diff options
author | Patrick Totzke <patricktotzke@gmail.com> | 2016-03-24 21:04:15 +0000 |
---|---|---|
committer | Patrick Totzke <patricktotzke@gmail.com> | 2016-03-24 21:04:15 +0000 |
commit | 39d214f87c9bf0559d6e360af7b35fe3a6258454 (patch) | |
tree | e4b053063a31d289e4fb4e3e0fa671f8709ac435 /alot/commands | |
parent | 6554345a0523b0221fc54a771ab53682086ef603 (diff) | |
parent | 39e4208cd8a677d986cf9489769e19bccec30c8b (diff) |
Merge branch '0.3.8-settings-encrypt-by-default-854' into testing
Diffstat (limited to 'alot/commands')
-rw-r--r-- | alot/commands/envelope.py | 20 | ||||
-rw-r--r-- | alot/commands/globals.py | 25 | ||||
-rw-r--r-- | alot/commands/utils.py | 8 |
3 files changed, 44 insertions, 9 deletions
diff --git a/alot/commands/envelope.py b/alot/commands/envelope.py index e1a6eca7..c8362037 100644 --- a/alot/commands/envelope.py +++ b/alot/commands/envelope.py @@ -500,6 +500,7 @@ class SignCommand(Command): @registerCommand(MODE, 'encrypt', forced={'action': 'encrypt'}, arguments=[ + (['--trusted'], {'action': 'store_true', 'help': 'only add trusted keys'}), (['keyids'], {'nargs': argparse.REMAINDER, 'help': 'keyid of the key to encrypt with'})], help='request encryption of message before sendout') @@ -507,6 +508,8 @@ class SignCommand(Command): help='remove request to encrypt message before sending') @registerCommand(MODE, 'toggleencrypt', forced={'action': 'toggleencrypt'}, arguments=[ + (['--trusted'], {'action': 'store_true', + 'help': 'only add trusted keys'}), (['keyids'], {'nargs': argparse.REMAINDER, 'help': 'keyid of the key to encrypt with'})], help='toggle if message should be encrypted before sendout') @@ -516,16 +519,19 @@ class SignCommand(Command): 'help': 'keyid of the key to encrypt with'})], help='do not encrypt to given recipient key') class EncryptCommand(Command): - def __init__(self, action=None, keyids=None, **kwargs): + def __init__(self, action=None, keyids=None, trusted=False, **kwargs): """ :param action: wether to encrypt/unencrypt/toggleencrypt :type action: str :param keyid: the id of the key to encrypt :type keyid: str + :param trusted: wether to filter keys and only use trusted ones + :type trusted: bool """ self.encrypt_keys = keyids self.action = action + self.trusted = trusted Command.__init__(self, **kwargs) @inlineCallbacks @@ -556,14 +562,22 @@ class EncryptCommand(Command): continue match = re.search("<(.*@.*)>", recipient) if match: - recipient = match.group(0) + recipient = match.group(1) self.encrypt_keys.append(recipient) logging.debug("encryption keys: " + str(self.encrypt_keys)) - keys = yield get_keys(ui, self.encrypt_keys) + keys = yield get_keys(ui, self.encrypt_keys, + signed_only=self.trusted) + if self.trusted: + logging.debug("filtered encrytion keys: " + + " ".join(x.uids[0].uid for x in keys.values())) if keys: envelope.encrypt_keys.update(keys) else: envelope.encrypt = False + if not envelope.encrypt: + # This is an extra conditional as it can even happen if encrypt is + # True. + envelope.encrypt_keys = {} # reload buffer ui.current_buffer.rebuild() diff --git a/alot/commands/globals.py b/alot/commands/globals.py index d234f54f..519cf2aa 100644 --- a/alot/commands/globals.py +++ b/alot/commands/globals.py @@ -851,8 +851,20 @@ class ComposeCommand(Command): logging.debug('attaching: ' + a) # set encryption if needed - if self.encrypt or account.encrypt_by_default: + if self.encrypt or account.encrypt_by_default == u"all": + logging.debug("Trying to encrypt message because encrypt={} and " + "encrypt_by_default={}".format( + self.encrypt, account.encrypt_by_default)) yield self._set_encrypt(ui, self.envelope) + elif account.encrypt_by_default == u"trusted": + logging.debug("Trying to encrypt message because " + "account.encrypt_by_default={}".format( + account.encrypt_by_default)) + yield self._set_encrypt(ui, self.envelope, trusted_only=True) + else: + logging.debug( + "No encryption by default, encrypt_by_default={}".format( + account.encrypt_by_default)) cmd = commands.envelope.EditCommand(envelope=self.envelope, spawn=self.force_spawn, @@ -860,26 +872,31 @@ class ComposeCommand(Command): ui.apply_command(cmd) @inlineCallbacks - def _set_encrypt(self, ui, envelope): + def _set_encrypt(self, ui, envelope, trusted_only=False): """Find and set the encryption keys in an envolope. :param ui: the main user interface object :type ui: alot.ui.UI :param envolope: the envolope buffer object :type envolope: alot.buffers.EnvelopeBuffer + :param trusted_only: only add keys to the list of encryption + keys whose uid is signed (trusted to belong to the key) + :type trusted_only: bool """ encrypt_keys = [] for recipient in envelope.headers['To'][0].split(','): + recipient = recipient.strip() if not recipient: continue match = re.search("<(.*@.*)>", recipient) if match: - recipient = match.group(0) + recipient = match.group(1) encrypt_keys.append(recipient) logging.debug("encryption keys: " + str(encrypt_keys)) - keys = yield get_keys(ui, encrypt_keys, block_error=self.encrypt) + keys = yield get_keys(ui, encrypt_keys, block_error=self.encrypt, + signed_only=trusted_only) if keys: envelope.encrypt_keys.update(keys) envelope.encrypt = True diff --git a/alot/commands/utils.py b/alot/commands/utils.py index 5ac8a74c..48d7aac9 100644 --- a/alot/commands/utils.py +++ b/alot/commands/utils.py @@ -8,7 +8,7 @@ from alot import crypto @inlineCallbacks -def get_keys(ui, encrypt_keyids, block_error=False): +def get_keys(ui, encrypt_keyids, block_error=False, signed_only=False): """Get several keys from the GPG keyring. The keys are selected by keyid and are checked if they can be used for encryption. @@ -19,6 +19,9 @@ def get_keys(ui, encrypt_keyids, block_error=False): :param block_error: wether error messages for the user should expire automatically or block the ui :type block_error: bool + :param signed_only: only return keys whose uid is signed (trusted to belong + to the key) + :type signed_only: bool :returns: the available keys indexed by their key hash :rtype: dict(str->gpgme.Key) @@ -26,7 +29,8 @@ def get_keys(ui, encrypt_keyids, block_error=False): keys = {} for keyid in encrypt_keyids: try: - key = crypto.get_key(keyid, validate=True, encrypt=True) + key = crypto.get_key(keyid, validate=True, encrypt=True, + signed_only=signed_only) except GPGProblem as e: if e.code == GPGCode.AMBIGUOUS_NAME: possible_keys = crypto.list_keys(hint=keyid) |