From 4873c31224099b484041ca673945d0a2f97a043a Mon Sep 17 00:00:00 2001 From: luis Date: Wed, 8 Aug 2007 02:20:02 +0000 Subject: - CheckListConfigFile: Small fixes in LIST_ADMIN and REPLAY_COUNT checking. - CheckListConfigFile: Added SILENTLY_DISCARD_INVALID_MESSAGES checking. - CheckValidEmail: Improved email address syntax checking. Other small fixes. --- firma | 134 +++++++++++++++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 101 insertions(+), 33 deletions(-) (limited to 'firma') diff --git a/firma b/firma index 3c8dc73..aeec1c0 100755 --- a/firma +++ b/firma @@ -130,6 +130,7 @@ function CheckFirmaConfigFile { #------------------------------------------------------------- local -i return_code=0 + local gpg_version # check LOG_TO_SYSLOG value first, since it will define if firma #+should print or log error messages @@ -151,14 +152,11 @@ WARNING: Setting LOG_TO_SYSLOG to '0'." LOG_TO_SYSLOG="0" LogMessage "\ -WARNING: logger binary ($LOGGER_BINARY) could not be found. +WARNING: Logger binary ($LOGGER_BINARY) could not be found. WARNING: Setting LOG_TO_SYSLOG to '0'." - else - - # set SYSLOG_PRIORITY to the default value, if needed + else # SYSLOG_PRIORITY defaults to "user.err" SYSLOG_PRIORITY=${SYSLOG_PRIORITY:-"user.err"} - fi fi @@ -196,7 +194,8 @@ WARNING: Setting USE_GPG_HIDDEN_RECIPIENT_OPTION to '0'." USE_GPG_HIDDEN_RECIPIENT_OPTION="0" elif [[ "$USE_GPG_HIDDEN_RECIPIENT_OPTION" == "1" ]]; then - if [[ "$($GPG_BINARY --version | head -n1 | tr -dc '[:digit:]')" -lt "140" ]]; then + gpg_version="$($GPG_BINARY --version | head -n 1 | tr -dc '[:digit:]')" + if [[ "$gpg_version" -lt "140" ]]; then LogMessage "\ WARNING: GPG's \"--hidden-recipient\" option is only available from version 1.4.0 onwards. @@ -207,14 +206,17 @@ WARNING: Setting USE_GPG_HIDDEN_RECIPIENT_OPTION to '0'." fi + # check FIRMA_USER value if [[ -z "$(echo "$FIRMA_USER" | tr -d '[:space:]')" ]]; then FIRMA_USER="nobody" fi + # check FIRMA_GROUP value if [[ -z "$(echo "$FIRMA_GROUP" | tr -d '[:space:]')" ]]; then FIRMA_GROUP="nobody" fi + # check KEYSERVER value if [[ -z "$(echo "$KEYSERVER" | tr -d '[:space:]')" ]]; then KEYSERVER="keyserver.noreply.org" fi @@ -240,16 +242,20 @@ function CheckListConfigFile { local valid_admins # check LIST_HOMEDIR value - if [[ ! -d "$LIST_HOMEDIR" || ! -f "$LIST_HOMEDIR/pubring.gpg" || ! -f "$LIST_HOMEDIR/secring.gpg" ]]; then + if [[ ! -d "$LIST_HOMEDIR" || \ + ! -f "$LIST_HOMEDIR/pubring.gpg" || \ + ! -f "$LIST_HOMEDIR/secring.gpg" + ]]; then LogMessage "FATAL: $LIST_NAME: GPG home directory ($LIST_HOMEDIR) or the GPG keyrings could not be found. Quitting." return_code=1 # check PASSPHRASE value - elif [[ -z "$(grep -o "^PASSPHRASE='[^']*'$" $LIST_CONFIG_FILE)" ]] || ! CheckPassphrase; then + elif [[ -z "$(grep -o "^PASSPHRASE='[^']*'$" $LIST_CONFIG_FILE)" ]] || \ + ! CheckPassphrase; then LogMessage "FATAL: $LIST_NAME: List passphrase is empty or does not meet the minimum complexity requirements. Quitting." return_code=1 - # check if the list private key is present + # check LIST_ADDRESS value, confirming if the list private key is present elif [[ -z "$($GPG --list-secret-keys --with-colons --fixed-list-mode "<$LIST_ADDRESS>" 2> /dev/null)" ]]; then LogMessage "FATAL: $LIST_NAME: List's secret key could not be found. Quitting." return_code=1 @@ -258,15 +264,18 @@ function CheckListConfigFile { else # check if the list has an administrator (or more than one) - if [[ -z "$LIST_ADMIN" ]]; then - LogMessage "WARNING: $LIST_NAME: List has no administrators." + if [[ -z "$(echo "$LIST_ADMIN" | tr -d '[:space:]')" ]]; then + LogMessage "WARNING: $LIST_NAME: List has no administrator." + LIST_ADMIN="" else # check if the public key(s) of the list administrator(s) is(are) present valid_admins="" for administrator in $LIST_ADMIN; do - if [[ -z "$($GPG_LIST_KEYS --fixed-list-mode "<$administrator>" 2> /dev/null | grep -v '^tru:')" ]]; then + if [[ -z "$($GPG_LIST_KEYS --fixed-list-mode "<$administrator>" 2> /dev/null | \ + grep -v '^tru:')" + ]]; then LogMessage "\ WARNING: $LIST_NAME: Public key for list administrator \"$administrator\" could not be found. WARNING: $LIST_NAME: Removing this address from LIST_ADMIN for this run." @@ -277,8 +286,9 @@ WARNING: $LIST_NAME: Removing this address from LIST_ADMIN for this run." done LIST_ADMIN="$valid_admins" - if [[ -z "$LIST_ADMIN" ]]; then - LogMessage "WARNING: $LIST_NAME: List has no valid administrators." + if [[ -z "$(echo "$LIST_ADMIN" | tr -d '[:space:]')" ]]; then + LogMessage "WARNING: $LIST_NAME: List has no valid administrator." + LIST_ADMIN="" fi fi @@ -289,7 +299,10 @@ WARNING: $LIST_NAME: Removing this address from LIST_ADMIN for this run." fi # check REQUIRE_SIGNATURE value - if [[ -n "$REQUIRE_SIGNATURE" && "$REQUIRE_SIGNATURE" != "0" && "$REQUIRE_SIGNATURE" != "1" ]]; then + if [[ -n "$REQUIRE_SIGNATURE" && \ + "$REQUIRE_SIGNATURE" != "0" && \ + "$REQUIRE_SIGNATURE" != "1" + ]]; then LogMessage "\ WARNING: $LIST_NAME: REQUIRE_SIGNATURE should be set either to '0' or '1'. @@ -300,8 +313,26 @@ WARNING: $LIST_NAME: Setting REQUIRE_SIGNATURE to '1'." REQUIRE_SIGNATURE="1" fi - # check REPLAY_PROTECTION, REPLAY_COUNT and REPLAY_FILE values - if [[ -n "$REPLAY_PROTECTION" && "$REPLAY_PROTECTION" != "0" && "$REPLAY_PROTECTION" != "1" ]]; then + # check REPLIES_SHOULD_GO_TO_LIST value + if [[ -n "$REPLIES_SHOULD_GO_TO_LIST" && \ + "$REPLIES_SHOULD_GO_TO_LIST" != "0" && \ + "$REPLIES_SHOULD_GO_TO_LIST" != "1" + ]]; then + + LogMessage "\ +WARNING: $LIST_NAME: REPLIES_SHOULD_GO_TO_LIST should be set either to '0' or '1'. +WARNING: $LIST_NAME: Setting REPLIES_SHOULD_GO_TO_LIST to '0'." + REPLIES_SHOULD_GO_TO_LIST="0" + + elif [[ -z "$REPLIES_SHOULD_GO_TO_LIST" ]]; then + REPLIES_SHOULD_GO_TO_LIST="0" + fi + + # check REPLAY_PROTECTION value + if [[ -n "$REPLAY_PROTECTION" && \ + "$REPLAY_PROTECTION" != "0" && \ + "$REPLAY_PROTECTION" != "1" + ]]; then LogMessage "\ WARNING: $LIST_NAME: REPLAY_PROTECTION should be set either to '0' or '1'. @@ -312,38 +343,70 @@ WARNING: $LIST_NAME: Setting REPLAY_PROTECTION to '0'." REPLAY_PROTECTION="0" elif [[ "$REPLAY_PROTECTION" == "1" ]]; then - if [[ -n "$(echo "$REPLAY_COUNT" | tr -d '[:digit:]')" ]]; then + # check REPLAY_COUNT value + if [[ -n "$REPLAY_COUNT" && \ + -n "$(echo "$REPLAY_COUNT" | tr -d '[:digit:]')" + ]]; then LogMessage "\ -WARNING: $LIST_NAME: REPLAY_COUNT should contain just digits. +WARNING: $LIST_NAME: REPLAY_COUNT should be a number. WARNING: $LIST_NAME: Setting REPLAY_COUNT to '150'." REPLAY_COUNT="150" - else # REPLAY_COUNT is either empty/equals '0' (defaults to '150') or contains a valid value + elif [[ -z "$REPLAY_COUNT" ]]; then + REPLAY_COUNT="150" + else # REPLAY_COUNT is either set to 0 (defaults to 150) or + #+contains a valid value REPLAY_COUNT="$(( 10#$(echo "$REPLAY_COUNT" | tr -dc '[:digit:]') ))" if [[ "$REPLAY_COUNT" == "0" ]]; then + + LogMessage "\ +WARNING: $LIST_NAME: REPLAY_COUNT has to be greater than '0'. +WARNING: $LIST_NAME: Setting REPLAY_COUNT to '150'." REPLAY_COUNT="150" + fi fi - if [[ -z "$REPLAY_FILE" ]]; then + # check REPLAY_FILE value + if [[ -z "$(echo "$REPLAY_FILE" | tr -d '[:space:]')" ]]; then REPLAY_FILE="$REPLAY_DEFAULT_FILE" fi