paul@6 | 1 | # -*- coding: iso-8859-1 -*- |
paul@6 | 2 | """ |
paul@6 | 3 | MoinMoin - MoinMessage library |
paul@6 | 4 | |
paul@16 | 5 | @copyright: 2012, 2013 by Paul Boddie <paul@boddie.org.uk> |
paul@6 | 6 | @license: GNU GPL (v2 or later), see COPYING.txt for details. |
paul@6 | 7 | """ |
paul@6 | 8 | |
paul@6 | 9 | from email import message_from_string |
paul@6 | 10 | from email.encoders import encode_noop |
paul@6 | 11 | from email.mime.multipart import MIMEMultipart |
paul@6 | 12 | from email.mime.application import MIMEApplication |
paul@6 | 13 | from email.mime.base import MIMEBase |
paul@20 | 14 | from email.utils import formatdate, parsedate |
paul@6 | 15 | from subprocess import Popen, PIPE |
paul@8 | 16 | from tempfile import mkstemp |
paul@12 | 17 | from urlparse import urlsplit |
paul@6 | 18 | import httplib |
paul@8 | 19 | import os |
paul@6 | 20 | |
paul@15 | 21 | def is_collection(message): |
paul@15 | 22 | return message.get("Update-Type") == "collection" |
paul@15 | 23 | |
paul@29 | 24 | def to_replace(message): |
paul@29 | 25 | return message.get("Update-Action") == "replace" |
paul@29 | 26 | |
paul@29 | 27 | def to_store(message): |
paul@29 | 28 | return message.get("Update-Action") == "store" |
paul@29 | 29 | |
paul@6 | 30 | class Message: |
paul@6 | 31 | |
paul@6 | 32 | "An update message." |
paul@6 | 33 | |
paul@15 | 34 | def __init__(self, text=None): |
paul@20 | 35 | self.date = None |
paul@6 | 36 | self.updates = [] |
paul@15 | 37 | if text: |
paul@15 | 38 | self.parse_text(text) |
paul@15 | 39 | |
paul@20 | 40 | def init_date(self, message): |
paul@20 | 41 | |
paul@20 | 42 | "Obtain the date of the given 'message'." |
paul@20 | 43 | |
paul@20 | 44 | if message.has_key("Date"): |
paul@20 | 45 | self.date = parsedate(message["Date"]) |
paul@20 | 46 | else: |
paul@20 | 47 | self.date = None |
paul@20 | 48 | |
paul@15 | 49 | def parse_text(self, text): |
paul@15 | 50 | |
paul@15 | 51 | "Parse the given 'text' as a message." |
paul@15 | 52 | |
paul@15 | 53 | self.handle_message(message_from_string(text)) |
paul@15 | 54 | |
paul@15 | 55 | def handle_message(self, message): |
paul@15 | 56 | |
paul@15 | 57 | "Handle the given 'message', recording the separate updates." |
paul@15 | 58 | |
paul@20 | 59 | self.init_date(message) |
paul@20 | 60 | |
paul@15 | 61 | # The message either consists of a collection of updates. |
paul@15 | 62 | |
paul@15 | 63 | if message.is_multipart() and is_collection(message): |
paul@15 | 64 | for part in message.get_payload(): |
paul@15 | 65 | self.updates.append(part) |
paul@15 | 66 | |
paul@15 | 67 | # Or the message is a single update. |
paul@15 | 68 | |
paul@15 | 69 | else: |
paul@15 | 70 | self.updates.append(message) |
paul@6 | 71 | |
paul@16 | 72 | def add_updates(self, parts): |
paul@13 | 73 | |
paul@13 | 74 | """ |
paul@16 | 75 | Add the given 'parts' to a message. |
paul@13 | 76 | """ |
paul@13 | 77 | |
paul@16 | 78 | for part in updates: |
paul@16 | 79 | self.add_update(part) |
paul@16 | 80 | |
paul@16 | 81 | def add_update(self, part): |
paul@16 | 82 | |
paul@16 | 83 | """ |
paul@16 | 84 | Add an update 'part' to a message. |
paul@16 | 85 | """ |
paul@16 | 86 | |
paul@16 | 87 | self.updates.append(part) |
paul@16 | 88 | |
paul@16 | 89 | def get_update(self, alternatives): |
paul@16 | 90 | |
paul@16 | 91 | """ |
paul@16 | 92 | Return a suitable multipart object containing the supplied |
paul@16 | 93 | 'alternatives'. |
paul@16 | 94 | """ |
paul@16 | 95 | |
paul@16 | 96 | part = MIMEMultipart() |
paul@16 | 97 | for alternative in alternatives: |
paul@16 | 98 | part.attach(alternative) |
