-;;; canlock.el --- Functions for Cancel-Lock feature
-;; Copyright (C) 1998, 1999, 2001 Free Software Foundation, Inc.
+;;; canlock.el --- functions for Cancel-Lock feature
+
+;; Copyright (C) 1998-1999, 2001-2014 Free Software Foundation, Inc.
;; Author: Katsumi Yamaoka <yamaoka@jpl.org>
;; Keywords: news, cancel-lock, hmac, sha1, rfc2104
-;; This program is free software; you can redistribute it and/or modify
+;; This file is part of GNU Emacs.
+
+;; GNU Emacs is free software: you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
-;; the Free Software Foundation; either version 2, or (at your option)
-;; any later version.
+;; the Free Software Foundation, either version 3 of the License, or
+;; (at your option) any later version.
-;; This program is distributed in the hope that it will be useful,
+;; GNU Emacs is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;; GNU General Public License for more details.
;; You should have received a copy of the GNU General Public License
-;; along with this program; see the file COPYING. If not, write to the
-;; Free Software Foundation, Inc., 59 Temple Place - Suite 330,
-;; Boston, MA 02111-1307, USA.
+;; along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>.
;;; Commentary:
;;; Code:
-(defconst canlock-version "0.8")
-
(eval-when-compile
(require 'cl))
-(autoload 'sha1-binary "sha1-el")
-(autoload 'sha1-encode-binary "sha1")
-(autoload 'base64-encode "base64")
+(require 'sha1)
+
+(defvar mail-header-separator)
(defgroup canlock nil
"The Cancel-Lock feature."
- :group 'applications)
-
-(defcustom canlock-sha1-function 'sha1-binary
- "Function to call to make a SHA-1 message digest."
- :type '(radio (function-item sha1-encode-binary)
- (function-item sha1-binary)
- (function-item canlock-sha1-with-openssl)
- (function :tag "Other"))
- :group 'canlock)
-
-(defcustom canlock-sha1-function-for-verify canlock-sha1-function
- "Function to call to make a SHA-1 message digest for verifying."
- :type '(radio (function-item sha1-encode-binary)
- (function-item sha1-binary)
- (function-item canlock-sha1-with-openssl)
- (function :tag "Other"))
- :group 'canlock)
-
-(defcustom canlock-openssl-program "openssl"
- "Name of OpenSSL program."
- :type 'string
- :group 'canlock)
-
-(defcustom canlock-openssl-args '("sha1")
- "Arguments passed to the OpenSSL program."
- :type 'sexp
- :group 'canlock)
-
-(defcustom canlock-ignore-errors nil
- "If non-nil, ignore any error signals."
- :type 'boolean
- :group 'canlock)
+ :group 'news)
(defcustom canlock-password nil
"Password to use when signing a Cancel-Lock or a Cancel-Key header."
- :type 'string
+ :type '(radio (const :format "Not specified " nil)
+ (string :tag "Password"))
:group 'canlock)
(defcustom canlock-password-for-verify canlock-password
"Password to use when verifying a Cancel-Lock or a Cancel-Key header."
- :type 'string
+ :type '(radio (const :format "Not specified " nil)
+ (string :tag "Password"))
:group 'canlock)
(defcustom canlock-force-insert-header nil
:type 'boolean
:group 'canlock)
-(defun canlock-sha1-with-openssl (message)
- "Make a SHA-1 digest of MESSAGE using OpenSSL."
- (with-temp-buffer
- (let ((coding-system-for-read 'binary)
- (coding-system-for-write 'binary)
- selective-display
- (case-fold-search t))
- (insert message)
- (apply 'call-process-region (point-min) (point-max)
- canlock-openssl-program t t nil canlock-openssl-args)
- (goto-char (point-min))
- (while (re-search-forward "[0-9a-f][0-9a-f]" nil t)
- (replace-match (read (concat "\"\\x" (match-string 0) "\""))))
- (buffer-substring (point-min) (point)))))
+(eval-when-compile
+ (defmacro canlock-string-as-unibyte (string)
+ "Return a unibyte string with the same individual bytes as STRING."
+ (if (fboundp 'string-as-unibyte)
+ (list 'string-as-unibyte string)
+ string)))
-(defvar canlock-read-passwd nil)
-(defun canlock-read-passwd (prompt &rest args)
- "Read a password using PROMPT.
-If ARGS, PROMPT is used as an argument to `format'."
- (let ((prompt
- (if args
- (apply 'format prompt args)
- prompt)))
- (unless canlock-read-passwd
- (if (or (fboundp 'read-passwd) (load "passwd" t))
- (setq canlock-read-passwd 'read-passwd)
- (unless (fboundp 'ange-ftp-read-passwd)
- (autoload 'ange-ftp-read-passwd "ange-ftp"))
- (setq canlock-read-passwd 'ange-ftp-read-passwd)))
- (funcall canlock-read-passwd prompt)))
+(defun canlock-sha1 (message)
+ "Make a SHA-1 digest of MESSAGE as a unibyte string of length 20 bytes."
