gpg-lacre/lacre/daemon.py

"""Lacre Daemon, the Advanced Mail Filter message dispatcher."""

import logging
import lacre
import lacre.config as conf
import sys
from aiosmtpd.controller import Controller
from aiosmtpd.smtp import Envelope
import asyncio
import email
import time
from watchdog.observers import Observer

# Mail status constants.
#
# These are the only values that our mail handler is allowed to return.
RESULT_OK = '250 OK'
RESULT_ERROR = '500 Could not process your message'

# Load configuration and init logging, in this order.  Only then can we load
# the last Lacre module, i.e. lacre.mailgate.
conf.load_config()
lacre.init_logging(conf.get_item("logging", "config"))
LOG = logging.getLogger('lacre.daemon')

import lacre.core as gate
import lacre.keyring as kcache


class MailEncryptionProxy:
    """A mail handler dispatching to appropriate mail operation."""

    def __init__(self, keyring: kcache.KeyRing):
        """Initialise the mail proxy with a reference to the key cache."""
        self._keyring = keyring

    async def handle_DATA(self, server, session, envelope: Envelope):
        """Accept a message and either encrypt it or forward as-is."""
        start = time.process_time()
        try:
            keys = await self._keyring.freeze_identities()
            message = email.message_from_bytes(envelope.content)
            for operation in gate.delivery_plan(envelope.rcpt_tos, message, keys):
                LOG.debug(f"Sending mail via {operation!r}")
                new_message = operation.perform(message)
                gate.send_msg(new_message, operation.recipients(), envelope.mail_from)
        except TypeError as te:
            LOG.exception("Got exception while processing", exc_info=te)
            return RESULT_ERROR
        except:
            LOG.exception('Unexpected exception caught, bouncing message')
            return RESULT_ERROR

        ellapsed = (time.process_time() - start) * 1000
        LOG.info(f'Message delivered in {ellapsed:.2f} ms')
        return RESULT_OK


def _init_controller(keys: kcache.KeyRing, tout: float = 5):
    proxy = MailEncryptionProxy(keys)
    host, port = conf.daemon_params()
    LOG.info(f"Initialising a mail Controller at {host}:{port}")
    return Controller(proxy, hostname=host, port=port, ready_timeout=tout)


def _init_reloader(keyring_dir: str, reloader) -> kcache.KeyringModificationListener:
    listener = kcache.KeyringModificationListener(reloader)
    observer = Observer()
    observer.schedule(listener, keyring_dir, recursive=False)
    return observer


def _validate_config():
    missing = conf.validate_config()
    if missing:
        params = ", ".join([_full_param_name(tup) for tup in missing])
        LOG.error(f"Following mandatory parameters are missing: {params}")
        sys.exit(lacre.EX_CONFIG)


def _full_param_name(tup):
    return f"[{tup[0]}]{tup[1]}"


async def _sleep():
    while True:
        await asyncio.sleep(360)


def _main():
    _validate_config()

    keyring_path = conf.get_item('gpg', 'keyhome')
    loop = asyncio.get_event_loop()
    keyring = kcache.KeyRing(keyring_path, loop)
    controller = _init_controller(keyring)
    reloader = _init_reloader(keyring_path, keyring)

    LOG.info(f'Watching keyring directory {keyring_path}...')
    reloader.start()

    LOG.info('Starting the daemon...')
    controller.start()

    try:
        loop.run_until_complete(_sleep())
    except KeyboardInterrupt:
        LOG.info("Finishing...")
    except:
        LOG.exception('Unexpected exception caught, your system may be unstable')
    finally:
        LOG.info('Shutting down keyring watcher and the daemon...')
        reloader.stop()
        reloader.join()
        controller.stop()

    LOG.info("Done")


if __name__ == '__main__':
    _main()
Create skeleton of the Lacre daemon Also: - Expose a function to read mail relay configuration. - Replace tabs with 4 spaces in lacre.config. 2022-06-30 21:03:22 +02:00			`"""Lacre Daemon, the Advanced Mail Filter message dispatcher."""`