fi # check DELIVERY_RANDOMIZATION value - if [[ -n "$DELIVERY_RANDOMIZATION" && -n "$(echo "$DELIVERY_RANDOMIZATION" | tr -d '[:digit:]')" ]]; then + if [[ -n "$DELIVERY_RANDOMIZATION" && \ + -n "$(echo "$DELIVERY_RANDOMIZATION" | tr -d '[:digit:]')" + ]]; then LogMessage "\ -WARNING: $LIST_NAME: DELIVERY_RANDOMIZATION should contain just digits. +WARNING: $LIST_NAME: DELIVERY_RANDOMIZATION should be a number. WARNING: $LIST_NAME: Setting DELIVERY_RANDOMIZATION to '0'." DELIVERY_RANDOMIZATION="0" - else # DELIVERY_RANDOMIZATION is either empty (defaults to '0') or contains a valid value + else # DELIVERY_RANDOMIZATION is either empty (defaults to 0) or + #+contains a valid value + DELIVERY_RANDOMIZATION="$(( 10#$(echo $DELIVERY_RANDOMIZATION | tr -dc '[:digit:]') ))" + + fi + + # check SILENTLY_DISCARD_INVALID_MESSAGES value + if [[ -n "$SILENTLY_DISCARD_INVALID_MESSAGES" && \ + "$SILENTLY_DISCARD_INVALID_MESSAGES" != "0" && \ + "$SILENTLY_DISCARD_INVALID_MESSAGES" != "1" + ]]; then + + LogMessage "\ +WARNING: $LIST_NAME: SILENTLY_DISCARD_INVALID_MESSAGES should be set either to '0' or '1'. +WARNING: $LIST_NAME: Setting SILENTLY_DISCARD_INVALID_MESSAGES to '0'." + SILENTLY_DISCARD_INVALID_MESSAGES="0" + + elif [[ -z "$SILENTLY_DISCARD_INVALID_MESSAGES" ]]; then + SILENTLY_DISCARD_INVALID_MESSAGES="0" fi fi @@ -1292,7 +1355,7 @@ function ListAdministration { # SubscribeUsers, SendListPubkey # returns: 0 if task is executed successfully, # 1 if task can't be executed (command not found, too many/missing arguments, etc.), - # 2 if a quit command is entered + # 3 if a quit command is entered #------------------------------------------------------------- local -i return_code=0 @@ -1538,7 +1601,8 @@ function CheckPermission { fi if [[ $(ls -ld $file | cut -d " " -f 3) != "$FIRMA_USER" ]]; then - echo "WARNING: Configuration files must be owned by $FIRMA_USER! Wrong ownership for file $file" + LogMessage "WARNING: Configuration files must be owned by $FIRMA_USER! Wrong ownership for file $file" + return 1 fi return 0 @@ -1585,7 +1649,11 @@ function CheckValidEmail { # 1 if not #------------------------------------------------------------- - if ! echo $1 | grep -q '[^@]\+@[^@]\+'; then + local local_part='[[:alnum:]][[:alnum:]._+-]*[[:alnum:]]' + local domain='[[:alnum:]][[:alnum:].-]*[[:alnum:]]' + local tld='[[:alpha:]]\{2,6\}' + + if ! echo "$1" | grep -q "^${local_part}@${domain}\.${tld}$"; then return 1 else return 0 @@ -2099,15 +2167,15 @@ function EvalConfigParameter { # 1 if config file not found or missing parameter #------------------------------------------------------------- - if [[ ! -f "$1" ]]; then - echo "WARNING: file not found: $1" - return 1 - elif [[ -z "$2" ]]; then + if [[ "$#" != "2" ]]; then echo "WARNING: missing parameters on EvalConfigParameters." return 1 + elif [[ ! -f "$1" ]]; then + echo "WARNING: file not found: $1" + return 1 fi - echo "$(grep "^$2=" $1 | sed -e "s/^$2='//" -e "s/'$//" | sort -r | head -n 1)" + echo "$(grep "^$2=" $1 | sed -e "s/^$2='//" -e "s/'$//" | tail -n 1)" } @@ -2221,7 +2289,7 @@ function SourceListConfig { \tNOTE: The passphrase _has_ to be enclosed in single quotes and _cannot_ \tcontain any additional single quote as part of itself. It has to be at least \t25 characters long, combining numbers, upper and lower case letters and at -\tleast 5 special characters. Also, no character can be sequentially repeated +\tleast 1 special characters. Also, no character can be sequentially repeated \tmore than 4 times." || \ PASSPHRASE="$(EvalConfigParameter $LIST_CONFIG_FILE PASSPHRASE)" -- cgit v1.2.3