From 137d46090a787f5992a3114a1e3782c113b5facf Mon Sep 17 00:00:00 2001 From: rhatto Date: Mon, 22 Aug 2005 16:23:16 +0000 Subject: changes for firma rev 1.31 --- CHANGELOG | 170 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- GUIDELINES | 171 ++++++++++++++++++++++++++++++++----------------------------- 2 files changed, 260 insertions(+), 81 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 6422c01..f49ca3b 100755 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,174 @@ Firma CHANGELOG --------------- +17/08/2005 - 0.3-cvs (rev 1.31) - luis + + - On function GetMessage, renamed variable "STDIN" + to "stdin" and declared it as local. + +17/08/2005 - 0.3-cvs (rev 1.30) - luis + + - Changed project description to: "firma: GnuPG-based encrypted + mailing list manager" + + - Declared/renamed/removed variables and arrays: + o Configuration file variables: + MAIL -> MAIL_AGENT + MAIL_ARGS -> MAIL_AGENT_ARGS + GPG -> GPG_BINARY + LISTNAME -> LIST_ADDRESS + LISTADMIN -> LIST_ADMIN + GPGDIR -> LIST_HOMEDIR + PASSWD -> PASSPHRASE + + o GnuPG variables: + GPGFLAGS -> GPG_FLAGS + GPGCOMMAND -> GPG + GPGLIST -> GPG_LIST_KEYS + GPGDECRYPT -> GPG_DECRYPT + GPGENCRYPT -> GPG_ENCRYPT + + o Other global variables: + FIRMA_LIST_PATH -> LISTS_DIR + FROMADD -> SENDER_ADDRESS + array -> ARRAY + CONFIG_FILE -> LIST_NAME + CONFIG_PATH -> LIST_PATH + CONFIG -> LIST_CONFIG_FILE + LINES, n, i -> ( removed ) + ( new ) -> FIRMA_CONFIG_FILE + o Global arrays: + MESSAGE -> ORIG_MESSAGE + GPG_MESSAGE -> ORIG_GPG_MESSAGE + LIST_MESSAGE -> MESSAGE_BODY + USED_ARRAYS -> GLOBAL_ARRAYS + ADMINCOMMANDS -> ( removed ) + ( new ) -> ORIG_MESSAGE_HEADERS + + o Local variables: + ADMIN -> administrator + EMAIL -> email + KEYID -> keyid + signal -> ( removed ) + ( new ) -> element, i, j, uid_count, chosen_uid_number + + - firma now uses two different configuration files: a general one, + containing the variables MAIL_AGENT, MAIL_AGENT_ARGS, GPG_BINARY and + LISTS_DIR, and a list specific file, containing the variables + LIST_ADDRESS, LIST_ADMIN, LIST_HOMEDIR and PASSPHRASE. + + - Edited the comments at the beggining of the script to reflect the + change above. + + - As suggested by the Advanced Bash-Scripting Guide (ABSG)[1], added + descriptive headers to all functions, describing its function, what + it expects as input, on what other functions it depends and what exit + codes it returns. + + - Also as suggested by the ABSG[1], renamed all functions from + all_lower_case_names to MixedCaseNames. + + - Renamed some functions to make their use more clear: + gpg_args -> DeclareGpgVars + check_config -> split into two: CheckFirmaConfigFile + and CheckListConfigFile + get_gpg_stderr -> GetGpgDecryptStderr + message_list -> SendListMessage + message_list_error -> SendWarningMessage + message_list_return -> SendBounceMessage + list_admin -> ListAdministration + + - Added some more GnuPG flags: + o To the GPG_FLAGS variable: --no-options, --no-default-keyring, + --no-auto-check-trustdb + o And to the GPG_ENCRYPT variable: --local-user $LIST_ADDRESS, + --no-emit-version, --trust-model always + The last one replaced the "--always-trust" option, since its + deprecated according to GnuPG's manual. + + - Minor changes on functions: Usage, Check*ConfigFile, GetMessage, + GetSubscribersList, SendListMessage, SendWarningMessage, + SendBounceMessage, ProcessMessage, NewList and ChooseUid + + o Usage: + Explained what options expect an argument; + Commented out the -r (--list-request) option description, since + it's not implemented yet; + Added a description of the administrative tasks accepted by the + -a option; + Other minor changes. + + o Check*ConfigFile: + Added a check to see if the LISTS_DIR is an existing directory; + Added a check to avoid more than 3 sequential repetitions of the + same character in the PASSPHRASE; + Other minor changes in the PASSPHRASE, LIST_ADDRESS and + LIST_ADMIN checks. + o GetMessage: + Added a check to see if the message was successfully stored in + the ORIG_MESSAGE array. + + o GetSubscribersList: + Added a check to see if there are any subscribers to send + messages to in a given list. + + o SendListMessage, SendWarningMessage, SendBounceMessage: + Just minor changes. + + o ProcessMessage: + (* SECURITY FIX *) A public key with an UID containing GOODSIG + in its name, comment or email address would be able to send + messages to any list. And a UID containing BADSIG in any of + these fields, would be able to send messages to the list + administrator(s) of any list. Fixed. + + o NewList: + Just minor changes. + + o ChooseUid: + Declared keyid, uid_count and chosen_uid_number as local + variables, moving them to the beginning of the function; + Minor syntax changes in the checkings; + Added lots of comments, explaining what the checkings and the + expect script are doing. + + - Major changes on functions: GetGpgMessage, GetMessageHeaders, + ListAdministration and "main" + + o GetGpgMessage: + Improved function to run faster, specially when processing large + messages (over 50KB or so). + + o GetMessageHeaders: + Improved to run faster independent of the size of the message + being processed. + + o ListAdministration: + Structured function using the "case" bash builtin; + Made command parsing more