* List changes @ 2018-04-15 15:25 Thomas Gleixner 2018-05-01 23:38 ` [MODERATED] " Kees Cook 0 siblings, 1 reply; 5+ messages in thread From: Thomas Gleixner @ 2018-04-15 15:25 UTC (permalink / raw) To: speck Folks! As you all noticed, the 'schleuder' GPG remailer has some oddities. Aside of that Konrad managed to crash it with a mail and I found two other ways to make it explode. The thing is written in ruby and fixing it turned out to be over my head. I finally gave up and reused my extensive collection of mail processing python code to implement a very trivial remailer, which is completetly config file driven and lacks all the extras of CLI or Web-UI. The mail you are reading now is from that remailer. If there is anything wrong with it please let me know. Here are the differences to the previous thing: - I failed to make it explode with the mails which brought schleuder down. There are surely new ones which it can''t handle but that should be fine. - The From has changed and gives now the information who sent mail: From: speck for 'Joe User' <joe@user.com> - The Received: chain is kept in the mail - S/MIME support GPG integration into MUAs is partially cumbersome and some MUAs have better support for S/MIME. The remailer can decrypt S/MIME and GPG and remail S/MIME or GPG depending on the subscriber setting. If you want to use S/MIME, please get a S/MIME certificate either from your organization or a free of charge from one of the CAs. The free ones expired after a year though. I used this link: https://secure.comodo.net/products/frontpage?ap=Secorio&area=SecureEmailCertificate&product=9&days=365 The certificate is installed in your browser and can be exported from there in PKCS12 format. Depending on your MUA you might have to split it up into the key and the cert part in PEM format. If you want to use S/MIME rather than GPG let me know and send me private mail signed with your S/MIME cert. - The send-key mechanism is not yet working, but that's easy enough to fix. - Signed mails are not correclty handled because the recrypting destroys the signature. Your MUA might complain about a broken signature. schleuder handled this differently by attaching the full original mail so the signature was kept intact, but that's a cumbersome way to deal with. The intent of schleuder is different as it wants anonymization along with a full trust chain. I rather prefer workable mail.... I'm planning to remove the signatures completely and rather sign the recrypted mail with the mailing list key. But that's the least of my worries right now. I've looked into patch series sending as well and I think I have an idea. I could provide a special speck-patchbomb@.... address where you could send quilt mbox file to. The remailer could simply extract the mbox from the crypted mail and remail the mails in the mbox as seperate mails. If you think that's useful, please let me know. It's trivial to implement as I have mbox handling code around already. I'll resend Konrads mail which killed schleuder later today as it did not make it to the list for obvious reasons. Thanks, tglx ^ permalink raw reply [flat|nested] 5+ messages in thread
* [MODERATED] Re: List changes 2018-04-15 15:25 List changes Thomas Gleixner @ 2018-05-01 23:38 ` Kees Cook 2018-05-02 6:46 ` Thomas Gleixner 0 siblings, 1 reply; 5+ messages in thread From: Kees Cook @ 2018-05-01 23:38 UTC (permalink / raw) To: speck On Sun, Apr 15, 2018 at 05:25:09PM +0200, speck for Thomas Gleixner wrote: > I've looked into patch series sending as well and I think I have an idea. I > could provide a special speck-patchbomb@.... address where you could send > quilt mbox file to. The remailer could simply extract the mbox from the > crypted mail and remail the mails in the mbox as seperate mails. If you > think that's useful, please let me know. It's trivial to implement as I > have mbox handling code around already. Did this address get set up? If not, what's the current workflow for sending patches? Konrad's steps seemed to be missing some details (and I don't use quilt). For now, I'll send manually, since it's