gpg-remailer-3.01.03/CLASSES0000644000175000017500000000017512605005143014234 0ustar frankfrankremailer mail gpg gpgmail cleartextmail mailerbase # mailer: class template, so no compilation required headers logexception gpg-remailer-3.01.03/Copyright-notice0000644000175000017500000000244712605005143016372 0ustar frankfrank-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 gpg-remailer forwards PGP/GPG encrypted/signed mail to a group Copyright (C) 2006-2013 Frank B. Brokken (f.b.brokken@rug.nl) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQEVAwUBUjNs/32yqL7q5NiqAQhadwf6A7XiQywHmiucsTXMOiAIPPSeypZpNr6R b23BEg2Po/qGdTX7J1lpjHVxRuGH51XCPyfYlWdSl06tjANR3qvZBz/spuwj+dlv edCqTLjPHoEVVHqCHGtNwWfokyEpm8gW9o93Rm7S8mg0SzThBvPxKK7YSqQXwF5Q ELWLJSXGcLF1Z9bRgi9iOxAxkyGwM4HBghFnQ72/MiQcHEvhTKpfL/y4Q1o4K7VC YI3gaBnOQgCLgxKPFSGNdNQfBlAfz3jwjUcTi8aT5oXCoPLidEWUOj/0HBxjhbTb eoW+OQrgPTGaEe2elwZBAOTa+Pt0O+CN6lwRAx5Tc9MXbA2M2HOo/A== =h6EW -----END PGP SIGNATURE----- gpg-remailer-3.01.03/INSTALL0000644000175000017500000000773612605005143014257 0ustar frankfrankTo install gpg-remailer by hand instead of using a binary distribution perform the following steps: 0. gpg-remailer and its construction depends, in addition to the normally standard available system software on specific software and versions which is documented in the file `required'. (If you compile the bobcat library yourself, note that gpg-remailer does not use the SSL, Milter and Xpointer classes; they may --as far as gpg-remailer is concerned-- be left out of the library by running './build light') 1. It is expected you use icmake for the package construction. For this a top-level script (build) and support scripts in the ./icmake/ directory are available. By default, the 'build' script echoes the commands it executes to the standard output stream. By specifying the option -q (e.g., ./build -q ...) this is prevented, significantly reducing the output generated by 'build'. 2. Inspect the values of the variables in the file INSTALL.im Modify these when necessary. 3. Run ./build program [strip] to compile gpg-remailer. The argument `strip' is optional and strips symbolic information from the final executable. 4. If you installed Yodl then you can create the documentation: ./build man builds the man-pages, and ./build manual builds the manual. 5. Before installing the components of gpg-remailer, consider defining the environment variable GPGREMAILER, defining its value as the (preferably absolute) filename of a file on which installed files and directories are logged. Defining the GPGREMAILER environment variable as ~/.gpg-remailer usually works well. 6. Run (probably as root) ./build install 'what' 'base' to install. Here, 'what' specifies what you want to install. Specify: x, to install all components, or specify a combination of: b (binary program), d (standard documentation), m (man-pages) E.g., use ./build install bm 'base' if you only want to be able to run gpg-remailer, and want its man-page to be installed below 'base'. ./build install's last argument 'base' is optional: the base directory below which the requested files are installed. This base directory is prepended to the paths #defined in the INSTALL.im file. If 'base' is not specified, then INSTALL.im's #defined paths are used as-is. When requesting non-existing elements (e.g., './build install x' was requested, but the man-pages weren't constructed) then these non-existing elements are silently ignored by the installation process. If the environment variable GPGREMAILER was defined when issuing the `./build install ...' command then a log of all installed files is written to the file indicated by the GPGREMAILER environment variable (see also the next item). Defining the GPGREMAILER environment variable as ~/.gpg-remailer usually works well. 7. Uninstalling previously installed components of gpg-remailer is easy if the environment variable GPGREMAILER was defined before issuing the `./build install ...' command. In that case, run the command ./build uninstall logfile where 'logfile' is the file that was written by ./build install. Modified files and non-empty directories are not removed, but the logfile itself is removed following the uninstallation. 8. Following the installation nothing in the directory tree which contains this file (i.e., INSTALL) is required for the proper functioning of gpg-remailer, so consider removing it. If you only want to remove left-over files from the build-process, just run ./build distclean gpg-remailer-3.01.03/INSTALL.im0000644000175000017500000000376112605005143014655 0ustar frankfrank // The name of the program and the support directories as installed by // the 'build install' command. Normally there is no reason for changing // this #define #define PROGRAM "gpg-remailer" // The CXX, CXXFLAGS, and LDFLAGS #defines are overruled by identically // named environment variables: // the compiler to use. #define CXX "g++" // the compiler options to use. Add -g if you want debug information in // the gpg-remailer executable. #define CXXFLAGS "--std=c++14 -Wall -O2 -pthread "\ " -fdiagnostics-color=never" // flags passed to the linker #define LDFLAGS "" // The following /bin/cp option is used to keep, rather than follow // symbolic references. If your installation doesn't support these flags, // then change them into available ones. // -P, --no-dereference // never follow symbolic links in SOURCE // --preserve[=ATTR_LIST] // preserve the specified attributes (default: // mode,ownership,timestamps), if possible additional // attributes: context, links, all // -d same as --no-dereference --preserve=links #define CPOPTS "-d" // COMPONENTS TO INSTALL // ===================== // For an operational non-Debian installation, you probably must be // `root'. // If necessary, adapt DOC, HDR, LIB and MAN (below) to your situation. // The provided locations are used by Debian Linux. // With 'build install' you can dynamically specify a location to prepend // to the locations configured here, and select which components you want // to install // ONLY USE ABSOLUTE DIRECTORY NAMES: // the final program #define BINARY "/usr/bin/"${PROGRAM} // the directory where the standard documentation is stored #define DOC "/usr/share/doc/"${PROGRAM} // the directory whre the manual page is stored #define MAN "/usr/share/man/man1" gpg-remailer-3.01.03/LICENSE0000644000175000017500000010451312635513325014233 0ustar frankfrank GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: Copyright (C) This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see . The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read . gpg-remailer-3.01.03/TODO0000644000175000017500000000001112605005143013671 0ustar frankfrankall done gpg-remailer-3.01.03/VERSION0000644000175000017500000000006612634561411014272 0ustar frankfrank#define VERSION "3.01.03" #define YEARS "2006-2015" gpg-remailer-3.01.03/VERSION.h0000644000175000017500000000010412605005143014502 0ustar frankfrank#include "VERSION" SUBST(_CurVers_)(VERSION) SUBST(_CurYrs_)(YEARS) gpg-remailer-3.01.03/build0000755000175000017500000000720112634561411014245 0ustar frankfrank#!/usr/bin/icmake -qt/tmp/gpg-remailer #define LOGENV "GPGREMAILER" #include "icmconf" list g_log; string g_logPath = getenv(LOGENV)[1], g_cwd = chdir(""); // initial working directory, ends in / int g_echo = ON; // MODIFIED, existing variable #include "icmake/cuteoln" #include "icmake/backtick" #include "icmake/setopt" #include "icmake/run" #include "icmake/md" #include "icmake/findall" #include "icmake/loginstall" #include "icmake/logzip" #include "icmake/logfile" #include "icmake/uninstall" #include "icmake/pathfile" #include "icmake/precompileheaders" // check the name of main.ih #include "icmake/special" #include "icmake/clean" #include "icmake/manpage" #include "icmake/install" #include "icmake/github" void main(int argc, list argv) { string option; string strip; int idx; for (idx = listlen(argv); idx--; ) { if (argv[idx] == "-q") { g_echo = OFF; argv -= (list)"-q"; } else if (argv[idx] == "-P") { g_gch = 0; argv -= (list)"-P"; } } echo(g_echo); option = argv[1]; if (option == "clean") clean(0); if (option == "distclean") clean(1); if (option == "install") install(argv[2], argv[3]); if (option != "") special(); if (option == "github") github(); if (option == "uninstall") uninstall(argv[2]); if (option == "man") manpage(); if (option == "library") { precompileHeaders(); system("icmbuild library"); exit(0); } if (argv[2] == "strip") strip = "strip"; if (option == "program") { precompileHeaders(); system("icmbuild program " + strip); exit(0); } if (option == "oxref") { precompileHeaders(); system("icmbuild program " + strip); run("oxref -fxs tmp/lib" LIBRARY ".a > " PROGRAM ".xref"); exit(0); } printf("Usage: build [-q -P] what\n" "Where\n" " [-q]: run quietly, do not show executed commands\n" " [-P]: do not use precompiled headers\n" "`what' is one of:\n" " clean - clean up remnants of previous " "compilations\n" " distclean - clean + fully remove tmp/\n" " library - build " PROGRAM "'s library\n" " man - build the man-page (requires Yodl)\n" " program [strip] - build " PROGRAM " (optionally strip the\n" " executable)\n" " oxref [strip] - same a `program', also builds xref file\n" " install selection [base] - to install the software in the \n" " locations defined in the INSTALL.im file,\n" " optionally below base\n" " selection can be\n" " x, to install all components,\n" " or a combination of:\n" " b (binary program),\n" " d (documentation),\n" " m (man-pages)\n" " uninstall logfile - remove files and empty directories listed\n" " in the file 'logfile'\n" " using oxref\n" " github - prepare github's gh-pages update\n" " (internal use only)\n" "\n" ); exit(0); } gpg-remailer-3.01.03/changelog0000644000175000017500000001333612635511454015103 0ustar frankfrankgpg-remailer (3.01.03) * Added the file extensiveexample.txt covering an extensive example of the steps that are involved when operationally using the gpg-remailer. * Gpg-remailer displays meaningful error messages for missing numeric option arguments (added remailer/strToUnsigned. * Adapted the icmake scripts to icmake 8.00.04, updated the installation procedure * Fixed a bug in handling log-level specifications -- Frank B. Brokken Sun, 20 Dec 2015 12:38:12 +0100 gpg-remailer (3.01.02) * Kevin Brodsky observed that the installation scripts used 'chdir' rather than 'cd'. Fixed in this release. * Kevin Brodsky also observed that the combined size of all precompiled headers might exceed some disks capacities. The option -P was added to the ./build script to prevent the use of precompiled headers. -- Frank B. Brokken Mon, 05 Oct 2015 21:22:36 +0200 gpg-remailer (3.01.01) * Standardized the (de)installation procedures * Gpg-remailer depends on Bobcat >= 4.01.02 -- Frank B. Brokken Sun, 04 Oct 2015 11:28:28 +0200 gpg-remailer (3.01.00) * After Bobcat 3.19.00 Bobcat's class Process can again be used. This version drops Spawn in favor of Bobcat's class Process * Added 'build uninstall'. This command only works if, when calling one of the 'build install' alternatives and when calling 'build uninstall' the environment variable REMAILER contains the (preferably absolute) filename of a file on which installed files and directories are logged. Note that 'build (dist)clean' does not remove the file pointed at by the REMAILER environment variable, unless that file happpens to be in a directory removed by 'build (dist)clean'. See also the file INSTALL. Defining the REMAILER environment variable as ~/.remailer usually works well. -- Frank B. Brokken Tue, 29 Sep 2015 21:00:01 +0200 gpg-remailer (3.00.01) * Repaired error in exception handling. Because of this, version 3.00.00 is not released by itself. Instead, use this 3.00.01 release. * Added option --umask -- Frank B. Brokken Sun, 15 Dec 2013 14:59:14 +0100 gpg-remailer (3.00.00) * The remailer can be configured to accept clear-text messages, in addition to GPG/PGP encrypted messages. * Added configuration file options `clear-text' ((dis)allowing clear-text mail) and `envelope' (specifying from which envelope addresses clear-text mail is accepted). * The `relax' option and configuration parameter is no longer interpreted. A warning is logged if it is used. Instead of using `relax' the pseudo account used for remailing should set `umask 077' at shell-startup. * Long encrypted messages broke the remailer. Repaired by simplifying child process handling in a separate class `Spawn'. * Added additional comment to various remailer/ source files, and to remailer/remailer.h -- Frank B. Brokken Sat, 14 Dec 2013 13:37:43 +0100 gpg-remailer (2.56.00) * Repaired handling of multiple -m or -r options: now all -m and -r options are recognized. Each -m or -r option should contain just one e-mail address. -- Frank B. Brokken Thu, 09 Oct 2013 21:27:25 +0200 gpg-remailer (2.55.01) * Added missing -pthread flag to icmconf: without it, compiling succeeds, but execution ends in a Fatal exception. -- Frank B. Brokken Mon, 30 Sep 2013 16:06:56 +0200 gpg-remailer (2.55.00) * As per RFC 2822 (pg. 8), multiple subject lines in incoming e-mail are now recognized. * remailer/sendmail.cc and remailer/gpg.cc no longer uses /bin/sh. * NTBSs escaping \- or "-chars were converted to Raw String Literals where considered sensible. * Added PGP signed file (Copyright-notice) stating that the files of the gpg-remailer package are all free software in accordance with the GPL V. 3. * Updated the man-page * Gzipped documents were generated using the -n flag to avoid timestamps -- Frank B. Brokken Sat, 14 Sep 2013 13:33:20 +0200 gpg-remailer (2.54.01) * The distribution is now provided with a (GPL) LICENCE file -- Frank B. Brokken Wed, 04 Sep 2013 15:07:26 +0200 gpg-remailer (2.54.00) * Sources adapted to Bobcat 3.12.00 * Program renamed to gpg-remailer, default configuration file now etc/gpg-remailer.rc -- Frank B. Brokken Tue, 12 Mar 2013 13:42:48 +0100 remailer (2.53.00) * Sources adapted to Bobcat 3.00.00 -- Frank B. Brokken Fri, 04 May 2012 16:18:41 +0200 remailer (2.52.00) * Used lambda functions and modifications required for amd64 architectures -- Frank B. Brokken Wed, 07 Sep 2011 17:00:07 +0200 remailer (2.51.00) * Adapted sources to bobcat 2.13.0 -- Frank B. Brokken Fri, 04 Feb 2011 22:23:52 +0100 remailer (2.50.1) * Multiple changes see the svn diffs, Using the --std=c++0x compiler option. -- Frank B. Brokken Mon, 12 Oct 2009 09:52:11 +0200 remailer (2.41.0) * Repaired --no-mail handling, recompilation for new Process class -- Frank B. Brokken Mon, 27 Oct 2008 17:05:19 +0100 remailer (2.40.0) * -- Frank B. Brokken remailer (2.32.1) * Initial 'Content-Type:' line section is written before the signature. If no such section is found, then the signature is shown first. -- Frank B. Brokken Tue, 30 Sep 2008 09:42:38 +0200 remailer (2.32.0) * Conversion from remailerScript to C++ program -- Frank B. Brokken Sun, 28 Sep 2008 19:39:08 +0200 gpg-remailer-3.01.03/cleartextmail/0000755000175000017500000000000012635513212016053 5ustar frankfrankgpg-remailer-3.01.03/cleartextmail/label.cc0000644000175000017500000000014312605005143017433 0ustar frankfrank#include "cleartextmail.ih" string ClearTextMail::label() const { return "Clear text mail"; } gpg-remailer-3.01.03/cleartextmail/cleartextmail.h0000644000175000017500000000172112605005143021057 0ustar frankfrank#ifndef INCLUDED_CLEARTEXTMAIL_ #define INCLUDED_CLEARTEXTMAIL_ namespace FBB { class Log; } #include "../mailer/mailer.h" class Headers; class ClearTextMail: public Mailer { friend void MailerFriend::send(std::string const &mailData, std::vector const &recipients, bool dontSend); Headers &d_headers; std::string const &d_mailName; std::string const &d_replyTo; public: ClearTextMail(FBB::Log &log, Headers &headers, std::string const &mailName, std::string const &replyTo, std::string const &step ); private: std::string headers() const; // Called through MailerBase: std::string label() const; std::string mailCommand(std::string const &recipient) const; void writeMailContents(std::string const &mailData) const; }; #endif gpg-remailer-3.01.03/cleartextmail/mailcommand.cc0000644000175000017500000000040212605005143020633 0ustar frankfrank#include "cleartextmail.ih" string ClearTextMail::mailCommand(string const &recipient) const { return "/usr/bin/mail -s '" + subject() + "' " "-a \"Reply-To: " + d_replyTo + "\" " + headers() + " " + recipient; } gpg-remailer-3.01.03/cleartextmail/cleartextmail.ih0000644000175000017500000000023112605005143021223 0ustar frankfrank#include "cleartextmail.h" #include #include #include "../headers/headers.h" using namespace std; using namespace FBB; gpg-remailer-3.01.03/cleartextmail/writemailcontents.cc0000644000175000017500000000035712605005143022136 0ustar frankfrank#include "cleartextmail.ih" void ClearTextMail::writeMailContents(std::string const &mailData) const { ifstream in; Exception::open(in, mailData); ofstream out; Exception::open(out, d_mailName); out << in.rdbuf(); } gpg-remailer-3.01.03/cleartextmail/cleartextmail1.cc0000644000175000017500000000053312605005143021276 0ustar frankfrank#include "cleartextmail.ih" ClearTextMail::ClearTextMail(Log &log, Headers &headers, string const &mailName, string const &replyTo, string const &step) : Mailer(log, headers, mailName, step), d_headers(headers), d_mailName(mailName), d_replyTo(replyTo) { } gpg-remailer-3.01.03/cleartextmail/headers.cc0000644000175000017500000000256412605005143020000 0ustar frankfrank#include "cleartextmail.ih" string ClearTextMail::headers() const { string mime = d_headers.getHeader("MIME-Version"); string contentHdr; if (not mime.empty()) contentHdr = R"(-a ")" + String::escape(mime) + '"'; d_headers.setHeaderIterator("Content-", MailHeaders::CASE_INITIAL); for ( auto begin = d_headers.beginh(), end = d_headers.endh(); begin != end; ++begin ) { string header(*begin); char const *headerCp = header.c_str(); if ( strcasestr(headerCp, "Content-Type") == headerCp || strcasestr(headerCp, "Content-Disposition") == headerCp ) { while (true) { size_t pos0 = header.find('\n'); // any newline? if (pos0 == string::npos) // no: done break; // pos. of 1st non-blank // beyond the \n size_t pos1 = header.find_first_not_of(" \t\n", pos0); // e.g. 