4
`Topal': GPG/Pine integration
11
<H1>`Topal': GPG/Pine integration</H1>
13
Copyright (C) 2001--2003 Phillip J. Brooke
20
<LI> <A HREF="#introduction">Introduction</A>
21
<LI> <A HREF="#features">Features</A>
22
<LI> <A HREF="#important-changes">Important Changes from Previous Stable Versions</A>
23
<LI> <A HREF="#inst-and-config">Installation and Configuration</A>
25
<LI> <A HREF="#comp-and-inst">Compilation and Installation</A>
26
<LI> <A HREF="#pine-config">Pine Configuration</A>
27
<LI> <A HREF="#mailcap-config">Mailcap Configuration</A>
28
<LI> <A HREF="#topal-config">Topal Configuration</A>
30
<LI> <A HREF="#topal-usage">Topal Usage</A>
32
<LI> <A HREF="#topal-help">Help!</A>
33
<LI> <A HREF="#interactive-config">Interactive Configuration</A>
34
<LI> <A HREF="#decrypt-verify">Decryption/Verification</A>
35
<LI> <A HREF="#sending">Sending</A>
36
<LI> <A HREF="#nonpine">Command-line usage</A>
38
<LI> <A HREF="#additional-programs">Additional Programs</A>
39
<LI> <A HREF="#notes">Notes</A>
41
<LI> <A HREF="#pinehack">The Pine hack, and sending other attachments</A>
42
<LI> <A HREF="#keyids">Key IDs</A>
43
<LI> <A HREF="#errors">Errors</A>
44
<LI> <A HREF="#decrypt-attachments">Decrypting attachments</A>
45
<LI> <A HREF="#cleaning-cache">Cleaning up the cache</A>
46
<LI> <A HREF="#new-releases">New releases</A>
48
<LI> <A HREF="#author">Author</A>
49
<LI> <A HREF="#license">License</A>
50
<LI> <A HREF="#todo">To do</A>
51
<LI> <A HREF="#changes">Version History</A>
53
<LI> <A HREF="#last-changes">Most recent changes</A>
59
<H2><A NAME="introduction">Introduction</A></H2>
61
Topal is a `glue' program that links
62
<A HREF="http://www.gnupg.org">GnuPG</A>
1
<html xmlns="http://www.w3.org/1999/xhtml">
4
Topal: GPG/GnuPG and Alpine/Pine integration
6
<style type="text/css">
8
font-family: Helvetica, Geneva, Arial,
9
SunSans-Regular, sans-serif ;
10
background-color: #fafffa }
33
<h1>Topal: GPG/GnuPG and Alpine/Pine integration</h1>
35
<p>Copyright (C) 2001--2008 Phillip J. Brooke</p>
42
<li> <a href="#introduction">Introduction</a></li>
43
<li> <a href="#features">Features</a></li>
44
<li> <a href="#important-changes">Important changes from previous stable versions</a></li>
45
<li> <a href="#inst-and-config">Installation and configuration</a>
47
<li> <a href="#comp-and-inst">Compilation and installation</a></li>
48
<li> <a href="#pine-config">Pine/Alpine configuration</a></li>
49
<li> <a href="#mailcap-config">Mailcap configuration</a></li>
50
<li> <a href="#topal-config">Topal configuration</a></li>
52
<li> <a href="#topal-usage">Topal usage</a>
54
<li> <a href="#topal-help">Help!</a></li>
55
<li> <a href="#interactive-config">Interactive configuration</a></li>
56
<li> <a href="#decrypt-verify">Decryption/verification</a></li>
57
<li> <a href="#sending">Sending</a></li>
58
<li> <a href="#nonpine">Command-line usage</a></li>
59
<li> <a href="#remote">Remote and server mode</a></li>
61
<li> <a href="#fix-multipart">Fixing multipart emails</a></li>
62
<li> <a href="#notes">Notes</a>
64
<li> <a href="#pinehack">The Pine/Alpine hack, and sending other attachments</a></li>
65
<li> <a href="#keyids">Key IDs and keylists</a></li>
66
<li> <a href="#errors">Errors</a></li>
67
<li> <a href="#decrypt-attachments">Decrypting attachments</a></li>
68
<li> <a href="#locale-problems">Locale problems</a></li>
69
<li> <a href="#cleaning-cache">Cleaning up the cache</a></li>
70
<li> <a href="#remote-notes">Remote and server mode</a></li>
71
<li> <a href="#new-releases">New releases</a></li>
72
<li> <a href="#release-numbering">Release numbering</a></li>
74
<li> <a href="#author">Author</a></li>
75
<li> <a href="#licence">Licence</a></li>
76
<li> <a href="#todo">To do</a></li>
77
<li> <a href="#changes">Version history</a>
79
<li> <a href="#last-changes">Most recent changes</a></li>
85
<h2><a name="introduction">Introduction</a></h2>
87
<p>Topal is a `glue' program that links
88
<a href="http://www.gnupg.org">GnuPG</a>
64
<A HREF="http://www.washington.edu/pine/">Pine</A>. It offers
90
<a href="http://www.washington.edu/pine/">Pine</a>/<a href="http://www.washington.edu/alpine/">Alpine</a>. It offers
65
91
facilities to encrypt, decrypt, sign and verify emails. See the list
66
of <A HREF="#features">features</A> below.
70
<H2><A NAME="features">Features</A></H2>
72
<!-- Don't remove the next line -- or its counterpart later on! -->
76
<LI> In-place decryption/verification, dealing with multiple blocks
78
<LI> Caching of output to reduce need for passphrase (at expense of
79
storing decrypts and verification output).
80
<LI> Receiving of MIME RFC2015 multipart/signed and
81
multipart/encrypted messages. (Top-level multipart items need some help from a script,
82
topal-fix-email, invoked by procmail.) These features are available
83
to any program that uses .mailcap files.
