forked from extern/egroupware
retrieving and adding public keys to https://sks-keyservers.net/
This commit is contained in:
parent
a838f76da2
commit
aa0026f0ae
32
addressbook/doc/sks-keyservers.netCA.pem
Normal file
32
addressbook/doc/sks-keyservers.netCA.pem
Normal file
@ -0,0 +1,32 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFizCCA3OgAwIBAgIJAK9zyLTPn4CPMA0GCSqGSIb3DQEBBQUAMFwxCzAJBgNV
|
||||
BAYTAk5PMQ0wCwYDVQQIDARPc2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5u
|
||||
ZXQgQ0ExHjAcBgNVBAMMFXNrcy1rZXlzZXJ2ZXJzLm5ldCBDQTAeFw0xMjEwMDkw
|
||||
MDMzMzdaFw0yMjEwMDcwMDMzMzdaMFwxCzAJBgNVBAYTAk5PMQ0wCwYDVQQIDARP
|
||||
c2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5uZXQgQ0ExHjAcBgNVBAMMFXNr
|
||||
cy1rZXlzZXJ2ZXJzLm5ldCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
|
||||
ggIBANdsWy4PXWNUCkS3L//nrd0GqN3dVwoBGZ6w94Tw2jPDPifegwxQozFXkG6I
|
||||
6A4TK1CJLXPvfz0UP0aBYyPmTNadDinaB9T4jIwd4rnxl+59GiEmqkN3IfPsv5Jj
|
||||
MkKUmJnvOT0DEVlEaO1UZIwx5WpfprB3mR81/qm4XkAgmYrmgnLXd/pJDAMk7y1F
|
||||
45b5zWofiD5l677lplcIPRbFhpJ6kDTODXh/XEdtF71EAeaOdEGOvyGDmCO0GWqS
|
||||
FDkMMPTlieLA/0rgFTcz4xwUYj/cD5e0ZBuSkYsYFAU3hd1cGfBue0cPZaQH2HYx
|
||||
Qk4zXD8S3F4690fRhr+tki5gyG6JDR67aKp3BIGLqm7f45WkX1hYp+YXywmEziM4
|
||||
aSbGYhx8hoFGfq9UcfPEvp2aoc8u5sdqjDslhyUzM1v3m3ZGbhwEOnVjljY6JJLx
|
||||
MxagxnZZSAY424ZZ3t71E/Mn27dm2w+xFRuoy8JEjv1d+BT3eChM5KaNwrj0IO/y
|
||||
u8kFIgWYA1vZ/15qMT+tyJTfyrNVV/7Df7TNeWyNqjJ5rBmt0M6NpHG7CrUSkBy9
|
||||
p8JhimgjP5r0FlEkgg+lyD+V79H98gQfVgP3pbJICz0SpBQf2F/2tyS4rLm+49rP
|
||||
fcOajiXEuyhpcmzgusAj/1FjrtlynH1r9mnNaX4e+rLWzvU5AgMBAAGjUDBOMB0G
|
||||
A1UdDgQWBBTkwyoJFGfYTVISTpM8E+igjdq28zAfBgNVHSMEGDAWgBTkwyoJFGfY
|
||||
TVISTpM8E+igjdq28zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQAR
|
||||
OXnYwu3g1ZjHyley3fZI5aLPsaE17cOImVTehC8DcIphm2HOMR/hYTTL+V0G4P+u
|
||||
gH+6xeRLKSHMHZTtSBIa6GDL03434y9CBuwGvAFCMU2GV8w92/Z7apkAhdLToZA/
|
||||
X/iWP2jeaVJhxgEcH8uPrnSlqoPBcKC9PrgUzQYfSZJkLmB+3jEa3HKruy1abJP5
|
||||
gAdQvwvcPpvYRnIzUc9fZODsVmlHVFBCl2dlu/iHh2h4GmL4Da2rRkUMlbVTdioB
|
||||
UYIvMycdOkpH5wJftzw7cpjsudGas0PARDXCFfGyKhwBRFY7Xp7lbjtU5Rz0Gc04
|
||||
lPrhDf0pFE98Aw4jJRpFeWMjpXUEaG1cq7D641RpgcMfPFvOHY47rvDTS7XJOaUT
|
||||
BwRjmDt896s6vMDcaG/uXJbQjuzmmx3W2Idyh3s5SI0GTHb0IwMKYb4eBUIpQOnB
|
||||
cE77VnCYqKvN1NVYAqhWjXbY7XasZvszCRcOG+W3FqNaHOK/n/0ueb0uijdLan+U
|
||||
f4p1bjbAox8eAOQS/8a3bzkJzdyBNUKGx1BIK2IBL9bn/HravSDOiNRSnZ/R3l9G
|
||||
ZauX0tu7IIDlRCILXSyeazu0aj/vdT3YFQXPcvt5Fkf5wiNTo53f72/jYEJd6qph
|
||||
WrpoKqrwGwTpRUCMhYIUt65hsTxCiJJ5nKe39h46sg==
|
||||
-----END CERTIFICATE-----
|
@ -2379,7 +2379,7 @@ class addressbook_bo extends addressbook_so
|
||||
* @param string|int|array $recipients (array of) email addresses or numeric account-ids
|
||||
* @return array email|account_id => key pairs
|
||||
*/
|
||||
public function ajax_get_pgp_keys($recipients)
|
||||
public function get_pgp_keys($recipients)
|
||||
{
|
||||
if (!$recipients) return array();
|
||||
|
||||
@ -2414,6 +2414,64 @@ class addressbook_bo extends addressbook_so
|
||||
}
|
||||
}
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Keyserver URL and CA to verify ssl connection
|
||||
*/
|
||||
const KEYSERVER = 'https://hkps.pool.sks-keyservers.net/pks/lookup?op=get&exact=on&search=';
|
||||
const KEYSERVER_CA = '/addressbook/doc/sks-keyservers.netCA.pem';
|
||||
|
||||
/**
|
||||
* Search keyserver for PGP public keys
|
||||
*
|
||||
