extern
/
egroupware_official
mirror of https://github.com/EGroupware/egroupware.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

retrieving and adding public keys to https://sks-keyservers.net/

This commit is contained in:
Ralf Becker 2015-05-25 11:25:26 +00:00
parent a838f76da2
commit aa0026f0ae
4 changed files with 143 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
addressbook/doc/sks-keyservers.netCA.pem Normal file
View File

@ -0,0 +1,32 @@
-----BEGIN CERTIFICATE-----
MIIFizCCA3OgAwIBAgIJAK9zyLTPn4CPMA0GCSqGSIb3DQEBBQUAMFwxCzAJBgNV
BAYTAk5PMQ0wCwYDVQQIDARPc2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5u
ZXQgQ0ExHjAcBgNVBAMMFXNrcy1rZXlzZXJ2ZXJzLm5ldCBDQTAeFw0xMjEwMDkw
MDMzMzdaFw0yMjEwMDcwMDMzMzdaMFwxCzAJBgNVBAYTAk5PMQ0wCwYDVQQIDARP
c2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5uZXQgQ0ExHjAcBgNVBAMMFXNr
cy1rZXlzZXJ2ZXJzLm5ldCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
ggIBANdsWy4PXWNUCkS3L//nrd0GqN3dVwoBGZ6w94Tw2jPDPifegwxQozFXkG6I
6A4TK1CJLXPvfz0UP0aBYyPmTNadDinaB9T4jIwd4rnxl+59GiEmqkN3IfPsv5Jj
MkKUmJnvOT0DEVlEaO1UZIwx5WpfprB3mR81/qm4XkAgmYrmgnLXd/pJDAMk7y1F
45b5zWofiD5l677lplcIPRbFhpJ6kDTODXh/XEdtF71EAeaOdEGOvyGDmCO0GWqS
FDkMMPTlieLA/0rgFTcz4xwUYj/cD5e0ZBuSkYsYFAU3hd1cGfBue0cPZaQH2HYx
Qk4zXD8S3F4690fRhr+tki5gyG6JDR67aKp3BIGLqm7f45WkX1hYp+YXywmEziM4
aSbGYhx8hoFGfq9UcfPEvp2aoc8u5sdqjDslhyUzM1v3m3ZGbhwEOnVjljY6JJLx
MxagxnZZSAY424ZZ3t71E/Mn27dm2w+xFRuoy8JEjv1d+BT3eChM5KaNwrj0IO/y
u8kFIgWYA1vZ/15qMT+tyJTfyrNVV/7Df7TNeWyNqjJ5rBmt0M6NpHG7CrUSkBy9
p8JhimgjP5r0FlEkgg+lyD+V79H98gQfVgP3pbJICz0SpBQf2F/2tyS4rLm+49rP
fcOajiXEuyhpcmzgusAj/1FjrtlynH1r9mnNaX4e+rLWzvU5AgMBAAGjUDBOMB0G
A1UdDgQWBBTkwyoJFGfYTVISTpM8E+igjdq28zAfBgNVHSMEGDAWgBTkwyoJFGfY
TVISTpM8E+igjdq28zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQAR
OXnYwu3g1ZjHyley3fZI5aLPsaE17cOImVTehC8DcIphm2HOMR/hYTTL+V0G4P+u
gH+6xeRLKSHMHZTtSBIa6GDL03434y9CBuwGvAFCMU2GV8w92/Z7apkAhdLToZA/
X/iWP2jeaVJhxgEcH8uPrnSlqoPBcKC9PrgUzQYfSZJkLmB+3jEa3HKruy1abJP5
gAdQvwvcPpvYRnIzUc9fZODsVmlHVFBCl2dlu/iHh2h4GmL4Da2rRkUMlbVTdioB
UYIvMycdOkpH5wJftzw7cpjsudGas0PARDXCFfGyKhwBRFY7Xp7lbjtU5Rz0Gc04
lPrhDf0pFE98Aw4jJRpFeWMjpXUEaG1cq7D641RpgcMfPFvOHY47rvDTS7XJOaUT
BwRjmDt896s6vMDcaG/uXJbQjuzmmx3W2Idyh3s5SI0GTHb0IwMKYb4eBUIpQOnB
cE77VnCYqKvN1NVYAqhWjXbY7XasZvszCRcOG+W3FqNaHOK/n/0ueb0uijdLan+U
f4p1bjbAox8eAOQS/8a3bzkJzdyBNUKGx1BIK2IBL9bn/HravSDOiNRSnZ/R3l9G
ZauX0tu7IIDlRCILXSyeazu0aj/vdT3YFQXPcvt5Fkf5wiNTo53f72/jYEJd6qph
WrpoKqrwGwTpRUCMhYIUt65hsTxCiJJ5nKe39h46sg==
-----END CERTIFICATE-----