+ (let (sha1-maximum-internal-length)
+ (sha1 message nil nil 'binary)))
(defun canlock-make-cancel-key (message-id password)
"Make a Cancel-Key header."
- (cond ((> (length password) 20)
- (setq password (funcall canlock-sha1-function password)))
- ((< (length password) 20)
- (setq password (concat
- password
- (make-string (- 20 (length password)) 0)))))
- (setq password (concat password (make-string 44 0)))
- (let ((ipad (mapconcat (lambda (char)
- (char-to-string (logxor 54 char)))
+ (when (> (length password) 20)
+ (setq password (canlock-sha1 password)))
+ (setq password (concat password (make-string (- 64 (length password)) 0)))
+ (let ((ipad (mapconcat (lambda (byte)
+ (char-to-string (logxor 54 byte)))
password ""))
- (opad (mapconcat (lambda (char)
- (char-to-string (logxor 92 char)))
+ (opad (mapconcat (lambda (byte)
+ (char-to-string (logxor 92 byte)))
password "")))
- (base64-encode-string (funcall canlock-sha1-function
- (concat
- opad
- (funcall canlock-sha1-function
- (concat ipad message-id)))))))
+ (base64-encode-string
+ (canlock-sha1
+ (concat opad
+ (canlock-sha1
+ (concat ipad (canlock-string-as-unibyte message-id))))))))
(defun canlock-narrow-to-header ()
"Narrow the buffer to the head of the message."
(unless id-for-key
(setq id-for-key (canlock-fetch-id-for-key)))
(if (and (setq control (mail-fetch-field "Control"))
- (string-match
- "^cancel[\t ]+\\(<[^\t\n @<>]+@[^\t\n @<>]+>\\)"
- control))
+ (string-match "^cancel[\t ]+<[^\t\n @<>]+@[^\t\n @<>]+>"
+ control))
(setq id-for-lock nil)
(unless id-for-lock
(setq id-for-lock (mail-fetch-field "Message-ID"))))
(message "There are no Message-ID(s)")
(unless password
(setq password (or canlock-password
- (canlock-read-passwd
+ (read-passwd
"Password for Canlock: "))))
(if (or (not (stringp password)) (zerop (length password)))
(message "Password for Canlock is bad")
(insert "Cancel-Key: sha1:" key-for-key "\n"))
(when key-for-lock
(insert "Cancel-Lock: sha1:"
- (base64-encode-string (funcall canlock-sha1-function
- key-for-lock))
+ (base64-encode-string (canlock-sha1 key-for-lock))
"\n")))))))))
;;;###autoload
(defun canlock-verify (&optional buffer)
"Verify Cancel-Lock or Cancel-Key in BUFFER.
If BUFFER is nil, the current buffer is assumed. Signal an error if
-it fails. You can modify the behavior of this function to return non-
-nil instead of to signal an error by setting the option
-`canlock-ignore-errors' to non-nil."
+it fails."
(interactive)
- (let ((canlock-sha1-function (or canlock-sha1-function-for-verify
- canlock-sha1-function))
- keys locks errmsg id-for-key id-for-lock password
- key-for-key key-for-lock match)
+ (let (keys locks errmsg id-for-key id-for-lock password
+ key-for-key key-for-lock match)
(save-excursion
(when buffer
(set-buffer buffer))
id-for-lock (mail-fetch-field "Message-ID"))
(or id-for-key id-for-lock
(setq errmsg "There are no Message-ID(s)")))))
-
(if errmsg
- (if canlock-ignore-errors
- errmsg
- (error "%s" errmsg))
-
+ (error "%s" errmsg)
(setq password (or canlock-password-for-verify
- (canlock-read-passwd "Password for Canlock: ")))
+ (read-passwd "Password for Canlock: ")))
(if (or (not (stringp password)) (zerop (length password)))
- (progn
- (setq errmsg "Password for Canlock is bad")
- (if canlock-ignore-errors
- errmsg
- (error "%s" errmsg)))
-
+ (error "Password for Canlock is bad")
(when keys
(when id-for-key
(setq key-for-key (canlock-make-cancel-key id-for-key password))
(setq match (string-equal key-for-key (pop keys)))))
(setq keys (if match "good" "bad")))
(setq match nil)
-
(when locks
(when id-for-lock
(setq key-for-lock
- (base64-encode-string (funcall canlock-sha1-function
- (canlock-make-cancel-key
- id-for-lock password))))
+ (base64-encode-string
+ (canlock-sha1 (canlock-make-cancel-key id-for-lock
+ password))))
(when (and locks (not match))
(setq match (string-equal key-for-lock (pop locks)))))
(setq locks (if match "good" "bad")))
-
(prog1
(when (member "bad" (list keys locks))
"bad")