'n x': pos0 = 0, pos1 = 2 -> erase 1 char header.erase(pos0, pos1 - pos0 - 1); header[pos0] = ' '; } contentHdr += R"( -a ")" + String::escape(header) + '"'; } } return contentHdr; } gpg-remailer-3.01.03/documentation/0000755000175000017500000000000012605005143016062 5ustar frankfrankgpg-remailer-3.01.03/documentation/man/0000755000175000017500000000000012635512177016652 5ustar frankfrankgpg-remailer-3.01.03/documentation/man/gpg-remailer.yo0000644000175000017500000006310412605005143021565 0ustar frankfrankNOUSERMACRO(recipient member) includefile(../../release.yo) TYPEOUT(USING: VERSION = _CurVers_, YEARS: _CurYrs_) htmlbodyopt(text)(#27408B) htmlbodyopt(bgcolor)(#FFFAF0) whenhtml(mailto(Frank B. Brokken: f.b.brokken@rug.nl)) DEFINEMACRO(lsoption)(3)(\ bf(--ARG1)=tt(ARG3) (bf(-ARG2))\ ) DEFINEMACRO(laoption)(2)(\ bf(--ARG1)=tt(ARG2)\ ) DEFINEMACRO(loption)(1)(\ bf(--ARG1)\ ) DEFINEMACRO(soption)(1)(\ bf(-ARG1)\ ) DELETEMACRO(tt) DEFINEMACRO(tt)(1)(em(ARG1)) COMMENT( man-request, section, date, distribution file, general name) manpage(gpg-remailer)(1)(_CurYrs_)(gpg-remailer._CurVers_.tar.gz) (gpg-remailer - reencrypt PGP/GPG maill) COMMENT( man-request, larger title ) manpagename(gpg-remailer) (forward re-encrypted/signed PGP/GPG encrypted/signed mail to a group) COMMENT( all other: add after () ) manpagesynopsis() bf(gpg-remailer) [OPTIONS] manpagedescription() Gpg-remailer decrypts received PGP/GPG messages, verifies the received signature, and re-encrypts the e-mail for a well defined group of recipients. Gpg-remailer can also be configured so as to process clear-text e-mail. Using gpg-remailer the list of members of a group of people who want to exchange encrypted and authenticated e-mails (and maybe also clear-text messages) can be maintained at one location, allowing the members of the group to specify just one e-mail address to send PGP/GPG signed and encrypted (or optionally clear-text) e-mail to. Gpg-remailer reads incoming e-mail from its standard input stream. If the incoming e-mail is clear-text, it resends the e-mail to one or more configurable e-mail addresses. If the incoming e-mail is PGP/GPG encrypted (and optionally signed) it re-encrypts the received information for every member of a configurable group, and send the re-encrypted information to one or more configurable e-mail addresses. By itself, gpg-remailer is not a mailing list. However, the configured recipient address could be, e.g., a mailing list address, for further distribution of the processed e-mail. Gpg-remailer is a em(remailer): it uses the message's data, but not its headers. Having received an e-mail it resends, rather than forwards, the received e-mail. The e-mail that is received via gpg-remailer therefore contains a completely new set of e-mail headers. A configuration file as well as command line options can be used to fine-tune gpg-remailer's behavior. manpagesection(RETURN VALUE) Gpg-remailer always returns 0 to the operating system to prevent tt(unknown mailer error) messages in the MTA's logs. However, when gpg-remailer ends prematurely an error message is written to the standard error stream. manpagesection(REQUIREMENTS) In order to use gpg-remailer the following requirements must be met (all commands should be issued by the tt(root) user): itemization( it() Since multiple groups may use gpg-remailer it is advised to define functional accounts handling e-mail to be processed by gpg-remailer. A functional account tt(secmail) can be defined using a command like this: verb( adduser --home /var/lib/secmail --disabled-password secmail ) it() All locations used by the gpg-remailer must be given highly restrictive permissions. E.g., the functional accounts should set tt(umask 077). It is the responsibility of the user to make sure that the access rights are correctly configured. it() Consider making all functional gpg-remailer accounts members of a special group (e.g., tt(gpg-remailer)) and allow execution of tt(/usr/sbin/gpg-remailer) only my members of that group: verb( addgroup gpg-remailer adduser secmail gpg-remailer chown root.gpg-remailer /usr/sbin/gpg-remailer chmod o-rx /usr/bin/gpg-remailer ) it() To allow the functional account to handle incoming e-mail bf(sudo)(1) can be used. In the file tt(/etc/sudoers) the following lines can be entered (tt(REMAILERS) can be given a comma separated list of functional account names, tt(mailhost.org) should be replaced by the name of the host handling incoming e-mail): verb( Runas_Alias REMAILERS = secmail mail mailhost.org=(REMAILERS) NOPASSWD: /usr/sbin/gpg-remailer ) E.g., if gpg-remailer runs on a computer named tt(remailer.mydomain.nl) which may receive incoming e-mails, then specify tt(remailer.mydomain.nl) for tt(mailhost.org). it() An e-mail address must be defined to where the mail to reencrypt must be sent to. This e-mail address must be known by the members of the group who want to use the gpg-remailer. Such an account could be, e.g., tt(secmail@mailhost.org), appearing as a defined mail address in, e.g., tt(/etc/mail/aliases). The address for this example would be entered in the tt(/etc/mail/aliases) file (some installations use tt(/etc/aliases)) in this way: verb( secmail: "|sudo -u secmail /usr/sbin/gpg-remailer" ) ) manpagesection(THE PSEUDO USER'S PGP KEY RINGS) itemization( it() The functional account must be provided with a GPG/PGP keypair. Its public key must be distributed over the people who are allowed to send mail to the gpg-remailer (which may be the world if the public key is published at a PGP key server). Since the gpg-remailer must be able to act on its own, the secret key must not require a passphrase. The key can be created as follows (after the initial command, which is specified by tt(root), the remaining commands through the final tt(exit) command at the end of this section are executed by the pseudo-user tt(secmail)): verb( su - secmail gpg --gen-key ) At the tt(gpg --gen-key) command the tt(gpg) program asks for some details. Accept the defaults unless you have reason not to, but make sure you do not require a pass-phrase: press tt(Enter) twice when asked for one. ) bf(Some additional suggestions:) itemization( it() Details for defining a PGP key without password: define default RSA key, size 2048, never to expire+nl() real name: secmail gpg-remailer functional account+nl() email address: secmail@mailhost.org+nl() No passphrase required: press Enter twice.+nl() it() Specify the key-id of the just created gpg-key as the default key in the file tt(~/.gnupg/gpg.conf) (or tt(~/.gnupg/options), whichever is used). E.g., verb( default-key 1234ABCD ) it() Also add a line containing verb( force-mdc ) to tt(~/.gnupg/gpg.conf). This prevents the warning verb( WARNING: message was not integrity protected ) it() If you want to allow non-group members to send e-mail to the gpg-remailer consider adding a key server specification to tt(~/.gnupg/gpg.conf) as well, to allow the automatic retrieval of missing public keys. E.g., add a line like verb( keyserver keys.gnupg.net ) to tt(~/.gnupg/gpg.conf). it() Next use tt(gpg --search-keys), tt(gpg --recv-keys) or tt(gpg --import) (see the bf(gpg)(1) man-page for the required formats of these commands) to already add the public keys of all the members of the group who will be using gpg-remailer to the pseudo user's public key ring. it() If a group member exists who has signed the GPG/PGP keys of all other members, then consider to trust this member fully, to prevent warnings resulting from using untrusted keys. it() Once the gpg-remailer's GPG key pair has been created, provide the remailer's public key to the members of the group. These members should import the public key and they should be advised to sign the remailer's public key to prevent warnings about using an unverified public key. The remailer's public key can be be exported to file using verb( gpg --armor --export secmail > secmail.pub ) and the members of the group can import the remailer's public key using: verb( gpg --import secmail.pub ) it() When a new member is added to the group he/she should add the remailer's public key to his/her public key ring and provide his/her public key for import into the functional account's public key ring. it() Gpg-remailer requires the existence of a configuration file and of a directory to store its temporary files in. See the section bf(CONFIGURATION FILE) below. it() Having prepared the pseudo user's PGP key rings, the command tt(exit) takes you back to the tt(root) user's session. ) manpageoptions() If available, single letter options are listed between parentheses following their associated long-option variants. Single letter options require arguments if their associated long options require arguments as well. itemization( it() loption(debug) (soption(d)) nl() When specified, debug messages are logged to the log-file (see below). When this option is specified the files written by gpg-remailer are not removed after gpg-remailer has processed an incoming e-mail. it() loption(help) (soption(h)) nl() A short summary of the usage is displayed to the standard output after which gpg-remailer terminates. it() lsoption(logfile)(l)(filename)nl() Specifies the file on which gpg-remailer's log messages are written (by default tt(~/etc/gpg-remailer.log)). it() lsoption(loglevel)(L)(level)nl() LogLevel 0 provides extensive debug output as well as all other logmessages;nl() LogLevel 1 logs the executed commands and the default messages;nl() LogLevel 2 logs the default messages (characteristics of incoming and outgoing e-mail) (default);nl() Higher levels will suppress logging. it() lsoption(member)(m)(PGP e-mail address) nl() The PGP-key e-mail address to re-encrypt the message for. Overrides the member(s) listed in the configuration file. This option may be specified multiple times when multiple members must be specified on the command line. With each tt(--member) option only provide one e-mail address (e.g., tt(member@domain.iso). This format is not checked by bf(gpg-remailer), but a failure to comply may result in bf(gpg-remailer) being unable to re-encrypt or e-mail messages. The tt(--member) specifications can also be used to specify a set of e-mail envelope addresses from where clear-text e-mail is accepted, using the tt(envelope: members) and tt(clear-text: envelope) configuration file specifications. it() loption(noMail)nl() When specified no mail is sent. it() lsoption(nr)(n)(file-number) nl() Files created by the gpg-remailer while processing incoming e-mails are kept, and receive suffix tt(file-number), which should be a number. it() lsoption(recipient)(r)(e-mail address) nl() The recipient address(es) of the (re-encrypted or plain) resent e-mail. Overrides the recipient(s) listed in the configuration file. As with the tt(--members) option, multiple recipients may be specified by providing multiple tt(--recipient) options. These addresses may or may not be unique. If multiple identical addresses are specified gpg-remailer will send e-mail to each of these multiply specified addresses. Each tt(--recipient) option should normally only define one plain e-mail address (e.g., tt(recipient@domain.iso), but multiple tt(--recipient) options are also accepted. The format of the e-mail addresses is not checked by bf(gpg-remailer), but providing any information in addition to or differing from a plain e-mail address may result in bf(gpg-remailer) being unable to re-encrypt or resend e-mail messages. In addition to plain e-mail addresses, the specification tt(--recipient members) can be used to indicate that the re-encrypted mail must be sent to all e-mail addresses specified using tt(member) specifications. it() laoption(step)(name)nl() Perform the indicated step of the remailing process. Step names are:nl() tt(hdrs) (write the mail headers),nl() tt(org) (write the mail data),nl() tt(dec) (only for PGP encrypted e-mail: write the decrypted info),nl() tt(doc) (only for PGP encrypted e-mail: create the info to send),nl() tt(enc) (only for PGP encrypted e-mail: encrypt the info to send),nl() tt(clearmail) (send clear-text mail),nl() tt(clearmail:address) (send mail only to the provided address, ignore recipient(s) specified otherwise). tt(pgpmail) (send pgp-encrypted mail),nl() tt(pgpmail:address) (send pgp-encrypted mail only to the provided address, ignore recipient(s) specified otherwise).nl() Step tt(hdrs) is completely optional. Later steps depend on earlier steps. E.g., tt(--step doc) can only be requested after having specified tt(--step dec) in a previous run. With clear-text e-mail steps tt(dec, doc, enc) and tt(pgpmail) should not be provided. With PGP encrypted mail step tt(clearmail) should not be provided. it() lsoption(tmp)(t)(path) nl() The path of the directory where the temporary files are written (by default: tt($HOME/tmp)). This should be an absolute path. it() laoption(umask)(octalValue)nl() By default, gpg-remailer uses umask 077 for all files it creates: only the pseudo-user has read and write permissions. In normal circumstances there should be no reason for changing this umask value, but if necessary the tt(--umask) option can be used, providing an octal value, to specify an alternative umask value. it() loption(version) (soption(v))nl() Gpg-remailer's version number is is written to the standard output stream after which gpg-remailer terminates. ) manpagesection(CONFGURATION FILE) The default configuration file is tt(~/etc/gpg-remailer.rc) under the pseudo user's home directory. Its path may be altered using a program option. Empty lines are ignored. Information at and beyond tt(#)-characters is interpreted as comment and is ignored as well. All directives in the configuration file obey the pattern verb( directive: value ) A line may at most contain one directive, but white space (including comment at the end of the line) is OK. Several directives may be specified multiple times; otherwise the first occurrence of a directive is used. All directives are interpreted em(case insensitively), but their values are used as specified. E.g., tt(DeBUG: true) is as good as tt(debug: true), but tt(debug: TRUE) is not recognized. Non-empty lines not starting with a recognized directive are silently ignored. The following directives are supported (default values are shown between parentheses; when none is specified there is no default). When equivalent command line options are used then they overrule the configuration file specifications. itemization( it() bf(debug:) tt(logic) (false)nl() When tt(logic) is specified as tt(true) debug messages will be logged to the log-file (see below). Command line options: tt(--debug, -d). When this option is specified the files written by gpg-remailer will not be removed when gpg-remailer terminates. it() bf(clear-text:) tt(specification) (rejected)nl() By default, the gpg-remailer does not accept clear-text e-mail. This can explicitly be indicated in the configuration file using the tt(clear-text: rejected) specification. If clear-text e-mail should be allowed specify tt(clear-text: accepted) It is also possible to specify the envelope addresses that are accepted for received clear-text e-mail. If this is required, specify tt(clear-text: envelope) and define the accepted envelope e-mail addresses using the tt(envelope:) configuration option. it() bf(envelope:) tt(e-mail address) nl() The tt(envelope) specifications are only interpreted when tt(clear-text: envelope) has been specified. When tt(clear-text: envelope) was specified only clear-text e-mail using one of the configured tt(envelope) addresses will be re-mailed to the configured recipients. The special envelope specification tt(envelope: members) may be used to indicate that envelope addresses which are equal to the addresses specified using tt(member) specifications are all accepted. All envelope addresses are interpreted case-insensitively. By default (if no tt(envelope) specification has been provided) all envelope addresses are accepted, in which case the specification tt(clear-text: envelope) reduces to tt(clear-text: accepted). it() bf(keepFiles:) tt(nr) nl() When a number is specified all files written by gpg-remailer use the specified number and are not removed when gpg-remailer terminates. When this option is not specified the files receive a random numeric extension resulting in the creation of new, as yet non-existing tt(*.) files. it() bf(logfile:) tt(filename) (etc/gpg-remailer.log)nl() The file on which gpg-remailer's log messages are written. it() bf(loglevel:) tt(value) (2)nl() LogLevel 0 provides extensive debug output as well as all other logmessages;nl() LogLevel 1 logs the executed commands and the default messages;nl() LogLevel 2 logs the default messages (characteristics of incoming and outgoing e-mail);nl() With higher levels logging is suppressed. it() bf(member:) tt(address) nl() Multiple members may be specified. Each tt(member) specification specifies a PGP-key e-mail address to re-encrypt the message for. The addresses should be plain e-mail addresses (e.g., tt(member@domain.iso)), and should not contain other elements (like the name of the person using the address). This format is not checked by bf(gpg-remailer), but a failure to comply may result in bf(gpg-remailer) being unable to re-encrypt or e-mail messages. The tt(member) specifications can also be used to specify a set of e-mail envelope addresses from where clear-text e-mail is accepted, using the tt(envelope: members) and tt(clear-text: envelope) specifications. it() bf(noMail:) tt(logic) (false)nl() When specified as tt(true) no mail is sent. it() bf(recipient:) tt(e-mail address) nl() The recipient address(es) of the (re-encrypted or plain) resent e-mail. Multiple recipients may be specified. These addresses may or may not be unique. If multiple identical addresses are specified gpg-remailer will send e-mail to each of these multiply specified