From 8524147ac813553b3afb2cd26483898c697299f0 Mon Sep 17 00:00:00 2001 From: rhatto Date: Wed, 11 Oct 2006 17:14:51 +0000 Subject: added function AlowMessageProcessing and variable REQUIRE_SIGNATURE --- firma | 79 +++++++++++++++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 60 insertions(+), 19 deletions(-) (limited to 'firma') diff --git a/firma b/firma index ce00b1a..2de359f 100755 --- a/firma +++ b/firma @@ -77,6 +77,10 @@ # instead of sending bounces back to sender # KEYSERVER= default keyserver to import/export keys # (defaults to keyserver.noreply.org) +# REQUIRE_SIGNATURE= wheter messages sent to the list should be (yes) or dont +# need to be signed to be processed (no); defaults to yes; +# this doesnt affect the way email administration works, +# when signature is mandatory # # NOTE: The passphrase _has_ to be enclosed in single quotes and _cannot_ # contain any additional single quote as part of itself. It has to be at least @@ -262,6 +266,10 @@ WARNING: $LIST_NAME: Removing this address from LIST_ADMIN." FIRMA_GROUP="`grep "^GROUP=" $LIST_CONFIG_FILE | sed -e 's/"//g' -e "s/'//g" | cut -d = -f 2`" fi + if [ "$REQUIRE_SIGNATURE" != "yes" ] || [ "$REQUIRE_SIGNATURE" != "no" ]; then + REQUIRE_SIGNATURE="yes" + fi + return $return_code } @@ -774,18 +782,17 @@ function ProcessMessage { # if the message was encrypted with the list's public key and if the #+message signature is valid, send message to list subscribers - if [[ $ENCRYPTED_TO_LIST == 1 && $GOOD_SIGNATURE == 1 && $SIGNATURE_MADE_BY_SENDER == 1 ]]; then + if AllowMessageProcessing; then # check if the list has valid subscribers + GetMessageHeadersAndBody + EditListMessageHeaders + DecryptGpgMessage + if [ "$MODE" == "list-message" ]; then if GetSubscribersList; then - - GetMessageHeadersAndBody - EditListMessageHeaders - DecryptGpgMessage ReEncryptAndSendListMessage - else return_code=1 fi @@ -795,7 +802,7 @@ function ProcessMessage { # else, if the message was correctly encrypted but its signature is invalid, #+send a warning about this to the list administrator(s) and to sender - elif [[ $ENCRYPTED_TO_LIST == 1 && $BAD_SIGNATURE == 1 ]]; then + elif [ "$ENCRYPTED_TO_LIST" == "1" ] && [ "$BAD_SIGNATURE" == "1" ] && [ "$REQUIRE_SIGNATURE" == "yes" ]; then GetSenderAddress @@ -1351,8 +1358,8 @@ EOF function CheckPermission { #------------------------------------------------------------- # check if file has correct permissions (600) and also - # +if the file is owned by $FIRMA_USER - # +got the idea for this function from backupninja + #+if the file is owned by $FIRMA_USER + #+got the idea for this function from backupninja # # parameter(s): file name # depends on function(s): none @@ -1379,7 +1386,7 @@ function CheckPermission { function CheckListPermissions { #------------------------------------------------------------- # check if list files has correct permissions (600) and also - # +if the files are owned by $FIRMA_USER + #+if the files are owned by $FIRMA_USER # # parameter(s): list config file # depends on function(s): CheckPermission @@ -1479,8 +1486,6 @@ function LogMessage { # returns: 0 #------------------------------------------------------------- - # TODO: check whether we are in admin via email mode - # and then deal correctly with the log message local error_message error_message="$*" if [[ "$LOG_TO_SYSLOG" == 1 ]]; then @@ -1727,7 +1732,7 @@ function FixListOwnership { function RandomString { #------------------------------------------------------------- # print a random string - # +got it from http://funcoeszz.net/ + #+got it from http://funcoeszz.net/ # # parameter(s): string size (max 62) # depends on function(s): none @@ -1759,8 +1764,8 @@ function RandomString { function AdminLog { #------------------------------------------------------------- # check wheter admin is made via command line - # +or email and then log a message according to the - # +display mode + #+or email and then log a message according to the + #+display mode # # parameter(s): string # depends on function(s): none @@ -1785,11 +1790,9 @@ function EmailAdminTask { # 1 on failure :/ #------------------------------------------------------------- - # TODO: - parse commands - # - call admin functions - local -i return_code=0 local sender found + local command_list found=0 for sender in $LIST_ADMIN; do @@ -1800,7 +1803,10 @@ function EmailAdminTask { done if [ "$found" == "1" ]; then # message was sent by an admin - true # parse and process admin tasks + #+then, parse and process admin tasks + # TODO: - parse commands + # TODO: - call admin functions + command_list="`echo $DECRYPTED_MESSAGE`" else # message was sent by a normal subscriber # this is the body of the message to be sent, so no indentation here @@ -1813,6 +1819,40 @@ function EmailAdminTask { return $return_code } + +function AllowMessageProcessing { + #------------------------------------------------------------- + # check if the message has sufficient rights to be processed + # + # parameter(s): none + # depends on function(s): ParseGpgDecryptStderr + # returns: 0 if message has rights to be processed + # 1 if not + #------------------------------------------------------------- + + local -i return_code=0 + + if [ "$MODE" == "admin-non-interactive" ]; then + REQUIRE_SIGNATURE="yes" + fi + + if [ "$ENCRYPTED_TO_LIST" == "1" ]; then + if [ "$REQUIRED_SIGNATURE" == "yes" ]; then + if [ "$GOOD_SIGNATURE" == "1" ] && [ "$SIGNATURE_MADE_BY_SENDER" == "1" ]; then + return_code=0 + else + return_code=1 + fi + else + return_code=0 + fi + else + return_code=1 + fi + + return $return_code +} + #------------------------------------------------------------- # main() #------------------------------------------------------------- @@ -1854,6 +1894,7 @@ GLOBAL_VARS=" KEYSERVER MODE ADMIN_MESSAGE + REQUIRE_SIGNATURE SIGNATURE_MADE_BY_SENDER" FUNCTIONS=" -- cgit v1.2.3