84
<LI> Sending of MIME RFC2015 multipart/signed and multipart/encrypted
85
messages. (Needs a patch to Pine.)
86
<LI> Sending and receiving of the old application/pgp content-type
87
(sending requires the same patch as the previous item).
88
<LI> Offers user the opportunity to check output before sending it.
89
<LI> Rich configuration options.
90
<LI> Shortcuts for selecting keys, as well as general key selection
91
routines when sending email.
92
<LI> Few arbitrary limits.
99
<H2><A NAME="important-changes">Important Changes from Previous Stable Versions</A></H2>
101
The previous stable releases were 0.7.2, 0.7.8 and 0.7.9.
103
<H3>Important Changes in Version 0.7.10</H3>
105
The recommended procmail recipe has been changed.
107
<H3>Important Changes in Version 0.7.8</H3>
109
topal-fix-email and topal-fix-folder have been replaced by the
110
main topal binary. Change <TT>topal-fix-email</TT> in your .procmailrc to be
111
<TT>topal --fix-email</TT>. (Or add symlinks: the binary checks what it has been called as.)
115
You <EM>must</EM> clear your cache otherwise the changes made for
92
of <a href="#features">features</a> below.
97
<h2><a name="features">Features</a></h2>
99
<!-- Don't remove the next line - or its counterpart later on! -->
103
<li> In-place decryption/verification, dealing with multiple blocks
104
embedded in text.</li>
105
<li> Caching of output to reduce need for passphrase (at expense of
106
storing decrypts and verification output).</li>
107
<li> Receiving of MIME RFC2015/3156 multipart/signed and
108
multipart/encrypted messages. Top-level multipart items need some
109
modification: see the README section `fixing multipart emails'. These features are available
110
to any program that uses .mailcap files.</li>
111
<li> Sending of MIME RFC2015/3156 multipart/signed and multipart/encrypted
112
messages. (Needs a patch to Pine/Alpine.)</li>
113
<li> Sending and receiving of the old application/pgp content-type
114
(sending requires the same patch as the previous item).</li>
115
<li> Basic support for verifying S/MIME multipart/signed messages.</li>
116
<li> Offers user the opportunity to check output before sending
118
<li> Remote sending mode for when reading email on a distant computer via ssh with secret
119
keys on the local computer.</li>
120
<li> Rich configuration options.</li>
121
<li> Shortcuts for selecting keys, as well as general key selection
122
routines when sending email.</li>
123
<li> Few arbitrary limits.</li>
130
<h2><a name="important-changes">Important changes from previous stable versions</a></h2>
132
<p>The previous stable releases were 0.7.2, 0.7.8, 0.7.9 and 0.7.13.6.
133
Release numbering has changed since then.
134
The subsequent stable releases were 55, 56, .... </p>
136
<h3>Important changes in release 60</h3>
139
<li>MIME sending now requires MIME-tool; mime-construct is no longer
140
used. See <a href="#comp-and-inst">compilation and installation</a>.</li>
143
<h3>Important changes in release 58</h3>
146
<li>The default configuration no longer uses absolute paths.</li>
149
<h3>Important changes in release 55</h3>
152
<li>If you use a non-English locale, please check that Topal still
153
works as expected (replaced code that fixed some locale
155
<li>The Alpine patch is based off my old Pine patches, but does a
156
little more. You will need to set the <tt>Enable Topal hack for
157
OpenPGP/MIME messages</tt> option in the hidden configuration list. Bug
158
reports welcome.</li>
159
<li>The <tt>--fix-email</tt> wrapper no longer creates a
160
multipart/alternative: it creates a multipart/misc wrapper instead.
161
Please check that your procmail recipe includes a suitable backup in
162
case this doesn't work for you.</li>
165
<h3>Important changes in version 0.7.10</h3>
167
<p>The recommended procmail recipe has been changed.</p>
169
<h3>Important changes in version 0.7.8</h3>
171
<p>topal-fix-email and topal-fix-folder have been replaced by the
172
main topal binary. Change <tt>topal-fix-email</tt> in your .procmailrc to be
173
<tt>topal --fix-email</tt>. (Or add symlinks: the binary checks what it has been called as.)</p>
175
<p>You <em>must</em> clear your cache otherwise the changes made for
116
176
inline-separate-output (added in version 0.7.8) will break (this occurs regardless of whether
117
177
the option is on or off). This new feature shows the GnuPG/Topal
118
178
output separately, then hands back the decrypted or verified output
119
179
without any wrappers. This makes it more suitable for dealing with
120
attachments (but you need to set it manually via <TT>topal
180
attachments (but you need to set it manually via <tt>topal
125
184
Finally, the send menu has a new option: `Pass through unchanged'.
126
This does nothing to the message (except for forcing the content-type
127
to be text/plain when invoked with -sendmime; this is useful for
128
dealing with an obscure bug in Pine 4.44). Moreover, you can
129
always have Topal invoked for sending.
134
<H2><A NAME="inst-and-config">Installation and Configuration</A></H2>
136
<H3><A NAME="comp-and-inst">Compilation and Installation</A></H3>
138
You need a working C compiler and the GNU Ada Compiler (GNAT). There
139
is a makefile: simply type `make'. Type `make install' to see what
140
files need copying (it doesn't actually do the copy).
143
<H3><A NAME="pine-config">Pine Configuration</A></H3>
145
Assuming that the topal binary is installed in /usr/local/bin, set up
146
the Pine sending & display filters as follows:
148
display-filters=_BEGINNING("-----BEGIN PGP ")_ /usr/local/bin/topal -display _TMPFILE_ _RESULTFILE_
150
sending-filters=/usr/local/bin/topal -send _TMPFILE_ _RESULTFILE_ _RECIPIENTS_,
151
/usr/local/bin/topal -sendmime _TMPFILE_ _RESULTFILE_ _MIMETYPE_ _RECIPIENTS_
153
You can choose either or both of the sending filters. The <TT>-sendmime</TT>
185
This does nothing to the message so, you can
186
always have Topal invoked as a filter for sending.