addresses. Recipients should be specified using plain e-mail addresses (e.g., tt(destination@some.host.org)). The re-encrypted mail is sent to each recipient in turn. The specification tt(recipient: members) can be used to indicate that the re-encrypted mail must be sent to all e-mail addresses specified using tt(member) specifications. it() bf(replyTo:) tt(full address) nl() The reply to address may be any e-mail reply-to address. The reply-to becomes the default reply address for the recipient receiving gpg-remailer's e-mail message. Quotes and double quotes are removed from the reply to address. A reply-to specification could be, e.g., verb( SECMAIL signed AND encrypted ) This specification should be according to the requirements defined in RFC 822: em(Standard for ARPA Internet Text Messages). Failing to comply with RFC 822 may result in the e-mail sending program rejecting the e-mail that is submitted by the gpg-remailer. it() bf(signature:) tt(requirement) (required)nl() This option is used to control signature checking. Recognized values are:nl() tt(none) (or not specified): no signature checking is performed;nl() tt(required): a PGP signature must have been provided;nl() tt(good): the PGP signature must be recognized as a a `good signature'. it() bf(tmp) tt(directory) (tmp/)nl() The directory into which gpg-remailer writes its temporary files. ) ) manpagesection(FORMATS) Although using PGP/GPG in e-mail is established technology, various formats of the e-mail are possible. Currently gpg-remailer recognizes the following formats: itemization( it() Simple encrypted messages, consisting of an encrypted e-mail body; it() Multi-part encrypted messages; it() Encrypted messages containing detached signatures. ) Below a description is given of the actual contents of PGP encrypted en decrypted files. All PGP encrypted e-mail shows the following headers (the boundary values will differ over different e-mail messages): verb( Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="+QahgC5+KEYLbs62" Content-Disposition: inline ) All PGP encrypted e-mail shows the following organization (the lines are used to separate the e-mail organization from the text of this man-page and are not actually present in the e-mail or in the decrypted information; empty lines, where shown, are required): verb( ---------------------------------------------------------------------- mail headers --+QahgC5+KEYLbs62 Content-Type: application/pgp-encrypted Content-Disposition: attachment Version: 1 --+QahgC5+KEYLbs62 Content-Type: application/octet-stream Content-Disposition: inline; filename="msg.asc" -----BEGIN PGP MESSAGE----- ... -----END PGP MESSAGE----- --+QahgC5+KEYLbs62-- ---------------------------------------------------------------------- ) Note that boundaries consist of itemization( it() a new line character it() two dashes followed by the boundary text it() the last boundary is followed by two dashes it() a new line character ) The various PGP encrypted e-mail formats differ in the way they organize the decrypted information. bf(Simple Encrypted Messages.) During decryption the signature is verified, and the result of the verification is written to the standard error stream. The decrypted message itself contains but one message, organized as follows: verb( ---------------------------------------------------------------------- Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable decrypted text of the message ---------------------------------------------------------------------- ) bf(Multi-part Encrypted Messages.) During decryption the signature is verified, and the result of the verification is written to the standard error stream. The decrypted message itself contains multiple messages, organized as follows: verb( ---------------------------------------------------------------------- Content-Type: multipart/mixed; boundary="f+W+jCU1fRNres8c" Content-Disposition: inline --f+W+jCU1fRNres8c Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Text of the first attachment --f+W+jCU1fRNres8c Content-Type: application/pdf Content-Disposition: attachment; filename="attachment.pdf" Content-Transfer-Encoding: base64 text of the attachment.pdf in base64 encoding --f+W+jCU1fRNres8c-- ---------------------------------------------------------------------- ) Multiple attachments might follow in the same way. bf(Encrypted Messages Containing Detached Signatures.) During decryption the signature is em(not) verified (but the recipient(s) is (are) shown) and the decrypted file is organized as follows: verb( ---------------------------------------------------------------------- Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-TNwuMvq+TfajHhvqBuO7" --=-TNwuMvq+TfajHhvqBuO7 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Text of the message --=-TNwuMvq+TfajHhvqBuO7 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- ... signature text -----END PGP SIGNATURE----- --=-TNwuMvq+TfajHhvqBuO7-- ---------------------------------------------------------------------- ) The last part represents the detached signature, The contents section must be separated from the decrypted file (named, e.g., tt(decrypted)) (creating, e.g., the file tt(contents)). That latter file's signature may then be verified using the command verb( gpg --verify decrypted contents ) resulting in the signature verification written to the standard error (as usual). The contents start immediately following the first boundary, and continues up to, but not including, the new line just before the next boundary. ) COMMENT( manpagesection(EXAMPLES) To do END) manpagefiles() Default locations are shown. Configuration options may change these locations. itemization( it() tt(/etc/mail/aliases): defines the mail accounts used by gpg-remailer. it() tt(etc/gpg-remailer.rc): gpg-remailer's configuration file. it() tt(/etc/sudoers): defines actions executed by the MTA. it() tt(tmp/decrypted.): the decrypted original text. it() tt(tmp/err.): a file containing errors generated when processing the original text. The tt(tmp/signature.) may contain gog-decryption errors. it() tt(tmp/hdrs.): the headers of the received e-mail. it() tt(tmp/mail.): the mail sent to the recipient(s). it() tt(tmp/org.): a copy of the received e-mail. When random file numbers are used a tt(org.) file will not overwrite an existing tt(org.*) file. it() tt(tmp/reencrypt.): the (as yet unencrypted) file to return to the the recipient(s). it() tt(tmp/reencrypted.): the reencrypted file to return to the the recipient(s). it() tt(tmp/signature.): the signature found in the original text. ) manpageseealso() bf(addgroup)(1), bf(adduser)(1), bf(chmod)(1), bf(chown)(1), bf(gpg)(1), bf(sudo)(1), bf(umask)(1), manpagebugs() None reported manpageauthor() Frank B. Brokken (f.b.brokken@rug.nl). gpg-remailer-3.01.03/documentation/remailerScript.orig0000755000175000017500000003052512605005143021741 0ustar frankfrank#!/bin/sh # Version 2.31 # This script may be called with an argument, in which case it is requested to # check a detached signature. # For debugging purposes: Enter an initial -d for debugging as first # argument, then call remailer as # su pseudouser -c "/usr/local/bin/remailer process-nr" < mail-file # files in the pseudouser's tmp directory will start with the provided # process-id # if the argument following -d equals -H a local head file in the current # working directory is expected, and no change of directory is performed # Set to 0 to keep files in the tmp subdir, set to 1 to remove on # on successful completion REMOVE_TMP_FILES=1 HEAD=/usr/local/lib/remailer/head if [ "$1" != "-d" ] then ID=$$ else DEBUG=yes ID=$2 shift 2 fi if [ "$1" == "-H" ] then H_OPTION=$1 HEAD=head shift fi # 0. Preliminaries: # - Create a group remailer, and store this script in # /usr/local/bin, root.remailer, chmod 0750 # - Make sure `sudo' (or comparable software) is available # # 1. Define an entry for pseudo (the pseudo user) in the mail aliases # /etc/mail/aliases: # pseudo: "|sudo -u pseudo /usr/local/bin/remailer" # and rerun `newaliases' # # Add an entry allowing `mail' to call the remailer to /etc/sudoers: # mail host.domain.xx=(pseudo) NOPASSWD: /usr/local/bin/remailer # (host.domain.xx is the name of the host on which the remailer is # installed. `ALL' instead of `host.domain.xx' may also be # specified) # # Having thus set-up the `pseudo' user, /usr/local/bin/bin/remailer (this # script) will be activated for `pseudo' when called by `mail', using the id # `pseudo', group `remailer'. Now we're ready to send mail to `pseudo', # which is then handled by this script. # # 2. Create a pseudo account for the `pseudo' user. E.g., # adduser --home /var/lib/pseudo --shell /usr/bin/tcsh # --ingroup remailer --disabled-password pseudo # Chmod the account to 0700 # Make sure the account does not expire: # /etc/shadow: # pseudo:!:12797:0:99999:7::: # ^^^^^ # Change identity to the pseudo user. # Define gpg keys for the pseudo user: # gpg --gen-key # - decrypting key without password # - define default DSA key, size 1024, never to expire # - real name: `Pseudo' remailer # - email address: pseudo@host.name (this is the address # from where mail is sent by the remailer) # - no passphrase required: press 2 x enter. # - edit this gpg key, and add a subkey, EIGamal for encryption only # (addkey) # - Use --search-keys or --recv-keys or --import to provide the pseudo # user's public key ring with the group member's public keys, and # add the names or key-ids to the `members' definition in # ~/gnupg/gpg.conf # - Add an element like the following to gpg.conf: # force-mdc # to prevent the `WARNING: message was not integrity protected' # warning. # - Add an element like the following to gpg.conf: # keyserver wwwkeys.eu.pgp.net # (maybe not: there may be no need for the remailer to access # a keyserver. A maintainer should be the agent # monitoring the keys of the pseudo-user # - create a tmp/ directory under this account # - Create a directory etc/ under this account and store in here the # following two files: # remailer.rc # This file may contain standard shell-comment and # empty lines, but must contain the following lines: # remailTo="address(es)" to where the reencrypted mail # will be sent. This may be the address of # (e.g.) a mailing list or the plain word # `members' in which case all members listed # in the file members (see below) will # receive the mail. The double quotes are # required when multiple addresses are used. # Use a blank to separate multiple addresses. # Also, a form like the following can be used # (without the #-chars at the begin of the # lines, of course): # remailTo="\ # first@address1\ # second@address2\ # " # replyTo="name
" # The name and address to appear in the # Reply-To header # acceptFrom=patternFile # This entry is optional. If specified it contains regular # expressions (1 per line) of all from-addresses who are # allowed to send signed and encrypted mail to the # remailer. The members are by default allowed. To allow # everybody to send e-mail (encrypted and signed) specify .* # Note that keyserver must probably be specified when public # keys of senders should be retrievable from a pgp # keyserver. # members # This file may contain standard shell-comment and empty # lines but must contain the addresses of the members for # whom the received mail will be encrypted. Addresses must # be separated by white space (blanks, tabs, newlines). The # e-mail addresses must be the addresses mentioned in the # public keyring of the pseudo user. # 3. Optionally give ultimate trust to a member who has signed all other # member's keys, as this will prevent warnings the use of `--trust-model # always' # # 4. Export the public key, members should import the pseudo user's public # key and sign it. # (gpg --armor --export pseudo > pseudo.pub) # (gpg --import pseudo.pub) # # Adding new members involves: # 1. obtain their public key # 2. insert it to the pseudo user's public keyring # 3. add their name or id to the `members' definition in # ~/etc/members # 4. provide the new user with the new key # # Removing members involves: # 1. remove their name or id from the `members' definition in # ~/etc/members # 2. optionally remove their public key # 3. optionally, distribute a new subkey, and invalidate the current # subkey # # Questions, remarks to Frank. # If provided: non-option $1 is the name of the file containing the # detached sig, and the script should read $1 from stdin as well. pseudouser=`/usr/bin/id -nu` # common arguments for all gpg calls. Call gpg as $gpg gpg="gpg --homedir /var/lib/$pseudouser/.gnupg" [ "$DEBUG" != "yes" ] && gpg="$gpg --quiet --batch" GOODSIGNATURE="gpg: Good signature from" checkSig() { while : # skip until the first boundary do read LINE || break echo "$LINE" | grep "$BOUND" > /dev/null && break done while : # save all lines, up to, but excluding do # the line just before the next boundary read LAST || break echo "$LAST" | grep "$BOUND" > /dev/null && break ALL="${ALL}${PREV}" PREV="$LAST " done echo -n "$ALL" > /tmp/message # check for the signature echo -n "$ALL" | $gpg --verify $1 - 2>&1 | grep "$GOODSIGNATURE" >/dev/null return $? } detachedSignature() { while : do read LINE || break # find the boundary echo $LINE | grep 'boundary="[^"]\+"' > /dev/null if [ "$?" == "0" ] then # keep it in BOUND BOUND=`echo $LINE | sed 's/[[:space:]]*boundary="\([^"]\+\)".*/\1/'` checkSig $1 # check the signature return $? fi done return 1 } if [ $# != 0 ] then detachedSignature $1 exit $? fi [ "$DEBUG" == "yes" ] && echo "Pseudouser: $pseudouser" >> /tmp/remailer # this script is /usr/local/bin/remailer. # .gnupg/ contains the configuration and keyrings for GPG # tmp/ is used for temporary file processing. # etc/ contains configuration files # the account /var/lib/pseudo was chmod-ed 700. failed() { echo "Failed `date`: $*" >> tmp/${ID}.log exit 0 } # We're at the root directory, not at the home dir. home/HOME is not # available # go to the psuedo user's home directory [ "$H_OPTION" != "" ] || cd /var/lib/$pseudouser || failed cd /var/lib/$pseudouser [ "$DEBUG" == "yes" ] && ls >> /tmp/remailer # check the existence of the relevant files [ -e etc/members -a -e etc/remailer.rc ] || failed missing etc/members and/or /etc/remailer.rc # source the configuration file . etc/remailer.rc # determine all members, store them as a single line. members=`grep -v '^[[:space:]]*\(#.*\)*$' etc/members | tr '\n' ' '` echo " Remail To: $remailTo Reply-To: $replyTo Members list: \"$members\" " > tmp/${ID}.members # save the received mail on a file if [ "$DEBUG" == "yes" ] then cp tmp/${ID}.members tmp/${ID}.debug fi /usr/local/bin/remailerunhex > tmp/${ID}.org || failed no original message # determine the subject of the mail, removing double quotes # to prevent nested double quotes in the eventually sent subject. SUBJECT=`grep Subject: tmp/${ID}.org | sed 's/Subject: //' | tr '"' "'"` # decrypt the mail if [ "$H_OPTION" != "" ] then gpg --decrypt tmp/${ID}.decrypted 2>tmp/${ID}.signature || failed decrypting to .decrypted and .signature else $gpg --decrypt tmp/${ID}.decrypted 2>tmp/${ID}.signature || failed decrypting to .decrypted and .signature fi # # verify the signature # # grep "$GOODSIGNATURE" tmp/${ID}.signature > tmp/${ID}.debug # if [ "$?" != "0" ] # signature not yet verified # then # $0 $H_OPTION tmp/${ID}.decrypted < tmp/${ID}.decrypted # fi # [ "$?" == "0" ] || failed signature $? not verifiable # re-encrypt the mail if [ "$H_OPTION" != "" ] then (echo ""; echo ""; cat tmp/${ID}.signature tmp/${ID}.decrypted) | gpg --trust-model always --armor --encrypt --sign \ --group ads="$members" -r ads \ > tmp/${ID}.encrypted 2>tmp/${ID}.reencrypt || failed reencrypting to members else (echo ""; echo ""; cat tmp/${ID}.signature tmp/${ID}.decrypted) | $gpg --trust-model always --armor --encrypt --sign \ --group ads="$members" -r ads \ > tmp/${ID}.encrypted 2>tmp/${ID}.reencrypt || failed reencrypting to members fi # next make sure the proper content type headers etc. are added boundary=`date | md5sum | cut -f1 -d' '` sed 's/@/'$boundary'/' < $HEAD \ > tmp/${ID}.mail || failed generating the boundary cat tmp/${ID}.encrypted >> tmp/${ID}.mail || failed constructing the e-mail if [ "$DEBUG" == "yes" ] ; then echo "Recipients: $remailTo" >> tmp/${ID}.remailer echo "Mail in tmp/${ID}.mail" >> tmp/${ID}.remailer echo Debug completed see tmp/${ID}.remailer exit 0 fi # finally send the mail for sendTo in `echo $remailTo` do mail -s "$SUBJECT" -a \ "Reply-To: $replyTo"\ -a 'Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="'$boundary'"' \ $sendTo < tmp/${ID}.mail || failed mailing the re-encrypted e-mail done echo "Completed `date`: $*" >> tmp/${ID}.log [ "$REMOVE_TMP_FILES" == "1" -a "$DEBUG" != "yes" ] && rm -f tmp/${ID}.