[Remail] [PATCH v2 4/5] Introduce an enabled flag for S/MIME
Andreas Rammhold
andi at notmuch.email
Mon Mar 2 17:11:38 CET 2020
From: Andreas Rammhold <andreas at rammhold.de>
This allows setups where there is no S/MIME. In some scenarios using
just GPG is fine and S/MIME might even be discouraged. Previously we had
to provide a dummy S/MIME key just to make remail happy. With this new
flag we do not need that key if we do not intend to use it.
Signed-off-by: Andreas Rammhold <andreas at rammhold.de>
---
Documentation/examples/conf/remail.yaml | 2 ++
Documentation/man5/remail.config.rst | 5 +++++
remail/config.py | 1 +
remail/maillist.py | 16 ++++++++++------
4 files changed, 18 insertions(+), 6 deletions(-)
diff --git a/Documentation/examples/conf/remail.yaml b/Documentation/examples/conf/remail.yaml
index 4f9f094..05abbc4 100644
--- a/Documentation/examples/conf/remail.yaml
+++ b/Documentation/examples/conf/remail.yaml
@@ -13,6 +13,8 @@ use_smtp: True
# S/MIME
smime:
+ # Enable S/MIME
+ enabled: True
# Verify CA certs. Only disable for troubleshooting
verify: True
diff --git a/Documentation/man5/remail.config.rst b/Documentation/man5/remail.config.rst
index 43a3843..564ecf0 100644
--- a/Documentation/man5/remail.config.rst
+++ b/Documentation/man5/remail.config.rst
@@ -186,9 +186,14 @@ S/MIME options:
.. code-block:: yaml
smime:
+ enabled: True
verify: True
sign: True
+ enabled:
+ Enable S/MIME processing. If this option is set to False then no attempts
+ are made to process S/MIME mails or keys.
+
verify:
When handling S/MIME encrypted mail then the validity of the senders key
diff --git a/remail/config.py b/remail/config.py
index d3ce5d5..f8400fe 100644
--- a/remail/config.py
+++ b/remail/config.py
@@ -189,6 +189,7 @@ class archive_config(object):
print('%*s%-40s: %s' % (indent, '', 'plain_list', self.m_list))
smime_defaults = {
+ 'enabled' : True,
'verify' : True,
'sign' : True,
}
diff --git a/remail/maillist.py b/remail/maillist.py
index 64fdfaf..9a95795 100644
--- a/remail/maillist.py
+++ b/remail/maillist.py
@@ -35,7 +35,9 @@ class maillist(object):
self.enabled = listcfg.enabled
self.use_smtp = use_smtp
- self.smime = smime_crypt(self.config.smime, self.config.listaccount)
+ self.smime = None
+ if self.config.smime.enabled:
+ self.smime = smime_crypt(self.config.smime, self.config.listaccount)
self.gpg = gpg_crypt(self.config.gpg, self.config.listaccount)
self.tracking = account_tracking(self.config.tracking, logger)
@@ -72,7 +74,7 @@ class maillist(object):
Encrypt plain text message for the account
'''
msg = msg_from_string(msg_plain.as_string())
- if account.use_smime:
+ if self.smime and account.use_smime:
self.smime.encrypt(msg, account)
else:
self.gpg.encrypt(msg, account)
@@ -143,7 +145,9 @@ class maillist(object):
'''
msg_sanitize_incoming(msg)
- msg_plain = self.smime.decrypt(msg)
+ msg_plain = None
+ if self.smime:
+ msg_plain = self.smime.decrypt(msg)
if not msg_plain:
msg_plain = self.gpg.decrypt(msg)
return msg_plain
@@ -303,10 +307,10 @@ class maillist(object):
for account in self.config.subscribers.values():
if not account.enabled:
continue
- if not account.use_smime:
- self.gpg.check_key(account)
- else:
+ if account.use_smime and self.smime:
self.smime.check_cert(account)
+ else:
+ self.gpg.check_key(account)
class maillist_checker(object):
'''
--
2.25.1
More information about the Remail
mailing list