191
<h2><a name="inst-and-config">Installation and configuration</a></h2>
193
<h3><a name="comp-and-inst">Compilation and installation</a></h3>
196
To compile Topal, you need a working C compiler and the GNU Ada
197
Compiler (GNAT). There is a makefile: simply type <tt>make</tt>.
198
Type <tt>make install</tt> to actually install. The default location
199
is /usr, so you'll need to be root to install. Alternatively, use
200
<tt>make install INSTALLPATH=/usr/local</tt> to install into
201
/usr/local. (Or use the more specific variables INSTALLPATHBIN,
202
INSTALLPATHMAN, INSTALLPATHDOC and INSTALLPATHPATCHES.)
206
MIME sending requires the Topal version of mime-tool (included with
207
the Topal sources, and compiled and installed at the same time using
208
the Makefile). MIME viewing can be handled via metamail, run-mailcap,
209
or by saving to a file in the <tt>~/.topal</tt> directory and viewed
213
<h3><a name="pine-config">Pine/Alpine configuration</a></h3>
216
Assuming that the topal binary is installed in /usr/bin, set up
217
the Pine/Alpine sending and display filters as follows:
220
display-filters=_BEGINNING("-----BEGIN PGP ")_ /usr/bin/topal -display _TMPFILE_ _RESULTFILE_
222
sending-filters=/usr/bin/topal -send _TMPFILE_ _RESULTFILE_ _RECIPIENTS_,
223
/usr/bin/topal -sendmime _TMPFILE_ _RESULTFILE_ _MIMETYPE_ _RECIPIENTS_
226
You can choose either or both of the sending filters. The <tt>-sendmime</tt>
154
227
option allows the user to choose the MIME type of the outbound
155
email. (Legacy fixes are in place that make <TT>-decrypt</TT> and <TT>-verify</TT>
156
behave the same as <TT>-display</TT>.)
158
For -sendmime to work, you will need to patch Pine. There are patches
228
email. (Legacy fixes are in place that make <tt>-decrypt</tt> and <tt>-verify</tt>
229
behave the same as <tt>-display</tt>.) Note that
230
<tt>_RECIPIENTS_</tt> should be last.
234
For -sendmime to work, you will need to patch Pine/Alpine. There are patches
160
<A HREF="pine-4.44-patch">4.44</A>,
161
<A HREF="pine-4.50-patch">4.50</A>
163
<A HREF="pine-4.53-patch">4.53</A>
164
of Pine. (They're all more-or-less the same patch. It's pretty easy
165
to apply them against Pine versions 4.51 and 4.52 if you feel so
168
`<TT>cd</TT>' into the pine4.<I>xx</I> directory and use the command
169
`<TT>patch -p1 < wherever/the/patch/is</TT>'.
236
<a href="pine-4.44.patch">4.44</a>,
237
<a href="pine-4.50.patch">4.50</a>,
238
<a href="pine-4.53.patch">4.53</a>,
239
<a href="pine-4.58.patch">4.58</a>.
240
<a href="pine-4.60.patch">4.60</a>
242
<a href="pine-4.64.patch">4.64</a>
243
of Pine. (They're all more-or-less the same patch.)
244
<tt>cd</tt> into the pine4.<i>xx</i> directory and use the
245
<tt>patch</tt> command.
249
There are patches for Alpine: versions
250
<a href="alpine-1.00.patch">1.00</a>
252
<a href="alpine-1.10.patch">1.10</a>.
253
Please note that the Alpine patches also modify Alpine's
254
configuration. There is a hidden preference `enable Topal hack'
255
(enable-topal-hack) that you need to switch on.
173
259
It doesn't seem to have broken anything else.... It seems to work for
174
260
sending via an SMTP server - it might break for sending via
175
261
/usr/lib/sendmail (if it does, please send me a debug trace by
176
invoking pine with `<TT>-d 9</TT>').
178
<H3><A NAME="mailcap-config">Mailcap Configuration</A></H3>
180
To decode MIME RFC2015 multipart/signed and /encrypted messages
262
invoking pine with `<tt>-d 9</tt>').
266
You can also add <tt>--read-from _INCLUDEALLHDRS_</tt> before
267
<tt>send</tt> and <tt>-sendmime</tt>. This makes Topal attempt to
268
guess a suitable key for signing and self-encryption. If multiple
269
possible keys match, then you'll be offered a menu of the keys.
272
<h3><a name="mailcap-config">Mailcap configuration</a></h3>
275
To decode MIME RFC2015/3156 multipart/signed and /encrypted messages
181
276
requires the assistance of metamail. Add in either the user mailcap
182
configuration (<TT>.mailcap</TT>) or the system configuration
183
(<TT>/etc/mailcap</TT>) the lines
185
multipart/signed; /usr/local/bin/topal -mime '%s' '%t'; needsterminal
186
multipart/encrypted; /usr/local/bin/topal -mime '%s' '%t'; needsterminal
187
application/pgp; /usr/local/bin/topal -mimeapgp '%s' '%t'; needsterminal
190
<H3><A NAME="procmail-config">Procmail Configuration</A></H3>
277
configuration (<tt>.mailcap</tt>) or the system configuration
278
(<tt>/etc/mailcap</tt>) the lines
281
multipart/signed; /usr/bin/topal -mime '%s' '%t'; needsterminal
282
multipart/encrypted; /usr/bin/topal -mime '%s' '%t'; needsterminal
283
application/pgp; /usr/bin/topal -mimeapgp '%s' '%t'; needsterminal
286
<h3><a name="procmail-config">Procmail configuration</a></h3>
192
289
In your procmailrc, add the recipe:
195
| /usr/local/bin/topal --fix-email
197
I <EM>strongly</EM> advise that you also use one of the backup
293
| /usr/bin/topal --fix-email
295
<p>This examines all inbound emails. Those with top-level
296
multipart/signed or multipart/encrypted MIME types are modified to add
297
a multipart/misc wrapper so that Pine/Alpine can hand it off to
298
Topal. All other emails are left unchanged.</p>
300
I <em>strongly</em> advise that you also use one of the backup
198
301
recipes from the procmail manual. See also the notes in
199
<A HREF="#additional-programs">additional programs</A>.
