diff options
-rwxr-xr-x | firma | 47 |
1 files changed, 23 insertions, 24 deletions
@@ -45,9 +45,6 @@ # messages on all lists running under firma # (space separated case-insensitive entries) # (may include regexps (e.g., X-.*) -# SEND_BOUNCE_MESSAGES= set to '1' to send bounces back to sender when an -# invalid message is received (message not signed/ -# encrypted, sender not subscribed to the list, etc.) # # And the list configuration file should contain: # @@ -64,6 +61,10 @@ # (may include regexps (e.g., X-.*) # REPLIES_SHOULD_GO_TO_LIST= set to '1' to add a Reply-To header containing the # list address +# SILENTLY_DISCARD_INVALID_MESSAGES= set to '1' to silently discard invalid +# messages (message not signed/encrypted, +# sender not subscribed to the list, etc.) +# instead of sending bounces back to sender # # NOTE: The passphrase _has_ to be enclosed in single quotes and _cannot_ # contain any additional single quote as part of itself. It has to be at least @@ -131,7 +132,7 @@ function DeclareGpgVars { # depends on function(s): none # returns: 0 #------------------------------------------------------------- - GPG_FLAGS="--no-options --homedir $LIST_HOMEDIR --quiet --batch --no-tty --no-use-agent --no-permission-warning" + GPG_FLAGS="--no-options --no-default-keyring --homedir $LIST_HOMEDIR --quiet --batch --no-tty --no-use-agent --no-permission-warning" GPG="$GPG_BINARY $GPG_FLAGS" GPG_LIST_KEYS="$GPG --list-keys --with-colons" GPG_DECRYPT="$GPG --passphrase-fd 0 --decrypt" @@ -242,7 +243,7 @@ function GetMessage { # check if message was successfully stored if [[ -z "$ORIG_MESSAGE" ]]; then - ERROR_MESSAGE="Message couldn't be read from standard input" + ERROR_MESSAGE="FATAL: Message couldn't be read from standard input. Quitting." return_code=1 fi @@ -267,16 +268,14 @@ function GetGpgMessage { # then, find the beginning of the encrypted bloc if [[ -n $FIRST_BLANK_LINE ]]; then - ENCRYPTED_BLOC_BEGINS=$(echo "$ORIG_MESSAGE" | sed -ne "$(($FIRST_BLANK_LINE + 1)),\$p" | grep -nm 1 -- '^-----BEGIN PGP MESSAGE-----' | cut -d : -f 1) + ENCRYPTED_BLOC_BEGINS=$(echo "$ORIG_MESSAGE" | grep -nm 1 -- '^-----BEGIN PGP MESSAGE-----' | cut -d : -f 1) # and then find the end of the bloc if [[ -n $ENCRYPTED_BLOC_BEGINS ]]; then - ENCRYPTED_BLOC_BEGINS=$(($ENCRYPTED_BLOC_BEGINS + $FIRST_BLANK_LINE)) - ENCRYPTED_BLOC_ENDS=$(echo "$ORIG_MESSAGE" | sed -ne "$((ENCRYPTED_BLOC_BEGINS + 1)),\$p" | grep -nm 1 -- '^-----END PGP MESSAGE-----' | cut -d : -f 1) + ENCRYPTED_BLOC_ENDS=$(echo "$ORIG_MESSAGE" | grep -nm 1 -- '^-----END PGP MESSAGE-----' | cut -d : -f 1) # if there's an encrypted bloc, store it in ORIG_GPG_MESSAGE if [[ -n $ENCRYPTED_BLOC_ENDS ]]; then - ENCRYPTED_BLOC_ENDS=$(($ENCRYPTED_BLOC_ENDS + $ENCRYPTED_BLOC_BEGINS)) ORIG_GPG_MESSAGE="$( echo "$ORIG_MESSAGE" | \ sed -ne "$((${ENCRYPTED_BLOC_ENDS} + 1))q;${ENCRYPTED_BLOC_BEGINS},${ENCRYPTED_BLOC_ENDS}p" @@ -316,8 +315,8 @@ function ParseGpgDecryptStderr { if echo "$gpg_decrypt_stderr" | \ grep -q "^\[GNUPG:] ENC_TO $( - $GPG_LIST_KEYS $LIST_ADDRESS | \ - sed -ne '/^sub:[^ired]:/p' -e '/:[sca]*[^e][sca]*:$/d' | \ + $GPG_LIST_KEYS $LIST_ADDRESS 2> /dev/null | \ + sed -ne '/:[sca]*[^e][sca]*:$/d' -e '/^sub:[^ired]:/p' | \ cut -d : -f 5 )" then @@ -381,7 +380,7 @@ function GetSubscribersList { # check if the list has valid subscribers if [[ -z "$SUBSCRIBERS_LIST" ]]; then - ERROR_MESSAGE="FATAL: $LIST_NAME: No valid subscribers on list \"$LIST_ADDRESS\"" + ERROR_MESSAGE="FATAL: $LIST_NAME: No valid subscribers on list \"$LIST_ADDRESS\". Quitting." return_code=1 fi @@ -749,7 +748,7 @@ function ProcessMessage { else # if bounce processing is enabled, continue - if [[ "$SEND_BOUNCE_MESSAGES" == 1 ]]; then + if [[ "$SILENTLY_DISCARD_INVALID_MESSAGES" != 1 ]]; then GetSenderAddress if [[ -n "$SENDER_ADDRESS" ]]; then @@ -800,7 +799,7 @@ function ProcessMessage { else # if bounce processing is enabled, continue - if [[ "$SEND_BOUNCE_MESSAGES" == 1 ]]; then + if [[ "$SILENTLY_DISCARD_INVALID_MESSAGES" != 1 ]]; then GetSenderAddress if [[ -n "$SENDER_ADDRESS" ]]; then @@ -935,7 +934,7 @@ function ListAdministration { case $1 in use) # check if argument is an email address - if [[ -z "$(echo $2 | grep -o '[^@]\+@[^@]\+')" ]]; then + if ! echo $2 | grep -q '[^@]\+@[^@]\+'; then echo >&2 "$1: invalid argument -- $2 (try \"help\")" return_code=1 else @@ -982,21 +981,21 @@ function ChooseUid { #------------------------------------------------------------- local -i return_code=0 - local keyid="$($GPG_LIST_KEYS --with-fingerprint $1 2> /dev/null | grep ^fpr | cut -d : -f 10 | grep -o '.\{8\}$')" - local -i uid_count="$($GPG_LIST_KEYS --fixed-list-mode $keyid 2> /dev/null | grep ^uid | wc -l)" - local -i chosen_uid_number="$($GPG_LIST_KEYS --fixed-list-mode $keyid 2> /dev/null | grep ^uid | grep -ni $1 | cut -d : -f 1)" + local keyid="$($GPG_LIST_KEYS --with-fingerprint $1 2> /dev/null | grep ^fpr | cut -d : -f 10)" + local uid_count="$($GPG_LIST_KEYS --fixed-list-mode $keyid 2> /dev/null | grep ^uid | wc -l)" + local chosen_uid_number="$($GPG_LIST_KEYS --fixed-list-mode $keyid 2> /dev/null | grep ^uid | grep -ni "$1" | cut -d : -f 1)" # check if supplied address is associated with a public key if [[ -z "$($GPG_LIST_KEYS --fixed-list-mode "<$1>" 2> /dev/null | grep -v '^tru:')" ]]; then - echo >&2 "use: \"$(echo $1 | tr '[:upper:]' '[:lower:]')\" is not associated with any public key on this keyring." + echo >&2 "use: \"$1\" is not associated with any public key on this keyring." return_code=1 # then check if there's more than one UID on this public key elif (( "$($GPG_LIST_KEYS --fixed-list-mode $1 2> /dev/null | grep ^uid | wc -l)" == 1 )); then - echo >&2 "use: \"$(echo $1 | tr '[:upper:]' '[:lower:]')\" is part of the only UID on public key \"$keyid\"." + echo >&2 "use: \"$1\" is part of the only UID on public key ${keyid:32}." return_code=1 # and then check if there's only one public key associated with this address elif (( "$($GPG_LIST_KEYS --fixed-list-mode $1 2> /dev/null | grep -i "<$1>:$" | wc -l)" > 1 )); then - echo >&2 "use: \"$(echo $1 | tr '[:upper:]' '[:lower:]')\" is listed in more than one UID on this keyring." + echo >&2 "use: \"$1\" is listed in more than one UID on this keyring." echo >&2 "Delete all but one of the public keys or UIDs associated with this email address." return_code=1 fi @@ -1033,7 +1032,7 @@ function ChooseUid { # delay until the process above terminates wait # send following message to user - send_user "use: \"$(echo $1 | tr '[:upper:]' '[:lower:]')\" chosen for message delivery. [ expr $uid_count - 1 ] UID(s) deleted from public key \"$keyid\".\n" + send_user "use: \"$1\" chosen for message delivery. [ expr $uid_count - 1 ] UID(s) deleted from public key ${keyid:32}.\n" exit EOF fi @@ -1056,7 +1055,7 @@ umask 0077 # declare global variables and functions used during execution GLOBAL_VARS=" GPG_BINARY MAIL_AGENT MAIL_AGENT_ARGS LISTS_DIR LOG_TO_SYSLOG LOGGER_BINARY SYSLOG_PRIORITY - USE_GPG_HIDDEN_RECIPIENT_OPTION REMOVE_THESE_HEADERS_ON_ALL_LISTS SEND_BOUNCE_MESSAGES + USE_GPG_HIDDEN_RECIPIENT_OPTION REMOVE_THESE_HEADERS_ON_ALL_LISTS SILENTLY_DISCARD_INVALID_MESSAGES LIST_ADDRESS LIST_ADMIN LIST_HOMEDIR PASSPHRASE SUBJECT_PREFIX REMOVE_THESE_HEADERS REPLIES_SHOULD_GO_TO_LIST FIRMA_CONFIG_FILE VERSION ERROR_MESSAGE EXIT_CODE @@ -1185,7 +1184,7 @@ case $# in # while a quit command isn't entered (returns 2), read STDIN while (( $EXIT_CODE != 2 )) && read -rep "Command> " STDIN; do # if line is not empty or commented, process command - if [[ "$STDIN" && "$STDIN" != "#"* ]]; then + if [[ -n "$STDIN" && "$STDIN" != "#"* ]]; then ListAdministration $STDIN EXIT_CODE=$? fi |