debian-mirror-gitlab/lib/gitlab/email/hook/smime_signature_interceptor.rb

57 lines
1.6 KiB
Ruby
Raw Normal View History

2019-12-04 20:38:33 +05:30
# frozen_string_literal: true
module Gitlab
module Email
module Hook
class SmimeSignatureInterceptor
# Sign emails with SMIME if enabled
class << self
def delivering_email(message)
signed_message = Gitlab::Email::Smime::Signer.sign(
cert: certificate.cert,
key: certificate.key,
2020-05-24 23:13:21 +05:30
ca_certs: certificate.ca_certs,
2019-12-04 20:38:33 +05:30
data: message.encoded)
2020-03-13 15:44:24 +05:30
2019-12-04 20:38:33 +05:30
signed_email = Mail.new(signed_message)
overwrite_body(message, signed_email)
overwrite_headers(message, signed_email)
end
private
def certificate
2021-11-18 22:05:49 +05:30
@certificate ||= Gitlab::X509::Certificate.from_files(key_path, cert_path, ca_certs_path)
2019-12-04 20:38:33 +05:30
end
def key_path
Gitlab.config.gitlab.email_smime.key_file
end
def cert_path
Gitlab.config.gitlab.email_smime.cert_file
end
2020-05-24 23:13:21 +05:30
def ca_certs_path
Gitlab.config.gitlab.email_smime.ca_certs_file
end
2019-12-04 20:38:33 +05:30
def overwrite_body(message, signed_email)
# since this is a multipart email, assignment to nil is important,
# otherwise Message#body will add a new mail part
message.body = nil
message.body = signed_email.body.encoded
end
def overwrite_headers(message, signed_email)
message.content_disposition = signed_email.content_disposition
message.content_transfer_encoding = signed_email.content_transfer_encoding
message.content_type = signed_email.content_type
end
end
end
end
end
end