201
<H3><A NAME="topal-config">Topal Configuration</A></H3>
203
Create a directory called `${HOME}/.topal'. This is currently
204
hard-coded into Topal. Create the basic configuration file by running
205
topal with the -dump or -default option. This file should be named `<TT>config</TT>'.
302
<a href="#fix-multipart">fixing multipart emails</a>.
305
<h3><a name="topal-config">Topal configuration</a></h3>
308
Create a directory called `<tt>${HOME}/.topal</tt>'. This is
309
currently hard-coded into Topal. Create the basic configuration file
310
by running topal with the <tt>-dump</tt> or <tt>-default</tt> options.
311
This file should be named `<tt>config</tt>'.
207
315
All .topal files are silently ignored if they cannot be found.
316
Comments begin with a # in the first column, and run to the end of a
317
line. They are totally ignored and are not currently preserved.
208
318
Parsing errors cause an exception.
210
322
If you want to include strings with spaces, you'll need to quote them
211
with double-quotes (<TT>"</TT>). Double-quotes themselves can be
212
included by `stuffing' (<TT>""</TT>).
217
<H2><A NAME="topal-usage">Topal Usage</A></H2>
219
<H3><A NAME="topal-help">Help!</A></H3>
221
<TT>-help</TT> as the first argument dumps a help message.
223
The help message is derived from the help.txt file (included at
323
with double-quotes (<tt>"</tt>). Double-quotes themselves can be
324
included by `stuffing' (<tt>""</tt>).
329
<h2><a name="topal-usage">Topal usage</a></h2>
331
<h3><a name="topal-help">Help!</a></h3>
334
<tt>-help</tt> as the first argument dumps a help message.
338
The help message is derived from the <tt>help.txt</tt> file (included at
226
See help.txt for information on <A HREF="#nonpine">non-Pine use of Topal</A>.
228
Send <A HREF="#author">email to me</A> if you're really stuck.
230
<H3><A NAME="interactive-config">Interactive Configuration</A></H3>
232
<TT>-config</TT> as the first argument brings up the configuration menu.
343
See <tt>help.txt</tt> for information on <a href="#nonpine">non-Pine use of Topal</a>.
347
Send <a href="#author">email to me</a> if you're really stuck.
350
<h3><a name="interactive-config">Interactive configuration</a></h3>
353
<tt>-config</tt> as the first argument brings up the configuration menu.
234
357
This menu is also available when sending (so that the signing key can
238
<H3><A NAME="decrypt-verify">Decryption/Verification</A></H3>
361
<h3><a name="decrypt-verify">Decryption/verification</a></h3>
240
364
Depending on configuration, Topal will either ignore the file
241
365
altogether, ask you what you want to do with it, or proceed to
242
366
process the file automatically.
244
370
GPG will ask you for your passphrase when it needs it.
246
374
Caching is in place; the results of decryption and verification are
247
375
(subject to configuration) saved in ~/.topal/cache. The results of
248
376
caching mean that you won't be repeatedly asked for your passphrase,
249
377
at the expense of storing decrypts in the clear.
251
Be warned: Topal often invokes `less' to view something. So you'll
252
need to use `q' to get out of it. `Metamail' is called for anything
381
Be warned: Topal often invokes <tt>less</tt> to view something. So you'll
382
need to use <tt>q</tt> to get out of it. <tt>metamail</tt> is called for anything
253
383
after MIME processing.
255
A new option (for version 0.7.8) called `inline-separate-output'
387
A new option (for version 0.7.8) called <tt>inline-separate-output</tt>
256
388
concerns inlined (i.e., not MIME) messages. If the option is on, then
257
the Topal/GnuPG output will be shown to you by less. Then the
258
decrypted or verified output will be handed back to Pine. This is the
389
the Topal/GnuPG output will be shown to you by <tt>less</tt>. Then the
390
decrypted or verified output will be handed back to Pine/Alpine. This is the
259
391
way to approach attachments. However, you will normally want to keep
260
392
this option off, because if you're reading (for example) BugTraq
261
mailings, then it will want you to hit `q' an awful lot....
263
<H3><A NAME="sending">Sending</A></H3>
393
mailings, then it will want you to hit <tt>q</tt> an awful lot....
396
<h3><a name="sending">Sending</a></h3>
265
399
If you choose the `Topal' filter when sending, you will be offered a
268
403
(lkr) List/edit current recipient keys (@) Add own key
269
404
(n) Pass through unchanged (o) Configuration (q) Abort
270
405
Execute GPG: (e) Encrypt (s) Sign-encrypt (c) Clearsign
272
408
Above that, it will indicate picking up keys for each recipient email
273
409
address. It will also add a key `for self'.
275
`Abort' tells Pine you don't want Topal to process the email anymore.
277
`Pass through unchanged' does nothing to the message (except for forcing the
278
content-type to be text/plain when invoked with -sendmime; this is useful for dealing with an
279
obscure bug in Pine 4.44). This means that you can always have Topal
413
`Abort' tells Pine/Alpine you don't want Topal to process the email anymore.
417
`Pass through unchanged' does nothing to the message. This means that
418
you can always have Topal invoked for sending.
282
422
`Add own key' adds an `encrypt to self' key. (It is added by default,
283
423
but if you remove it, this is a quick way to restore it.)
