make sure / is appended prefix += '/'; d_decryptedName = prefix + "decrypted."; d_errName = prefix + "err."; d_mailName = prefix + "mail."; d_multipartSignedDataName = prefix + "multipartsigned."; d_contentsName = prefix + "org."; d_hdrsName = prefix + "hdrs."; d_reencryptName = prefix + "reencrypt."; d_reencryptedName = prefix + "reencrypted."; d_signatureName = prefix + "signature."; setSuffixNr(); d_decryptedName += d_nr; d_errName += d_nr; d_mailName += d_nr; d_multipartSignedDataName += d_nr; d_contentsName += d_nr; d_hdrsName += d_nr; d_reencryptName += d_nr; d_reencryptedName += d_nr; d_signatureName += d_nr; } gpg-remailer-3.00.01/remailer/setcleartext.cc0000644000175000017500000000165312253332236020036 0ustar frankfrank#include "remailer.ih" void Remailer::setClearText() { string clearText = configField("clear-text"); if (clearText.empty()) clearText = "rejected (by default)"; d_mail.setClearTextMode( clearText == "accepted" || clearText == "envelope" ? ACCEPTED : REJECTED ); if (clearText != "envelope") { if (d_envelope.size()) { d_log << level(LOGDEFAULT) << "Envelope ignored (clear-text: " << clearText << ")\n"; d_envelope.clear(); } } else { checkMembers(d_envelope); if (d_log.level() == LOGDEBUG) { d_log << "Accepted envelope addresses for clear-text e-mail:\n"; for (auto &address: d_envelope) d_log << ' ' << address; d_log << '\n'; } } } gpg-remailer-3.00.01/remailer/multipartsigned.cc0000644000175000017500000000261512253317064020543 0ustar frankfrank#include "remailer.ih" // Format of the decrypted PGP part, having a detached signature // (near line 457 in gpg-remailer(1)): // ---------------------------------------------------------------------- // Content-Type: multipart/signed; micalg=pgp-sha1; \ (line continues) // protocol="application/pgp-signature"; // boundary="=-TNwuMvq+TfajHhvqBuO7" // // --=-TNwuMvq+TfajHhvqBuO7 // Content-Type: text/plain // Content-Transfer-Encoding: quoted-printable // // Text of the message // // --=-TNwuMvq+TfajHhvqBuO7 // Content-Type: application/pgp-signature; name=signature.asc // Content-Description: This is a digitally signed message part // // -----BEGIN PGP SIGNATURE----- // ... signature text // -----END PGP SIGNATURE----- // // --=-TNwuMvq+TfajHhvqBuO7-- // ---------------------------------------------------------------------- void Remailer::multipartSigned(IOContext &io) { d_log << level(LOGDEBUG) << "Multipart-Signed e-mail received\n"; findBoundary(io); ostream null(0); copyToBoundary(null, io.decrypted); // skip all headers copyToBoundary(d_multipartSignedDataName, io.decrypted); d_gpg.verify(d_decryptedName, d_multipartSignedDataName, d_signatureName); copySignature(io.toReencrypt, d_boundary); ifstream data; LogException::open(data, d_multipartSignedDataName); io.toReencrypt << data.rdbuf(); } gpg-remailer-3.00.01/remailer/mailcontents.cc0000644000175000017500000000113312251347165020025 0ustar frankfrank#include "remailer.ih" void Remailer::mailContents() { if (not step("org")) return; // explicit steps may be used to // process a particular type of mail, // even if 'org' wasn't used. MailType type = d_mail.writeContents(d_contentsName); if (d_step.empty()) // mail type remains unknown for d_mailType = type; // specific step requests, to prevent // automatically sending mail. } gpg-remailer-3.00.01/remailer/copytoboundary2.cc0000644000175000017500000000033612253317064020471 0ustar frankfrank#include "remailer.ih" // the boundary has just been seen void Remailer::copyToBoundary(string const &destName, istream &in) { ofstream out; LogException::open(out, destName); copyToBoundary(out, in); } gpg-remailer-3.00.01/remailer/findboundary.cc0000644000175000017500000000043012253317064020005 0ustar frankfrank#include "remailer.ih" void Remailer::findBoundary(IOContext &io) { while (!hasBoundary(io.line, "multipart/signed")) { if (!getline(io.decrypted, io.line)) throw LogException() << "multipart/signed: no boundary found\n"; } } gpg-remailer-3.00.01/remailer/reencrypt.cc0000644000175000017500000000042012251347165017336 0ustar frankfrank#include "remailer.ih" void Remailer::reencrypt() { fileToReencrypt(); // requires step 'doc'. Writes reencrypt.x and // maybe multipartsigned.x writeReencrypted(); // requires step 'enc'. Writes reencrypted.x } gpg-remailer-3.00.01/remailer/signaturefilter.cc0000644000175000017500000000063212120110325020514 0ustar frankfrank#include "remailer.ih" void Remailer::signatureFilter(string const &line, SigStruct &sigStruct) { if ( sigStruct.sigType == NO_SIGNATURE && line.find("Signature made") != string::npos ) sigStruct.sigType = SIGNATURE_FOUND; else if (line.find("Good signature") != string::npos) sigStruct.sigType = GOOD_SIGNATURE; sigStruct.out << line << endl; } gpg-remailer-3.00.01/remailer/step.cc0000644000175000017500000000124712251347165016306 0ustar frankfrank#include "remailer.ih" bool Remailer::step(string const &stepName) { MailType requiredType = find_if(s_step, s_stepEnd, // find the info [&](StepStruct const &stepStruct) // matching the step { return stepName.find(stepStruct.stepName) == 0; } )->requiredType; if (d_step.empty()) // exec. all steps by default return d_mailType == requiredType; // but only if types match if (d_step.find(stepName) == 0) // explicit step requested { d_log << level(LOGDEFAULT) << "Step " << d_step << " request\n"; return true; } return false; } gpg-remailer-3.00.01/remailer/collect.cc0000644000175000017500000000014712214671023016746 0ustar frankfrank#include "remailer.ih" void Remailer::collect(ostream *out, istream *in) { *out << in->rdbuf(); } gpg-remailer-3.00.01/spawn/0000755000175000017500000000000012253050330014333 5ustar frankfrankgpg-remailer-3.00.01/spawn/parentprocess.cc0000644000175000017500000000011112251347165017540 0ustar frankfrank#include "spawn.ih" void Spawn::parentProcess() { waitForChild(); } gpg-remailer-3.00.01/spawn/spawn.h0000644000175000017500000000136512253050330015641 0ustar frankfrank#ifndef INCLUDED_SPAWN_ #define INCLUDED_SPAWN_ #include #include #include #include "../enums/enums.h" class Spawn: private Enums, public FBB::Fork { int d_in; // -2 indicates `ignore' int d_out; int d_err; FBB::Redirector d_inRedirector; FBB::Redirector d_outRedirector; FBB::Redirector d_errRedirector; std::string d_command; public: Spawn(std::string const &command, std::string const &in, std::string const &out, std::string const &err); private: void childProcess() override; void parentProcess() override; void childRedirections() override; }; #endif gpg-remailer-3.00.01/spawn/childredirections.cc0000644000175000017500000000043112251347165020353 0ustar frankfrank#include "spawn.ih" void Spawn::childRedirections() { if (d_in != -2) d_inRedirector.through(Redirector::STDIN); if (d_out != -2) d_outRedirector.through(Redirector::STDOUT); if (d_err != -2) d_errRedirector.through(Redirector::STDERR); } gpg-remailer-3.00.01/spawn/spawn1.cc0000644000175000017500000000202012253317064016057 0ustar frankfrank#include "spawn.ih" Spawn::Spawn( std::string const &command, std::string const &in, std::string const &out, std::string const &err) : // empty names indicate the stream must be ignored d_in(in.empty() ? -2 : ::open(in.c_str(), O_RDONLY)), d_out(out.empty() ? -2 : ::open(out.c_str(), O_CREAT | O_RDWR, S_IRUSR | S_IWUSR)), d_err(err.empty() ? -2 : ::open(err.c_str(), O_CREAT | O_RDWR, S_IRUSR | S_IWUSR)), d_inRedirector(d_in), d_outRedirector(d_out), d_errRedirector(d_err), d_command(command) { if (d_in == -1 || d_out == -1 || d_err == -1) { string empty("--"); throw LogException() << "no file desciptors for `" << command << "': " << d_in << " (" << (in.empty() ? empty : in) << "), " << d_out << " (" << (out.empty() ? empty : out) << "), " << d_err << " (" << (err.empty() ? empty : err) << ")\n"; } } gpg-remailer-3.00.01/spawn/spawn.ih0000644000175000017500000000035412253050330016007 0ustar frankfrank#include "spawn.h" #include #include #include #include #include #include #include "../logexception/logexception.h" using namespace std; using namespace FBB; gpg-remailer-3.00.01/spawn/childprocess.cc0000644000175000017500000000053712251347165017346 0ustar frankfrank#include "spawn.ih" void Spawn::childProcess() { vector cmd(String::split(static_cast(0), d_command)); char const **args = String::argv(cmd); execv(args[0], const_cast(args)); throw 0; // this should not be reached, but if so main properly ends. } gpg-remailer-3.00.01/usage.cc0000644000175000017500000000500312253050330014614 0ustar frankfrank// usage.cc #include "main.ih" void usage(string const &progname) { cout << '\n' << progname << " by f.b.brokken@rug.nl\n" << progname << " V" << version << " " << year << "\n" "\n" "Usage: " << progname << " [options] [config]\n" "Where:\n" " [options] - optional arguments (short options between parentheses):\n" " --debug (-d) - debug output shown to cout\n" " --help (-h) - provide this help\n" " --logfile (-l) - log-file name (etc/remailer.log)\n" " --loglevel (-L) - Set the log-message level: 0: debug\n" " 1: commands, 2: default\n" " `level' implies all higher levels\n" " >= 3: no log messages (2)\n" " --member (-m) - Mail is sent to , members listed\n" " in the config file are ignored\n" " --no-mail - do not send the reencrypted e-mail\n" " --nr (-n) - temporary files will use id number \n" " --recipient (-r) - Mail is sent to , recipients\n" " listed in the config file are ignored\n" " --step - perform a single step:\n" " hdrs (write the mail headers),\n" " org (mail data),\n" " dec (decrypt data),\n" " doc (create doc to send),\n" " enc (encrypt doc),\n" " pgpmail (send reencrypted mail)\n" " pgpmail:address (reencrypted mail is only " "sent\n" " to the provided address, ignoring\n" " recipient(s) specified otherwise)\n" " clearmail (send clear-text mail)\n" " clearmail:address (clear-text mail is only " "sent\n" " to the provided address, ignoring\n" " recipient(s) specified otherwise)\n" " --version (-v) - show version information and terminate\n" " config - configuration file (~/etc/remailer.rc).\n" << endl; } gpg-remailer-3.00.01/version.cc0000644000175000017500000000012712253327465015217 0ustar frankfrank#include "main.ih" #include "VERSION" char version[] = VERSION; char year[] = YEARS;