Piotr F. Mieszkowski
5f02223ec7
Use lib2to3 automatic migration tool provided by Python 2.x to convert codebase to new idioms. Command line: find . -type f -name '*.py' \ -exec python2.7 -m lib2to3 \ -f all -f idioms -f buffer -f set_literal -f ws_comma -w \ '{}' '+' |
||
---|---|---|
.. | ||
public_html | ||
cron.py | ||
README | ||
schema.sql |
gpg-mailgate-web ---------------- gpg-mailgate-web is a web interface designed to allow any web user to upload their PGP public key and then have all mail sent via your mail server be encrypted. (Note: this is not meant for email authentication, only encryption.) After submitting their key to a web form, the user will be required to confirm their email address. A cron script will register the public key with gpg-mailgate (keyhome_only must be set to no currently, which is the default) after email confirmation. From then on, email to the specified address will be encrypted with the public key. gpg-mailgate-web is useful for two purposes: for a transparent PGP encryption layer in front of any web application, or simple as a web interface for gpg-mailgate so that users on your mail server can easily upload and change their PGP keys. Note that all processing relating to the mail server is done via the cron script. This means that gpg-mailgate and the gpgmw cron can be installed on a different server from the web server. The MySQL database must be shared between the two applications though. 1. Installation instructions: 1) Install gpg-mailgate. 2) Create a MySQL database for gpg-mailgate. a) Schema file is located in schema.sql b) Database name and account goes in /etc/gpg-mailgate.conf (and set enabled = yes) 3) Copy the contents of public_html to your web directory. 4) Move config.sample.php to config.php and edit the configuration file. 5) Copy cron.py to /usr/local/bin/gpgmw-cron.py and set up a cron job a) Create /etc/cron.d/gpgmw with the contents: */3 * * * * nobody /usr/bin/python /usr/local/bin/gpgmw-cron.py > /dev/null 6) Ensure that cron is working and test your new gpg-mailgate-web installation! ---------------------------------------- 2. Adding rudimentary HKP Keyserver functionality for submitting public keys from the GPG client (so far only implemented and tested with lighttpd - basically you just need to make your http server listen on port 11371, redirect it to your gpg-mailgate-web directory and add a rewrite rule to catch 'pks/add' in the URI) 1) add the following lines to your lighttp.conf file and change the path to your gpg-mailgate-web directory server.reject-expect-100-with-417 = "disable" $SERVER["socket"] == ":11371" { server.document-root = "/var/www/gpgmw" setenv.add-response-header = ( "Via" => "1.1 yourserver.tld:11371 (lighttpd)" ) accesslog.filename = "/var/log/lighttpd/hkp-access.log" url.rewrite-once = ( "^/pks/(.*)" => "/index.php?/pks/$1" ) } 2) reload lighttpd: /etc/init.d/lighttpd restart 3) in the index.php add the following line after the other required_once(...) lines: require_once("include/phphkp.php"); 4) change the constants in the include/phphkp.php file! 5) check if it works with a GPG client of your choice pushing a public key to your server's domain or IP (HTTP request to http://yourserver.tld:11371/pks/add with the public key in a POST variable 'keytext')