* exit 0 gpg-remailer-3.01.03/enums/0000755000175000017500000000000012605005143014340 5ustar frankfrankgpg-remailer-3.01.03/enums/enums.h0000644000175000017500000000055112605005143015641 0ustar frankfrank#ifndef INCLUDED_ENUMS_ #define INCLUDED_ENUMS_ struct Enums { enum LOGLEVELS { LOGDEBUG, LOGCOMMANDS, LOGDEFAULT }; enum MailType { UNKNOWN, // at step-processing CLEAR, ENCRYPTED }; enum ClearText { ACCEPTED, REJECTED }; }; #endif gpg-remailer-3.01.03/extensiveexample.txt0000644000175000017500000003536212635266031017361 0ustar frankfrankWhat follows is an extensive example of how to install and setup the gpg-remailer. It is assumed that you've installed the gpg-remailer program, and that it's available as /usr/bin/gpg-remailer. Define the remailer's account: ============================== 1. The gpg-remailer will receive mail sent at remailer@suffix.rc.rug.nl The remailer needs an account: for that the user 'remailer' is defined. E.g., -------------------------------------------------------------------------- adduser --home /var/lib/remailer --disabled-password --disabled-login remailer Adding user `remailer' ... Adding new group `remailer' (1011) ... Adding new user `remailer' (1006) with group `remailer' ... Creating home directory `/var/lib/remailer' ... Copying files from `/etc/skel' ... Changing the user information for remailer Enter the new value, or press ENTER for the default Full Name []: Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [Y/n] y -------------------------------------------------------------------------- 2. Make sure that access to /var/lib/remailer is denied except to remailer itself: chmod -R og-rwx remailer 3. Change to user 'remailer'. As root, do: su - remailer and then, as the user 'remailer' do: mkdir etc tmp 4. Enter 'exit' to return to the 'root' account. Define and test mail sent to the remailer: ========================================== 1. Set up a mail account for the remailer in /etc/mail/aliases (/etc/aliases in some installations): add this line to /etc/mail/aliases: remailer: /tmp/remailer After running `newaliases' mail sent to remailer@suffix.rc.rug.nl appears in (is appended to) the file /tmp/remailer. Looking at the owner/group specification of /tmp/remailer we find the name that's used by the mail program. My sendmail program uses 'mail', but other names may also be encountered, like 'nobody': ls -l /tmp/remailer: -rw-r----- 1 mail mail 2566 Dec 17 12:03 /tmp/remailer 2. Remove /tmp/remailer, and create the following script, name it /usr/local/bin/id.sh: #/bin/bash id > /tmp/remailer 3. Do 'chmod +x /usr/local/bin/id.sh 4. To check processing of mail sent to 'remailer' add this line to the sudoers file (e.g., call 'sudoedit /etc/sudoers.d/specs') mail ALL = (remailer) NOPASSWD: /usr/local/bin/id.sh 5. Change the 'remailer: ...' line in /etc/mail/aliases into remailer: "|sudo -u remailer /usr/local/bin/id.sh" and run 'newaliases'. 6. Once again send mail to remailer, and /tmp/remailer should contain something like: uid=1006(remailer) gid=1011(remailer) groups=1011(remailer) 7. Once 6. succeeds, do 'rm /usr/local/bin/id.sh' as you don't need it anymore. 8. Setup the mail account so that mail is sent to the remailer: Change the 'remailer: ...' line in /etc/mail/aliases into remailer: "|sudo -u remailer /usr/bin/gpg-remailer and run 'newaliases'. 9. Change the previously mentioned line in the sudoers file (e.g., call 'sudoedit /etc/sudoers.d/specs') into: mail ALL = (remailer) NOPASSWD: /usr/bin/gpg-remailer Define an initial configuration file for the user remailer: =========================================================== 1. Create the file /var/lib/remailer/etc/gpg-remailer.rc containing: -------------------------------------------------------------------------- clear-text: accepted noMail: true replyTo: provide a reply-to address here recipient: destination-address-here member: some-member-address-here signature: none -------------------------------------------------------------------------- This allows you to test the reception and basic handling of of e-mail by the gpg-remailer. At this point the recipient and member addresses are irrelevant. 2. Once again send an e-mail to the remailer address. Now the file /var/lib/remailer/etc/remailer.log is creating showing something like: -------------------------------------------------------------------------- Dec 17 15:06:58 Clear-text mail Dec 17 15:06:58 Removing all temporary files -------------------------------------------------------------------------- 3. Now fill in a real e-mail address for the recipient in /var/lib/remailer/etc/gpg-remailer.rc (i.e., an e-mail address that can be reached from the computer on which the remailer mail account has been defined) and remove the 'noMail: true' line. E.g., I could do: -------------------------------------------------------------------------- clear-text: accepted replyTo: provide a reply-to address here recipient: f.b.brokken@rug.nl member: some-member-address-here signature: none -------------------------------------------------------------------------- 4. Once again send an e-mail to the remailer which must then be arriving at the "recipient's" address E.g., after sending (omitting not relevant headers): -------------------------------------------------------------------------- From f.b.brokken@rug.nl Thu Dec 17 11:59:06 2015 Date: Thu, 17 Dec 2015 11:59:06 +0100 From: "Frank B. Brokken" To: remailer Subject: hello world Reply-To: f.b.brokken@rug.nl hi -- Frank B. Brokken -------------------------------------------------------------------------- I received (omitting not relevant headers): -------------------------------------------------------------------------- Date: Thu, 17 Dec 2015 15:11:19 +0100 From: remailer@rug.nl To: f.b.brokken@rug.nl Subject: Subject: hello world hi -- Frank B. Brokken -------------------------------------------------------------------------- Encrypted mail ============== 1. To handle encrypted mail, the remailer needs a PGP key. To create this key first, as root, issue the command: su - remailer to change to the remailer's ID. 2. Next, as the user 'remailer' generate its GPG keypair by issuing: gpg --gen-key All default answers can normally be accepted. As e-mail address, specify 'remailer@fqdn, where `fqdn' is the fully qualified domain name of the host where the 'remailer' mail account has been defined (see the next example). The interaction at this point looks like this (be sure to specify your own fqdn, and not example.rug.nl, which is used as example: -------------------------------------------------------------------------- Real name: Remailer for encrypted and plain e-mail Email address: remailer@example.rug.nl Comment: You selected this USER-ID: "Remailer for encrypted and plain e-mail " Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o You need a Passphrase to protect your secret key. -------------------------------------------------------------------------- Next press the enter key twice, so that no passphrase is required. GPG then issues a warning: -------------------------------------------------------------------------- You don't want a passphrase - this is probably a *bad* idea! I will do it anyway. You can change your passphrase at any time, using this program with the option "--edit-key". -------------------------------------------------------------------------- The warning is ignored: as long as the computer running the remailer is well-protected (i.e., only used by a member of the certteam) using a non-password protected key is defensible. Now they key is being generated, eventually resulting in a message like this: -------------------------------------------------------------------------- pub 2048R/4EFA600E 2015-12-19 Key fingerprint = 9EA5 220B 42AF 6912 9B0D 7304 D684 9112 4EFA 600E uid Remailer for encrypted and plain e-mail sub 2048R/48FCCFD0 2015-12-19 -------------------------------------------------------------------------- 2. The public key is now uploaded to a key server, or could otherwise be distributed over the members of the cert team. To upload, use gpg --send-keys remailer To extract the remailer's key to file, use: gpg --export --armor remailer > ~/etc/pubkey.txt 3. All the users of the cert-team have their own PGP keys (if not: generate them as just shown). 4. Make the PGP keys of the members of the cert-team available to the user 'remailer' (e.g., copy them to the computer where the remailer account has been installed) Then, assuming a public key is made available as /tmp/pubkey.txt, do, still as user 'remailer': gpg --import /tmp/pubkey This results in output similar to this: -------------------------------------------------------------------------- gpg: key EAE4D8AA: public key "Frank B. Brokken " imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u -------------------------------------------------------------------------- 5. To avoid warnings about untrusted keys, the remailer can sign each newly added key by doing (use the actual key IDs, not the one shown in the next example): gpg --edit-key EAE4D8AA then, interactively, give the commands: sign save 4. Distribute the public PGP key of the remailer over the members of the cert-team. Assuming a public key is made available as /tmp/pubkey.txt, and has key ID 4EFA600E (see point 1, this section), each member should do: gpg --edit-key 4EFA600E then, interactively, they should give the commands: sign save Handling encrypted and signed e-mail: ===================================== 1. As the user 'remailer' edit the file etc/gpg-remailer.rc to contain: -------------------------------------------------------------------------- clear-text: accepted # noMail: true Or completely remove this line replyTo: Sec team mail, signed and optionally encrypted # We use this for testing only: enter the mail address matching the account # that you provided with the remailer's public key recipient: your mail address (e.g., I used: f.b.brokken@rug.nl here) member: your mail address (e.g., I used: f.b.brokken@rug.nl here) signature: required -------------------------------------------------------------------------- 2. Now send an encrypted and signed message to the remailer. E.g., I sent this signed and encrypted e-mail: -------------------------------------------------------------------------- Date: Sat, 19 Dec 2015 14:56:29 +0100 From: "Frank B. Brokken" To: remailer Subject: hello world [-- PGP output follows (current time: Sat Dec 19 15:07:19 2015) --] gpg: Signature made Sat Dec 19 14:56:29 2015 CET using RSA key ID EAE4D8AA gpg: Good signature from "Frank B. Brokken " [-- End of PGP output --] [-- The following data is PGP/MIME encrypted --] signed and encrypted -- Frank B. Brokken -------------------------------------------------------------------------- [-- End of PGP/MIME encrypted data --] And I received in return: -------------------------------------------------------------------------- Date: Sat, 19 Dec 2015 15:02:27 +0100 From: remailer@rug.nl To: f.b.brokken@rug.nl Subject: Subject: hello world [-- PGP output follows (current time: Sat Dec 19 15:06:04 2015) --] gpg: Signature made Sat Dec 19 15:02:27 2015 CET using RSA key ID 4EFA600E gpg: Good signature from "Remailer for encrypted and plain e-mail " [-- End of PGP output --] [-- The following data is PGP/MIME encrypted --] gpg: encrypted with 2048-bit RSA key, ID 6F42985B, created 2009-05-23 "Frank B. Brokken " gpg: encrypted with 2048-bit RSA key, ID 48FCCFD0, created 2015-12-19 "Remailer for encrypted and plain e-mail " gpg: Signature made Sat Dec 19 14:56:29 2015 CET using RSA key ID EAE4D8AA gpg: checking the trustdb gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 1 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: depth: 1 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 1f, 0u gpg: Good signature from "Frank B. Brokken " signed and encrypted -- Frank B. Brokken [-- End of PGP/MIME encrypted data --] -------------------------------------------------------------------------- When multiple recipients had been defined, each recipient would have received this e-mail, showing: 1. The e-mail was received from the remailer: signed by the remailer, so as a recipient you're confident that it isn't a fake-mail 2. The verification of the original sender by showing gpg's signature verification output of the mail received by the remailer 3. The original text (and possibly attachments, if used). 3. In this case, the following is appended to the remailer.log file: -------------------------------------------------------------------------- Dec 19 15:28:23 GPG encrypted mail (Subject: hello world) sent to f.b.brokken@rug.nl Dec 19 15:28:23 Removing all temporary files -------------------------------------------------------------------------- Using a mailing list ==================== 1. Using a mailing list isn't strictly necessary, but a mailing list comes in handy because with it comes the software to send mail to a group of e-mail addresses. 2. The following communication protocol will be used: a. One of the group members sends an e-mail (possibly signed and encrypted) to the 'remailer' e-mail address b. The gpg-remailer decrypts and re-encrypts the mail for the addresses mentioned with the 'member:' entries in gpg-remailer.rc. c. The gpg-remailer's recipient is specified as the mailing list's e-mail address (which could be on any computer accepting e-mail from the computer running the gpg-remailer d. The gpg-remailer sends the re-encrypted e-mail to the mailing list e. The mailing list distributes the re-encrypted mail over its members f. Each member receives an e-mail, encrypted with the member's public key, so each member is able to decrypt and read the received e-mail. 3. Using this protocol the gpg-remailer.rc file is modified like this: -------------------------------------------------------------------------- clear-text: accepted replyTo: Sec team mail, signed and optionally encrypted recipient: address of the mailing list member: cert-team member 1's mailing address member: cert-team member 2's mailing address member: cert-team member 3's mailing address member: cert-team member 4's mailing address signature: required -------------------------------------------------------------------------- gpg-remailer-3.01.03/gpg/0000755000175000017500000000000012635513212013772 5ustar frankfrankgpg-remailer-3.01.03/gpg/run.cc0000644000175000017500000000173012605005143015102 0ustar frankfrank#include "gpg.ih" namespace { void collector(char const *out, streambuf *buffer) { ofstream outStream; Exception::open(outStream, out); outStream << buffer << flush; } } void GPG::run(string command, string const &in, string const &out, string const &err) { command = "/usr/bin/gpg " + d_options + " --homedir " + d_homedir + ".gnupg " + command; d_log << level(LOGCOMMANDS) << command << " < " << in << " > " << out << " 2> " << err << '\n'; Process gpg(Process::CIN | Process::COUT | Process::CERR, command); ifstream inStream; Exception::open(inStream, in); gpg.start(); thread outThread(collector, out.c_str(), gpg.childOutStream().rdbuf()); thread errThread(collector, err.c_str(), gpg.childErrStream().rdbuf()); gpg << inStream.rdbuf() << eoi; outThread.join(); errThread.join(); } gpg-remailer-3.01.03/gpg/gpg1.cc0000644000175000017500000000021412605005143015130 0ustar frankfrank#include "gpg.ih" GPG::GPG(Log &log, string const &homedir) : d_log(log), d_homedir(homedir), d_options("--quiet --batch") {} gpg-remailer-3.01.03/gpg/decrypt.cc0000644000175000017500000000020612605005143015745 0ustar frankfrank#include "gpg.ih" void GPG::decrypt(string const &in, string const &out, string const &err) { run("--decrypt ", in, out, err); } gpg-remailer-3.01.03/gpg/encrypt.cc0000644000175000017500000000046312605005143015764 0ustar frankfrank#include "gpg.ih" void GPG::encrypt(string const &recipients, string const &in, string const &out, string const &err) { run( R"(--trust-model always --armor --group members=")" + recipients + R"(" -r members --encrypt --sign)", in, out, err ); } gpg-remailer-3.01.03/gpg/gpg.h0000644000175000017500000000173112605005143014716 0ustar frankfrank#ifndef INCLUDED_GPG_ #define INCLUDED_GPG_ #include #include "../enums/enums.h" namespace FBB { class Log; }; class GPG: private Enums { FBB::Log &d_log; std::string d_homedir; std::string d_options; public: GPG(FBB::Log &log, std::string const &homedir); void debug(); void decrypt(std::string const &in, std::string const &out, std::string const &err); void verify(std::string const &detachedSig, std::string const &signedMessage, std::string const &signatureOutput); void encrypt(std::string const &recipients, std::string const &in, std::string const &out, std::string const &err); private: void run(std::string command, std::string const &in, std::string const &out, std::string const &err); }; inline void GPG::debug() { d_options.clear(); } #endif gpg-remailer-3.01.03/gpg/verify.cc0000644000175000017500000000036112605005143015601 0ustar frankfrank#include "gpg.ih" void GPG::verify(string const &detachedSig, string const &signedMessage, string const &signatureOutput) { run("--verify " + detachedSig + " " + signedMessage, "", "", signedMessage ); } gpg-remailer-3.01.03/gpg/gpg.ih0000644000175000017500000000033512605005143015066 0ustar frankfrank#include "gpg.h" #include #include #include #include #include #include #include using namespace std; using namespace FBB; gpg-remailer-3.01.03/gpg-remailer.rc0000644000175000017500000000361612605005143016120 0ustar frankfrank# All keywords are interpreted case insensitively # logfile: name of the logfile (absolute or relative to $HOME) # logfile: etc/remailer.log # loglevel: 0: debug, 1: commands, 2: default # loglevel: 2 # debug: true has the same effect as the --debug or -d flag # debug: false # noMail: if true no mail is sent (same effect as the --no-mail flag) # noMail: true # keepfiles keeps the files, and requires sufix nr of files to write keepfiles: 1 # tmp: location tmp dir (absolute or relative to $HOME) #tmp: tmp # The Reply-To header (one line, no (double) quotes) #replyTo: Fill in your reply-to replyTo: Frank # reencrypt to which address(es)? (multiple members OK) member: user1@mailhost.org member: user2@mailhost.org # clear-text mail is not handled. #clear-text: rejected # any clear-text is accepted clear-text: accepted # clear-text is accepted from configured envelope addresses #clear-text: envelope # multiple envelope addresses may be specified: addresses from where # clear-text e-mail is accepted if 'clear-text: envelope' was specified # accept all member addresses as envelope addresses # envelope: members # to accept clear-text email from address@domain: # envelope: address@domain # signature setting ignored for clear-text mail # signature specs may be: absent: none required, # required: the encrypted file must have been signed # good: the signature must have been recognized as # good # signature: good signature: required # Where will the reencrypted mail be sent to (multiple recipients OK)? # # all members receive the reencrypted mail # recipient: members # # add a specific recipient # recipient: frank@localhost # # send the reencrypted mail to some mailing list # recipient: mailing.list@somehost.org gpg-remailer-3.01.03/gpg-remailer.xref0000644000175000017500000005546712635512165016505 0ustar frankfrankoxref by Frank B. Brokken (f.b.brokken@rug.nl) oxref