285
427
The three `execute GPG' options use the current settings and execute
286
428
GPG. You will be asked to confirm the command-line, and after
287
processing, less is invoked to visually check that the desired result
429
processing, <tt>less</tt> is invoked to visually check that the desired result
288
430
has been achieved. Again, a confirmation is asked for.
290
434
If -sendmime was used, then a menu will ask
292
437
(p) Inline plain text (a) application/pgp (m) multipart/*
295
441
offer a choice of three MIME types. Don't use (a) unless you really
296
442
know what you're doing. If you are signing and encrypting, a further
297
choice, <PRE>(e) multipart/* encapsulated</PRE> will be offered.
443
choice,</p><pre>(e) multipart/* encapsulated</pre><p>will be offered.
298
444
This encapsulates a MIME signed message inside an encrypted message.
299
445
Otherwise, we do both operations at once. (If you choose `clearsign'
300
446
and `multipart/*', then all trailing blank lines will be deleted.
301
Note also that Pine appears to delete trailing whitespace in trailing
447
Note also that Pine/Alpine appears to delete trailing whitespace in trailing
304
452
`Configuration' offers the same menu that is available from the
453
<tt>-config</tt> option.
307
457
`List current recipient keys' offers a list of recipients:
309
460
Select key, or (dq) to quit and return to main send menu
310
461
or (s) to select a key after searching in the main keyring
311
462
or (ak) to add keys from the main keyring (not recommended, use `s')
312
Displaying choices 1 to 2 of 1 to 2 (<,) page up (>.) page down
313
1 - Details: pub 1024D/50973B91 2000-12-19 Dr Phil Brooke (at home) <P.J.Broo
314
2 - Details: pub 1024D/16BE903A 2001-02-25 Malcolm Gray <malcolm.gray@jobstre
463
Displaying choices 1 to 2 of 1 to 2 (<,) page up (>.) page down
464
1 - 50973B91 2000-12-19 Dr Phil Brooke (at home) <P.J.Brooke@bcs.org.uk>
465
2 - 9DAF9B5C 2005-10-21 Dr Phil Brooke <pjb@scm.tees.ac.uk>
316
468
`Quit and return to main send menu' sends you back to the first menu.
318
472
`Add key from main keyring' prompts you for a search pattern. It will
319
do a general search on your GPG keyring. Beware of just pressing
320
enter - it will select <EM>all</EM> keys on your keyring.
473
do a general search on your GPG keyring <em>and add</em> all matching keys. Beware of just pressing
474
enter - it will select <em>all</em> keys on your keyring.
322
478
A better alternative is to use the `select after search' option. This
323
479
also does a search on your GPG keyring, but then you must select
324
480
one key to be added to your list of recipients.
326
484
Selecting a key will offer a third menu (a similar menu is offered
327
485
when selecting a single key):
329
Key: Details: pub 1024D/50973B91 2000-12-19 Dr Phil Brooke (at home) <P.J.Broo
488
Key: 50973B91 2000-12-19 Dr Phil Brooke (at home) <P.J.Brooke@bcs.org.uk>
330
489
(d) Display details of key with less, (v) Verbosely
331
490
(r) Remove key from list (kql) Return to key list
333
493
`Return to key list' takes you back to the second menu.
335
497
`Display details of key (less)' simply uses GPG to list the
336
key details via less. You'll need to use `q' to get out of less.
498
key details via <tt>less</tt>. You'll need to use `q' to get out of <tt>less</tt>.
338
502
`Verbose details of key (less)' pipes verbose output from GPG for this
339
key into gpg. You'll need to use `q' to get out of less.
503
key into gpg. You'll need to use `q' to get out of <tt>less</tt>.
341
507
`Remove key from list' removes the key from this recipient list.
344
<H2><A NAME="nonpine">Command-line usage</A></H2>
510
<h3><a name="nonpine">Command-line usage</a></h3>
346
513
If you invoke Topal on the command-line with a filename as an
347
514
argument, it will offer the sending functions on that file. It
348
515
doesn't actually send anything: instead it allows you to encrypt,
349
516
sign, etc. the message. You have a choice of overwriting or
350
517
preserving the original file (this bit is case-sensitive).
352
521
The main purpose of this mode is for encrypting or signing attachments
353
before they are attached to the message in Pine. Beware that Pine
522
before they are attached to the message in Pine/Alpine. Beware that Pine/Alpine
354
523
does not feed the attachments to a sending filter.
356
527
MIME functions are not available in this mode: it makes no sense.
360
<H2><A NAME="additional-programs">Additional Modes</A></H2>
362
Two scripts used to be included with topal: topal-fix-email and
363
topal-fix-folder. They have been replaced by the <TT>--fix-email</TT>
364
and <TT>--fix-folder</TT> command-line options to the main binary.
366
<TT>topal --fix-email</TT> modifies any email that is (at the top level) a
367
multipart/signed or multipart/encrypted message. It creates a
368
multipart/alternative message. The revised message contains the first
369
part of the original message as one alternative, then the entire
370
original message as an alternative part. Pine can cope with invoking
371
Topal on the (original) subpart. Confused? (It probably isn't clever
372
for /encrypted mail, but at least Topal can get at it.)
530
<h3><a name="remote">Remote and server mode</a></h3>
533
Suppose you are reading your email on a remote host via ssh (as I
534
often do). You now want to compose an email and sign it, but your
535
secret key is only accessible on the local computer. Topal has
536
rudimentary support for this (primarily to support my style of
537
working). This comes in two parts: a `server' mode to run on the local
538
computer (with access to the secret key) and a remote option in the
543
The server mode (on the local host) is started by running <tt>topal
544
-server</tt>. This is where GPG requests for signing are made.
548
When sending, you can choose `remote'. This prompts for the host to
549
connect to using ssh/scp: this host should be running the `server'.
550
The files are sent to the local server, processed by the server, then
551
the results are copied back. ssh and scp are both used: because
552
they're used repeatedly, you might want to use key-based
553
authentication and have the key added to a current ssh-agent.
