Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Branch: develop
Branches Tags
zammad
/
lib
/
secure_mailing
/
pgp
/
tool
/
exec.rb

exec.rb 2.3 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
    2. 

  2. 

  3. module SecureMailing::PGP::Tool::Exec
    4. 

  4.   extend ActiveSupport::Concern
    5. 

  5. 

  6.   include SecureMailing::PGP::Tool::Error::Handler
    7. 

  7.   include SecureMailing::PGP::Tool::Exec::Agent
    8. 

  8. 

  9.   included do # rubocop:disable Metrics/BlockLength
    10. 

  10.     attr_accessor :gnupg_home
    11. 

  11. 

  12.     def with_private_keyring
    13. 

  13.       dir = Dir.mktmpdir('zammad-gnupg-keyring', Rails.root.join('tmp'))
    14. 

  14. 

  15.       begin
    16. 

  16.         @gnupg_home = dir
    17. 

  17.         yield(self)
    18. 

  18.       ensure
    19. 

  19.         kill_agent
    20. 

  20.         FileUtils.rm_rf(@gnupg_home)
    21. 

  21.         @gnupg_home = nil
    22. 

  22.       end
    23. 

  23.     end
    24. 

  24. 

  25.     def gpg(command, options: [], arguments: [], stdin: nil, passphrase: nil)
    26. 

  26.       raise __("Use 'with_private_keyring' to create a private keyring or set @gnupg_home before calling gpg.") if !@gnupg_home
    27. 

  27. 

  28.       args = %w[--batch --yes --no-tty --verbose --status-fd 2] + options + ["--#{command}"] + arguments
    29. 

  29.       env = {
    30. 

  30.         'LC_ALL'    => 'C', # Force use of English
    31. 

  31.         'GNUPGHOME' => @gnupg_home # Create/use a temporary keyring
    32. 

  32.       }
    33. 

  33.       run(args, env, stdin, passphrase)
    34. 

  34.     end
    35. 

  35. 

  36.     private
    37. 

  37. 

  38.     def binary_path
    39. 

  39.       return @which if @which
    40. 

  40. 

  41.       if ENV['GPG_PATH'] && File.executable?(ENV['GPG_PATH'])
    42. 

  42.         @which = ENV['GPG_PATH']
    43. 

  43.         return @which
    44. 

  44.       end
    45. 

  45. 

  46.       ENV['PATH'].split(File::PATH_SEPARATOR).each do |path|
    47. 

  47.         gpg = File.join(path, 'gpg')
    48. 

  48.         if File.executable?(gpg)
    49. 

  49.           @which = gpg
    50. 

  50.           return @which
    51. 

  51.         end
    52. 

  52.       end
    53. 

  53. 

  54.       raise Errno::ENOENT, 'gpg: command not found'
    55. 

  55.     end
    56. 

  56. 

  57.     def run(args, env, stdin, passphrase)
    58. 

  58.       if passphrase
    59. 

  59.         passphrase_file = Tempfile.new('passphrase')
    60. 

  60.         begin
    61. 

  61.           passphrase_file.write(passphrase)
    62. 

  62.           passphrase_file.close
    63. 

  63. 

  64.           options = [
    65. 

  65.             '--passphrase-file', passphrase_file.path,
    66. 

  66.             '--pinentry-mode', 'loopback',
    67. 

  67.           ]
    68. 

  68.           args.insert(4, *options)
    69. 

  69. 

  70.           stdout, stderr, status = Open3.capture3(env, binary_path, *args, stdin_data: stdin, binmode: true)
    71. 

  71.         ensure
    72. 

  72.           passphrase_file.unlink
    73. 

  73.         end
    74. 

  74.       else
    75. 

  75.         stdout, stderr, status = Open3.capture3(env, binary_path, *args, stdin_data: stdin, binmode: true)
    76. 

  76.       end
    77. 

  77. 

  78.       result!([binary_path] + args, env, stdin, { stdout: stdout, stderr: stderr, status: status })
    79. 

  79.     end
    80. 

  80.   end
    81. 

  81. end
    82.