GPG mail signing integrated.

openSUSE · May 26, 2011 · 2e76f85 · 2e76f85
1 parent 37afbf7
commit 2e76f85
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 2 deletions.
diff --git a/Hermes/Delivery/Mail.pm b/Hermes/Delivery/Mail.pm
@@ -46,7 +46,8 @@ use vars qw( @ISA @EXPORT @EXPORT_OK );
 #  subject    => string
 #  body       => string
 #  _debug      => debug flag, true if debug.
-#  _skip_user_check => do not check the from and to addresses 
+#  _skip_user_check   => do not check the from and to addresses 
+#  _send_signed_mail  => do GPG signing
 # 
 sub sendMail( $ )
 {
@@ -87,6 +88,27 @@ sub sendMail( $ )
     }
   }
 
+  if( $msg->{_send_signed_mail} && $Hermes::Config::EnableMailSigning ) {
+    my $keyId = $Hermes::Config::GPGKeyId;
+    my $passphrase = $Hermes::Config::GPGPassphrase;
+    my $gpgHome = $Hermes::Config::GPGHome;
+
+    my $msgBody;
+    my $gpg = new GPG( homedir  => $gpgHome );
+    if( $gpg->error() ) {
+      log( 'error', "" . $gpg->error() );
+    } else {
+      log( 'info', "Signing email with key " . $keyId );
+      $msgBody = $gpg->clearsign( $keyId, $passphrase,$msg->{body});
+      if( $gpg->error() ) {
+        log( 'error', "GPG-signing of mail content failed: " . $gpg->error() );
+      } else {
+        $msg->{body} = $msgBody;
+      }
+    }
+  } else {
+    log( 'debug', "Skipping mail signing!" );
+  }
 
   my $mime_msg = MIME::Lite->new( From    => $fromMail,
 				  Subject => $msg->{subject},

diff --git a/Hermes/MessageSender.pm b/Hermes/MessageSender.pm
@@ -40,6 +40,7 @@ use Hermes::Message;
 use Hermes::Customize;
 
 use HTML::Template;
+use GPG;
 
 use vars qw(@ISA @EXPORT $query );
 
@@ -280,6 +281,9 @@ sub deliverMessage( $$ )
 
   my $deliveryString = deliveryIdToString( $delivery );
 
+  my $attribs = deliveryAttribs( $delivery );  
+  $msgRef->{_send_signed_mail} = 1 if( $attribs->{send_signed_mails} );
+
   unless( $deliveryString ) {
     log('warning', "Problem: Delivery <$delivery> seems to be unknown!" );
   } else {
@@ -288,7 +292,7 @@ sub deliverMessage( $$ )
     # FIXME: Better detection of the delivery type
     if( $deliveryString =~ /mail/i ) {
       $res = sendMail( $msgRef );
-    } elsif( $deliveryString =~ /jabber personal/i ) {
+    } elsif( $deliveryString =~ /jabber/i ) {
       # sendJabber( $msgRef );
       log( 'debug', "Unable to send Jabber at the moment!" );
       $res = 1;

diff --git a/conf/hermes.conf.in b/conf/hermes.conf.in
@@ -72,6 +72,17 @@ $OBSAPIPwd  = 'secret';
 # OBS max response size: Specifiy the maximum response body size in byte.
 $OBSMaxResponseSize = 1024;
 
+#
+# GPG Mail Signing
+# Enable this to make Hermes sending out signed emails.
+# Note that this can have a performance impact. Also make sure your key is
+# protected enough!
+# Switched off by default
+$EnableMailSigning = 0;
+$GPGKeyId      = '';
+$GPGPassphrase = '';
+$GPGHome       = '';
+
 #
 #