Extend the daemon skeleton 2022-06-30 22:55:04 +02:00			`import logging`
			`import lacre`
Create skeleton of the Lacre daemon Also: - Expose a function to read mail relay configuration. - Replace tabs with 4 spaces in lacre.config. 2022-06-30 21:03:22 +02:00			`import lacre.config as conf`
[daemon] Add configuration, implement no-op filter - Add a "mailop" module to define mail operations. Each should inherit from MailOperation class (which just defines the contract). - Make lacre.mailgate.delivery_plan always return KeepIntact strategy to have a daemon that just forwards messages without modifying them. - Add sample configuration. - Include daemon configuration in mandatory parameter check. 2022-07-03 23:58:31 +02:00			`import sys`
Extend the daemon skeleton 2022-06-30 22:55:04 +02:00			`from aiosmtpd.controller import Controller`
Implement Advanced Filter flow for cleartext and OpenPGP - Polish implementation of mail operations (lacre/mailop.py). Add two strategies: InlineOpenPGPEncrypt and MimeOpenPGPEncrypt, to support two modes of OpenPGP encryption. - In delivery_plan, only use those strategies that actually make sense with the recipients we'd got. - Add flag_enabled predicate (lacre/config.py) to make configuration checks easier / simpler. - Handle TypeError errors in Advanced Filter, indicating a delivery failure when they appear. - Add type hints to some of the functions. 2022-09-29 22:05:45 +02:00			`from aiosmtpd.smtp import Envelope`
Implement a bare minimum of advanced filtering - Forward messages without encryption. - Include a simple test setup in the Makefile. - Add a test to send a test message to the daemon. 2022-07-04 21:39:45 +02:00			`import asyncio`
Implement Advanced Filter flow for cleartext and OpenPGP - Polish implementation of mail operations (lacre/mailop.py). Add two strategies: InlineOpenPGPEncrypt and MimeOpenPGPEncrypt, to support two modes of OpenPGP encryption. - In delivery_plan, only use those strategies that actually make sense with the recipients we'd got. - Add flag_enabled predicate (lacre/config.py) to make configuration checks easier / simpler. - Handle TypeError errors in Advanced Filter, indicating a delivery failure when they appear. - Add type hints to some of the functions. 2022-09-29 22:05:45 +02:00			`import email`
Log processing time for successful deliveries 2022-10-15 13:45:46 +02:00			`import time`
Reload keyring on filesystem events Subscribe to FS events from keyring directory using Python Watchdog and when a modification is observed, reload the key cache. Since we may receive more than one event about a single modification, keep directory's last modification to recognise 'false positives'. 2022-10-15 19:53:55 +02:00			`from watchdog.observers import Observer`
Create skeleton of the Lacre daemon Also: - Expose a function to read mail relay configuration. - Replace tabs with 4 spaces in lacre.config. 2022-06-30 21:03:22 +02:00
Extend the daemon skeleton 2022-06-30 22:55:04 +02:00			`# Mail status constants.`
			`#`
			`# These are the only values that our mail handler is allowed to return.`
Create skeleton of the Lacre daemon Also: - Expose a function to read mail relay configuration. - Replace tabs with 4 spaces in lacre.config. 2022-06-30 21:03:22 +02:00			`RESULT_OK = '250 OK'`
			`RESULT_ERROR = '500 Could not process your message'`

Extend the daemon skeleton 2022-06-30 22:55:04 +02:00			`# Load configuration and init logging, in this order. Only then can we load`
			`# the last Lacre module, i.e. lacre.mailgate.`
			`conf.load_config()`
			`lacre.init_logging(conf.get_item("logging", "config"))`
Simplify code, improve log entries, add comments 2022-10-22 11:19:47 +02:00			`LOG = logging.getLogger('lacre.daemon')`
Extend the daemon skeleton 2022-06-30 22:55:04 +02:00
Rename mailgate.py to core.py 2022-10-22 10:13:54 +02:00			`import lacre.core as gate`
Rename lacre.keycache to lacre.keyring This will better reflect the fact we're doing more than just caching. 2022-10-16 22:58:38 +02:00			`import lacre.keyring as kcache`
Extend the daemon skeleton 2022-06-30 22:55:04 +02:00
Create skeleton of the Lacre daemon Also: - Expose a function to read mail relay configuration. - Replace tabs with 4 spaces in lacre.config. 2022-06-30 21:03:22 +02:00
			`class MailEncryptionProxy:`
			`"""A mail handler dispatching to appropriate mail operation."""`