557
There isn't a remote mode for receiving: my approach is to use unison
558
(or some other file synchroniser or a simple scp) to move the email(s)
559
concerned, then view them on the local computer.
564
<h2><a name="fix-multipart">Fixing multipart emails</a></h2>
567
Two scripts used to be included with topal (long ago):
568
<tt>topal-fix-email</tt> and <tt>topal-fix-folder</tt>. They have
569
been replaced by the <tt>--fix-email</tt> and <tt>--fix-folder</tt>
570
command-line options to the main binary.
574
<tt>topal --fix-email</tt> modifies any email that is (at the top
575
level) a multipart/signed or multipart/encrypted message. It creates
576
a multipart/misc message instead: this revised message is simply a
577
wrapper version of the original message so that Pine/Alpine can pass the
578
signed or encrypted part to Topal.
376
<DT><TT>topal --fix-folder</TT> <folder> ...</DT> <DD>This fixes the old
377
email folders you may have.</DD>
378
<DT><TT>topal --fix-email</TT></DT> <DD>Takes no arguments; it accepts a single
585
<dt><tt>topal --fix-folder</tt> <folder> ...</dt> <dd>This fixes the old
586
email folders you may have.</dd>
587
<dt><tt>topal --fix-email</tt></dt> <dd>Takes no arguments; it accepts a single
379
588
email on stdin. Ideally, it should be invoked by procmail (see the
380
<A HREF="#procmail-config">configuration section</A> above).
383
<TT>topal --fix-email</TT> has a simpler mode (<TT>--simple</TT>) where it
589
<a href="#procmail-config">configuration section</a> above).</dd>
593
<tt>topal --fix-email</tt> has a simpler mode (<tt>--simple</tt>) where it
384
594
pretends that there are two MIME content types:
385
595
`application/x-topal-encrypted' and `application/x-topal-signed'. You
386
596
might prefer using this.
390
<H2><A NAME="notes">Notes</A></H2>
392
<H3><A NAME="pinehack">The Pine patch, and sending other attachments</A></H3>
394
What does the patch to Pine do? It removes some of the safety
599
<p>Why do we need this? If we just set the <tt>.mailcap</tt> file
600
for, say, multipart/signed, then Alpine (at least version 1.00) is
601
unable to handle a top-level multipart/signed email: an error message
602
starting `Can't find body for requested message' is seen. But
603
multipart/signed inside a multipart/mixed (or multipart/alternative,
604
etc.) can be successfully handed-off to Topal.</p>
606
<p>Replying to such messages is a pain: you'll have to save off the
607
actual message and read it in. Suggestions on fixing this are welcome....</p>
609
<p>See <tt>Workaround.Fix_Email</tt> in the sources for more details.</p>
613
<h2><a name="notes">Notes</a></h2>
615
<h3><a name="pinehack">The Pine/Alpine patch, and sending other attachments</a></h3>
618
What does the patch to Pine/Alpine do? It removes some of the safety
395
619
checking when changing the content-type (_MIMETYPE_) in a filter.
396
620
Normally, if the returned content-type is not text/*, then the entire
397
621
content-type is dropped.
399
625
The patch instead adds a flag, `topal_hack', and sets this if the
400
626
returned content-type is not text. From time-to-time, we
401
627
pretend that the body is normal text. We take a little care to check
402
628
if this message is already a multipart message, so hopefully, the normal
403
629
sending of attachments still works.
405
<H3><A NAME="keyids">Key IDs</A></H3>
632
<h3><a name="keyids">Key IDs and keylists</a></h3>
407
635
Topal internally lists keys by their fingerprint. It uses GPG to look
408
636
up key fingerprints by using whatever GPG can cope with.
410
640
Duplicate keys are silently suppressed. Removing a key only removes
411
641
one instance, if somehow you've coerced Topal to list duplicates
412
642
(which is quite easy, since adding a key with its short key ID, and
413
643
the same key with its fingerprint will add two identical keys).
415
647
The way that Topal chooses the keys is as follows:
418
<LI> For each recipient email address (supplied by Pine)
420
<LI> For each matching line in keylist, use the key ID to get a fingerprint, and add the key to the list.
421
<LI> In there are no matching lines in keylist, try to get a
650
<li> For each recipient email address (supplied by Pine)
652
<li> For each matching line in keylist, use the key ID to get a fingerprint, and add the key to the list.</li>
653
<li> In there are no matching lines in keylist, try to get a
422
654
fingerprint via just that email address (but exclude `xk'
423
configuration entries).
655
configuration entries).</li>
427
660
The keylist is a way to say, `for this particular email address, use
428
this particular key'.
431
<H3><A NAME="errors">Errors</A></H3>
661
this particular key'. In your <tt>config</tt> file, include lines
665
ake=50973B91,philb@soc.plym.ac.uk
666
ake=50973B91,pjb@lothlann.freeserve.co.uk
668
<p>These mean `use key 50973B91 for the the given email addresses.
673
<p>means `don't use key 50973B91'. There are also similar
674
<tt>sake</tt> and <tt>sxk</tt> options for the secret key selection
675
(via <tt>--read-from</tt>) (although the testing of the secret key
676
listings is less thorough so far).</p>
679
<h3><a name="errors">Errors</a></h3>
433
682
Bad things happening should result in Topal setting its exit status to
434
683
`failed', so Pine should detect this and not send your email.
436
687
Bug reports are welcome: send them by email to me (contact details below).
438
<H3><A NAME="decrypt-attachments">Decrypting attachments</A></H3>
690
<h3><a name="decrypt-attachments">Decrypting attachments</a></h3>
440
693
If an attachment is a plaintext PGP ASCII-armoured message, then Topal
441
694
will be invoked by Pine. You probably want to say `no' when asked
442
695
here (beware of the configuration options here). Otherwise, you'll
443
696
get a decrypted file with the original attachment filename, plus the
444
697
various Topal headers.