paul@16 | 99 | return part |
paul@6 | 100 | |
paul@20 | 101 | def get_payload(self, timestamped=True): |
paul@13 | 102 | |
paul@20 | 103 | """ |
paul@20 | 104 | Get the multipart payload for the message. If the 'timestamped' |
paul@20 | 105 | parameter is omitted or set to a true value, the payload will be given a |
paul@20 | 106 | date header set to the current date and time that can be used to assess |
paul@20 | 107 | the validity of a message and to determine whether it has already been |
paul@20 | 108 | received by a recipient. |
paul@20 | 109 | """ |
paul@13 | 110 | |
paul@6 | 111 | if len(self.updates) == 1: |
paul@6 | 112 | message = self.updates[0] |
paul@6 | 113 | else: |
paul@6 | 114 | message = MIMEMultipart() |
paul@6 | 115 | message.add_header("Update-Type", "collection") |
paul@6 | 116 | for update in self.updates: |
paul@6 | 117 | message.attach(update) |
paul@6 | 118 | |
paul@20 | 119 | if timestamped: |
paul@20 | 120 | timestamp(message) |
paul@20 | 121 | self.init_date(message) |
paul@20 | 122 | |
paul@6 | 123 | return message |
paul@6 | 124 | |
paul@15 | 125 | class Mailbox: |
paul@15 | 126 | |
paul@15 | 127 | "A collection of messages within a multipart message." |
paul@15 | 128 | |
paul@15 | 129 | def __init__(self, text=None): |
paul@15 | 130 | self.messages = [] |
paul@15 | 131 | if text: |
paul@15 | 132 | self.parse_text(text) |
paul@15 | 133 | |
paul@15 | 134 | def parse_text(self, text): |
paul@15 | 135 | |
paul@15 | 136 | "Parse the given 'text' as a mailbox." |
paul@15 | 137 | |
paul@15 | 138 | message = message_from_string(text) |
paul@15 | 139 | |
paul@15 | 140 | if message.is_multipart(): |
paul@15 | 141 | for part in message.get_payload(): |
paul@15 | 142 | self.messages.append(part) |
paul@15 | 143 | else: |
paul@15 | 144 | self.messages.append(message) |
paul@15 | 145 | |
paul@15 | 146 | def add_message(self, message): |
paul@15 | 147 | |
paul@15 | 148 | "Add the given 'message' to the mailbox." |
paul@15 | 149 | |
paul@15 | 150 | self.messages.append(message) |
paul@15 | 151 | |
paul@15 | 152 | def get_payload(self): |
paul@15 | 153 | |
paul@15 | 154 | "Get the multipart payload for the mailbox." |
paul@15 | 155 | |
paul@15 | 156 | mailbox = MIMEMultipart() |
paul@15 | 157 | for message in self.messages: |
paul@15 | 158 | mailbox.attach(message) |
paul@15 | 159 | |
paul@15 | 160 | return mailbox |
paul@15 | 161 | |
paul@6 | 162 | class MoinMessageError(Exception): |
paul@6 | 163 | pass |
paul@6 | 164 | |
paul@33 | 165 | class MoinMessageDecodingError(Exception): |
paul@33 | 166 | pass |
paul@33 | 167 | |
paul@33 | 168 | class MoinMessageMissingPart(MoinMessageDecodingError): |
paul@33 | 169 | pass |
paul@33 | 170 | |
paul@33 | 171 | class MoinMessageBadContent(MoinMessageDecodingError): |
paul@33 | 172 | pass |
paul@33 | 173 | |
paul@8 | 174 | class GPG: |
paul@8 | 175 | |
paul@8 | 176 | "A wrapper around the gpg command using a particular configuration." |
paul@6 | 177 | |
paul@8 | 178 | def __init__(self, homedir=None): |
paul@8 | 179 | self.conf_args = [] |
paul@6 | 180 | |
paul@8 | 181 | if homedir: |
paul@8 | 182 | self.conf_args += ["--homedir", homedir] |
paul@8 | 183 | |
paul@8 | 184 | self.errors = None |
paul@6 | 185 | |
paul@8 | 186 | def run(self, args, text=None): |
paul@6 | 187 | |
paul@8 | 188 | """ |
paul@8 | 189 | Invoke gpg with the given 'args', supplying the given 'text' to the |
paul@8 | 190 | command directly or, if 'text' is omitted, using a file provided as part |
paul@8 | 191 | of the 'args' if appropriate. |
paul@6 | 192 | |
paul@8 | 193 | Failure to complete the operation will result in a MoinMessageError |