consistent: checking if a given + command exists, if the right number of arguments were passed, + if the arguments are valid for this command, and, if anything + is wrong, showing descriptive and concise error messages; + New administrative tasks can be easily added to this new nested + "case" structure. + + o "main": + Also structured using the "case" bash builtin; + The long options --admin-task, --create-newlist, --help, + --process-message and --version are now accepted; + Commented out the -r (--list-request) option, since it's not + implemented yet; + Made the command-line options parsing more consistent (read + explanation above); + Changed "umask" from 0777 to 0077. Otherwise, function NewList + cannot create configuration files for new lists; + Improved parsing of option -a (--admin-task), removing + unecessary commands and routines from this part of the code; + Again, new command-line options can be easily added to this new + nested "case" structure. + + [1] http://www.tldp.org/LDP/abs/html/unofficialst.html + 10/08/2005 - 0.3-cvs (rev 1.29) - rhatto - Fix: Now LIST_MESSAGE _really_ works @@ -85,7 +253,7 @@ Firma CHANGELOG - New: Implemented size and complexity checks for the lists' passphrase. - firma would not work as expected if the PASSWD variable contained - characters such as $, `, ', ", \. Fixed. Now PASSWD has to be^M + characters such as $, `, ', ", \. Fixed. Now PASSWD has to be enclosed in single quotes and cannot contain any single quote in its value. - Checked the entire code and tried to make it clearer and more diff --git a/GUIDELINES b/GUIDELINES index b371ec5..c0ac0be 100755 --- a/GUIDELINES +++ b/GUIDELINES @@ -1,97 +1,107 @@ -Pequena politica de desenvolvimento pro firma ---------------------------------------------- - -Intuito: ajudar no controle do desenvolvimento para - que o codigo nao estufe de lixo e que se mantenha seguro. - -Apos qualquer adicao no firma, efetue o seguinte procedimento -------------------------------------------------------------- - - - Coloque as novas variaveis criadas na lista de variaveis - - Se a variavel for definida via arquivo de configuracao, adicione-a na - funcao newlist e na rotina de carregamento do arquivo de configuracao - - Coloque as novas funcoes criadas na lista de funcoes - - Coloque os novos arrays na variavei USED_ARRAYS - - Se estiver usando um comando unix, verifique se o mesmo jah estah listado - na lista de programas, caso contrario adicione-o - -Uso de variaveis ----------------- - - - Variaves globais: uppercase - - Variaves locais a uma funcao ou rotina: lowercase, devem ser zeradas depois do uso - - Cuidado com a inicializacao, zerar tudo quando nao mais necessario - -Listagem --------- - -- funcoes utilizadas: - - usage - version - check_config - get_gpg_stderr - get_subscribers_list - get_message - get_gpg_message - get_message_headers - message_list - message_list_error - message_list_return - process_message - newlist - gpg_args - list_admin - choose_uid - -- variaveis utilizadas: - - - via arquivo de configuracao - - MAIL - MAIL_ARGS - GPG - LISTNAME - LISTADMIN - GPGDIR - PASSWD - - - direto no script +Firma development policy +------------------------ + +Abstract: this policy helps control all development + steps to keep a clean and junk-free code. + +In the future this procedure will be automatic. + +1 - After any adition to firma, check the following: +---------------------------------------------------- + + - Put all new variables in the variables list + - If the new var is used via config-file, add its creation + in the function 'newlist' + - Put all new functions in the function list + - Put all new arrays in var USED_ARRAYS + - If you are using an unix command, check if its already + listed in the command list, if not please add it + +2 - Variables usage +------------------- + + - Global vars: uppercase + - Local vars: lowercase, declared with "local" + - Attention to variables initialization, unset all vars after use + +3 - Script listing +------------------ + +- used functions: + + DeclareGpgVars + Usage + Version + CheckFirmaConfigFile + CheckListConfigFile + GetMessage + GetMessageHeaders + GetGpgMessage + GetGpgDecryptStderr + GetSubscribersList + SendListMessage + SendWarningMessage + SendBounceMessage + ProcessMessage + NewList + ListAdministration + ChooseUid + +- used variables: + + - via config file + + GPG_BINARY + MAIL_AGENT + MAIL_AGENT_ARGS + LISTS_DIR + + LIST_ADDRESS + LIST_ADMIN + LIST_HOMEDIR + PASSPHRASE + + - direct at firma - FIRMA_LIST_PATH VERSION - LINES + + GPG + GPG_FLAGS + GPG_LIST_KEYS + GPG_DECRYPT + GPG_ENCRYPT + + LISTS_DIR + SENDER_ADDRESS + ARRAY + LIST_NAME + LIST_PATH + LIST_CONFIG_FILE + FIRMA_CONFIG_FILE + FROM - FROMADD DATE SUBJECT - EMAIl (mudar para lowercase?) - - CONFIG - CONFIG_PATH - CONFIG_FILE DESCRIPTION - GPGFLAGS - GPGCOMMAND - GPGLIST - GPGDECRYPT - GPGENCRYPT + - local vars - KEYID - - - variaveis auxiliares: count, n, signal + administrator + email + keyid + element, i, j, uid_count, chosen_uid_number - arrays - ver USED_ARRAYS - ADMINCOMMANDS + see GLOBAL_ARRAYS + +- unix commands: -- Comandos Unix: + bash itself - $MAIL - $GPG + $GPG_BINARY + $MAIL_AGENT echo cat @@ -106,3 +116,4 @@ Listagem chmod basename expect + fold -- cgit v1.2.3