only 3 patches... -- Kees Cook @outflux.net ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: List changes 2018-05-01 23:38 ` [MODERATED] " Kees Cook @ 2018-05-02 6:46 ` Thomas Gleixner 2018-05-02 10:42 ` Thomas Gleixner 0 siblings, 1 reply; 5+ messages in thread From: Thomas Gleixner @ 2018-05-02 6:46 UTC (permalink / raw) To: speck On Tue, 1 May 2018, speck for Kees Cook wrote: > On Sun, Apr 15, 2018 at 05:25:09PM +0200, speck for Thomas Gleixner wrote: > > I've looked into patch series sending as well and I think I have an idea. I > > could provide a special speck-patchbomb@.... address where you could send > > quilt mbox file to. The remailer could simply extract the mbox from the > > crypted mail and remail the mails in the mbox as seperate mails. If you > > think that's useful, please let me know. It's trivial to implement as I > > have mbox handling code around already. > > Did this address get set up? If not, what's the current workflow for > sending patches? Konrad's steps seemed to be missing some details (and > I don't use quilt). Did not come around yet to set that up. I'll think about it later today ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: List changes 2018-05-02 6:46 ` Thomas Gleixner @ 2018-05-02 10:42 ` Thomas Gleixner 2018-05-03 1:04 ` [MODERATED] " Kees Cook 0 siblings, 1 reply; 5+ messages in thread From: Thomas Gleixner @ 2018-05-02 10:42 UTC (permalink / raw) To: speck [-- Attachment #1: Type: text/plain, Size: 1686 bytes --] On Wed, 2 May 2018, speck for Thomas Gleixner wrote: > On Tue, 1 May 2018, speck for Kees Cook wrote: > > > On Sun, Apr 15, 2018 at 05:25:09PM +0200, speck for Thomas Gleixner wrote: > > > I've looked into patch series sending as well and I think I have an idea. I > > > could provide a special speck-patchbomb@.... address where you could send > > > quilt mbox file to. The remailer could simply extract the mbox from the > > > crypted mail and remail the mails in the mbox as seperate mails. If you > > > think that's useful, please let me know. It's trivial to implement as I > > > have mbox handling code around already. > > > > Did this address get set up? If not, what's the current workflow for > > sending patches? Konrad's steps seemed to be missing some details (and > > I don't use quilt). > > Did not come around yet to set that up. I'll think about it later today Here is at least a simple workaround for now: # mkdir mail # mkdir speck # git format-patch -o mail -n --to speck@linutronix.de --thread --cover-letter v4.17-rc3.. # emacs mail/0000-cover-letter.patch # speckify-gitmail -s "TEST" mail/ speck/ Now send the mails from speck/ in the way you would send from mail/ speckify-gitmail does the following for every file in mail/ - Put a copy of the original From and Subject into the mail body - Sets the subject to '$PATCHPREFIX $NEWSUBJECT $N' e.g. [PATCH 0/3] TEST 0 - Strip Cc's from the mail headers - Encrypt the mail body with the list key - Store the encrypted mail in speck/ It does not work with the following git format-patch options: --inline --attach Script attached. Try -h if you need a reminder how it works Thanks, tglx [-- Attachment #2: Type: text/plain, Size: 3301 bytes --] #!/usr/bin/env python # SPDX-License-Identifier: GPL2.0 # Copyright Thomas Gleixner <tglx@linutronix.de> # # Encrypts all mails in a directory and stores the encrypted results in a # new directory. Does not work for multipart mails. Only text.plain is supported # right now. That's good enough to encrypt git mails # # mkdir mail # mkdir speck # git format-patch -o mail -n --to speck@linutronix.de --thread --cover-letter v4.17-rc3.. # emacs mail/0000-cover-letter.patch # speckify-gitmail -s "TEST" mail/ speck/ # from argparse import ArgumentParser import argparse import textwrap import mailbox import email import sys import gpg import os # FIXME mlist = "speck@linutronix.de" mlistfp = "D52795F28E26A1554E7CD269E23205468C060A6A" workflow = textwrap.dedent('''\ Workflow example: # mkdir mail # mkdir speck # git format-patch -o mail -n --to speck@linutronix.de --thread --cover-letter v4.17-rc3.. # emacs