104
addressbook/inc/class.addressbook_bo.inc.php
View File

@ -2379,7 +2379,7 @@ class addressbook_bo extends addressbook_so
* @param string|int|array $recipients (array of) email addresses or numeric account-ids
* @return array email|account_id => key pairs
*/
public function ajax_get_pgp_keys($recipients)
public function get_pgp_keys($recipients)
{
if (!$recipients) return array();
@ -2414,6 +2414,64 @@ class addressbook_bo extends addressbook_so
}
}
}
return $result;
}
/**
* Keyserver URL and CA to verify ssl connection
*/
const KEYSERVER = 'https://hkps.pool.sks-keyservers.net/pks/lookup?op=get&exact=on&search=';
const KEYSERVER_CA = '/addressbook/doc/sks-keyservers.netCA.pem';
/**
* Search keyserver for PGP public keys
*
* @param int|string|array $recipients (array of) email addresses or numeric account-ids
* @param array $result =array()
*/
public static function get_pgp_keyserver($recipients, array $result=array())
{
foreach($recipients as $recipient)
{
$id = $recipient;
if (is_numeric($recipient))
{
$recipient = $GLOBALS['egw']->accounts->id2name($recipient, 'account_email');
}
$matches = null;
if (($response = file_get_contents(self::KEYSERVER.urlencode($recipient), false, stream_context_create(array(
'ssl' => array(
'verify_peer' => true,
'cafile' => EGW_SERVER_ROOT.self::KEYSERVER_CA,
)
)))) && preg_match(self::$pgp_key_regexp, $response, $matches))
{
$result[$id] = $matches[0];
}
}
return $result;
}
/**
* Search addressbook for PGP public keys of given recipients
*
* EMail addresses are lowercased to make search case-insensitive
*
* @param string|int|array $recipients (array of) email addresses or numeric account-ids
* @return array email|account_id => key pairs
*/
public function ajax_get_pgp_keys($recipients)
{
if (!$recipients) return array();
if (!is_array($recipients)) $recipients = array($recipients);
$result = $this->get_pgp_keys($recipients);
if (($missing = array_diff($recipients, array_keys($result))))
{
$result = self::get_pgp_keyserver($missing, $result);
}
//error_log(__METHOD__."(".array2string($recipients).") returning ".array2string($result));
egw_json_response::get()->data($result);
}
@ -2494,6 +2552,50 @@ class addressbook_bo extends addressbook_so
{
$message = lang('%1 public keys added.', $updated);
}
// add all keys to public keyserver too
$message .= "\n".lang('%1 key(s) added to public keyserver "%2".',
self::set_pgp_keyserver($keys), PARSE_URL(self::KEYSERVER_ADD, PHP_URL_HOST));
egw_json_response::get()->data($message);
}
/**
* Keyserver add URL
*/
const KEYSERVER_ADD = 'https://hkps.pool.sks-keyservers.net/pks/add';
/**
* Upload PGP keys to public keyserver
*
* @param array $keys email|account_id => public key pairs to store
* @return int number of pgp keys stored
*/
public static function set_pgp_keyserver($keys)
{
$added = 0;
foreach($keys as $email => $cert)
{
if (is_numeric($email))
{
$email = $GLOBALS['egw']->accounts->id2name($email, 'account_email');
}
if (($response = file_get_contents(self::KEYSERVER_ADD, false, stream_context_create(array(
'ssl' => array(
'verify_peer' => true,
'cafile' => EGW_SERVER_ROOT.self::KEYSERVER_CA,
),
'http' => array(
'header' => "Content-type: text/plain",
'method' => 'POST',
'content' => http_build_query(array(
'keytext' => $cert,
)),
),
)))))
{
$added++;
}
}
return $added;
}
}

