diff options
Diffstat (limited to 'misc/poc/firma-0.2.1')
| -rwxr-xr-x | misc/poc/firma-0.2.1 | 133 |
1 files changed, 0 insertions, 133 deletions
diff --git a/misc/poc/firma-0.2.1 b/misc/poc/firma-0.2.1 deleted file mode 100755 index 13ee6da..0000000 --- a/misc/poc/firma-0.2.1 +++ /dev/null @@ -1,133 +0,0 @@ -#!/bin/bash -# -# firma v0.2.1: simple encrypted mailing list aliases -# feedback: rhatto@riseup.net luis@riseup.net | GPL -# -# list configuration is passed thru the config file, -# where you put PARAMETER=value (whithout spaces) -# -# MAIL= path for mail program -# GPG= path for gnupg binary -# TMP= where you want the temp files -# LISTNAME= list email -# LISTADMIN= list administrator email addresses (space separated) -# GPGDIR= gpg dir for the lists' keyring -# PASSWD= passwd for the lists' keyring - -# eval the config file -source $1 - -# declare GPG variables -GPGCOMMAND="$GPG --quiet --homedir $GPGDIR --batch --no-tty --no-use-agent --no-permission-warning" -GPGLIST="$GPGCOMMAND --list-keys --with-colons" -GPGDECRYPT="$GPGCOMMAND --passphrase-fd 0 --decrypt" -GPGENCRYPT="$GPGCOMMAND --passphrase-fd 0 --always-trust --encrypt --sign --armor --hidden-recipient" - -# check configuration file parameters -# todo: check if $TMP directory/files exist and if password is at least n characters long -if [ ! -x $GPG -o ! -f $GPG ]; then - echo -e "\n$1: GPG binary ($GPG) could not be found.\n" - exit -elif [ ! -x $MAIL -o ! -f $MAIL ]; then - echo -e "\n$1: Mail program ($MAIL) could not be found.\n" - exit -elif [ ! -d $GPGDIR -o ! -f $GPGDIR/pubring.gpg -o ! -f $GPGDIR/secring.gpg ]; then - echo -e "\n$1: GPG home directory ($GPGDIR) or the GPG keyrings could not be found.\n" - exit -elif [ -z $($GPGLIST | grep -o "<$LISTNAME>") ]; then - echo -e "\n$1: GPG key for list \"$LISTNAME\" could not be found." - echo -e "$1: Note that this parameter expects an email address.\n" - exit -else - for ADMIN in $LISTADMIN; do { - if [ -z $($GPGLIST | grep -o "<$ADMIN>") ]; then - echo -e "\n$1: GPG key for list administrator \"$ADMIN\" could not be found." - echo -e "$1: Note that this parameter expects one or more email addresses.\n" - exit - fi; } - done -fi - -# declare functions -# discard $GPGDECRYPT STDOUT and get its STDERR instead, for signature checking -function GPGSTDERR { - echo "$PASSWD" | ($GPGDECRYPT --status-fd 2 $TMP.gpg 1> /dev/null) 2>&1 ; -} - -# get list susbscriber addresses -function SUBSCRIBERS { - $GPGLIST | sed -n "/$LISTNAME/d;/pub/p" | grep -o "<.*>" | sed -e "s/[<>]//g" ; -} - -# create the temporary files and restrict their permissions -rm -f $TMP $TMP.gpg -touch $TMP; chmod 600 $TMP; -touch $TMP.gpg; chmod 600 $TMP.gpg; - -# todo: use an array -while read STDIN; do - echo $STDIN >> $TMP -done - -# get the message headers -# todo: find a better place for $FROMADD since its not part of the message headers -FROM=$(grep -m 1 "^From:" $TMP | cut -d : -f 2- | sed "s/^ //") -FROMADD=$(echo $FROM | if grep -q "<" ; then echo $FROM | grep -o "<.*>" | sed -e "s/[<>]//g" ; else echo $FROM ; fi) -DATE=$(grep -m 1 "^Date:" $TMP) -SUBJECT=$(grep -m 1 "^Subject:" $TMP | cut -d : -f 2- | sed "s/^ //") - -# get the encrypted message -sed -n "/-----BEGIN PGP MESSAGE-----/,/-----END PGP MESSAGE-----/p" $TMP >> $TMP.gpg - -# if signature is Good, encrypt and send it for each list subscriber -# todo: declare a function to decrypt, re-encrypt and send the list messages -if (GPGSTDERR | grep -q "GOODSIG") ; then - - for EMAIL in $(SUBSCRIBERS); do - - echo "$PASSWD - Message from: $FROM - Subject: $SUBJECT - $DATE - - $(GPGSTDERR | grep "gpg: Signature made") - $(GPGSTDERR | grep "gpg: Good signature from") - -$(echo "$PASSWD" | $GPGDECRYPT $TMP.gpg 2> /dev/null)" | sed -e "s/=20$//" | $GPGENCRYPT $EMAIL | $MAIL -r $LISTNAME $EMAIL - - done - -# else, if signature is BAD, email it back to sender and to list admins -elif (GPGSTDERR | grep -q "BADSIG") ; then - - echo "$PASSWD - Message from: $FROM - Subject: [BAD SIGNATURE] $SUBJECT - $DATE - - $(GPGSTDERR | grep "gpg: Signature made") - $(GPGSTDERR | grep "gpg: BAD signature from") - -$(echo "$PASSWD" | $GPGDECRYPT $TMP.gpg 2> /dev/null)" | sed -e "s/=20$//" | $GPGENCRYPT $LISTADMIN $FROMADD | $MAIL -r $LISTNAME $LISTADMIN $FROMADD - -# else, probably either the message was not signed or the sender is not subscribed to the list -# email the message back to sender including a note about this -# todo: parse STDERR to find out why the signature couldn't be checked and send more specific errors back to sender -else - - echo " - Message from: $FROM - Subject: [RETURNED MAIL] $SUBJECT - $DATE - - [ It was not possible to process this message. Either or both - the message was not encrypted and/or signed, or you are not - subscribed to this list. Contact the list administrator if - you have any questions. ] - - -- - firma v0.2.1" | $MAIL -r $LISTNAME $FROMADD - -fi - -rm -f $TMP $TMP.gpg |