446
<H3><A NAME="cleaning-cache">Cleaning up the cache</A></H3>
700
<h3><a name="locale-problems">Locale problems</a></h3>
703
GPG does not do any encoding of input data. This means that the
704
encoding is dependent on Pine/Alpine and Topal. If a message is sent
705
with one encoding and received by a user running in a different
706
locale, then we might end up with a good message not verifying (i.e.,
711
I currently have no way to automatically fix this. However, the
712
<tt>--ask-charset</tt> option will ask during inline
713
decryption/verification if you want to change the encoding. If you
714
know that the message was written by a UTF-8 user (and you're in a
715
different locale), this might help. (This only happens if a bad
716
signature is returned.)
720
I know it's a kludge. I'd be interested to hear success and failure
724
<h3><a name="cleaning-cache">Cleaning up the cache</a></h3>
448
727
You might want to run something like
450
730
find ${HOME}/.topal/cache -mtime +7 | xargs rm
452
733
to remove all the cache files that are a bit old (in this example, 7
453
734
days old or older).
455
<H3><A NAME="new-releases">New releases</A></H3>
457
To be notified of new releases of Topal, send an email to me....
461
<H2><A NAME="author">Author</A></H2>
737
<h3><a name="remote-notes">Remote and server mode</a></h3>
740
When remote is invoked in a sending menu:
743
<li>The host has to be chosen for ssh/scp.</li>
744
<li>Because topal might be outside the normal path, you'll be asked
746
<li>The sender scp's the relevant files into <tt>.topal/server</tt>.</li>
747
<li>The sender calls <tt>ssh (server) -remotesend ...</tt> or <tt>ssh
748
(server) -remotesendmime ...</tt>.</li>
749
<li>The invocation of <tt>-remotesend</tt> or <tt>-remotesendmime</tt>
750
triggers the server to run a new instance of Topal on the local
752
<li>When that instance is finished, the relevant files are copied
753
back, along with the return value.</li>
756
<h3><a name="new-releases">New releases</a></h3>
758
<p>To be notified of new releases of Topal, send an email to me.</p>
760
<h3><a name="release-numbering">Release numbering</a></h3>
762
<p>The old release numbering was making less sense to me. New
763
releases are simple integers. In the event that an earlier release is
764
modified, I'll then add extra components to the release number.</p>
768
<h2><a name="author">Author</a></h2>
463
771
Phil Brooke wrote this, partially out of boredom, but mostly because
464
772
he wanted a GPG/Pine add-on to do exactly what he wants. There are
465
773
many similar programs.
467
777
If you like this program, please tell me. If you'd like it better
468
778
with changes, please tell me what changes you want. If particular
469
items on the <A HREF="#todo">`To do' list</A> are important to you, let me know. In
779
items on the <a href="#todo">`To do' list</a> are important to you, let me know. In
470
780
particular, if you find bugs, feel free to tell me the details by
473
This package is released under the GPL: see the file <A HREF="COPYING">COPYING</A>.
785
This package is released under the GPL: see the file <a href="COPYING">COPYING</a>.
475
789
I can be emailed on
476
<A HREF="mailto:pjb@lothlann.freeserve.co.uk"><TT>pjb@lothlann.freeserve.co.uk</TT></A>
790
<a href="mailto:pjb@lothlann.freeserve.co.uk"><tt>pjb@lothlann.freeserve.co.uk</tt></a>
478
794
My key ID is 0x50973B91; the key is available from web pages and public key
481
799
If you want to send snailmail to me, email me for my (physical) address.
485
<H2><A NAME="license">License</A></H2>
487
This program is free software; you can redistribute it and/or modify
488
it under the terms of the GNU General Public License as published by
489
the Free Software Foundation; either version 2 of the License, or
490
(at your option) any later version.
492
This program is distributed in the hope that it will be useful,
493
but WITHOUT ANY WARRANTY; without even the implied warranty of
494
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
495
GNU General Public License for more details.
497
You should have received a copy of the GNU General Public License
498
along with this program; if not, write to the Free Software
499
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
503
<H2><A NAME="todo">To do...</A></H2>
506
<LI> Fix these known/reported bugs:
508
<LI> `Pine indicating both text elements as shown' problem -
509
no obvious reason for it, though.
510
<LI> Very rarely, some Topal-munged multipart/signed messages aren't
511
handed off to Pine. Not obvious why, yet.
513
<LI> Add signal handlers.
514
<LI> Catch GPG keyboard interrupt.
515
<LI> Should we check that the infile matches the cache file even if
516
the MD5 hash matches? (We'd need to store the infile in the cache as well.)
517
<LI> Check through code: all external calls should check return
518
values. General clean-up.
519
<LI> Add pkcs7 signatures via SSL?
520
<LI> Use mimeconstruct to attach attachments that are then signed/encrypted/whatever?
521
<LI> Add interrupt option at very beginning of execution? (which
522
would bring up the configuration menu?)
523
<LI> Associate extra options with particular keys?
524
<LI> Configuration routine for managing keys/config/keylist?
525
<LI> Implement rest of configuration menu.
526
<LI> Make a much nicer interface all round....
527
<LI> Separate out all the constant strings -- so that we can have internationalization.
528
<LI> Context-sensitive help throughout (modify mkhelp to create multiple
529
procedures, or do it by number?); add COPYING option?
530
<LI> More receiving/decrypt options: include both plaintext and
532
<LI> Add periodic cache cleanup when Topal is invoked?
533
<LI> Add logging for workaround mode (report time of email processing (include PID); indicate if the file was changed or not)?
538
<H2><A NAME="changes">Version History</A></H2>
540
Look in <A HREF="release">release</A> for the current release number.