* @param int|string|array $recipients (array of) email addresses or numeric account-ids
|
||||
* @param array $result =array()
|
||||
*/
|
||||
public static function get_pgp_keyserver($recipients, array $result=array())
|
||||
{
|
||||
foreach($recipients as $recipient)
|
||||
{
|
||||
$id = $recipient;
|
||||
if (is_numeric($recipient))
|
||||
{
|
||||
$recipient = $GLOBALS['egw']->accounts->id2name($recipient, 'account_email');
|
||||
}
|
||||
$matches = null;
|
||||
if (($response = file_get_contents(self::KEYSERVER.urlencode($recipient), false, stream_context_create(array(
|
||||
'ssl' => array(
|
||||
'verify_peer' => true,
|
||||
'cafile' => EGW_SERVER_ROOT.self::KEYSERVER_CA,
|
||||
)
|
||||
)))) && preg_match(self::$pgp_key_regexp, $response, $matches))
|
||||
{
|
||||
$result[$id] = $matches[0];
|
||||
}
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Search addressbook for PGP public keys of given recipients
|
||||
*
|
||||
* EMail addresses are lowercased to make search case-insensitive
|
||||
*
|
||||
* @param string|int|array $recipients (array of) email addresses or numeric account-ids
|
||||
* @return array email|account_id => key pairs
|
||||
*/
|
||||
public function ajax_get_pgp_keys($recipients)
|
||||
{
|
||||
if (!$recipients) return array();
|
||||
|
||||
if (!is_array($recipients)) $recipients = array($recipients);
|
||||
|
||||
$result = $this->get_pgp_keys($recipients);
|
||||
|
||||
if (($missing = array_diff($recipients, array_keys($result))))
|
||||
{
|
||||
$result = self::get_pgp_keyserver($missing, $result);
|
||||
}
|
||||
//error_log(__METHOD__."(".array2string($recipients).") returning ".array2string($result));
|
||||
egw_json_response::get()->data($result);
|
||||
}
|
||||
@ -2494,6 +2552,50 @@ class addressbook_bo extends addressbook_so
|
||||
{
|
||||
$message = lang('%1 public keys added.', $updated);
|
||||
}
|
||||
// add all keys to public keyserver too
|
||||
$message .= "\n".lang('%1 key(s) added to public keyserver "%2".',
|
||||
self::set_pgp_keyserver($keys), PARSE_URL(self::KEYSERVER_ADD, PHP_URL_HOST));
|
||||
|
||||
egw_json_response::get()->data($message);
|
||||
}
|
||||
|
||||
/**
|
||||
* Keyserver add URL
|
||||
*/
|
||||
const KEYSERVER_ADD = 'https://hkps.pool.sks-keyservers.net/pks/add';
|
||||
|
||||
/**
|
||||
* Upload PGP keys to public keyserver
|
||||
*
|
||||
* @param array $keys email|account_id => public key pairs to store
|
||||
* @return int number of pgp keys stored
|
||||
*/
|
||||
public static function set_pgp_keyserver($keys)
|
||||
{
|
||||
$added = 0;
|
||||
foreach($keys as $email => $cert)
|
||||
{
|
||||
if (is_numeric($email))
|
||||
{
|
||||
$email = $GLOBALS['egw']->accounts->id2name($email, 'account_email');
|
||||
}
|
||||
if (($response = file_get_contents(self::KEYSERVER_ADD, false, stream_context_create(array(
|
||||
'ssl' => array(
|
||||
'verify_peer' => true,
|
||||
'cafile' => EGW_SERVER_ROOT.self::KEYSERVER_CA,
|
||||
),
|
||||
'http' => array(
|
||||
'header' => "Content-type: text/plain",
|
||||
'method' => 'POST',
|
||||
'content' => http_build_query(array(
|
||||
'keytext' => $cert,
|
||||
)),
|
||||
),
|
||||
)))))
|
||||
{
|
||||
$added++;
|
||||
}
|
||||
}
|
||||
return $added;
|
||||
}
|
||||
}
|
||||
|
@ -3,7 +3,9 @@
|
||||
%1 contact(s) %2, %3 failed because of insufficent rights !!! addressbook de %1 Kontakt(e) %2, %3 nicht wegen fehlender Rechte !!!