V1.00.03 2012-2015 CREATED Sun, 20 Dec 2015 11:43:49 +0000 CROSS REFERENCE FOR: -fxs tmp/libmodules.a ---------------------------------------------------------------------- checkMembers(std::vector, std::allocator >, std::allocator, std::allocator > > >&) Full name: Remailer::checkMembers(std::vector, std::allocator >, std::allocator, std::allocator > > >&) Source: checkmembers.cc Used By: preparations.cc: Remailer::preparations() setcleartext.cc: Remailer::setClearText() checkRelax() Full name: Remailer::checkRelax() Source: checkrelax.cc Used By: preparations.cc: Remailer::preparations() ClearTextMail(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Full name: ClearTextMail::ClearTextMail(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Source: cleartextmail1.cc Used By: operatorfun.cc: Mail::operator()(Enums::MailType, std::__cxx11::basic_string, std::allocator > const&, bool) configField(std::__cxx11::basic_string, std::allocator > const&) Full name: Remailer::configField(std::__cxx11::basic_string, std::allocator > const&) Source: configfield.cc Used By: mail.cc: Remailer::mail() setcleartext.cc: Remailer::setClearText() setdebug.cc: Remailer::setDebug() setfilenames.cc: Remailer::setFilenames() setkeepfiles.cc: Remailer::setKeepFiles() setlog.cc: Remailer::setLog() setsigrequired.cc: Remailer::setSigRequired() copySignature(std::ostream&, std::__cxx11::basic_string, std::allocator > const&) Full name: Remailer::copySignature(std::ostream&, std::__cxx11::basic_string, std::allocator > const&) Source: copysignature.cc Used By: multipart.cc: Remailer::multipart(Remailer::IOContext&) multipartsigned.cc: Remailer::multipartSigned(Remailer::IOContext&) simple.cc: Remailer::simple(Remailer::IOContext&) copyToBoundary(std::__cxx11::basic_string, std::allocator > const&, std::istream&) Full name: Remailer::copyToBoundary(std::__cxx11::basic_string, std::allocator > const&, std::istream&) Source: copytoboundary2.cc Used By: multipartsigned.cc: Remailer::multipartSigned(Remailer::IOContext&) copyToBoundary(std::ostream&, std::istream&) Full name: Remailer::copyToBoundary(std::ostream&, std::istream&) Source: copytoboundary.cc Used By: copytoboundary2.cc: Remailer::copyToBoundary(std::__cxx11::basic_string, std::allocator > const&, std::istream&) multipart.cc: Remailer::multipart(Remailer::IOContext&) multipartsigned.cc: Remailer::multipartSigned(Remailer::IOContext&) cxx11]() Full name: GPGMail::makeBoundary[abi:cxx11]() Source: makeboundary.cc Used By: gpgmail1.cc: GPGMail::GPGMail(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) cxx11]() const Full name: ClearTextMail::label[abi:cxx11]() const Source: label.cc Used By: operatorfun.cc: GLOBALS operatorfun.cc 2operatorfun.o cxx11]() const Full name: ClearTextMail::headers[abi:cxx11]() const Source: headers.cc Used By: mailcommand.cc: ClearTextMail::mailCommand(std::__cxx11::basic_string, std::allocator > const&) const cxx11]() const Full name: GPGMail::label[abi:cxx11]() const Source: label.cc Used By: operatorfun.cc: GLOBALS operatorfun.cc 2operatorfun.o cxx11](char const*) Full name: Headers::getHeader[abi:cxx11](char const*) Source: getheader.cc Used By: headers.cc: ClearTextMail::headers[abi:cxx11]() const mailerbase1.cc: MailerBase::MailerBase(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) decrypt(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Full name: GPG::decrypt(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Source: decrypt.cc Used By: decrypt.cc: Remailer::decrypt() encrypt(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Full name: GPG::encrypt(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Source: encrypt.cc Used By: writereencrypted.cc: Remailer::writeReencrypted() encryptionType(Remailer::IOContext&) Full name: Remailer::encryptionType(Remailer::IOContext&) Source: encryptiontype.cc Used By: filetoreencrypt.cc: Remailer::fileToReencrypt() envelopeOK() Full name: Remailer::envelopeOK() Source: envelopeok.cc Used By: mail.cc: Remailer::mail() fileToReencrypt() Full name: Remailer::fileToReencrypt() Source: filetoreencrypt.cc Used By: reencrypt.cc: Remailer::reencrypt() filter(std::ostream&) Full name: Mail::filter(std::ostream&) Source: filter.cc Used By: writecontents.cc: Mail::writeContents(std::__cxx11::basic_string, std::allocator > const&) findBoundary(Remailer::IOContext&) Full name: Remailer::findBoundary(Remailer::IOContext&) Source: findboundary.cc Used By: multipartsigned.cc: Remailer::multipartSigned(Remailer::IOContext&) GPG(FBB::Log&, std::__cxx11::basic_string, std::allocator > const&) Full name: GPG::GPG(FBB::Log&, std::__cxx11::basic_string, std::allocator > const&) Source: gpg1.cc Used By: remailer1.cc: Remailer::Remailer() GPGMail(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Full name: GPGMail::GPGMail(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Source: gpgmail1.cc Used By: operatorfun.cc: Mail::operator()(Enums::MailType, std::__cxx11::basic_string, std::allocator > const&, bool) hasBoundary(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Full name: Remailer::hasBoundary(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Source: hasboundary.cc Used By: encryptiontype.cc: Remailer::encryptionType(Remailer::IOContext&) findboundary.cc: Remailer::findBoundary(Remailer::IOContext&) Headers() Full name: Headers::Headers() Source: headers1.cc Used By: remailer1.cc: Remailer::Remailer() hexChar(std::ostream&, std::istream&) Full name: Mail::hexChar(std::ostream&, std::istream&) Source: hexchar.cc Used By: inspect.cc: Mail::inspect(std::ostream&, std::__cxx11::basic_string, std::allocator > const&) inspect(std::ostream&, std::__cxx11::basic_string, std::allocator > const&) Full name: Mail::inspect(std::ostream&, std::__cxx11::basic_string, std::allocator > const&) Source: inspect.cc Used By: filter.cc: Mail::filter(std::ostream&) Mail(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::vector, std::allocator >, std::allocator, std::allocator > > > const&) Full name: Mail::Mail(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::vector, std::allocator >, std::allocator, std::allocator > > > const&) Source: mail1.cc Used By: remailer1.cc: Remailer::Remailer() mailCommand(std::__cxx11::basic_string, std::allocator > const&) const Full name: ClearTextMail::mailCommand(std::__cxx11::basic_string, std::allocator > const&) const Source: mailcommand.cc Used By: operatorfun.cc: GLOBALS operatorfun.cc 2operatorfun.o mailCommand(std::__cxx11::basic_string, std::allocator > const&) const Full name: GPGMail::mailCommand(std::__cxx11::basic_string, std::allocator > const&) const Source: mailcommand.cc Used By: operatorfun.cc: GLOBALS operatorfun.cc 2operatorfun.o MailerBase(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Full name: MailerBase::MailerBase(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Source: mailerbase1.cc Used By: gpgmail1.cc: GPGMail::GPGMail(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) cleartextmail1.cc: ClearTextMail::ClearTextMail(FBB::Log&, Headers&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) mailHeader(char const*) Full name: Headers::mailHeader(char const*) Source: mailheader.cc Used By: getheader.cc: Headers::getHeader[abi:cxx11](char const*) multiField(std::vector, std::allocator >, std::allocator, std::allocator > > >&, char const*, int, bool) Full name: Remailer::multiField(std::vector, std::allocator >, std::allocator, std::allocator > > >&, char const*, int, bool) Source: multifield.cc Used By: preparations.cc: Remailer::preparations() multipart(Remailer::IOContext&) Full name: Remailer::multipart(Remailer::IOContext&) Source: multipart.cc Used By: data.cc: GLOBALS data.cc 1data.o multipartSigned(Remailer::IOContext&) Full name: Remailer::multipartSigned(Remailer::IOContext&) Source: multipartsigned.cc Used By: data.cc: GLOBALS data.cc 1data.o operator()(Enums::MailType, std::__cxx11::basic_string, std::allocator > const&, bool) Full name: Mail::operator()(Enums::MailType, std::__cxx11::basic_string, std::allocator > const&, bool) Source: operatorfun.cc Used By: mail.cc: Remailer::mail() PGPmessage(std::ostream&) Full name: Mail::PGPmessage(std::ostream&) Source: pgpmessage.cc Used By: writecontents.cc: Mail::writeContents(std::__cxx11::basic_string, std::allocator > const&) run(std::__cxx11::basic_string, std::allocator >, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Full name: GPG::run(std::__cxx11::basic_string, std::allocator >, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Source: run.cc Used By: decrypt.cc: GPG::decrypt(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) encrypt.cc: GPG::encrypt(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) verify.cc: GPG::verify(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) s_reEncrypt Full name: Remailer::s_reEncrypt Source: data.cc Used By: filetoreencrypt.cc: Remailer::fileToReencrypt() s_step Full name: Remailer::s_step Source: data.cc Used By: step.cc: Remailer::step(std::__cxx11::basic_string, std::allocator > const&) s_stepEnd Full name: Remailer::s_stepEnd Source: data.cc Used By: step.cc: Remailer::step(std::__cxx11::basic_string, std::allocator > const&) sendMail(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, bool) Full name: MailerBase::sendMail(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, bool) Source: sendmail.cc Used By: operatorfun.cc: GLOBALS operatorfun.cc 2operatorfun.o setClearText() Full name: Remailer::setClearText() Source: setcleartext.cc Used By: preparations.cc: Remailer::preparations() setDebug() Full name: Remailer::setDebug() Source: setdebug.cc Used By: preparations.cc: Remailer::preparations() setFilenames() Full name: Remailer::setFilenames() Source: setfilenames.cc Used By: preparations.cc: Remailer::preparations() setKeepFiles() Full name: Remailer::setKeepFiles() Source: setkeepfiles.cc Used By: preparations.cc: Remailer::preparations() setLog() Full name: Remailer::setLog() Source: setlog.cc Used By: remailer1.cc: Remailer::Remailer() setRecipients(std::vector, std::allocator >, std::allocator, std::allocator > > >&, std::vector, std::allocator >, std::allocator, std::allocator > > > const&) Full name: MailerBase::setRecipients(std::vector, std::allocator >, std::allocator, std::allocator > > >&, std::vector, std::allocator >, std::allocator, std::allocator > > > const&) Source: setrecipients.cc Used By: operatorfun.cc: GLOBALS operatorfun.cc 2operatorfun.o setReplyTo() Full name: Remailer::setReplyTo() Source: setreplyto.cc Used By: preparations.cc: Remailer::preparations() setSigRequired() Full name: Remailer::setSigRequired() Source: setsigrequired.cc Used By: preparations.cc: Remailer::preparations() setSuffixNr() Full name: Remailer::setSuffixNr() Source: setsuffixnr.cc Used By: setfilenames.cc: Remailer::setFilenames() setUmask() Full name: Remailer::setUmask() Source: setumask.cc Used By: preparations.cc: Remailer::preparations() signatureFilter(std::__cxx11::basic_string, std::allocator > const&, Remailer::SigStruct&) Full name: Remailer::signatureFilter(std::__cxx11::basic_string, std::allocator > const&, Remailer::SigStruct&) Source: signaturefilter.cc Used By: copysignature.cc: Remailer::copySignature(std::ostream&, std::__cxx11::basic_string, std::allocator > const&) simple(Remailer::IOContext&) Full name: Remailer::simple(Remailer::IOContext&) Source: simple.cc Used By: data.cc: GLOBALS data.cc 1data.o step(std::__cxx11::basic_string, std::allocator > const&) Full name: Remailer::step(std::__cxx11::basic_string, std::allocator > const&) Source: step.cc Used By: decrypt.cc: Remailer::decrypt() filetoreencrypt.cc: Remailer::fileToReencrypt() mail.cc: Remailer::mail() mailcontents.cc: Remailer::mailContents() preparations.cc: Remailer::preparations() writereencrypted.cc: Remailer::writeReencrypted() strToUnsigned(std::__cxx11::basic_string, std::allocator > const&, char const*, unsigned int) Full name: Remailer::strToUnsigned(std::__cxx11::basic_string, std::allocator > const&, char const*, unsigned int) Source: strtounsigned.cc Used By: setlog.cc: Remailer::setLog() setumask.cc: Remailer::setUmask() verify(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Full name: GPG::verify(std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&, std::__cxx11::basic_string, std::allocator > const&) Source: verify.cc Used By: multipartsigned.cc: Remailer::multipartSigned(Remailer::IOContext&) version Full name: version Source: version.cc Used By: usage.cc: usage(std::__cxx11::basic_string, std::allocator > const&) writeContents(std::__cxx11::basic_string, std::allocator > const&) Full name: Mail::writeContents(std::__cxx11::basic_string, std::allocator > const&) Source: writecontents.cc Used By: mailcontents.cc: Remailer::mailContents() writeHeaders(std::__cxx11::basic_string, std::allocator > const&) Full name: Mail::writeHeaders(std::__cxx11::basic_string, std::allocator > const&) Source: writeheaders.cc Used By: preparations.cc: Remailer::preparations() writeMailContents(std::__cxx11::basic_string, std::allocator > const&) const Full name: ClearTextMail::writeMailContents(std::__cxx11::basic_string, std::allocator > const&) const Source: writemailcontents.cc Used By: operatorfun.cc: GLOBALS operatorfun.cc 2operatorfun.o writeMailContents(std::__cxx11::basic_string, std::allocator > const&) const Full name: GPGMail::writeMailContents(std::__cxx11::basic_string, std::allocator > const&) const Source: writemailcontents.cc Used By: operatorfun.cc: GLOBALS operatorfun.cc 2operatorfun.o writeReencrypted() Full name: Remailer::writeReencrypted() Source: writereencrypted.cc Used By: reencrypt.cc: Remailer::reencrypt() year Full name: year Source: version.cc Used By: usage.cc: usage(std::__cxx11::basic_string, std::allocator > const&) gpg-remailer-3.01.03/gpgmail/0000755000175000017500000000000012635513212014635 5ustar frankfrankgpg-remailer-3.01.03/gpgmail/label.cc0000644000175000017500000000013212605005143016213 0ustar frankfrank#include "gpgmail.ih" string GPGMail::label() const { return "GPG encrypted mail"; } gpg-remailer-3.01.03/gpgmail/makeboundary.cc0000644000175000017500000000066012605005143017623 0ustar frankfrank#include "gpgmail.ih" string GPGMail::makeBoundary() { string boundary; IRandStream rs(' ' + 1, '~', time(0)); for (int idx = 0; idx != 16; ++idx) { while (true) { size_t value; rs >> value; if (isalnum(value)) { boundary += static_cast(value); break; } } } return boundary; } gpg-remailer-3.01.03/gpgmail/gpgmail.h0000644000175000017500000000164112605005143016424 0ustar frankfrank#ifndef INCLUDED_GPGMAIL_ #define INCLUDED_GPGMAIL_ #include #include "../mailer/mailer.h" namespace FBB { class Log; } class Headers; class GPGMail: public Mailer { friend void MailerFriend::send(std::string const &mailData, std::vector const &recipients, bool dontSend); std::string const &d_mailName; std::string const &d_replyTo; std::string d_boundary; public: GPGMail(FBB::Log &log, Headers &headers, std::string const &mailName, std::string const &replyTo, std::string const &step); private: static std::string makeBoundary(); // Called through MailerBase: void writeMailContents(std::string const &mailData) const; std::string mailCommand(std::string const &recipients) const; std::string label() const; }; #endif gpg-remailer-3.01.03/gpgmail/mailcommand.cc0000644000175000017500000000063312605005143017423 0ustar frankfrank#include "gpgmail.ih" string GPGMail::mailCommand(string const &recipient) const { return "/usr/bin/mail -s '" + subject() + "' " "-a \"Reply-To: " + d_replyTo + "\" " "-a 'Content-Type: multipart/encrypted; " R"(protocol="application/pgp-encrypted"; )" R"(boundary=")" + d_boundary + R"("' )" + recipient; } gpg-remailer-3.01.03/gpgmail/gpgmail1.cc0000644000175000017500000000043112605005143016637 0ustar frankfrank#include "gpgmail.ih" GPGMail::GPGMail(Log &log, Headers &headers, string const &mailName, string const &replyTo, string const &step) : Mailer(log, headers, mailName, step), d_mailName(mailName), d_replyTo(replyTo), d_boundary(makeBoundary()) { } gpg-remailer-3.01.03/gpgmail/gpgmail.ih0000644000175000017500000000037512605005143016600 0ustar frankfrank#include "gpgmail.h" #include #include #include #include #include #include #include #include using namespace std; using namespace FBB; gpg-remailer-3.01.03/gpgmail/writemailcontents.cc0000644000175000017500000000126212605005143020714 0ustar frankfrank#include "gpgmail.ih" void GPGMail::writeMailContents(string const &mailData) const { ifstream in; Exception::open(in, mailData); ofstream out; Exception::open(out, d_mailName); out << "\n" // create the mail to send. "--" << d_boundary << "\n" "Content-Type: application/pgp-encrypted\n" "Content-Transfer-Encoding: 7bit\n" "\n" "Version: 1\n" "\n" "--" << d_boundary << "\n" "Content-Type: application/octet-stream; name=gpg.asc\n" "Content-Transfer-Encoding: 7bit\n" "\n" << in.rdbuf() << "\n" "\n" "--" << d_boundary << "--\n"; } gpg-remailer-3.01.03/headers/0000755000175000017500000000000012635513212014630 5ustar frankfrankgpg-remailer-3.01.03/headers/headers.ih0000644000175000017500000000012612605005143016560 0ustar frankfrank#include "headers.h" #include using namespace std; using namespace FBB; gpg-remailer-3.01.03/headers/getheader.cc0000644000175000017500000000030112605005143017055 0ustar frankfrank#include "headers.ih" string Headers::getHeader(char const *hdr) { string ret; auto begin = mailHeader(hdr); if (begin != endh()) ret = *begin; return ret; } gpg-remailer-3.01.03/headers/headers.h0000644000175000017500000000044612605005143016414 0ustar frankfrank#ifndef INCLUDED_HEADERS_ #define INCLUDED_HEADERS_ #include class Headers: public FBB::MailHeaders { public: Headers(); const_hdr_iterator mailHeader(char const *hdr); std::string getHeader(char const *hdr); private: }; #endif gpg-remailer-3.01.03/headers/headers1.cc0000644000175000017500000000011112605005143016620 0ustar frankfrank#include "headers.ih" Headers::Headers() : FBB::MailHeaders(cin) {} gpg-remailer-3.01.03/headers/mailheader.cc0000644000175000017500000000023012605005143017221 0ustar frankfrank#include "headers.ih" Headers::const_hdr_iterator Headers::mailHeader(char const *hdr) { setHeaderIterator(hdr, CASE_FULL); return beginh(); } gpg-remailer-3.01.03/icmake/0000755000175000017500000000000012635513313014450 5ustar frankfrankgpg-remailer-3.01.03/icmake/installer0000755000175000017500000000054512635513313016377 0ustar frankfrank#!