plugins/mail-crypt/mail-crypt-userenv.c

bcb4e51a409d94ae670de96afb8483a4f7855294Stephan Bosch/* Copyright (c) 2015-2018 Dovecot authors, see the included COPYING file */
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "lib.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "str.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "mail-user.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "mail-crypt-common.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi#include "mail-crypt-key.h"
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomistatic int
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomimail_crypt_load_global_private_keys(struct mail_user *user,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                    const char *set_prefix,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                    struct mail_crypt_global_keys *global_keys,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                    bool ignore_errors,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                    const char **error_r)
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi{
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    string_t *set_key = t_str_new(64);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    str_append(set_key, set_prefix);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    str_append(set_key, "_private_key");
2ac5f36aa7c2e7a07ba8815d43a6d7483f62e74cTimo Sirainen    size_t prefix_len = str_len(set_key);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    unsigned int i = 1;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    const char *key_data;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    while ((key_data = mail_user_plugin_getenv(user, str_c(set_key))) != NULL) {
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        const char *set_pw = t_strconcat(str_c(set_key), "_password", NULL);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        const char *password = mail_user_plugin_getenv(user, set_pw);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        if (mail_crypt_load_global_private_key(str_c(set_key), key_data,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                            set_pw, password,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                            global_keys,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                            error_r) < 0) {
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi            /* skip this key */
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi            if (ignore_errors) {
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                if (user->namespaces->mail_set->mail_debug)
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                    i_debug("mail-crypt-plugin: "
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                        "mail_crypt_load_global_private_key failed: %s",
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                        *error_r);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                *error_r = NULL;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                continue;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi            }
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi            return -1;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        }
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        str_truncate(set_key, prefix_len);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        str_printfa(set_key, "%u", ++i);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    }
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    return 0;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi}
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomiint mail_crypt_global_keys_load(struct mail_user *user, const char *set_prefix,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                struct mail_crypt_global_keys *global_keys_r,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                bool ignore_privkey_errors,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                const char **error_r)
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi{
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    const char *set_key = t_strconcat(set_prefix, "_public_key", NULL);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    const char *key_data = mail_user_plugin_getenv(user, set_key);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    mail_crypt_global_keys_init(global_keys_r);
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    if (key_data != NULL) {
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        if (mail_crypt_load_global_public_key(set_key,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                              key_data,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                              global_keys_r,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                              error_r) < 0)
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi            return -1;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    }
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    if (mail_crypt_load_global_private_keys(user, set_prefix, global_keys_r,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                        ignore_privkey_errors,
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi                        error_r) < 0)
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi        return -1;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi    return 0;
4c78d9e646c4a1158d7167806937c02d86cdfc25Aki Tuomi}