Separate key-cache and key-loader Extract key-loading code to a dedicated class KeyRing in lacre.keyring module. KeyCache only keeps a static map of identities, making it safe to use in asynchronous context (and race condition resistant). 2022-10-17 20:13:37 +02:00			`def __init__(self, keyring: kcache.KeyRing):`
Implement a basic KeyCache 2022-09-30 22:40:42 +02:00			`"""Initialise the mail proxy with a reference to the key cache."""`
Separate key-cache and key-loader Extract key-loading code to a dedicated class KeyRing in lacre.keyring module. KeyCache only keeps a static map of identities, making it safe to use in asynchronous context (and race condition resistant). 2022-10-17 20:13:37 +02:00			`self._keyring = keyring`
Implement a basic KeyCache 2022-09-30 22:40:42 +02:00
Implement Advanced Filter flow for cleartext and OpenPGP - Polish implementation of mail operations (lacre/mailop.py). Add two strategies: InlineOpenPGPEncrypt and MimeOpenPGPEncrypt, to support two modes of OpenPGP encryption. - In delivery_plan, only use those strategies that actually make sense with the recipients we'd got. - Add flag_enabled predicate (lacre/config.py) to make configuration checks easier / simpler. - Handle TypeError errors in Advanced Filter, indicating a delivery failure when they appear. - Add type hints to some of the functions. 2022-09-29 22:05:45 +02:00			`async def handle_DATA(self, server, session, envelope: Envelope):`
Create skeleton of the Lacre daemon Also: - Expose a function to read mail relay configuration. - Replace tabs with 4 spaces in lacre.config. 2022-06-30 21:03:22 +02:00			`"""Accept a message and either encrypt it or forward as-is."""`
Log processing time for successful deliveries 2022-10-15 13:45:46 +02:00			`start = time.process_time()`
Implement Advanced Filter flow for cleartext and OpenPGP - Polish implementation of mail operations (lacre/mailop.py). Add two strategies: InlineOpenPGPEncrypt and MimeOpenPGPEncrypt, to support two modes of OpenPGP encryption. - In delivery_plan, only use those strategies that actually make sense with the recipients we'd got. - Add flag_enabled predicate (lacre/config.py) to make configuration checks easier / simpler. - Handle TypeError errors in Advanced Filter, indicating a delivery failure when they appear. - Add type hints to some of the functions. 2022-09-29 22:05:45 +02:00			`try:`
Separate key-cache and key-loader Extract key-loading code to a dedicated class KeyRing in lacre.keyring module. KeyCache only keeps a static map of identities, making it safe to use in asynchronous context (and race condition resistant). 2022-10-17 20:13:37 +02:00			`keys = await self._keyring.freeze_identities()`
Implement Advanced Filter flow for cleartext and OpenPGP - Polish implementation of mail operations (lacre/mailop.py). Add two strategies: InlineOpenPGPEncrypt and MimeOpenPGPEncrypt, to support two modes of OpenPGP encryption. - In delivery_plan, only use those strategies that actually make sense with the recipients we'd got. - Add flag_enabled predicate (lacre/config.py) to make configuration checks easier / simpler. - Handle TypeError errors in Advanced Filter, indicating a delivery failure when they appear. - Add type hints to some of the functions. 2022-09-29 22:05:45 +02:00			`message = email.message_from_bytes(envelope.content)`
Rework PGP-Inline verification/recognition 2022-10-22 19:21:25 +02:00			`for operation in gate.delivery_plan(envelope.rcpt_tos, message, keys):`
Implement Advanced Filter flow for cleartext and OpenPGP - Polish implementation of mail operations (lacre/mailop.py). Add two strategies: InlineOpenPGPEncrypt and MimeOpenPGPEncrypt, to support two modes of OpenPGP encryption. - In delivery_plan, only use those strategies that actually make sense with the recipients we'd got. - Add flag_enabled predicate (lacre/config.py) to make configuration checks easier / simpler. - Handle TypeError errors in Advanced Filter, indicating a delivery failure when they appear. - Add type hints to some of the functions. 2022-09-29 22:05:45 +02:00			`LOG.debug(f"Sending mail via {operation!r}")`
			`new_message = operation.perform(message)`
			`gate.send_msg(new_message, operation.recipients(), envelope.mail_from)`
			`except TypeError as te:`
			`LOG.exception("Got exception while processing", exc_info=te)`
			`return RESULT_ERROR`
Re-use the same Event Loop for each coroutine Function asyncio.run creates a new event loop each time it's called and executes coroutine in that new loop. However, we want all our coroutines to be executed from the same event loop, so we acquire a loop when lacre.daemon starts and then use it to execute them later. See: Disroot/gpg-lacre#109 2022-10-29 16:09:24 +02:00			`except:`
			`LOG.exception('Unexpected exception caught, bouncing message')`
			`return RESULT_ERROR`
Extend the daemon skeleton 2022-06-30 22:55:04 +02:00
Improve logging - Report processing time in milliseconds. - Use module names in log messages instead of file-names without extensions. 2022-10-20 21:56:01 +02:00			`ellapsed = (time.process_time() - start) * 1000`
			`LOG.info(f'Message delivered in {ellapsed:.2f} ms')`
Log processing time for successful deliveries 2022-10-15 13:45:46 +02:00			`return RESULT_OK`
Create skeleton of the Lacre daemon Also: - Expose a function to read mail relay configuration. - Replace tabs with 4 spaces in lacre.config. 2022-06-30 21:03:22 +02:00