/bin/bash if [ $# -eq 0 ] ; then echo destination path, ending in /, must be provided exit 0 fi for src in `find -mindepth 1 -type d` # create missing target dirs do [ ! -e $1$src ] && mkdir -p $1$src done for file in `find -type f -or -type l` do # echo installing $1$file cp -d --preserve=timestamps $file $1$file done gpg-remailer-3.01.03/icmake/setopt0000644000175000017500000000034112605005143015701 0ustar frankfrankstring setOpt(string install_im, string envvar) { list optvar; string ret; optvar = getenv(envvar); if (optvar[0] == "1") ret = optvar[1]; else ret = install_im; return ret; } gpg-remailer-3.01.03/icmake/loginstall0000644000175000017500000000156512634561411016553 0ustar frankfrank// source and dest, absolute or reachable from g_cwd, should exist. // files and links in source matching dest (if empty: all) are copied to dest // and are logged in g_log // Before they are logged, dest is created void logInstall(string src, string pattern, string dest) { list entries; int idx; chdir(g_cwd); md(dest); src += "/"; dest += "/"; if (listlen(makelist(O_DIR, src)) == 0) { printf("Warning: ", src, " not found: can't install ", src, pattern, " at ", dest, "\n"); return; } entries = findAll("f", src, pattern); for (idx = listlen(entries); idx--; ) run("cp " + src + entries[idx] + " " + dest); chdir(g_cwd); entries = findAll("l", src, pattern); for (idx = listlen(entries); idx--; ) run("cp " CPOPTS " " + src + entries[idx] + " " + dest); } gpg-remailer-3.01.03/icmake/logzip0000644000175000017500000000165612634561411015710 0ustar frankfrank// names may be a series of files in src, not a wildcard. // if it's empty then all files in src are used. // the files are gzipped and logged in dest. // src and dest do not have to end in / void logZip(string src, string names, string dest) { list files; int idx; string file; chdir(g_cwd); md(dest); dest += "/"; if (src != "") { if (listlen(makelist(O_DIR, src)) == 0) { printf("Warning: ", src, " not found: can't install ", src, names, " at ", dest, "\n"); return; } chdir(src); } if (names == "") files = makelist("*"); else files = strtok(names, " "); for (idx = listlen(files); idx--; ) { file = files[idx]; run("gzip -n -9 < " + file + " > " + file + ".gz"); } run("tar cf - *.gz | (cd " + g_cwd + "; cd " + dest + "; tar xf -)"); run("rm *.gz"); } gpg-remailer-3.01.03/icmake/clean0000644000175000017500000000104512605005143015447 0ustar frankfrankvoid clean(int dist) { run("rm -rf " "build-stamp configure-stamp " "options/SKEL " "tmp/*.o" + " o */o release.yo tmp/lib*.a " "parser/grammar.output" ); if (dist) run("rm -rf tmp *.ih.gch */*.ih.gch"); chdir("documentation"); run("rm -rf " "man/*.1 " "man/*.html " "manual/*.html " "manual/invoking/usage " "manual/invoking/usage.txt " "usage/usage " ); exit(0); } gpg-remailer-3.01.03/icmake/logfile0000644000175000017500000000025712605005143016012 0ustar frankfrankvoid logFile(string srcdir, string src, string destdir, string dest) { chdir(g_cwd); md(destdir); run("cp " + srcdir + "/" + src + " " + destdir + "/" + dest); } gpg-remailer-3.01.03/icmake/findall0000644000175000017500000000107412634561411016007 0ustar frankfrank// assuming we're in g_cwd, all entries of type 'type' matching source/pattern // are returned w/o final \n list findAll(string type, string source, string pattern) { string cmd; list entries; list ret; int idx; chdir(source); cmd = "find ./ -mindepth 1 -maxdepth 1 -type " + type; if (pattern != "") pattern = "-name '" + pattern + "'"; entries = backtick(cmd + " " + pattern + " -printf \"%f\\n\""); for (idx = listlen(entries); idx--; ) ret += (list)cutEoln(entries[idx]); chdir(g_cwd); return ret; } gpg-remailer-3.01.03/icmake/manpage0000644000175000017500000000051312605005143015774 0ustar frankfrank#define MANPAGE "../../tmp/man/" ${PROGRAM} ".1" void manpage() { md("tmp/man tmp/manhtml"); special(); chdir("documentation/man"); run("yodl2man --no-warnings -o " MANPAGE " " PROGRAM); run("yodl2html --no-warnings " "-o ../../tmp/manhtml/" PROGRAM "man.html " PROGRAM); exit(0); } gpg-remailer-3.01.03/icmake/cuteoln0000644000175000017500000000023312605005143016034 0ustar frankfrankstring cutEoln(string text) { int len; len = strlen(text) - 1; if (text[len] == "\n") text = substr(text, 0, len); return text; } gpg-remailer-3.01.03/icmake/uninstall0000644000175000017500000000045612605005143016403 0ustar frankfrankvoid uninstall(string logfile) { int idx; list entry; string dir; list line; if (!exists(logfile)) { printf("installation log file " + logfile + " not found\n"); exit(0); } run("icmake/remove " + logfile + " " + (string)g_echo); exit(0); } gpg-remailer-3.01.03/icmake/pathfile0000644000175000017500000000055212605005143016163 0ustar frankfranklist path_file(string path) { list ret; int len; int idx; for (len = strlen(path), idx = len; idx--; ) { if (path[idx] == "/") { ret = (list)substr(path, 0, idx) + (list)substr(path, idx + 1, len); return ret; } } ret = (list)"" + (list)path; return ret; } gpg-remailer-3.01.03/icmake/github0000644000175000017500000000023012605005143015642 0ustar frankfrankvoid github() { run("cp -r release.yo tmp/manhtml/gpg-remailerman.html ../../wip"); run("cp changelog ../../wip/changelog.txt"); exit(0); } gpg-remailer-3.01.03/icmake/md0000644000175000017500000000074012605005143014766 0ustar frankfrank// md: target should be a series of blank-delimited directories to be created // If an element is a whildcard, the directory will always be created, // using mkdir -p. // // uses: run() void md(string target) { int idx; list paths; string dir; if (!exists(target)) run("mkdir -p " + target); else if (((int)stat(target)[0] & S_IFDIR) == 0) { printf(target + " exists, but is not a directory\n"); exit(1); } } gpg-remailer-3.01.03/icmake/log0000755000175000017500000000063212605005143015152 0ustar frankfrank#!/bin/bash find tmp/install -type f -exec md5sum "{}" \; | sed 's|tmp/install|'$1'|' > $2 find tmp/install -type l -exec printf "link %s\n" "{}" \; | sed 's|tmp/install|'$1'|' >> $2 find tmp/install -type d -exec printf "dir %s\n" "{}" \; | sed 's|tmp/install|'$1'|' >> $2 gpg-remailer-3.01.03/icmake/remove0000755000175000017500000000117012605005143015664 0ustar frankfrank#!/bin/bash g_echo=$2 rm_f() { [ $g_echo -ne 0 ] && echo rm $1 rm -f $1 } rm_dir() { [ $g_echo -ne 0 ] && echo rmdir $1 rmdir --ignore-fail-on-non-empty -p $1 } IFS=" " for line in `cat $1` do field1=`echo $line | awk '{printf $1}'` field2=`echo $line | awk '{printf $2}'` if [ $field1 == "link" ] ; then rm_f $field2 elif [ $field1 == "dir" ] ; then rm_dir $field2 elif [ -e "$field2" ] ; then if [ "$field1" != "`md5sum $field2 | awk '{printf $1}'`" ] ; then echo $field2 changed, not removed else rm_f $field2 fi fi done rm_f $1 gpg-remailer-3.01.03/icmake/precompileheaders0000644000175000017500000000133612634561411020072 0ustar frankfrankstring g_compiler; int g_gch = 1; void _precompile(string class) { string classIH; classIH = class + ".ih"; if (classIH younger class + ".ih.gch") run(g_compiler + " -x c++-header " + classIH); } void precompileHeaders() { int idx; list classes; string class; if (!g_gch) return; classes = makelist(O_SUBDIR, "*"); g_compiler = setOpt(CXX, "CXX") + " " + setOpt(CXXFLAGS, "CXXFLAGS") + " "; _precompile("main"); // precompile the main program .ih file for (idx = listlen(classes); idx--; ) { class = classes[idx]; chdir(class); _precompile(class); chdir(g_cwd); } } gpg-remailer-3.01.03/icmake/special0000644000175000017500000000032212605005143016002 0ustar frankfrankvoid special() { if (! exists("release.yo") || "VERSION" newer "release.yo") { system("touch version.cc"); run("gcc -E VERSION.h | grep -v '#' | sed 's/\\\"//g' > release.yo"); } } gpg-remailer-3.01.03/icmake/run0000644000175000017500000000015112605005143015166 0ustar frankfrankvoid run(string cmd) { if (g_echo == OFF) cmd += "> /dev/null 2>&1"; system(0, cmd); } gpg-remailer-3.01.03/icmake/install0000644000175000017500000000342412635512451016046 0ustar frankfrank void install(string request, string dest) { string target; int components = 0; list pathsplit; string base; base = "tmp/install/"; md(base); if (request == "x") components = 63; else { if (strfind(request, "b") != -1) components |= 2; if (strfind(request, "d") != -1) components |= 4; if (strfind(request, "m") != -1) components |= 8; } if (components & 2) { target = base + BINARY; pathsplit = path_file(target); printf(" installing the executable `", target, "'\n"); logFile("tmp/bin", "binary", pathsplit[0], pathsplit[1]); } if (components & (4 | 8)) { target = base + DOC "/"; if (components & 4) { printf(" installing the changelog at `", target, "\n"); logZip("", "changelog", target ); printf(" installing extensiveexample.txt at `", target, "\n"); logZip("", "extensiveexample.txt", target ); } if (components & 8) { printf(" installing the html-manual pages at `", target, "\n"); logInstall("tmp/manhtml", "", target); } } if (components & 8) { target = base + MAN "/"; printf(" installing the manual pages below `", target, "'\n"); logZip("tmp/man", "gpg-remailer.1", target); } chdir(g_cwd); if (dest == "") dest = "/"; else md(dest); dest = cutEoln(backtick("readlink -f " + dest)[0]); if (g_logPath != "") backtick("icmake/log " + dest + " " + g_logPath); chdir(base); run("../../icmake/installer " + dest + "/"); printf("\n Installation completed\n"); exit(0); } gpg-remailer-3.01.03/icmake/backtick0000644000175000017500000000016012605005143016135 0ustar frankfranklist backtick(string arg) { list ret; echo(OFF); ret = `arg`; echo(g_echo); return ret; } gpg-remailer-3.01.03/icmconf0000644000175000017500000001056212605005143014556 0ustar frankfrank#include "INSTALL.im" // Inspect the following #defines. Change them to taste. If you don't // need a particular option, change its value into an empty string // For more information about this file: 'man 7 icmconf' // The final program and source containing main(): // =============================================== // define the name of the source containing main(): #define MAIN "main.cc" // define any additional libraries the program may need: #define ADD_LIBRARIES "bobcat" // define any additional paths (other than the standard paths) the // additional libraries are located in: #define ADD_LIBRARY_PATHS "" // Should a lexical scanner be constructed? If so, define the subdirectory // containing the scanner's specification file and see below at the // scanner section for more defines #define SCANNER_DIR "" // Should a parser be constructed? If so, define the subdirectory // containing the parser's specification file and see below at the // parser section for more defines #define PARSER_DIR "" // ================== probably no configurations required below here ========= // Uncomment to relink the binary, even when no sources were // changed (this is useful if, e.g., a library was rebuilt) #define REFRESH // Defines related to the local libraries to create: // ================================================= // Uncomment to create a local library rather (when a binary program is // built it will be linked against the library rather than the individual // object modules). Change the lib's name at you own digression (don't use // lib or an extension like .a) #define LIBRARY "modules" #define SHAREDREQ "" // #defines used for compilation and linking: // ========================================== // Uncomment to clear the screen just before starting the compilation // process //#define CLS // Uncomment to use the ALL facility and a class dependency setup in the // CLASSES file. When a directory contains a file ALL (optionally rename // this filename by providing an alternative name) then all its sources // and all sources of all classes depending on it are also compiled. // Class dependencies are indicated by the class name (as the first // word on a line) optionally followed by additional class names, which // are the classes directly depending on the line's first class name. //#define USE_ALL "a" // define the pattern to locate sources in a directory: #define SOURCES "*.cc" // Some #defines, used to create parsers and lexical scanners // ========================================================== // Lexical Scanner section // ======================= // What is the program generating the lexical scanner? #define SCANGEN "flexc++" // Flags to provide SCANGEN with: #define SCANFLAGS "" // Name of the lexical scanner specification file #define SCANSPEC "lexer" // Specify additional lexer specification files using patterns // these files are (in)directly included by SCANSPEC //#define SCANFILES "" // Name of the file generated by the lexical scanner #define SCANOUT "lex.cc" // Parser section // ============== // What is the program generating a parser? #define PARSGEN "bisonc++" // Flags to provide PARSGEN with: #define PARSFLAGS "-V" // What is the grammar specification file? #define PARSSPEC "grammar" // Specify additional grammar specification files using patterns // these files are (in)directly included by PARSSPEC. Specify patterns // relative to PARSER_DIR #define PARSFILES "inc/*" // Name of the file generated by the parser generator containing the // parser function #define PARSOUT "parse.cc" // Additional defines, which normally require no modification // ========================================================== // should commands be echoed (ON) or not (OFF) ? #define USE_ECHO ON // Directory below this directory to contain temporary results #define TMP_DIR "tmp" // The extension of object modules: #define OBJ_EXT ".o" // Use the VERSION file #define USE_VERSION gpg-remailer-3.01.03/logexception/0000755000175000017500000000000012635513212015715 5ustar frankfrankgpg-remailer-3.01.03/logexception/logexception.h0000644000175000017500000000151012605005143020557 0ustar frankfrank#ifndef INCLUDED_LOGEXCEPTION_ #define INCLUDED_LOGEXCEPTION_ #include // Any fatal situations that should be logged. If stdErr == true the // message is first written to cerr. Logging is the responsibility of the // catch handler, catching a LogException. class LogException: public FBB::Exception { template friend LogException &&operator<<(LogException &&tmp, Type const &value); bool d_stdErr; public: LogException(bool stdErr = false); char const *msg() const; }; inline LogException::LogException(bool stdErr) : d_stdErr(stdErr) {} template inline LogException &&operator<<(LogException &&tmp, Type const &value) { static_cast(std::move(tmp)) << value; return std::move(tmp); } #endif gpg-remailer-3.01.03/logexception/logexception.ih0000644000175000017500000000010612605005143020730 0ustar frankfrank#include "logexception.h" #include using namespace std; gpg-remailer-3.01.03/logexception/msg.cc0000644000175000017500000000027612605005143017013 0ustar frankfrank#include "logexception.ih" char const *LogException::msg() const { char const *cp = static_cast(*this).what(); if (d_stdErr) cerr << cp; return cp; } gpg-remailer-3.01.03/mail/0000755000175000017500000000000012635513212014137 5ustar frankfrankgpg-remailer-3.01.03/mail/mail.ih0000644000175000017500000000050512605005143015377 0ustar frankfrank#include "mail.h" #include #include #include #include #include #include "../logexception/logexception.h" #include "../headers/headers.h" #include "../cleartextmail/cleartextmail.h" #include "../gpgmail/gpgmail.h" using namespace std; using namespace FBB; gpg-remailer-3.01.03/mail/hexchar.cc0000644000175000017500000000110612605005143016062 0ustar frankfrank#include "mail.ih" void Mail::hexChar(ostream &out, istream &in) { int value; // char beyond = is not a hex-char? if (string("0123456789abcdefABCDEF").find(in.peek()) == string::npos) { out << '='; // then just put out the '=' return; } char buffer[3]; in >> setw(sizeof(buffer)) >> buffer; istringstream hexConf(buffer); hexConf >> hex >> value; if (hexConf.tellg() != 2 || !isprint(value)) out << '=' << buffer; else out << static_cast(value); } gpg-remailer-3.01.03/mail/mail1.cc0000644000175000017500000000051012605005143015441 0ustar frankfrank#include "mail.ih" Mail::Mail(Log &log, Headers &headers, string const &mailName, string const &replyTo, string const &step, vector const &recipients) : d_log(log), d_headers(headers), d_mailName(mailName), d_replyTo(replyTo), d_step(step), d_recipients(recipients) {} gpg-remailer-3.01.03/mail/writecontents.cc0000644000175000017500000000103312605005143017347 0ustar frankfrank#include "mail.ih" Enums::MailType Mail::writeContents(std::string const &contentsName) { d_log << level(LOGDEBUG) << "Original mail contents to " << contentsName << '\n'; ofstream out; LogException::open(out, contentsName); if (not PGPmessage(out)) { if (not d_clearTextAccepted) throw LogException() << "not PGP encrypted e-mail\n"; d_log << level(LOGDEFAULT) << "Clear-text mail\n"; return CLEAR; } filter(out); return ENCRYPTED; } gpg-remailer-3.01.03/mail/mail.h0000644000175000017500000000320212605005143015223 0ustar frankfrank#ifndef INCLUDED_MAIL_ #define INCLUDED_MAIL_ #include #include #include "../enums/enums.h" namespace FBB { class Log; }; class Headers; class Mail: private Enums { FBB::Log &d_log; Headers &d_headers; std::string const &d_mailName; std::string const &d_replyTo; std::string const &d_step; bool d_clearTextAccepted = false; std::string d_subject; bool d_dontSend = true; std::vector const &d_recipients; public: Mail(FBB::Log &log, Headers &headers, std::string const &mailName, std::string const &replyTo, std::string const &step, std::vector const &recipients); void writeHeaders(std::string const &hdrsName); MailType writeContents(std::string const &hdrsName); void operator()(MailType type, std::string const &mailData, bool dontSend); void setClearTextMode(ClearText mode); private: template void mail(std::string const &mailData, bool