diff options
| -rwxr-xr-x | firma | 142 |
1 files changed, 105 insertions, 37 deletions
@@ -101,6 +101,7 @@ GnuPG-based encrypted mailing list manager. -a, --admin-task LIST-NAME process administrative tasks on list -c, --create-newlist LIST-NAME create a new mailing list + -e, --email-admin-task LIST-NAME process administrative tasks via email -h, --help display this help and exit -p, --process-message LIST-NAME process a message sent to list -v, --version output version information and exit @@ -109,7 +110,7 @@ If option -a is given, read standard input for tasks to be performed. Tasks can be one or more of the following: use EMAIL-ADDRESS use the given address for message delivery instead - of the primary address on key + of the primary address on key Report bugs to <firma@sarava.org>, encrypting the message using the public key 0xD68AFEDC available at keyserver.noreply.org." @@ -935,7 +936,11 @@ function NewList { PASSPHRASE="`RandomString 62`" break elif [ "$answer" == "N" ] || [ "$answer" == "NO" ]; then - read -resp " Passphrase to protect the list's secret key: " PASSPHRASE + read -resp " Passphrase to protect the list's secret key (you'll type it once): " PASSPHRASE + if [ -z "$PASSPHRASE" ]; then + echo "You choosed an empty passphrase. Then firma will choose one for you." + PASSPHRASE="`RandomString 62`" + fi break else echo " Please answer either yes or no." @@ -1114,6 +1119,8 @@ function ListAdministration { local -i return_code=0 local subscribers + ADMIN_MODE="interactive" + case $# in 1) case $1 in @@ -1135,33 +1142,33 @@ function ListAdministration { return_code=3 ;; use) - echo >&2 "$1: missing arguments (try \"help\")" + AdminLog "$1: missing arguments (try \"help\")" return_code=1 ;; unsub) - echo >&2 "$1: missing arguments (try \"help\")" + AdminLog "$1: missing arguments (try \"help\")" return_code=1 ;; list) GetSubscribersList for subscriber in $SUBSCRIBERS_LIST; do - echo " $subscriber" + AdminLog " $subscriber" done ;; subscribe) - echo >&2 "$1: missing arguments (try \"subscribe help\")" + AdminLog "$1: missing arguments (try \"subscribe help\")" return_code=1 ;; sendkey) - echo >&2 "$1: missing arguments (try \"sendkey help\")." + AdminLog "$1: missing arguments (try \"sendkey help\")." return_code=1 ;; info) - echo >&2 "$1: missing arguments (try \"info help\")." + AdminLog "$1: missing arguments (try \"info help\")." return_code=1 ;; *) - echo >&2 "Command not found -- $1 (try \"help\")" + AdminLog "Command not found -- $1 (try \"help\")" return_code=1 ;; esac @@ -1173,7 +1180,7 @@ function ListAdministration { if CheckValidEmail $2; then ChooseUid $2 else - echo >&2 "$1: invalid argument -- $2 (try \"help\")" + AdminLog "$1: invalid argument -- $2 (try \"help\")" return_code=1 fi ;; @@ -1194,11 +1201,11 @@ function ListAdministration { return_code=$? ;; help|quit) - echo >&2 "$1: too many arguments -- $@ (try \"help\")" + AdminLog "$1: too many arguments -- $@ (try \"help\")" return_code=1 ;; *) - echo >&2 "Command not found -- $1 (try \"help\")" + AdminLog "Command not found -- $1 (try \"help\")" return_code=1 ;; esac @@ -1206,7 +1213,7 @@ function ListAdministration { *) case $1 in help|quit|use) - echo >&2 "$1: too many arguments -- $@ (try \"help\")" + AdminLog "$1: too many arguments -- $@ (try \"help\")" return_code=1 ;; subscribe) @@ -1225,7 +1232,7 @@ function ListAdministration { return_code=$? ;; *) - echo >&2 "Command not found -- $1 (try \"help\")" + AdminLog "Command not found -- $1 (try \"help\")" return_code=1 ;; esac @@ -1254,16 +1261,16 @@ function ChooseUid { # check if supplied address is associated with a public key if [[ -z "$($GPG_LIST_KEYS --fixed-list-mode "<$1>" 2> /dev/null | grep -v '^tru:')" ]]; then - echo >&2 "use: \"$1\" is not associated with any public key on this keyring." + AdminLog "use: \"$1\" is not associated with any public key on this keyring." return_code=1 # then check if there's more than one UID on this public key elif (( "$($GPG_LIST_KEYS --fixed-list-mode $1 2> /dev/null | grep ^uid | wc -l)" == 1 )); then - echo >&2 "use: \"$1\" is part of the only UID on public key ${keyid:32}." + AdminLog "use: \"$1\" is part of the only UID on public key ${keyid:32}." return_code=1 # and then check if there's only one public key associated with this address elif (( "$($GPG_LIST_KEYS --fixed-list-mode $1 2> /dev/null | grep -i "<$1>:$" | wc -l)" > 1 )); then - echo >&2 "use: \"$1\" is listed in more than one UID on this keyring." - echo >&2 "Delete all but one of the public keys or UIDs associated with this email address." + AdminLog "use: \"$1\" is listed in more than one UID on this keyring." + AdminLog "Delete all but one of the public keys or UIDs associated with this email address." return_code=1 fi @@ -1299,11 +1306,17 @@ function ChooseUid { # delay until the process above terminates wait # send following message to user - send_user "use: \"$1\" chosen for message delivery. [ expr $uid_count - 1 ] UID(s) deleted from public key ${keyid:32}.\n" + # send_user "use: \"$1\" chosen for message delivery. [ expr $uid_count - 1 ] UID(s) deleted from public key ${keyid:32}.\n" exit EOF fi + if [ "$return_code" == "0" ] || [ "$?" == "0" ]; then + AdminLog "use: $1 chosen for message delivery. `echo $uid_count -1 | bc -l` UID(s) deleted from public key ${keyid:32}." + else + return_code=1 + fi + return $return_code } @@ -1401,25 +1414,25 @@ function UnsubscribeUser { # check if its a valid email if ! CheckValidEmail $1; then - echo >&2 "unsub: \"$1\" is not an email address." + AdminLog "unsub: \"$1\" is not an email address." return_code=1 # check if user is trying to unsubscribe the list key elif [ "$1" == "$LIST_ADDRESS" ]; then - echo >&2 "unsub: can't delete the list pubkey." + AdminLog "unsub: can't delete the list pubkey." return_code=1 # check if supplied address is associated with a public key elif [[ -z "$($GPG_LIST_KEYS --fixed-list-mode "<$1>" 2> /dev/null | grep -v '^tru:')" ]]; then - echo >&2 "unsub: \"$1\" is not associated with any public key on this keyring." + AdminLog "unsub: \"$1\" is not associated with any public key on this keyring." return_code=1 else for key in $keyid; do $GPG --batch --delete-key --yes $key if [ "$?" == "0" ]; then - echo >&2 "deleted key id $key for $1" + AdminLog "deleted key id $key for $1" # now just update the trust db $GPG_LIST_KEYS &> /dev/null else - echo >&2 "unsub: error deleting key id $key for $1" + AdminLog "unsub: error deleting key id $key for $1" return_code=1 fi done @@ -1439,6 +1452,8 @@ function LogMessage { # returns: 0 #------------------------------------------------------------- + # TODO: check whether we are in admin via email mode + # and then deal correctly with the log message local error_message error_message="$*" if [[ "$LOG_TO_SYSLOG" == 1 ]]; then @@ -1463,6 +1478,8 @@ function SubscribeUsers { # 1 on failure #------------------------------------------------------------- + # TODO: add support to admin via email + local -i return_code=0 local keyserver local method @@ -1540,8 +1557,8 @@ function SendListPubkey { local keyboundary if [ "$1" == "help" ]; then - echo "usage: sendkey [all|email|help]" - echo "supported arguments: all (for all subscribers) or a space-separated subscriber emails." + AdminLog "usage: sendkey [all|email|help]" + AdminLog "supported arguments: all (for all subscribers) or a space-separated subscriber emails." return 0 elif [ "$1" == "all" ]; then GetSubscribersList @@ -1554,14 +1571,14 @@ function SendListPubkey { keyid="$($GPG_LIST_KEYS --with-fingerprint $1 2> /dev/null | grep ^fpr | cut -d : -f 10)" if [ -z "$key" ]; then - echo >&2 "sendkey: missing argument: subscriber email address." + AdminLog "sendkey: missing argument: subscriber email address." return 1 elif ! CheckValidEmail $key; then - echo >&2 "sendkey: \"$key\" is not an email address." + AdminLog "sendkey: \"$key\" is not an email address." return 1 elif [[ -z "$($GPG_LIST_KEYS --fixed-list-mode "<$key>" 2> /dev/null | grep -v '^tru:')" ]]; then # check if supplied address is associated with a public key - echo >&2 "sendkey: \"$key\" is not associated with any public key on this keyring." + AdminLog "sendkey: \"$key\" is not associated with any public key on this keyring." return 1 fi @@ -1637,10 +1654,11 @@ function GetSubscribersInfo { local key local keys local keyid + local output if [ "$1" == "help" ]; then - echo "usage: info [all|email|help]" - echo "supported arguments: all (for all subscribers) or a space-separated subscriber emails." + AdminLog "usage: info [all|email|help]" + AdminLog "supported arguments: all (for all subscribers) or a space-separated subscriber emails." return 0 elif [ "$1" == "all" ]; then GetSubscribersList @@ -1652,7 +1670,8 @@ function GetSubscribersInfo { for key in $keys; do keyid="$($GPG_LIST_KEYS --with-fingerprint $1 2> /dev/null | grep ^fpr | cut -d : -f 10)" if [ ! -z "$keyid" ]; then - $GPG --list-keys $key + output="`$GPG --list-keys $key`" + AdminLog "$output" fi done @@ -1704,7 +1723,48 @@ function RandomString { done | tr -d '\012' ; echo return 0 +} + +function AdminLog { + #------------------------------------------------------------- + # check wheter admin is made via command line + # +or email and then log a message according to the + # +display mode + # + # parameter(s): string + # depends on function(s): none + # returns: 0 + #------------------------------------------------------------- + + if [ "$ADMIN_MODE" == "interactive" ]; then + echo >&2 "$*" + else + ADMIN_MESSAGE="$ADMIN_MESSAGE $*" + fi +} + + +function EmailAdminTask { + #------------------------------------------------------------- + # parse and execute admin tasks via email + # + # parameter(s): none + # depends on function(s): none + # returns: 0 on success :) + # 1 on failure :/ + #------------------------------------------------------------- + + # TODO: - process message + # - check whether message is properly encrypted + # and signed by a list admin + # - parse commands + # - call admin functions + + local -i return_code=0 + ADMIN_MODE="non-interactive" + + return $return_code } #------------------------------------------------------------- @@ -1745,7 +1805,9 @@ GLOBAL_VARS=" BASENAME FIRMA_USER FIRMA_GROUP - KEYSERVER" + KEYSERVER + ADMIN_MODE + ADMIN_MESSAGE" FUNCTIONS=" Usage @@ -1778,7 +1840,9 @@ FUNCTIONS=" SendListPubkey GetSubscribersInfo FixOwnership - RandomString" + RandomString + AdminLog + EmailAdminTask" for VAR in $GLOBAL_VARS; do declare $VAR @@ -1811,7 +1875,7 @@ case $# in EXIT_CODE=0 ;; # valid option called without its required argument - -a|--admin-task|-c|--create-newlist|-p|--process-message) + -a|--admin-task|-e|--email-admin-task|-c|--create-newlist|-p|--process-message) echo >&2 "$(basename $0): missing arguments" Usage EXIT_CODE=1 @@ -1849,7 +1913,7 @@ case $# in NewList ;; # options that depend on the list configuration file - -a|--admin-task|-p|--process-message) + -a|--admin-task|-e|--email-admin-task|-p|--process-message) # if config file exists but has wrong permissions or ownership if [[ -f "$LIST_CONFIG_FILE" ]]; then @@ -1887,6 +1951,10 @@ case $# in ProcessMessage EXIT_CODE=$? ;; + -e|--email-admin-task) + EmailAdminTask + EXIT_CODE=$? + ;; # end case #3 esac # else, list configuration file checking returned an error @@ -1926,7 +1994,7 @@ case $# in # start case #4 case $1 in # again, valid option called with too many arguments - -a|--admin-task|-c|--create-newlist|-h|--help|-p|--process-message|-v|--version) + -a|--admin-task|-e|--email-admin-task|-c|--create-newlist|-h|--help|-p|--process-message|-v|--version) echo >&2 "$(basename $0): too many arguments -- $@" Usage EXIT_CODE=1 |