mirror of
https://kernel.googlesource.com/pub/scm/linux/kernel/git/tglx/remail.git
synced 2024-12-03 09:42:41 +01:00
remail: Allow optional transport based security
Add an "encryption" option 'use_transport' which does not bother with encryption and just relies on transport security. For admins this makes sense as none of the admin messages is really confidential. This is also a valid option for a subscriber and makes some sense in scenarios where the mail provider manages the subscriber key (sic!) and does server side decryption. Think twice before using this. Requested-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Tested-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org> Reviewed-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
This commit is contained in:
parent
1e490249a7
commit
46f6145ac5
6 changed files with 49 additions and 14 deletions
|
@ -10,7 +10,9 @@ subscribers:
|
|||
# name: Real name of the subscriber
|
||||
# enabled: Subscriber is enabled (if omitted defaults to False)
|
||||
# use_smime: True/False (Use S/MIME for encryption. If omitted defaults to False)
|
||||
# fingerprint: GPG fingerprint (Not required when use_smime == True)
|
||||
# use_transport: True/False (SMTP transport layer encryption only. If omitted defaults to False.
|
||||
# Conflicts with use_smime == True)
|
||||
# fingerprint: GPG fingerprint (Not required when use_smime == True or use_transport == True)
|
||||
# gpg_plain: Plain text inline GPG encryption (If omitted defaults to False)
|
||||
# aliases: List of alias addresses which are valid for posting (moderated list)
|
||||
#
|
||||
|
|
|
@ -10,7 +10,9 @@ subscribers:
|
|||
# name: Real name of the subscriber
|
||||
# enabled: Subscriber is enabled (if omitted defaults to False)
|
||||
# use_smime: True/False (Use S/MIME for encryption. If omitted defaults to False)
|
||||
# fingerprint: GPG fingerprint (Not required when use_smime == True)
|
||||
# use_transport: True/False (SMTP transport layer encryption only. If omitted defaults to False.
|
||||
# Conflicts with use_smime == True)
|
||||
# fingerprint: GPG fingerprint (Not required when use_smime == True or use_transport == True)
|
||||
# gpg_plain: Plain text inline GPG encryption (If omitted defaults to False)
|
||||
# aliases: List of alias addresses which are valid for posting (moderated list)
|
||||
#
|
||||
|
|
|
@ -61,7 +61,9 @@ lists:
|
|||
# name: Real name of the subscriber
|
||||
# enabled: Subscriber is enabled (if omitted defaults to False)
|
||||
# use_smime: True/False (Use S/MIME for encryption. If omitted defaults to False)
|
||||
# fingerprint: GPG fingerprint (Not required when use_smime == True)
|
||||
# use_transport: True/False (SMTP transport layer encryption only. If omitted defaults to False.
|
||||
# Conflicts with use_smime == True)
|
||||
# fingerprint: GPG fingerprint (Not required when use_smime == True or use_transport == True)
|
||||
# gpg_plain: Plain text inline GPG encryption (If omitted defaults to False)
|
||||
admin1@admin.domain:
|
||||
name: Admin one
|
||||
|
@ -106,7 +108,9 @@ lists:
|
|||
# name: Real name of the subscriber
|
||||
# enabled: Subscriber is enabled (if omitted defaults to False)
|
||||
# use_smime: True/False (Use S/MIME for encryption. If omitted defaults to False)
|
||||
# fingerprint: GPG fingerprint (Not required when use_smime == True)
|
||||
# use_transport: True/False (SMTP transport layer encryption only. If omitted defaults to False.
|
||||
# Conflicts with use_smime == True)
|
||||
# fingerprint: GPG fingerprint (Not required when use_smime == True or use_transport == True)
|
||||
# gpg_plain: Plain text inline GPG encryption (If omitted defaults to False)
|
||||
admin2@admin2.domain:
|
||||
name: Admin2
|
||||
|
|
|
@ -384,6 +384,7 @@ The list administrators section:
|
|||
fingerprint: 40CHARACTERFINGERPRINT
|
||||
enabled: True
|
||||
use_smime: False
|
||||
use_transport: False
|
||||
gpg_plain: False
|
||||
admin2@other.domain:
|
||||
|
||||
|
@ -405,6 +406,21 @@ The list administrators section:
|
|||
Send S/MIME encrypted mail to the admin if True. Otherwise use
|
||||
PGP. Optional, defaults to False.