mail/0000-cover-letter.patch # speckify-gitmail -s "TEST" mail/ speck/ # Now send the mails from speck/ in the way you would send from mail/ ''') parser = ArgumentParser(description='Crypt git format-patch generated mails for sending to speck', epilog=workflow, formatter_class=argparse.RawDescriptionHelpFormatter) parser.add_argument('indir', metavar='indir', help='Directory which contains the git mails') parser.add_argument('outdir', metavar='outdir', help='Directory to store the speckified mails') parser.add_argument('-s', '--subject', metavar='subject', default='Hidden', help='Subject string to add. Default "Hidden"') args = parser.parse_args() infiles = [] for root, dirs, files in os.walk(args.indir, topdown=False): if files: for f in files: infiles.append(f) i = 0 for f in infiles: ibx = mailbox.mbox(os.path.join(args.indir, f), None, False) obx = mailbox.mbox(os.path.join(args.outdir, f), None, True) if obx.__len__() > 0: sys.stderr.write('Output file %s exists and not empty\n' %os.path.join(args.out, f)) sys.exit(0) for key, msg in ibx.iteritems(): to = msg.get('To') if to != mlist: sys.stderr.write('To: %s != %d\n' %(to, mlist)) sys.exit(0) if msg.get_content_type() != 'text/plain': sys.stderr.write("Content-type %s != text/plain\n" %msg.get_content_type()) sys.exit(0) prefix, subj = msg['Subject'].split(']') del msg['Subject'] msg['Subject'] = '%s] %s %d' %(prefix, args.subject, i) i += 1 mfrom = msg.get('From') if 'Cc' in msg or 'CC'in msg: del msg['Cc'] del msg['CC'] content = 'From: %s\n' %mfrom content += 'Subject: %s\n\n' %subj content += msg.get_payload().encode() try: ctx = gpg.Context(armor = True) key = ctx.get_key(mlistfp) cipher, res, signres = ctx.encrypt(content, [key], sign = False, always_trust = True) msg.set_payload(cipher.decode()) obx.add(msg) except Exception as ex: sys.stderr.write("Encryption failed %s\n" %ex) sys.exit(0) ibx.close() obx.close() ^ permalink raw reply [flat|nested] 5+ messages in thread
* [MODERATED] Re: List changes 2018-05-02 10:42 ` Thomas Gleixner @ 2018-05-03 1:04 ` Kees Cook 0 siblings, 0 replies; 5+ messages in thread From: Kees Cook @ 2018-05-03 1:04 UTC (permalink / raw) To: speck On Wed, May 02, 2018 at 12:42:24PM +0200, speck for Thomas Gleixner wrote: > Here is at least a simple workaround for now: > > # mkdir mail > # mkdir speck > # git format-patch -o mail -n --to speck@linutronix.de --thread --cover-letter v4.17-rc3.. > # emacs mail/0000-cover-letter.patch > # speckify-gitmail -s "TEST" mail/ speck/ > Now send the mails from speck/ in the way you would send from mail/ Awesome. Looks like this worked for me! Here are two bug fixes (noticed after seeing the results on the list), and a documentation expansion... --- speckify-gitmail.orig 2018-05-02 18:00:54.000000000 -0700 +++ speckify-gitmail 2018-05-02 17:59:25.429715146 -0700 @@ -8,9 +8,10 @@ # # mkdir mail # mkdir speck -# git format-patch -o mail -n --to speck@linutronix.de --thread --cover-letter v4.17-rc3.. +# git format-patch -o mail -n --to speck@linutronix.de --subject-prefix "PATCH THE-THING" --thread --cover-letter v4.17-rc3.. # emacs mail/0000-cover-letter.patch # speckify-gitmail -s "TEST" mail/ speck/ +# cd speck; for i in 0*.patch; do sendmail -t -i -f SENDER@EMAIL < $i; done # from argparse import ArgumentParser import argparse @@ -53,7 +54,7 @@ i = 0 -for f in infiles: +for f in sorted(infiles): ibx = mailbox.mbox(os.path.join(args.indir, f), None, False) obx = mailbox.mbox(os.path.join(args.outdir, f), None, True) @@ -84,7 +85,7 @@ del msg['CC'] content = 'From: %s\n' %mfrom - content += 'Subject: %s\n\n' %subj + content += 'Subject: %s] %s\n\n' %(prefix, subj.strip()) content += msg.get_payload().encode() try: -- Kees Cook @outflux.net ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2018-05-03 1:04 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2018-04-15 15:25 List changes Thomas Gleixner 2018-05-01 23:38 ` [MODERATED] " Kees Cook 2018-05-02 6:46 ` Thomas Gleixner 2018-05-02 10:42 ` Thomas Gleixner 2018-05-03 1:04 ` [MODERATED] " Kees Cook
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.