|
||||
%1 contacts updated (%2 errors). addressbook de %1 Kontakte aktualisiert (%2 Fehler).
|
||||
%1 fields in %2 other organisation member(s) changed addressbook de %1 Felder in %2 Mitglied(ern) der Organisation geändert
|
||||
%1 key(s) added to public keyserver "%2". addressbook de %1 Schlüssel wurden dem öffentlichen Schlüsselserver "%2" eingetragen.
|
||||
%1 not implemented for %2! addressbook de %1 nicht implementiert für %2!
|
||||
%1 public keys added. addressbook de %1 öffentliche Schlüssel gespeichert.
|
||||
%1 records imported addressbook de %1 Datensätze importiert
|
||||
%1 records read (not yet imported, you may go %2back%3 and uncheck test import) addressbook de %1 Datensätze gelesen (noch nicht importiert, sie können %2zurück%3 gehen und Test-Import ausschalten)
|
||||
%1 starts with '%2' addressbook de %1 beginnt mit '%2'
|
||||
@ -367,6 +369,7 @@ pager common de Pager
|
||||
parcel addressbook de Lieferadresse
|
||||
participants addressbook de Teilnehmer
|
||||
permission denied !!! addressbook de Zugriff verweigert !!!
|
||||
permissiong denied! ask your administrator to allow regular uses to update their public keys. addressbook de Zugriff verweigert! Bitten Sie Ihren Administrator normalen Benutzern zu erlauben Ihren öffentlichen Key zu aktualisieren.
|
||||
phone number common de Telefonnummer
|
||||
phone numbers common de Telefonnummern
|
||||
photo addressbook de Foto
|
||||
@ -521,6 +524,7 @@ you must select at least 1 column to display addressbook de Sie müssen mindeste
|
||||
you need to select a distribution list addressbook de Sie müssen eine Verteilerliste auswählen
|
||||
you need to select some contacts first addressbook de Sie müssen zuerst Kontakte auswählen
|
||||
you need to select some entries first addressbook de Sie müssen zuerst Daten auswählen
|
||||
your new public key has been stored in accounts addressbook. addressbook de Ihr neuer öffentlicher Schlüssen wurde im Benutzerkonten Adressbuch gespeichert.
|
||||
zip code common de PLZ
|
||||
zip code (private) addressbook de PLZ (Privat)
|
||||
zip_note addressbook de <p><b>Notiz:</b>Die Datei kann ein zip Archiv sein, bestehend aus .csv, .vcf oder .ldif Dateien. Sie dürfen die Dateitypen pro Import nicht mischen!
|
||||
|
@ -3,7 +3,9 @@
|
||||
%1 contact(s) %2, %3 failed because of insufficent rights !!! addressbook en %1 contact(s) %2, %3 failed because of insufficient rights!
|
||||
%1 contacts updated (%2 errors). addressbook en %1 contacts updated (%2 errors).
|
||||
%1 fields in %2 other organisation member(s) changed addressbook en %1 fields in %2 other organization member(s) changed.
|
||||
%1 key(s) added to public keyserver "%2". addressbook en %1 key(s) added to public keyserver "%2".
|
||||
%1 not implemented for %2! addressbook en %1 not implemented for %2!
|
||||
%1 public keys added. addressbook en %1 public keys added.
|
||||
%1 records imported addressbook en %1 records imported.
|
||||
%1 records read (not yet imported, you may go %2back%3 and uncheck test import) addressbook en %1 records read. Not yet imported, you may go %2back%3 and un-check Test import.
|
||||
%1 starts with '%2' addressbook en %1 starts with '%2'
|
||||
@ -367,6 +369,7 @@ pager common en Pager
|
||||
parcel addressbook en Parcel
|
||||
participants addressbook en Participants
|
||||
permission denied !!! addressbook en Permission denied!
|
||||
permissiong denied! ask your administrator to allow regular uses to update their public keys. addressbook en Permissiong denied! Ask your administrator to allow regular uses to update their public keys.
|
||||
phone number common en Phone number
|
||||
phone numbers common en Phone numbers
|
||||
photo addressbook en Photo
|
||||
@ -522,6 +525,7 @@ you must select at least 1 column to display addressbook en Select at least 1 co
|
||||
you need to select a distribution list addressbook en Select a distribution list
|
||||
you need to select some contacts first addressbook en Select some contacts first
|
||||
you need to select some entries first addressbook en You need to select some entries first
|
||||
your new public key has been stored in accounts addressbook. addressbook en Your new public key has been stored in accounts addressbook.
|
||||
zip code common en ZIP code
|
||||
zip code (private) addressbook en ZIP code (private)
|
||||
zip_note addressbook en <p><b>Note:</b> The file may be a zip file collection of .csv, .vcf, or .ldif files. Do not mix file types per import.
|
||||
|
Loading…
Reference in New Issue
Block a user