Separate key-cache and key-loader Extract key-loading code to a dedicated class KeyRing in lacre.keyring module. KeyCache only keeps a static map of identities, making it safe to use in asynchronous context (and race condition resistant). 2022-10-17 20:13:37 +02:00			`def _init_controller(keys: kcache.KeyRing, tout: float = 5):`
Implement a basic KeyCache 2022-09-30 22:40:42 +02:00			`proxy = MailEncryptionProxy(keys)`
[daemon] Add configuration, implement no-op filter - Add a "mailop" module to define mail operations. Each should inherit from MailOperation class (which just defines the contract). - Make lacre.mailgate.delivery_plan always return KeepIntact strategy to have a daemon that just forwards messages without modifying them. - Add sample configuration. - Include daemon configuration in mandatory parameter check. 2022-07-03 23:58:31 +02:00			`host, port = conf.daemon_params()`
Implement a bare minimum of advanced filtering - Forward messages without encryption. - Include a simple test setup in the Makefile. - Add a test to send a test message to the daemon. 2022-07-04 21:39:45 +02:00			`LOG.info(f"Initialising a mail Controller at {host}:{port}")`
Reload key cache periodically Use [default]cache_refresh_minutes configuration parameter to define periods between cache reloads. After this number of minutes cache will be reloaded. 2022-10-11 21:50:51 +02:00			`return Controller(proxy, hostname=host, port=port, ready_timeout=tout)`
Extend the daemon skeleton 2022-06-30 22:55:04 +02:00

Reload keyring on filesystem events Subscribe to FS events from keyring directory using Python Watchdog and when a modification is observed, reload the key cache. Since we may receive more than one event about a single modification, keep directory's last modification to recognise 'false positives'. 2022-10-15 19:53:55 +02:00			`def _init_reloader(keyring_dir: str, reloader) -> kcache.KeyringModificationListener:`
			`listener = kcache.KeyringModificationListener(reloader)`
			`observer = Observer()`
			`observer.schedule(listener, keyring_dir, recursive=False)`
			`return observer`


[daemon] Add configuration, implement no-op filter - Add a "mailop" module to define mail operations. Each should inherit from MailOperation class (which just defines the contract). - Make lacre.mailgate.delivery_plan always return KeepIntact strategy to have a daemon that just forwards messages without modifying them. - Add sample configuration. - Include daemon configuration in mandatory parameter check. 2022-07-03 23:58:31 +02:00			`def _validate_config():`
			`missing = conf.validate_config()`
			`if missing:`
Fix a bug introduced by refactoring, clean up code - Fix certificate retrieval. - Store recipients within MailOperation objects. - Log more information. - Fix some warnings. 2022-09-12 22:32:54 +02:00			`params = ", ".join([_full_param_name(tup) for tup in missing])`
[daemon] Add configuration, implement no-op filter - Add a "mailop" module to define mail operations. Each should inherit from MailOperation class (which just defines the contract). - Make lacre.mailgate.delivery_plan always return KeepIntact strategy to have a daemon that just forwards messages without modifying them. - Add sample configuration. - Include daemon configuration in mandatory parameter check. 2022-07-03 23:58:31 +02:00			`LOG.error(f"Following mandatory parameters are missing: {params}")`
			`sys.exit(lacre.EX_CONFIG)`


Fix a bug introduced by refactoring, clean up code - Fix certificate retrieval. - Store recipients within MailOperation objects. - Log more information. - Fix some warnings. 2022-09-12 22:32:54 +02:00			`def _full_param_name(tup):`
			`return f"[{tup[0]}]{tup[1]}"`


Make key-loading async, remove unused parameter 2022-10-17 23:25:51 +02:00			`async def _sleep():`
Implement a bare minimum of advanced filtering - Forward messages without encryption. - Include a simple test setup in the Makefile. - Add a test to send a test message to the daemon. 2022-07-04 21:39:45 +02:00			`while True:`
Make key-loading async, remove unused parameter 2022-10-17 23:25:51 +02:00			`await asyncio.sleep(360)`
Implement a bare minimum of advanced filtering - Forward messages without encryption. - Include a simple test setup in the Makefile. - Add a test to send a test message to the daemon. 2022-07-04 21:39:45 +02:00