4
addressbook/lang/egw_de.lang
View File

@ -3,7 +3,9 @@
%1 contact(s) %2, %3 failed because of insufficent rights !!! addressbook de %1 Kontakt(e) %2, %3 nicht wegen fehlender Rechte !!!
%1 contacts updated (%2 errors). addressbook de %1 Kontakte aktualisiert (%2 Fehler).
%1 fields in %2 other organisation member(s) changed addressbook de %1 Felder in %2 Mitglied(ern) der Organisation geändert
%1 key(s) added to public keyserver "%2". addressbook de %1 Schlüssel wurden dem öffentlichen Schlüsselserver "%2" eingetragen.
%1 not implemented for %2! addressbook de %1 nicht implementiert für %2!
%1 public keys added. addressbook de %1 öffentliche Schlüssel gespeichert.
%1 records imported addressbook de %1 Datensätze importiert
%1 records read (not yet imported, you may go %2back%3 and uncheck test import) addressbook de %1 Datensätze gelesen (noch nicht importiert, sie können %2zurück%3 gehen und Test-Import ausschalten)
%1 starts with '%2' addressbook de %1 beginnt mit '%2'
@ -367,6 +369,7 @@ pager common de Pager
parcel addressbook de Lieferadresse
participants addressbook de Teilnehmer
permission denied !!! addressbook de Zugriff verweigert !!!
permissiong denied! ask your administrator to allow regular uses to update their public keys. addressbook de Zugriff verweigert! Bitten Sie Ihren Administrator normalen Benutzern zu erlauben Ihren öffentlichen Key zu aktualisieren.
phone number common de Telefonnummer
phone numbers common de Telefonnummern
photo addressbook de Foto
@ -521,6 +524,7 @@ you must select at least 1 column to display addressbook de Sie müssen mindeste
you need to select a distribution list addressbook de Sie müssen eine Verteilerliste auswählen
you need to select some contacts first addressbook de Sie müssen zuerst Kontakte auswählen
you need to select some entries first addressbook de Sie müssen zuerst Daten auswählen
your new public key has been stored in accounts addressbook. addressbook de Ihr neuer öffentlicher Schlüssen wurde im Benutzerkonten Adressbuch gespeichert.
zip code common de PLZ
zip code (private) addressbook de PLZ (Privat)
zip_note addressbook de <p><b>Notiz:</b>Die Datei kann ein zip Archiv sein, bestehend aus .csv, .vcf oder .ldif Dateien. Sie dürfen die Dateitypen pro Import nicht mischen!

4
addressbook/lang/egw_en.lang
View File

@ -3,7 +3,9 @@
%1 contact(s) %2, %3 failed because of insufficent rights !!! addressbook en %1 contact(s) %2, %3 failed because of insufficient rights!
%1 contacts updated (%2 errors). addressbook en %1 contacts updated (%2 errors).
%1 fields in %2 other organisation member(s) changed addressbook en %1 fields in %2 other organization member(s) changed.
%1 key(s) added to public keyserver "%2". addressbook en %1 key(s) added to public keyserver "%2".
%1 not implemented for %2! addressbook en %1 not implemented for %2!
%1 public keys added. addressbook en %1 public keys added.
%1 records imported addressbook en %1 records imported.
%1 records read (not yet imported, you may go %2back%3 and uncheck test import) addressbook en %1 records read. Not yet imported, you may go %2back%3 and un-check Test import.
%1 starts with '%2' addressbook en %1 starts with '%2'
@ -367,6 +369,7 @@ pager common en Pager
parcel addressbook en Parcel
participants addressbook en Participants
permission denied !!! addressbook en Permission denied!
permissiong denied! ask your administrator to allow regular uses to update their public keys. addressbook en Permissiong denied! Ask your administrator to allow regular uses to update their public keys.
phone number common en Phone number
phone numbers common en Phone numbers
photo addressbook en Photo
@ -522,6 +525,7 @@ you must select at least 1 column to display addressbook en Select at least 1 co
you need to select a distribution list addressbook en Select a distribution list
you need to select some contacts first addressbook en Select some contacts first
you need to select some entries first addressbook en You need to select some entries first
your new public key has been stored in accounts addressbook. addressbook en Your new public key has been stored in accounts addressbook.
zip code common en ZIP code
zip code (private) addressbook en ZIP code (private)
zip_note addressbook en <p><b>Note:</b> The file may be a zip file collection of .csv, .vcf, or .ldif files. Do not mix file types per import.