dontSend, Mailer &&mailer); bool PGPmessage(std::ostream &out); void filter(std::ostream &out); void inspect(std::ostream &out, std::string const &line); void hexChar(std::ostream &out, std::istream &in); }; template inline void Mail::mail(std::string const &mailData, bool dontSend, Mailer &&mailer) { mailer.send(mailData, d_recipients, dontSend); } inline void Mail::setClearTextMode(ClearText mode) { d_clearTextAccepted = mode == ACCEPTED; } #endif gpg-remailer-3.01.03/mail/pgpmessage.cc0000644000175000017500000000046012605005143016575 0ustar frankfrank#include "mail.ih" bool Mail::PGPmessage(ostream &out) { string line; while (getline(cin, line)) { out << line << endl; // copy a line if (line == "-----BEGIN PGP MESSAGE-----") // found the marker return true; } return false; } gpg-remailer-3.01.03/mail/inspect.cc0000644000175000017500000000041512605005143016107 0ustar frankfrank#include "mail.ih" void Mail::inspect(ostream &out, string const &line) { istringstream in(line); char c; while (in.get(c)) { if (c != '=') out.put(c); else hexChar(out, in); } out << endl; } gpg-remailer-3.01.03/mail/writeheaders.cc0000644000175000017500000000050612605005143017131 0ustar frankfrank#include "mail.ih" void Mail::writeHeaders(std::string const &hdrsName) { ofstream out; // write the mail headers to file LogException::open(out, hdrsName); for (auto &hdr: d_headers) out << hdr << '\n'; d_log << level(LOGDEBUG) << "Headers written to " << hdrsName << '\n'; } gpg-remailer-3.01.03/mail/operatorfun.cc0000644000175000017500000000100612605005143017003 0ustar frankfrank#include "mail.ih" void Mail::operator()(MailType type, string const &mailData, bool dontSend) { d_log << level(LOGDEBUG) << "Mail to send is written to " << d_mailName << '\n'; if (type == ENCRYPTED) mail(mailData, dontSend, GPGMail(d_log, d_headers, d_mailName, d_replyTo, d_step)); else mail(mailData, dontSend, ClearTextMail(d_log, d_headers, d_mailName, d_replyTo, d_step)); } gpg-remailer-3.01.03/mail/filter.cc0000644000175000017500000000044612605005143015733 0ustar frankfrank#include "mail.ih" void Mail::filter(ostream &out) { string line; while (getline(cin, line)) { if (line != "-----END PGP MESSAGE-----") inspect(out, line); else { out << line << endl; return; } } } gpg-remailer-3.01.03/mailer/0000755000175000017500000000000012605005143014462 5ustar frankfrankgpg-remailer-3.01.03/mailer/send.f0000644000175000017500000000121612605005143015562 0ustar frankfranktemplate void Mailer::send(std::string const &mailData, std::vector const &configuredRecipients, bool dontSend) { static_cast(this)->writeMailContents(mailData); std::vector oneRecipient; std::vector const &recipients = setRecipients(oneRecipient, configuredRecipients); std::string logLabel = static_cast(this)->label(); for (auto &recipient: recipients) sendMail(static_cast(this)->mailCommand(recipient), logLabel, recipient, dontSend); } gpg-remailer-3.01.03/mailer/mailer1.f0000644000175000017500000000031212605005143016157 0ustar frankfranktemplate Mailer::Mailer(FBB::Log &log, Headers &headers, std::string const &mailName, std::string const &step) : MailerBase(log, headers, mailName, step) {} gpg-remailer-3.01.03/mailer/mailer.h0000644000175000017500000000163312605005143016107 0ustar frankfrank#ifndef INCLUDED_MAILER_ #define INCLUDED_MAILER_ #include "../mailerbase/mailerbase.h" template class Mailer: private MailerBase { public: Mailer(FBB::Log &log, Headers &headers, std::string const &mailName, std::string const &step); void send(std::string const &mailData, std::vector const &recipients, bool dontSend); protected: typedef Mailer MailerFriend; using MailerBase::subject; private: // Derived classes must implement and allow the following members // to be callled from MailerFriend::send: // // void writeMailContents(std::string const &mailData) const; // std::string mailCommand(std::string const &recipients) // std::string label() const; }; #include "mailer1.f" #include "send.f" #endif gpg-remailer-3.01.03/mailerbase/0000755000175000017500000000000012635513212015321 5ustar frankfrankgpg-remailer-3.01.03/mailerbase/sendmail.cc0000644000175000017500000000123612605005143017422 0ustar frankfrank#include "mailerbase.ih" void MailerBase::sendMail(string const &command, string const &label, string const &recipient, bool dontSend) { d_log << level(LOGCOMMANDS) << command << '\n'; if (dontSend) { d_log << level(LOGDEBUG) << "Sending mail suppressed by config/option\n"; return; } ifstream in(d_mailName); Process mail(FBB::Process::CIN | FBB::Process::IGNORE_COUT_CERR, command); mail.start(); mail << in.rdbuf() << eoi; d_log << level(LOGDEFAULT) << label << " (" << d_subject << ") sent to " << recipient << '\n'; } gpg-remailer-3.01.03/mailerbase/mailerbase1.cc0000644000175000017500000000100712605005143020007 0ustar frankfrank#include "mailerbase.ih" MailerBase::MailerBase(FBB::Log &log, Headers &headers, std::string const &mailName, std::string const &step) : d_log(log), d_headers(headers), d_mailName(mailName), d_step(step), d_subject(d_headers.getHeader("Subject")) { if (d_subject.empty()) d_subject = "Mail from the reencrypting remailer"; d_log << FBB::level(LOGDEBUG) << "Mail to send written to " << mailName << '\n'; } gpg-remailer-3.01.03/mailerbase/mailerbase.h0000644000175000017500000000174012605005143017574 0ustar frankfrank#ifndef INCLUDED_MAILERBASE_ #define INCLUDED_MAILERBASE_ #include #include class Headers; namespace FBB { class Log; } #include "../enums/enums.h" class MailerBase: Enums { FBB::Log &d_log; Headers &d_headers; std::string const &d_mailName; std::string const &d_step; std::string d_subject; protected: MailerBase(FBB::Log &log, Headers &headers, std::string const &mailName, std::string const &step); std::vector const &setRecipients( std::vector &oneRecipient, std::vector const &configuredRecipients ); std::string const &subject() const; void sendMail(std::string const &command, std::string const &label, std::string const &recipient, bool dontSend); }; inline std::string const &MailerBase::subject() const { return d_subject; } #endif gpg-remailer-3.01.03/mailerbase/setrecipients.cc0000644000175000017500000000131312605005143020503 0ustar frankfrank#include "mailerbase.ih" vector const &MailerBase::setRecipients( vector &oneRecipient, vector const &configuredRecipients) { size_t pos = d_step.find(':'); // explicit mail recipient? if (pos == string::npos) // no, use provided recipient(s) return configuredRecipients; // yes: send the mail to that recipient oneRecipient.push_back(d_step.substr(pos + 1)); d_log << FBB::level(LOGDEFAULT) << "Ignoring recipients, mail sent to " << oneRecipient.front() << '\n'; return oneRecipient; } gpg-remailer-3.01.03/mailerbase/mailerbase.ih0000644000175000017500000000025612605005143017746 0ustar frankfrank#include "mailerbase.h" #include #include #include #include "../headers/headers.h" using namespace std; using namespace FBB; gpg-remailer-3.01.03/main.cc0000644000175000017500000000350212605005143014444 0ustar frankfrank#include "main.ih" using namespace FBB; namespace // the anonymous namespace can be used here { Arg::LongOption longOptions[] = { Arg::LongOption("debug", 'd'), Arg::LongOption("help", 'h'), Arg::LongOption("logfile", 'l'), Arg::LongOption("loglevel", 'L'), Arg::LongOption("member", 'm'), Arg::LongOption("no-mail"), Arg::LongOption("nr", 'n'), Arg::LongOption("recipient", 'r'), Arg::LongOption("relax"), // generates warning Arg::LongOption("step", Arg::Required), Arg::LongOption("tmp", 't'), Arg::LongOption("umask", Arg::Required), Arg::LongOption("version", 'v'), }; Arg::LongOption const *const longEnd = longOptions + sizeof(longOptions) / sizeof(Arg::LongOption); } int main(int argc, char **argv) try { Arg::initialize("dhL:l:m:n:r:t:v", longOptions, longEnd, argc, argv).versionHelp(usage, version, 0); Remailer remailer; try { remailer.preparations(); // writes .hdr remailer.mailContents(); // writes .org + sets mailtype remailer.decrypt(); // decrypts at step dec or mailtype ENCR. remailer.reencrypt(); // reencrypts at step enc or ^^idem^^ remailer.mail(); } catch (LogException const &err) { char const *msg = err.msg(); remailer.log() << "[Fatal] " << msg; // ALL exceptions return 0 to prevent unexpected mailer errors in // sendmail's logs. return 0; } } catch(exception const &err) // handle exceptions { cerr << "[Fatal] " << err.what() << '\n'; return 0; } catch(int x) { return 0; } catch (...) { cerr << "unexpected exception caught in main()\n"; return 0; } gpg-remailer-3.01.03/main.ih0000644000175000017500000000044112605005143014456 0ustar frankfrank#include #include #include #include #include "logexception/logexception.h" #include "remailer/remailer.h" extern char version[]; extern char year[]; void usage(std::string const &progname); using namespace std; using namespace FBB; gpg-remailer-3.01.03/remailer/0000755000175000017500000000000012635513212015015 5ustar frankfrankgpg-remailer-3.01.03/remailer/setlog.cc0000644000175000017500000000074512635507654016644 0ustar frankfrank#include "remailer.ih" void Remailer::setLog() { string name; if (!d_arg.option(&name, 'l')) name = configField("logFile"); if (name.empty()) name = "etc/remailer.log"; string level; if (!d_arg.option(&level, 'L')) level = configField("logLevel"); d_log.open(name); chmod(name.c_str(), S_IRUSR | S_IWUSR); d_log.setLevel(level.empty() ? LOGDEFAULT : strToUnsigned(level, "logLevel")); } gpg-remailer-3.01.03/remailer/remailer.h0000644000175000017500000001243312635510014016766 0ustar frankfrank#ifndef _INCLUDED_REMAILER_ #define _INCLUDED_REMAILER_ #include #include #include #include #include #include "../enums/enums.h" #include "../mail/mail.h" #include "../gpg/gpg.h" namespace FBB { class Arg; }; #include "../headers/headers.h" class Remailer: private Enums { enum SigType { NO_SIGNATURE, // no signature found SIGNATURE_FOUND, // signature found GOOD_SIGNATURE // good signature found }; enum EncryptionEnum { SIMPLE, MULTIPART, MULTIPART_SIGNED }; struct IOContext { std::ifstream decrypted; std::ofstream toReencrypt; std::string line; }; struct StepStruct { std::string stepName; MailType requiredType; }; FBB::Arg &d_arg; bool d_keepFiles; FBB::ConfigFile d_config; Headers d_headers; FBB::User d_user; FBB::Log d_log; SigType d_sigRequired; MailType d_mailType = UNKNOWN; std::string d_configName; std::string d_step; std::string d_replyTo; std::string d_boundary; std::string d_nr; // nr assigned to files std::string d_decryptedName; std::string d_errName; std::string d_mailName; std::string d_multipartSignedDataName; std::string d_hdrsName; std::string d_contentsName; std::string d_reencryptName; std::string d_reencryptedName; std::string d_signatureName; std::vector d_envelope; // accepted envelope addresses // for clear-text mail. // empty means: all std::vector d_members; std::vector d_recipients; static void (Remailer::*s_reEncrypt[])(IOContext &); static StepStruct s_step[]; static StepStruct *s_stepEnd; Mail d_mail; GPG d_gpg; public: Remailer(); ~Remailer(); // main() calls these members in sequence: void preparations(); // check permissions, set config-args void mailContents(); // extracts the Subject. // With PGP mail: // convert =20 etc. hex-specs in the // received mail to chars. // Plain mail is merely copied. // The new file org.x is written. void decrypt(); // decrypts the original mail, writes new // files decrypted.x and signature.x void reencrypt(); // writes reencrypted.x and maybe // multipartsigned.x // checks signatures at fileToReencrypt -> // copySignature void mail(); // mails the re-encrypted file to the // recipient(s). Correctly specifying the // Reply-To header is the responsibility // of the user. FBB::Log &log(); // log stream to use private: void multiField(std::vector &dest, char const *keyWord, int opt, bool needElements); void setLog(); std::string configField(std::string const &field); // called from 'preparations' void setKeepFiles(); void setDebug(); void setFilenames(); void checkRelax(); void setUmask(); void setReplyTo(); void setSigRequired(); void setClearText(); void copyToBoundary(std::ostream &out, std::istream &in); bool envelopeOK(); void checkMembers(std::vector &target); void copySignature(std::ostream &out, std::string const &boundary); struct SigStruct { std::ostream &out; SigType sigType; }; static void signatureFilter(std::string const &line, SigStruct &sigStruct); void copyToBoundary(std::string const &destName, std::istream &in); void fileToReencrypt(); void writeReencrypted(); void setSuffixNr(); bool step(std::string const &stepName); bool foundIn(std::string const &text, std::string const &target) const; bool onlyWS(std::string const &text) const; EncryptionEnum encryptionType(IOContext &io); void multipart(IOContext &io); void multipartSigned(IOContext &io); void simple(IOContext &io); void findBoundary(IOContext &io); bool hasBoundary(std::string const &line, std::string const &msgTypeName); static unsigned long strToUnsigned(std::string const &str, char const *optionName, size_t base = 10); static void collect(std::ostream *dest, std::istream *in); }; inline FBB::Log &Remailer::log() { return d_log; } #endif gpg-remailer-3.01.03/remailer/preparations.cc0000644000175000017500000000116512605005143020032 0ustar frankfrank#include "remailer.ih" void Remailer::preparations() { checkRelax(); setKeepFiles(); setDebug(); d_log << level(LOGDEBUG) << "User: " << d_user.name() << " (" << d_user.userid() << ")\n"; setFilenames(); // define all used filenames multiField(d_members, "member", 'm', true); multiField(d_recipients, "recipient", 'r', true); multiField(d_envelope, "envelope", 'e', false); checkMembers(d_recipients); setReplyTo(); setSigRequired(); setUmask(); if (step("hdrs")) d_mail.writeHeaders(d_hdrsName); setClearText(); } gpg-remailer-3.01.03/remailer/destructor.cc0000644000175000017500000000076212605005143017523 0ustar frankfrank#include "remailer.ih" Remailer::~Remailer() { if (d_keepFiles) return; d_log << level(LOGDEFAULT) << "Removing all temporary files\n"; unlink(d_decryptedName.c_str()); unlink(d_errName.c_str()); unlink(d_mailName.c_str()); unlink(d_multipartSignedDataName.c_str()); unlink(d_contentsName.c_str()); unlink(d_reencryptName.c_str()); unlink(d_reencryptedName.c_str()); unlink(d_signatureName.c_str()); unlink(d_hdrsName.c_str()); } gpg-remailer-3.01.03/remailer/multifield.cc0000644000175000017500000000205412605005143017457 0ustar frankfrank#include "remailer.ih" void Remailer::multiField(vector &dest, char const *keyWord, int opt, bool needElements) { if (size_t index = d_arg.option(opt)) { for (; index--; ) { string field; d_arg.option(index, &field, opt); dest.push_back(field); } return; } string configRE( R"(^\s*)" ); (configRE += keyWord) += ":"; Pattern pattern(configRE + R"(\s*(\S+))" ); auto iters = d_config.beginEndRE(configRE); for (auto &line: ranger(iters.first, iters.second)) { if (pattern << line) dest.push_back(pattern[1]); } if (dest.size() == 0) { if (needElements) throw LogException() << "no `" << keyWord << "' specifications found in " << d_configName << '\n'; return; } ostringstream out; copy(dest.begin(), dest.end(), ostream_iterator(out, " ")); d_log << level(LOGDEBUG) << keyWord << ": " << out.str() << '\n'; } gpg-remailer-3.01.03/remailer/setkeepfiles.cc0000644000175000017500000000045312605005143020005 0ustar frankfrank#include "remailer.ih" void Remailer::setKeepFiles() { d_keepFiles = d_arg.option(&d_nr, 'n'); // determine predef'd filenr if (!d_keepFiles) // try fm config file { d_nr = configField("keepfiles"); d_keepFiles = d_nr.length() > 0; } } gpg-remailer-3.01.03/remailer/multipart.cc0000644000175000017500000000216612605005143017346 0ustar frankfrank#include "remailer.ih" // Format of the decrypted PGP part (near line 427 in gpg-remailer(1)): // ---------------------------------------------------------------------- // Content-Type: multipart/mixed; boundary="f+W+jCU1fRNres8c" // Content-Disposition: inline // // --f+W+jCU1fRNres8c // Content-Type: text/plain; charset=us-ascii // Content-Disposition: inline // Content-Transfer-Encoding: quoted-printable // // Text of the first attachment // // --f+W+jCU1fRNres8c // Content-Type: application/pdf // Content-Disposition: attachment; filename="attachment.pdf" // Content-Transfer-Encoding: base64 // // text of the attachment.pdf in base64 encoding // // --f+W+jCU1fRNres8c-- // ---------------------------------------------------------------------- void Remailer::multipart(IOContext &io) { d_log << level(LOGDEBUG) << "Multipart e-mail received\n"; io.toReencrypt << io.line << endl; // line containing // Content-Type: multipart copyToBoundary(io.toReencrypt, io.decrypted); copySignature(io.toReencrypt, d_boundary); io.toReencrypt << io.decrypted.rdbuf(); } gpg-remailer-3.01.03/remailer/setsuffixnr.cc0000644000175000017500000000105012605005143017674 0ustar frankfrank#include "remailer.ih" void Remailer::setSuffixNr() { bool random = d_nr.empty(); if (random) { IRandStream rs(1, 99999, time(0)); string name(d_contentsName); size_t value; do { rs >> value; string name = d_contentsName + to_string(value); } while (Stat(name)); d_nr = to_string(value); } d_log << level(LOGDEBUG) << "File Nrs will be: " << d_nr << " (" << (random ? "random" : "via --nr") << ")\n"; } gpg-remailer-3.01.03/remailer/setsigrequired.cc0000644000175000017500000000047112605005143020361 0ustar frankfrank#include "remailer.ih" void Remailer::setSigRequired() { string signatureRequired = configField("signature"); d_sigRequired = signatureRequired == "good" ? GOOD_SIGNATURE : signatureRequired == "required" ? SIGNATURE_FOUND : NO_SIGNATURE; } gpg-remailer-3.01.03/remailer/setreplyto.cc0000644000175000017500000000076612605005143017543 0ustar frankfrank#include "remailer.ih" void Remailer::setReplyTo() { ConfigFile::const_iterator iter = d_config.findRE(R"(^\s*replyTo:)"); if (iter != d_config.end()) { d_replyTo = String::trim(*iter); d_replyTo = String::trim( d_replyTo.substr(d_replyTo.find_first_of(" \t"))); d_replyTo = String::escape(d_replyTo); } if (d_replyTo.empty()) throw LogException() << "Missing `replyTo' specification