;;; smime.el --- S/MIME support library
-;; Copyright (c) 2000, 2001, 2003, 2005 Free Software Foundation, Inc.
+
+;; Copyright (C) 2000, 2001, 2002, 2003, 2004,
+;; 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
;; Author: Simon Josefsson <simon@josefsson.org>
;; Keywords: SMIME X.509 PEM OpenSSL
;; GNU Emacs is free software; you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published
-;; by the Free Software Foundation; either version 2, or (at your
+;; by the Free Software Foundation; either version 3, or (at your
;; option) any later version.
;; GNU Emacs is distributed in the hope that it will be useful, but
;; You should have received a copy of the GNU General Public License
;; along with GNU Emacs; see the file COPYING. If not, write to the
-;; Free Software Foundation, Inc., 59 Temple Place - Suite 330,
-;; Boston, MA 02111-1307, USA.
+;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+;; Boston, MA 02110-1301, USA.
;;; Commentary:
;;; Code:
+;; For Emacs < 22.2.
+(eval-and-compile
+ (unless (fboundp 'declare-function) (defmacro declare-function (&rest r))))
(require 'dig)
-(require 'smime-ldap)
-(require 'password)
+
+(if (locate-library "password-cache")
+ (require 'password-cache)
+ (require 'password))
+
(eval-when-compile (require 'cl))
+(eval-and-compile
+ (cond
+ ((fboundp 'replace-in-string)
+ (defalias 'smime-replace-in-string 'replace-in-string))
+ ((fboundp 'replace-regexp-in-string)
+ (defun smime-replace-in-string (string regexp newtext &optional literal)
+ "Replace all matches for REGEXP with NEWTEXT in STRING.
+If LITERAL is non-nil, insert NEWTEXT literally. Return a new
+string containing the replacements.
+
+This is a compatibility function for different Emacsen."
+ (replace-regexp-in-string regexp newtext string nil literal)))))
+
(defgroup smime nil
- "S/MIME configuration.")
+ "S/MIME configuration."
+ :group 'mime)
(defcustom smime-keys nil
"*Map mail addresses to a file containing Certificate (and private key).
If needed search base, binddn, passwd, etc. for the LDAP host
must be set in `ldap-host-parameters-alist'."
:type '(repeat (string :tag "Host name"))
+ :version "23.1" ;; No Gnus
:group 'smime)
(defvar smime-details-buffer "*OpenSSL output*")
temporary-file-directory))))))
;; Password dialog function
+(declare-function password-read-and-add "password-cache" (prompt &optional key))
(defun smime-ask-passphrase (&optional cache-key)
"Asks the passphrase to unlock the secret key.
keyfile
(smime-get-key-with-certs-by-email
(completing-read
- (concat "Sign using which key? "
- (if smime-keys (concat "(default " (caar smime-keys) ") ")
- ""))
+ (concat "Sign using key"
+ (if smime-keys
+ (concat " (default " (caar smime-keys) "): ")
+ ": "))
smime-keys nil nil (car-safe (car-safe smime-keys))))))
(error "Signing failed"))))
(insert-buffer-substring smime-details-buffer)
nil))
-(eval-when-compile
- (defvar from))
+(defvar from)
(defun smime-decrypt-region (b e keyfile)
"Decrypt S/MIME message in region between B and E with key in KEYFILE.
(or keyfile
(smime-get-key-by-email
(completing-read
- (concat "Decipher using which key? "
- (if smime-keys (concat "(default " (caar smime-keys) ") ")
- ""))
+ (concat "Decipher using key"
+ (if smime-keys (concat " (default " (caar smime-keys) "): ")
+ ": "))
smime-keys nil nil (car-safe (car-safe smime-keys)))))))))
;; Various operations
(defun smime-cert-by-ldap-1 (mail host)
"Get cetificate for MAIL from the ldap server at HOST."
- (let ((ldapresult (smime-ldap-search (concat "mail=" mail)
- host '("userCertificate") nil))
+ (let ((ldapresult
+ (funcall
+ (if (or (featurep 'xemacs)
+ ;; For Emacs >= 22 we don't need smime-ldap.el
+ (< emacs-major-version 22))
+ (progn
+ (require 'smime-ldap)
+ 'smime-ldap-search)
+ 'ldap-search)
+ (concat "mail=" mail)
+ host '("userCertificate") nil))
(retbuf (generate-new-buffer (format "*certificate for %s*" mail)))
cert)
- (if (> (length ldapresult) 1)
+ (if (and (>= (length ldapresult) 1)
+ (> (length (cadaar ldapresult)) 0))
(with-current-buffer retbuf
- (setq cert (base64-encode-string (nth 1 (car (nth 1 ldapresult))) t))
+ ;; Certificates on LDAP servers _should_ be in DER format,
+ ;; but there are some servers out there that distributes the
+ ;; certificates in PEM format (with or without
+ ;; header/footer) so we try to handle them anyway.
+ (if (or (string= (substring (cadaar ldapresult) 0 27)
+ "-----BEGIN CERTIFICATE-----")
+ (string= (substring (cadaar ldapresult) 0 3)
+ "MII"))
+ (setq cert
+ (smime-replace-in-string
+ (cadaar ldapresult)
+ (concat "\\(\n\\|\r\\|-----BEGIN CERTIFICATE-----\\|"
+ "-----END CERTIFICATE-----\\)")
+ "" t))
+ (setq cert (base64-encode-string (cadaar ldapresult) t)))
(insert "-----BEGIN CERTIFICATE-----\n")
(let ((i 0) (len (length cert)))
(while (> (- len 64) i)
(define-key smime-mode-map "q" 'smime-exit)
(define-key smime-mode-map "f" 'smime-certificate-info))
+(autoload 'gnus-run-mode-hooks "gnus-util")
+
(defun smime-mode ()
"Major mode for browsing, viewing and fetching certificates.
(use-local-map smime-mode-map)
(buffer-disable-undo)
(setq truncate-lines t)
- (setq buffer-read-only t))
+ (setq buffer-read-only t)
+ (gnus-run-mode-hooks 'smime-mode-hook))
(defun smime-certificate-info (certfile)
(interactive "fCertificate file: ")
(provide 'smime)
-;;; arch-tag: e3f9b938-5085-4510-8a11-6625269c9a9e
+;; arch-tag: e3f9b938-5085-4510-8a11-6625269c9a9e
;;; smime.el ends here