543
<DT>06/2001, 0.1</DT> <DD>First alpha release.</DD>
545
<DT>06/2001, 0.2</DT> <DD>Minor changes.</DD>
547
<DT>06/2001, 0.3</DT> <DD>Major changes to how keys are identified and
550
<DT>06/2001, 0.4</DT> <DD>Adding more customization features.</DD>
552
<DT>11/2001, 0.4.4</DT> <DD>Cleaned up some error messages; added -nps
555
<DT>11/2001, 0.4.5</DT> <DD>Added `gpg-options' config item with
556
default `--no-options'. (Forgot to add this note as well....)</DD>
558
<DT>11/2001, 0.5.0</DT> <DD>Dumped -verify and -decrypt modes in
804
<h2><a name="licence">Licence</a></h2>
807
This program is free software: you can redistribute it and/or modify
808
it under the terms of the GNU General Public License version 3 as
809
published by the Free Software Foundation.
812
This program is distributed in the hope that it will be useful,
813
but WITHOUT ANY WARRANTY; without even the implied warranty of
814
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
815
GNU General Public License for more details.
818
You should have received a copy of the GNU General Public License
819
along with this program. If not, see <a href="http://www.gnu.org/licenses/">http://www.gnu.org/licenses/</a>.
824
<h2><a name="todo">To do...</a></h2>
827
<li> Planned releases:
829
<li> Add S/MIME support via gpgsm. </li>
830
<li> Improve attachments code (and add some documentation). </li>
832
<li> Better error handling, particularly when missing dependencies
833
such as mime-construct or metamail.</li>
834
<li> Add signal handlers.</li>
835
<li> Catch GPG keyboard interrupt.</li>
836
<li> Should we check that the infile matches the cache file even if
837
the MD5 hash matches? (We'd need to store the infile in the cache as well.)</li>
838
<li> Check through code: all external calls should check return
840
<li> Refactor code.</li>
841
<li> Add interrupt option at very beginning of execution? (which
842
would bring up the configuration menu?)</li>
843
<li> Associate extra options with particular keys?</li>
844
<li> Configuration routine for managing keys/config/keylist?</li>
845
<li> Implement rest of configuration menu.</li>
846
<li> Make a much nicer interface all round....</li>
847
<li> Separate out all the constant strings -- so that we can have internationalization.</li>
848
<li> Context-sensitive help throughout (modify mkhelp to create multiple
849
procedures, or do it by number?); add COPYING option?</li>
850
<li> More receiving/decrypt options: include both plaintext and
852
<li> Add periodic cache cleanup when Topal is invoked?</li>
853
<li> Add logging for workaround mode (report time of email processing (include PID); indicate if the file was changed or not)?</li>
858
<h2><a name="changes">Version history</a></h2>
860
<p>Look in <a href="release">release</a> for the current release number.</p>
863
<dt>06/2001, 0.1</dt> <dd>First alpha release.</dd>
865
<dt>06/2001, 0.2</dt> <dd>Minor changes.</dd>
867
<dt>06/2001, 0.3</dt> <dd>Major changes to how keys are identified and
870
<dt>06/2001, 0.4</dt> <dd>Adding more customization features.</dd>
872
<dt>11/2001, 0.4.4</dt> <dd>Cleaned up some error messages; added -nps
875
<dt>11/2001, 0.4.5</dt> <dd>Added `gpg-options' config item with
876
default `--no-options'. (Forgot to add this note as well....)</dd>
878
<dt>11/2001, 0.5.0</dt> <dd>Dumped -verify and -decrypt modes in
559
879
favour of the multiple-block `-display' mode. Added -help. Added
560
880
caching. Added more switches relating to caching. Better output
563
<DT>11/2001, 0.5.1</DT> <DD>Improved menus. Tidied up some of the
564
interface. Added -s, which does the same as -nps.</DD>
566
<DT>12/2001, 0.5.2</DT> <DD>Tidied disclaimer. Added synonyms for
883
<dt>11/2001, 0.5.1</dt> <dd>Improved menus. Tidied up some of the
884
interface. Added -s, which does the same as -nps.</dd>
886
<dt>12/2001, 0.5.2</dt> <dd>Tidied disclaimer. Added synonyms for
567
887
-help (-h, -?, --help, --h) Cleaned up menus; keypresses aren't echoed
570
<DT>12/2001, 0.5.3</DT> <DD>Altered packaging to include version in
890
<dt>12/2001, 0.5.3</dt> <dd>Altered packaging to include version in
571
891
directory name. Changed names of some -clear options to be a bit more
572
892
sensible. Changing config settings method (big change). Making -s
573
893
the default operation. Some rearrangement of code, constants. Some
574
894
configuration editing possible via Topal. Send has access to
575
configuration menu. </DD>
577
<DT>12/2001, 0.5.4</DT> <DD>Bug fix; one-off error in the sending
580
<DT>12/2001, 0.5.5</DT> <DD>Removed redundant examples directory.
895
configuration menu. </dd>
897
<dt>12/2001, 0.5.4</dt> <dd>Bug fix; one-off error in the sending
900
<dt>12/2001, 0.5.5</dt> <dd>Removed redundant examples directory.
581
901
Changed over to HTML documentation. Tweaked the RELEASE stuff. Use
582
902
space instead of enter when waiting to continue: this looks forward to
583
903
offering a help option at every prompt. The receive/blocks
584
904
stuff now uses an expanding array. The GPG return value is checked
585
905
when receiving: if it's bad, then some bits of the output are omitted;
586
906
the cache file is not written. The date bit of Topal output moved
587
onto the previous line (echo -n blah blah).</DD>
907
onto the previous line (echo -n blah blah).</dd>
589
<DT>12/2001, 0.5.6</DT> <DD>Adding installation instructions. Using
909
<dt>12/2001, 0.5.6</dt> <dd>Adding installation instructions. Using
590
910
tee and PIPESTATUS to get stderr on screen during receiving while also
591
911
saving that output and recording gpg's exit status. Changed RELEASE
592
912
filename to release. Tidied up the Makefile. Invalid passphrase