in config file"; } gpg-remailer-3.01.03/remailer/decrypt.cc0000644000175000017500000000045412605005143016775 0ustar frankfrank#include "remailer.ih" void Remailer::decrypt() { if (step("dec")) d_gpg.decrypt(d_contentsName, d_decryptedName, d_signatureName); // decrypt the original file, write new files // containing the decrypted info and the signature } gpg-remailer-3.01.03/remailer/filetoreencrypt.cc0000644000175000017500000000122412605005143020535 0ustar frankfrank#include "remailer.ih" // writes reencrypt.x void Remailer::fileToReencrypt() { if (not step("doc")) return; IOContext io; LogException::open(io.decrypted, d_decryptedName); LogException::open(io.toReencrypt, d_reencryptName); // write the file to reencrypt as // - a simple one-piece text (simple.cc) // - text consisting of multiple parts (multipart.cc) // - text consisting of multiple parts and a detached // signature (multipartsigned.cc) (this->*s_reEncrypt[ encryptionType(io) ])(io); } gpg-remailer-3.01.03/remailer/simple.cc0000644000175000017500000000201712605005143016611 0ustar frankfrank#include "remailer.ih" // Simple pgp encrypted file (near line 410 in gpg-remailer(1)) // Format: // ---------------------------------------------------------------------- // Content-Type: text/plain; charset=us-ascii // Content-Disposition: inline // Content-Transfer-Encoding: quoted-printable // // decrypted text of the message // ---------------------------------------------------------------------- void Remailer::simple(IOContext &io) { d_log << level(LOGDEBUG) << "Simple mail received: No boundary, no multipart message\n"; // if no boundary and the first line is a content-type then // insert those lines first if (io.line.find("Content-Type:") == 0) { do io.toReencrypt << io.line << endl; while (getline(io.decrypted, io.line) && not onlyWS(io.line)); io.toReencrypt << endl; } copySignature(io.toReencrypt, ""); io.toReencrypt << '\n' << io.line << '\n' << io.decrypted.rdbuf(); } gpg-remailer-3.01.03/remailer/copysignature.cc0000644000175000017500000000233312605005143020215 0ustar frankfrank#include "remailer.ih" void Remailer::copySignature(ostream &out, string const &boundary) { if (boundary.length()) out << "Content-Type: text/plain; charset=us-ascii\n" "Content-Disposition: inline\n" "Content-Transfer-Encoding: quoted-printable\n" "\n"; ifstream sig; LogException::open(sig, d_signatureName); d_log << level(LOGDEBUG) << "Signature expected on " << d_signatureName << '\n'; SigStruct sigStruct = {out, NO_SIGNATURE}; out << '\n'; for_each(istream_iterator(sig), istream_iterator(), [&](string const &line) { signatureFilter(line, sigStruct); } ); if ( (d_sigRequired == GOOD_SIGNATURE && sigStruct.sigType != GOOD_SIGNATURE) || (d_sigRequired == SIGNATURE_FOUND && sigStruct.sigType == NO_SIGNATURE) ) throw LogException() << "bad or missing signature in " << d_contentsName << '\n'; d_log << level(LOGDEBUG) << "Signature check successfully passed\n"; out << '\n' << boundary << '\n'; } gpg-remailer-3.01.03/remailer/configfield.cc0000644000175000017500000000055612605005143017577 0ustar frankfrank#include "remailer.ih" string Remailer::configField(string const &field) { static Pattern pattern( R"(^\s*\S+\s+(\S+))" ); // pick 2nd term as [1] ConfigFile::const_iterator iter = d_config.findRE(R"(^\s*)" + field + ':'); if (iter == d_config.end()) return ""; pattern << *iter; return pattern[1]; } gpg-remailer-3.01.03/remailer/envelopeok.cc0000644000175000017500000000110212605005143017461 0ustar frankfrank#include "remailer.ih" bool Remailer::envelopeOK() { if (d_mailType == CLEAR && d_envelope.size()) { istringstream envelope(d_headers[0]); string address; envelope >> address >> address; // skips 'From ' for (auto &envelope: d_envelope) { if (String::casecmp(envelope, address) == 0) return true; } d_log << level(LOGDEFAULT) << "Envelope address " << address << " not accepted for clear-text e-mail\n"; return false; } return true; } gpg-remailer-3.01.03/remailer/remailer.ih0000644000175000017500000000123212605005143017131 0ustar frankfrank#include "remailer.h" #include #include #include #include #include #include #include #include #include #include #include #include "../logexception/logexception.h" inline bool Remailer::foundIn(std::string const &text, std::string const &target) const { return text.find(target) == 0; } inline bool Remailer::onlyWS(std::string const &text) const { return text.find_first_not_of(" \t") == std::string::npos; } using namespace std; using namespace FBB; gpg-remailer-3.01.03/remailer/strtounsigned.cc0000644000175000017500000000053012635510532020234 0ustar frankfrank#include "remailer.ih" unsigned long Remailer::strToUnsigned(string const &str, char const *optionName, size_t base) try { return stoul(str, 0, base); } catch (...) { throw Exception() << "expected a number setting " << optionName << ", received: `" << str << '\''; } gpg-remailer-3.01.03/remailer/mail.cc0000644000175000017500000000077012605005143016246 0ustar frankfrank#include "remailer.ih" void Remailer::mail() { if (step("pgpmail")) d_mailType = ENCRYPTED; else if (step("clearmail")) d_mailType = CLEAR; else if (d_mailType == UNKNOWN) return; d_mail(d_mailType, d_mailType == CLEAR ? d_contentsName : d_reencryptedName, not envelopeOK() // specify 'dontSend' || d_arg.option(0, "no-mail") || configField("noMail") == "true" ); } gpg-remailer-3.01.03/remailer/checkmembers.cc0000644000175000017500000000064112605005143017751 0ustar frankfrank#include "remailer.ih" void Remailer::checkMembers(vector &target) { auto member = find(target.begin(), target.end(), "members"); if (member != target.end()) // accept all members { target.erase(member); // this is not an envelope address target.insert(target.end(), // add the members d_members.begin(), d_members.end()); } } gpg-remailer-3.01.03/remailer/copytoboundary.cc0000644000175000017500000000072712605005143020407 0ustar frankfrank#include "remailer.ih" void Remailer::copyToBoundary(ostream &out, istream &in) { string line[2]; string *last = &line[0]; string *next = &line[1]; getline(in, *last); while (getline(in, *next)) { if (foundIn(*next, d_boundary)) return; out << *last << endl; swap(last, next); } throw LogException() << "no " << d_boundary << " boundary separator found in multipart MIME file\n"; } gpg-remailer-3.01.03/remailer/data.cc0000644000175000017500000000111612605005143016230 0ustar frankfrank#include "remailer.ih" void (Remailer::*Remailer::s_reEncrypt[])(IOContext &) = { &Remailer::simple, &Remailer::multipart, &Remailer::multipartSigned }; Remailer::StepStruct Remailer::s_step[] = { {"hdrs", UNKNOWN}, {"org", UNKNOWN}, {"clearmail", CLEAR}, {"dec", ENCRYPTED}, {"doc", ENCRYPTED}, {"enc", ENCRYPTED}, {"pgpmail", ENCRYPTED}, }; Remailer::StepStruct *Remailer::s_stepEnd = s_step + sizeof(s_step) / sizeof(StepStruct); gpg-remailer-3.01.03/remailer/encryptiontype.cc0000644000175000017500000000074212605005143020417 0ustar frankfrank#include "remailer.ih" Remailer::EncryptionEnum Remailer::encryptionType(IOContext &io) { getline(io.decrypted, io.line); // does this line contains multipart/signed ? if (io.line.find("Content-Type: multipart/signed;") == 0) return MULTIPART_SIGNED; if (hasBoundary(io.line, "multipart")) return MULTIPART; d_log << level(LOGDEBUG) << "No boundary, no multipart message\n"; return SIMPLE; } gpg-remailer-3.01.03/remailer/setdebug.cc0000644000175000017500000000032412605005143017121 0ustar frankfrank#include "remailer.ih" void Remailer::setDebug() { if (d_arg.option('d') || configField("debug") == "true") { d_keepFiles = true; d_log.setLevel(LOGDEBUG); d_gpg.debug(); } } gpg-remailer-3.01.03/remailer/remailer1.cc0000644000175000017500000000150612605005143017203 0ustar frankfrank#include "remailer.ih" Remailer::Remailer() : d_arg(Arg::instance()), d_keepFiles(false), d_config(ConfigFile::RemoveComment, ConfigFile::SearchCaseInsensitive), d_mail(d_log, d_headers, d_mailName, d_replyTo, d_step, d_recipients), d_gpg(d_log, d_user.homedir()) { d_arg.option(&d_step, "step"); d_configName = d_arg.nArgs() == 0 ? "etc/gpg-remailer.rc" : d_arg[0]; if (chdir(d_user.homedir().c_str()) != 0) // change Homedir throw Exception() << "Failed to change dir to " << d_user.homedir(); d_config.open(d_configName); // prepare configuration file // MUST be following change to // the user's homedir setLog(); // define logging } gpg-remailer-3.01.03/remailer/hasboundary.cc0000644000175000017500000000063412605005143017642 0ustar frankfrank#include "remailer.ih" bool Remailer::hasBoundary(string const &line, string const &msgTypeName) { static Pattern d_bdry( R"(boundary="([^\"]+))" ); if (d_bdry << line) { d_boundary = "--" + d_bdry[1]; d_log << level(LOGDEBUG) << "Saw boundary " << d_boundary << ": " << msgTypeName << " message\n"; return true; } return false; } gpg-remailer-3.01.03/remailer/setumask.cc0000644000175000017500000000064312635510160017162 0ustar frankfrank#include "remailer.ih" void Remailer::setUmask() { string umaskOpt; size_t umaskValue = 077; if (d_arg.option(&umaskOpt, "umask")) { umaskValue = strToUnsigned(umaskOpt, "umask", 8); d_log << level(LOGDEFAULT) << "WARNING: umask setting changed to " << oct << setfill('0') << setw(3) << umaskValue << dec << setfill(' ') << '\n'; } umask(umaskValue); } gpg-remailer-3.01.03/remailer/writereencrypted.cc0000644000175000017500000000051612605005143020721 0ustar frankfrank#include "remailer.ih" // writes reencrypted.x and err.x (should be empty) void Remailer::writeReencrypted() { if (not step("enc")) return; string members; for(auto &member: d_members) members += member + ' '; d_gpg.encrypt(members, d_reencryptName, d_reencryptedName, d_errName); } gpg-remailer-3.01.03/remailer/checkrelax.cc0000644000175000017500000000027512605005143017435 0ustar frankfrank#include "remailer.ih" void Remailer::checkRelax() { if (d_arg.option(0, "relax")) d_log << level(LOGDEFAULT) << "--relax ignored. Use `--umask' instead\n"; } gpg-remailer-3.01.03/remailer/setfilenames.cc0000644000175000017500000000171412605005143020002 0ustar frankfrank#include "remailer.ih" void Remailer::setFilenames() { string prefix; if (not d_arg.option(&prefix, 't')) prefix = configField("tmp"); if (prefix.empty()) prefix = "tmp/"; if (prefix.back() != '/') // make sure / is appended prefix += '/'; d_decryptedName = prefix + "decrypted."; d_errName = prefix + "err."; d_mailName = prefix + "mail."; d_multipartSignedDataName = prefix + "multipartsigned."; d_contentsName = prefix + "org."; d_hdrsName = prefix + "hdrs."; d_reencryptName = prefix + "reencrypt."; d_reencryptedName = prefix + "reencrypted."; d_signatureName = prefix + "signature."; setSuffixNr(); d_decryptedName += d_nr; d_errName += d_nr; d_mailName += d_nr; d_multipartSignedDataName += d_nr; d_contentsName += d_nr; d_hdrsName += d_nr; d_reencryptName += d_nr; d_reencryptedName += d_nr; d_signatureName += d_nr; } gpg-remailer-3.01.03/remailer/setcleartext.cc0000644000175000017500000000165312605005143020034 0ustar frankfrank#include "remailer.ih" void Remailer::setClearText() { string clearText = configField("clear-text"); if (clearText.empty()) clearText = "rejected (by default)"; d_mail.setClearTextMode( clearText == "accepted" || clearText == "envelope" ? ACCEPTED : REJECTED ); if (clearText != "envelope") { if (d_envelope.size()) { d_log << level(LOGDEFAULT) << "Envelope ignored (clear-text: " << clearText << ")\n"; d_envelope.clear(); } } else { checkMembers(d_envelope); if (d_log.level() == LOGDEBUG) { d_log << "Accepted envelope addresses for clear-text e-mail:\n"; for (auto &address: d_envelope) d_log << ' ' << address; d_log << '\n'; } } } gpg-remailer-3.01.03/remailer/multipartsigned.cc0000644000175000017500000000261512605005143020537 0ustar frankfrank#include "remailer.ih" // Format of the decrypted PGP part, having a detached signature // (near line 457 in gpg-remailer(1)): // ---------------------------------------------------------------------- // Content-Type: multipart/signed; micalg=pgp-sha1; \ (line continues) // protocol="application/pgp-signature"; // boundary="=-TNwuMvq+TfajHhvqBuO7" // // --=-TNwuMvq+TfajHhvqBuO7 // Content-Type: text/plain // Content-Transfer-Encoding: quoted-printable // // Text of the message // // --=-TNwuMvq+TfajHhvqBuO7 // Content-Type: application/pgp-signature; name=signature.asc // Content-Description: This is a digitally signed message part // // -----BEGIN PGP SIGNATURE----- // ... signature text // -----END PGP SIGNATURE----- // // --=-TNwuMvq+TfajHhvqBuO7-- // ---------------------------------------------------------------------- void Remailer::multipartSigned(IOContext &io) { d_log << level(LOGDEBUG) << "Multipart-Signed e-mail received\n"; findBoundary(io); ostream null(0); copyToBoundary(null, io.decrypted); // skip all headers copyToBoundary(d_multipartSignedDataName, io.decrypted); d_gpg.verify(d_decryptedName, d_multipartSignedDataName, d_signatureName); copySignature(io.toReencrypt, d_boundary); ifstream data; LogException::open(data, d_multipartSignedDataName); io.toReencrypt << data.rdbuf(); } gpg-remailer-3.01.03/remailer/mailcontents.cc0000644000175000017500000000113312605005143020016 0ustar frankfrank#include "remailer.ih" void Remailer::mailContents() { if (not step("org")) return; // explicit steps may be used to // process a particular type of mail, // even if 'org' wasn't used. MailType type = d_mail.writeContents(d_contentsName); if (d_step.empty()) // mail type remains unknown for d_mailType = type; // specific step requests, to prevent // automatically sending mail. } gpg-remailer-3.01.03/remailer/copytoboundary2.cc0000644000175000017500000000033612605005143020465 0ustar frankfrank#include "remailer.ih" // the boundary has just been seen void Remailer::copyToBoundary(string const &destName, istream &in) { ofstream out; LogException::open(out, destName); copyToBoundary(out, in); } gpg-remailer-3.01.03/remailer/findboundary.cc0000644000175000017500000000043012605005143020001 0ustar frankfrank#include "remailer.ih" void Remailer::findBoundary(IOContext &io) { while (!hasBoundary(io.line, "multipart/signed")) { if (!getline(io.decrypted, io.line)) throw LogException() << "multipart/signed: no boundary found\n"; } } gpg-remailer-3.01.03/remailer/reencrypt.cc0000644000175000017500000000042012605005143017327 0ustar frankfrank#include "remailer.ih" void Remailer::reencrypt() { fileToReencrypt(); // requires step 'doc'. Writes reencrypt.x and // maybe multipartsigned.x writeReencrypted(); // requires step 'enc'. Writes reencrypted.x } gpg-remailer-3.01.03/remailer/signaturefilter.cc0000644000175000017500000000063212605005143020530 0ustar frankfrank#include "remailer.ih" void Remailer::signatureFilter(string const &line, SigStruct &sigStruct) { if ( sigStruct.sigType == NO_SIGNATURE && line.find("Signature made") != string::npos ) sigStruct.sigType = SIGNATURE_FOUND; else if (line.find("Good signature") != string::npos) sigStruct.sigType = GOOD_SIGNATURE; sigStruct.out << line << endl; } gpg-remailer-3.01.03/remailer/step.cc0000644000175000017500000000124712605005143016277 0ustar frankfrank#include "remailer.ih" bool Remailer::step(string const &stepName) { MailType requiredType = find_if(s_step, s_stepEnd, // find the info [&](StepStruct const &stepStruct) // matching the step { return stepName.find(stepStruct.stepName) == 0; } )->requiredType; if (d_step.empty()) // exec. all steps by default return d_mailType == requiredType; // but only if types match if (d_step.find(stepName) == 0) // explicit step requested { d_log << level(LOGDEFAULT) << "Step " << d_step << " request\n"; return true; } return false; } gpg-remailer-3.01.03/remailer/collect.cc0000644000175000017500000000014712605005143016747 0ustar frankfrank#include "remailer.ih" void Remailer::collect(ostream *out, istream *in) { *out << in->rdbuf(); } gpg-remailer-3.01.03/required0000644000175000017500000000065412635510427014772 0ustar frankfrankThis file lists non-standard software only. Thus, standard utilities like cp, mv, sed, etc, etc, are not explicitly mentioned. Neither is the g++ compiler explicitly mentioned, but a fairly recent one is assumed. Required software for building the gpg-remailer ----------------------------------------------- Build-Depends: libbobcat-dev (>= 4.01.03) icmake (>= 8.00.04) yodl (>= 3.06.0) gpg-remailer-3.01.03/usage.cc0000644000175000017500000000500312605005143014622 0ustar frankfrank// usage.cc #include "main.ih" void usage(string const &progname) { cout << '\n' << progname << " by f.b.brokken@rug.nl\n" << progname << " V" << version << " " << year << "\n" "\n" "Usage: " << progname << " [options] [config]\n" "Where:\n" " [options] - optional arguments (short options between parentheses):\n" " --debug (-d) - debug output shown to cout\n" " --help (-h) - provide this help\n" " --logfile (-l) - log-file name (etc/remailer.log)\n" " --loglevel (-L) - Set the log-message level: 0: debug\n" " 1: commands, 2: default\n" " `level' implies all higher levels\n" " >= 3: no log messages (2)\n" " --member (-m) - Mail is sent to , members listed\n" " in the config file are ignored\n" " --no-mail - do not send the reencrypted e-mail\n" " --nr (-n) - temporary files will use id number \n" " --recipient (-r) - Mail is sent to , recipients\n" " listed in the config file are ignored\n" " --step - perform a single step:\n" " hdrs (write the mail headers),\n" " org (mail data),\n" " dec (decrypt data),\n" " doc (create doc to send),\n" " enc (encrypt doc),\n" " pgpmail (send reencrypted mail)\n" " pgpmail:address (reencrypted mail is only " "sent\n" " to the provided address, ignoring\n" " recipient(s) specified otherwise)\n" " clearmail (send clear-text mail)\n" " clearmail:address (clear-text mail is only " "sent\n" " to the provided address, ignoring\n" " recipient(s) specified otherwise)\n" " --version (-v) - show version information and terminate\n" " config - configuration file (~/etc/remailer.rc).\n" << endl; } gpg-remailer-3.01.03/version.cc0000644000175000017500000000012712635512131015210 0ustar frankfrank#include "main.ih" #include "VERSION" char version[] = VERSION; char year[] = YEARS;