Extend the daemon skeleton 2022-06-30 22:55:04 +02:00			`def _main():`
[daemon] Add configuration, implement no-op filter - Add a "mailop" module to define mail operations. Each should inherit from MailOperation class (which just defines the contract). - Make lacre.mailgate.delivery_plan always return KeepIntact strategy to have a daemon that just forwards messages without modifying them. - Add sample configuration. - Include daemon configuration in mandatory parameter check. 2022-07-03 23:58:31 +02:00			`_validate_config()`

Reload keyring on filesystem events Subscribe to FS events from keyring directory using Python Watchdog and when a modification is observed, reload the key cache. Since we may receive more than one event about a single modification, keep directory's last modification to recognise 'false positives'. 2022-10-15 19:53:55 +02:00			`keyring_path = conf.get_item('gpg', 'keyhome')`
Re-use the same Event Loop for each coroutine Function asyncio.run creates a new event loop each time it's called and executes coroutine in that new loop. However, we want all our coroutines to be executed from the same event loop, so we acquire a loop when lacre.daemon starts and then use it to execute them later. See: Disroot/gpg-lacre#109 2022-10-29 16:09:24 +02:00			`loop = asyncio.get_event_loop()`
			`keyring = kcache.KeyRing(keyring_path, loop)`
Separate key-cache and key-loader Extract key-loading code to a dedicated class KeyRing in lacre.keyring module. KeyCache only keeps a static map of identities, making it safe to use in asynchronous context (and race condition resistant). 2022-10-17 20:13:37 +02:00			`controller = _init_controller(keyring)`
			`reloader = _init_reloader(keyring_path, keyring)`
Create skeleton of the Lacre daemon Also: - Expose a function to read mail relay configuration. - Replace tabs with 4 spaces in lacre.config. 2022-06-30 21:03:22 +02:00
Reload keyring on filesystem events Subscribe to FS events from keyring directory using Python Watchdog and when a modification is observed, reload the key cache. Since we may receive more than one event about a single modification, keep directory's last modification to recognise 'false positives'. 2022-10-15 19:53:55 +02:00			`LOG.info(f'Watching keyring directory {keyring_path}...')`
			`reloader.start()`

			`LOG.info('Starting the daemon...')`
Create skeleton of the Lacre daemon Also: - Expose a function to read mail relay configuration. - Replace tabs with 4 spaces in lacre.config. 2022-06-30 21:03:22 +02:00			`controller.start()`

Implement a bare minimum of advanced filtering - Forward messages without encryption. - Include a simple test setup in the Makefile. - Add a test to send a test message to the daemon. 2022-07-04 21:39:45 +02:00			`try:`
Re-use the same Event Loop for each coroutine Function asyncio.run creates a new event loop each time it's called and executes coroutine in that new loop. However, we want all our coroutines to be executed from the same event loop, so we acquire a loop when lacre.daemon starts and then use it to execute them later. See: Disroot/gpg-lacre#109 2022-10-29 16:09:24 +02:00			`loop.run_until_complete(_sleep())`
Implement a bare minimum of advanced filtering - Forward messages without encryption. - Include a simple test setup in the Makefile. - Add a test to send a test message to the daemon. 2022-07-04 21:39:45 +02:00			`except KeyboardInterrupt:`
			`LOG.info("Finishing...")`
Simplify code, improve log entries, add comments 2022-10-22 11:19:47 +02:00			`except:`
			`LOG.exception('Unexpected exception caught, your system may be unstable')`
Reload keyring on filesystem events Subscribe to FS events from keyring directory using Python Watchdog and when a modification is observed, reload the key cache. Since we may receive more than one event about a single modification, keep directory's last modification to recognise 'false positives'. 2022-10-15 19:53:55 +02:00			`finally:`
			`LOG.info('Shutting down keyring watcher and the daemon...')`
			`reloader.stop()`
			`reloader.join()`
			`controller.stop()`
Extend the daemon skeleton 2022-06-30 22:55:04 +02:00
Implement a bare minimum of advanced filtering - Forward messages without encryption. - Include a simple test setup in the Makefile. - Add a test to send a test message to the daemon. 2022-07-04 21:39:45 +02:00			`LOG.info("Done")`

Extend the daemon skeleton 2022-06-30 22:55:04 +02:00
			`if __name__ == '__main__':`
			`_main()`