paul@8 | 194 | being raised. |
paul@8 | 195 | """ |
paul@8 | 196 | |
paul@8 | 197 | cmd = Popen(["gpg"] + self.conf_args + list(args), stdin=PIPE, stdout=PIPE, stderr=PIPE) |
paul@6 | 198 | |
paul@11 | 199 | try: |
paul@11 | 200 | # Attempt to write input to the command and to read output from the |
paul@11 | 201 | # command. |
paul@11 | 202 | |
paul@11 | 203 | try: |
paul@11 | 204 | if text: |
paul@11 | 205 | cmd.stdin.write(text) |
paul@11 | 206 | cmd.stdin.close() |
paul@6 | 207 | |
paul@11 | 208 | text = cmd.stdout.read() |
paul@11 | 209 | |
paul@11 | 210 | # I/O errors can indicate the failure of the command. |
paul@8 | 211 | |
paul@11 | 212 | except IOError: |
paul@11 | 213 | pass |
paul@11 | 214 | |
paul@11 | 215 | self.errors = cmd.stderr.read() |
paul@8 | 216 | |
paul@8 | 217 | # Test for a zero result. |
paul@6 | 218 | |
paul@8 | 219 | if not cmd.wait(): |
paul@8 | 220 | return text |
paul@8 | 221 | else: |
paul@10 | 222 | raise MoinMessageError, self.errors |
paul@8 | 223 | |
paul@8 | 224 | finally: |
paul@8 | 225 | cmd.stdout.close() |
paul@8 | 226 | cmd.stderr.close() |
paul@6 | 227 | |
paul@33 | 228 | def verifyMessageText(self, signature, content): |
paul@8 | 229 | |
paul@8 | 230 | "Using the given 'signature', verify the given message 'content'." |
paul@6 | 231 | |
paul@8 | 232 | # Write the detached signature and content to files. |
paul@8 | 233 | |
paul@8 | 234 | signature_fd, signature_filename = mkstemp() |
paul@8 | 235 | content_fd, content_filename = mkstemp() |
paul@6 | 236 | |
paul@8 | 237 | try: |
paul@8 | 238 | signature_fp = os.fdopen(signature_fd, "w") |
paul@8 | 239 | content_fp = os.fdopen(content_fd, "w") |
paul@8 | 240 | try: |
paul@8 | 241 | signature_fp.write(signature) |
paul@8 | 242 | content_fp.write(content) |
paul@8 | 243 | finally: |
paul@8 | 244 | signature_fp.close() |
paul@8 | 245 | content_fp.close() |
paul@6 | 246 | |
paul@8 | 247 | # Verify the message text. |
paul@6 | 248 | |
paul@10 | 249 | text = self.run(["--status-fd", "1", "--verify", signature_filename, content_filename]) |
paul@10 | 250 | |
paul@10 | 251 | # Return the details of the signing key. |
paul@10 | 252 | |
paul@11 | 253 | identity = None |
paul@11 | 254 | fingerprint = None |
paul@11 | 255 | |
paul@10 | 256 | for line in text.split("\n"): |
paul@10 | 257 | try: |
paul@11 | 258 | prefix, msgtype, digest, details = line.strip().split(" ", 3) |
paul@10 | 259 | except ValueError: |
paul@10 | 260 | continue |
paul@10 | 261 | |
paul@10 | 262 | # Return the fingerprint and identity details. |
paul@10 | 263 | |
paul@10 | 264 | if msgtype == "GOODSIG": |
paul@11 | 265 | identity = details |
paul@11 | 266 | elif msgtype == "VALIDSIG": |
paul@11 | 267 | fingerprint = digest |
paul@11 | 268 | |
paul@11 | 269 | if identity and fingerprint: |
paul@11 | 270 | return fingerprint, identity |
paul@10 | 271 | |
paul@10 | 272 | return None |
paul@6 | 273 | |
paul@8 | 274 | finally: |
paul@8 | 275 | os.remove(signature_filename) |
paul@8 | 276 | os.remove(content_filename) |
paul@8 | 277 | |
paul@33 | 278 | def verifyMessage(self, message): |
paul@33 | 279 | |
paul@33 | 280 | """ |
paul@33 | 281 | Verify the given RFC 3156 'message', returning a tuple of the form |
paul@33 | 282 | (fingerprint, identity, content). |
paul@33 | 283 | """ |
paul@33 | 284 | |
paul@36 | 285 | content, signature = getContentAndSignature(message) |
paul@33 | 286 | |
paul@33 | 287 | # Verify the message format. |
paul@33 | 288 | |
paul@33 | 289 | if signature.get_content_type() != "application/pgp-signature": |