|
||||
|
||||
use_transport:
|
||||
|
||||
Do not bother with encryption and send plain text messages, i.e. rely
|
||||
on the SMTP transport layer encryption. None of the admin messages are
|
||||
really confidential.
|
||||
|
||||
This may also be a valid option for some subscribers, for example in
|
||||
scenarios where the mail provider manages the subscriber key (sic!)
|
||||
and does server side decryption anyway, or when mail is delivered to
|
||||
an inbox stored on the same infrastructure as remail itself.
|
||||
Not recommended for most cases.
|
||||
|
||||
Optional, defaults to False. Note, this is mutually exclusive with
|
||||
the 'use_smime' option.
|
||||
|
||||
gpg_plain:
|
||||
|
||||
If False send mail in the application/pgp-encrypted format. If True
|
||||
|
|
|
@ -40,10 +40,11 @@ def show_attrs(obj, attrdict, indent):
|
|||
print('%*s%-40s: %s' %(indent, '', attr, getattr(obj, attr)))
|
||||
|
||||
account_defaults = {
|
||||
'enabled' : False,
|
||||
'fingerprint' : None,
|
||||
'use_smime' : False,
|
||||
'gpg_plain' : False,
|
||||
'enabled' : False,
|
||||
'fingerprint' : None,
|
||||
'use_smime' : False,
|
||||
'use_transport' : False,
|
||||
'gpg_plain' : False,
|
||||
}
|
||||
|
||||
class account_config(object):
|
||||
|
@ -58,6 +59,11 @@ class account_config(object):
|
|||
self.name = get_mandatory('name', cfgdict, base)
|
||||
set_defaults(self, account_defaults, cfgdict)
|
||||
|
||||
# Valdiate transport options to be coherent
|
||||
if self.use_smime and self.use_transport:
|
||||
txt = 'use_smime and use_transport cannot both be set for %s' % addr
|
||||
raise RemailListConfigException(txt)
|
||||
|
||||
# Get the optional aliases to allow sending from
|
||||
# different accounts when the list is moderated
|
||||
aliases = cfgdict.get('aliases')
|
||||
|
|
|
@ -71,12 +71,17 @@ class maillist(object):
|
|||
|
||||
def encrypt(self, msg_plain, account):
|
||||
'''
|
||||
Encrypt plain text message for the account
|
||||
Encrypt plain text message for the account or return the plain text
|
||||
message when the account has the 'use_transport' option set. The
|
||||
latter is used for delivery to admin accounts on the machine or the
|
||||
protected network and for transport based security to mail providers
|
||||
like gmail which manage the recipients S/MIME key and do server
|
||||
side decryption anyway (shudder).
|
||||
'''
|
||||
msg = msg_from_string(msg_plain.as_string())
|
||||
if self.smime and account.use_smime:
|
||||
self.smime.encrypt(msg, account)
|
||||
else:
|
||||
elif not account.use_transport:
|
||||
self.gpg.encrypt(msg, account)
|
||||
return msg
|
||||
|
||||
|
@ -317,7 +322,7 @@ class maillist(object):
|
|||
continue
|
||||
if account.use_smime and self.smime:
|
||||
self.smime.check_cert(account)
|
||||
else:
|
||||
elif not account.use_transport:
|
||||
self.gpg.check_key(account)
|
||||
|
||||
class maillist_checker(object):
|
||||
|
@ -368,9 +373,9 @@ class maillist_checker(object):
|
|||
if not account.enabled:
|
||||
continue
|
||||
try:
|
||||
if not account.use_smime:
|
||||
gpg.check_key(account)
|
||||
else:
|
||||
if account.use_smime:
|
||||
smime.check_cert(account)
|
||||
elif not account.use_transport:
|
||||
gpg.check_key(account)
|
||||
except Exception as ex:
|
||||
self.logger.log(str(ex) + '\n')
|
||||
|
|
Loading…
Reference in a new issue