paul@33 | 290 | raise MoinMessageBadContent |
paul@33 | 291 | |
paul@33 | 292 | # Verify the message. |
paul@33 | 293 | |
paul@33 | 294 | fingerprint, identity = self.verifyMessageText(signature.get_payload(), content.as_string()) |
paul@33 | 295 | return fingerprint, identity, content |
paul@33 | 296 | |
paul@8 | 297 | def signMessage(self, message, keyid): |
paul@6 | 298 | |
paul@8 | 299 | """ |
paul@8 | 300 | Return a signed version of 'message' using the given 'keyid'. |
paul@8 | 301 | """ |
paul@6 | 302 | |
paul@8 | 303 | text = message.as_string() |
paul@8 | 304 | signature = self.run(["--armor", "-u", keyid, "--detach-sig"], text) |
paul@8 | 305 | |
paul@8 | 306 | # Make the container for the message. |
paul@8 | 307 | |
paul@8 | 308 | signed_message = MIMEMultipart("signed", protocol="application/pgp-signature") |
paul@8 | 309 | signed_message.attach(message) |
paul@6 | 310 | |
paul@8 | 311 | signature_part = MIMEBase("application", "pgp-signature") |
paul@8 | 312 | signature_part.set_payload(signature) |
paul@8 | 313 | signed_message.attach(signature_part) |
paul@8 | 314 | |
paul@8 | 315 | return signed_message |
paul@8 | 316 | |
paul@33 | 317 | def decryptMessageText(self, message): |
paul@6 | 318 | |
paul@8 | 319 | "Return a decrypted version of 'message'." |
paul@8 | 320 | |
paul@8 | 321 | return self.run(["--decrypt"], message) |
paul@6 | 322 | |
paul@33 | 323 | def decryptMessage(self, message): |
paul@33 | 324 | |
paul@33 | 325 | """ |
paul@33 | 326 | Decrypt the given RFC 3156 'message', returning the message text. |
paul@33 | 327 | """ |
paul@33 | 328 | |
paul@33 | 329 | try: |
paul@33 | 330 | declaration, content = message.get_payload() |
paul@33 | 331 | except ValueError: |
paul@33 | 332 | raise MoinMessageMissingPart |
paul@33 | 333 | |
paul@33 | 334 | # Verify the message format. |
paul@33 | 335 | |
paul@33 | 336 | if content.get_content_type() != "application/octet-stream": |
paul@33 | 337 | raise MoinMessageBadContent |
paul@33 | 338 | |
paul@33 | 339 | # Return the decrypted message text. |
paul@33 | 340 | |
paul@33 | 341 | return self.decryptMessageText(content.get_payload()) |
paul@33 | 342 | |
paul@8 | 343 | def encryptMessage(self, message, keyid): |
paul@6 | 344 | |
paul@8 | 345 | """ |
paul@8 | 346 | Return an encrypted version of 'message' using the given 'keyid'. |
paul@8 | 347 | """ |
paul@6 | 348 | |
paul@8 | 349 | text = message.as_string() |
paul@8 | 350 | encrypted = self.run(["--armor", "-r", keyid, "--encrypt", "--trust-model", "always"], text) |
paul@8 | 351 | |
paul@8 | 352 | # Make the container for the message. |
paul@8 | 353 | |
paul@8 | 354 | encrypted_message = MIMEMultipart("encrypted", protocol="application/pgp-encrypted") |
paul@8 | 355 | |
paul@8 | 356 | # For encrypted content, add the declaration and content. |
paul@6 | 357 | |
paul@8 | 358 | declaration = MIMEBase("application", "pgp-encrypted") |
paul@8 | 359 | declaration.set_payload("Version: 1") |
paul@8 | 360 | encrypted_message.attach(declaration) |
paul@6 | 361 | |
paul@8 | 362 | content = MIMEApplication(encrypted, "octet-stream", encode_noop) |
paul@8 | 363 | encrypted_message.attach(content) |
paul@6 | 364 | |
paul@8 | 365 | return encrypted_message |
paul@8 | 366 | |
paul@33 | 367 | # Message decoding functions. |
paul@33 | 368 | |
paul@33 | 369 | # Detect PGP/GPG-encoded payloads. |
paul@33 | 370 | # See: http://tools.ietf.org/html/rfc3156 |
paul@33 | 371 | |
paul@33 | 372 | def is_signed(message): |
paul@33 | 373 | mimetype = message.get_content_type() |
paul@33 | 374 | encoding = message.get_content_charset() |
paul@33 | 375 | |
paul@33 | 376 | return mimetype == "multipart/signed" and \ |
paul@33 | 377 | message.get_param("protocol") == "application/pgp-signature" |
paul@33 | 378 | |
paul@33 | 379 | def is_encrypted(message): |
paul@33 | 380 | mimetype = message.get_content_type() |
paul@33 | 381 | encoding = message.get_content_charset() |
paul@33 | 382 | |
paul@33 | 383 | return mimetype == "multipart/encrypted" and \ |
paul@33 | 384 | message.get_param("protocol") == "application/pgp-encrypted" |
paul@33 | 385 | |
paul@36 | 386 | def getContentAndSignature(message): |
paul@36 | 387 | |
paul@36 | 388 | """ |
paul@36 | 389 | Return the content and signature parts of the given RFC 3156 'message'. |
paul@36 | 390 | |
paul@36 | 391 | NOTE: RFC 3156 states that signed messages should employ a detached |
paul@36 | 392 | NOTE: signature but then shows "BEGIN PGP MESSAGE" for signatures |
paul@36 | 393 | NOTE: instead of "BEGIN PGP SIGNATURE". |
paul@36 | 394 | NOTE: The "micalg" parameter is currently not supported. |
paul@36 | 395 | """ |
paul@36 | 396 | |
paul@36 | 397 | try: |
paul@36 | 398 | content, signature = message.get_payload() |
paul@36 | 399 | return content, signature |
paul@36 | 400 | except ValueError: |
paul@36 | 401 | raise MoinMessageMissingPart |
paul@36 | 402 | |
paul@8 | 403 | # Communications functions. |
paul@6 | 404 | |
paul@20 | 405 | def timestamp(message): |
paul@20 | 406 | |
paul@20 | 407 | """ |
paul@20 | 408 | Timestamp the given 'message' so that its validity can be assessed by the |
paul@20 | 409 | recipient. |
paul@20 | 410 | """ |
paul@20 | 411 | |
paul@20 | 412 | datestr = formatdate() |
paul@20 | 413 | |
paul@20 | 414 | if not message.has_key("Date"): |
paul@20 | 415 | message.add_header("Date", datestr) |
paul@20 | 416 | else: |
paul@20 | 417 | message["Date"] = datestr |
paul@20 | 418 | |
paul@44 | 419 | def sendMessage(message, url, method="PUT"): |
paul@6 | 420 | |
paul@44 | 421 | """ |
paul@44 | 422 | Send 'message' to the given 'url' using the given 'method' (using PUT as the |
paul@44 | 423 | default if omitted). |
paul@44 | 424 | """ |
paul@6 | 425 | |
paul@12 | 426 | scheme, host, port, path = parseURL(url) |
paul@6 | 427 | text = message.as_string() |
paul@6 | 428 | |
paul@12 | 429 | if scheme == "http": |
paul@12 | 430 | cls = httplib.HTTPConnection |
paul@12 | 431 | elif scheme == "https": |
paul@12 | 432 | cls = httplib.HTTPSConnection |
paul@12 | 433 | else: |
paul@12 | 434 | raise MoinMessageError, "Communications protocol not supported: %s" % scheme |
paul@12 | 435 | |
paul@12 | 436 | req = cls(host, port) |
paul@44 | 437 | req.request(method, path, text) |
paul@6 | 438 | resp = req.getresponse() |
paul@39 | 439 | |
paul@39 | 440 | if resp.status >= 400: |
paul@39 | 441 | raise MoinMessageError, "Message sending failed: %s" % resp.status |
paul@39 | 442 | |
paul@6 | 443 | return resp.read() |
paul@6 | 444 | |
paul@12 | 445 | def parseURL(url): |
paul@12 | 446 | |
paul@12 | 447 | "Return the scheme, host, port and path for the given 'url'." |
paul@12 | 448 | |
paul@12 | 449 | scheme, host_port, path, query, fragment = urlsplit(url) |
paul@12 | 450 | host_port = host_port.split(":") |
paul@12 | 451 | |
paul@12 | 452 | if query: |
paul@12 | 453 | path += "?" + query |
paul@12 | 454 | |
paul@12 | 455 | if len(host_port) > 1: |
paul@12 | 456 | host = host_port[0] |
paul@12 | 457 | port = int(host_port[1]) |
paul@12 | 458 | else: |
paul@12 | 459 | host = host_port[0] |
paul@12 | 460 | port = 80 |
paul@12 | 461 | |
paul@12 | 462 | return scheme, host, port, path |
paul@12 | 463 | |
paul@6 | 464 | # vim: tabstop=4 expandtab shiftwidth=4 |