From d537807a246969b4707490b820d2faefdc6af579 Mon Sep 17 00:00:00 2001 From: luis Date: Thu, 2 Aug 2007 04:33:31 +0000 Subject: - SIGNATURE_MADE_BY_SENDER checking wasn't working. Fixed. - Better firma config file checking. --- firma | 108 ++++++++++++++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 75 insertions(+), 33 deletions(-) (limited to 'firma') diff --git a/firma b/firma index 8e38bab..3c8dc73 100755 --- a/firma +++ b/firma @@ -131,12 +131,49 @@ function CheckFirmaConfigFile { local -i return_code=0 + # check LOG_TO_SYSLOG value first, since it will define if firma + #+should print or log error messages + if [[ -n "$LOG_TO_SYSLOG" && \ + "$LOG_TO_SYSLOG" != "0" && \ + "$LOG_TO_SYSLOG" != "1" + ]]; then + + LOG_TO_SYSLOG="0" + LogMessage "\ +WARNING: LOG_TO_SYSLOG should be set either to '0' or '1'. +WARNING: Setting LOG_TO_SYSLOG to '0'." + + elif [[ -z "$LOG_TO_SYSLOG" ]]; then + LOG_TO_SYSLOG="0" + elif [[ "$LOG_TO_SYSLOG" == "1" ]]; then + + if [[ ! -f "$LOGGER_BINARY" || ! -x "$LOGGER_BINARY" ]]; then + + LOG_TO_SYSLOG="0" + LogMessage "\ +WARNING: logger binary ($LOGGER_BINARY) could not be found. +WARNING: Setting LOG_TO_SYSLOG to '0'." + + else + + # set SYSLOG_PRIORITY to the default value, if needed + SYSLOG_PRIORITY=${SYSLOG_PRIORITY:-"user.err"} + + fi + + fi + + # check GPG_BINARY value if [[ ! -f "$GPG_BINARY" || ! -x "$GPG_BINARY" ]]; then LogMessage "FATAL: GPG binary ($GPG_BINARY) could not be found. Quitting." return_code=1 + + # check MAIL_AGENT value elif [[ ! -f "$MAIL_AGENT" || ! -x "$MAIL_AGENT" ]]; then LogMessage "FATAL: Mail transport agent binary ($MAIL_AGENT) could not be found. Quitting." return_code=1 + + # check LISTS_DIR value elif [[ ! -d "$LISTS_DIR" ]]; then LogMessage "FATAL: Lists directory ($LISTS_DIR) could not be found. Quitting." return_code=1 @@ -144,20 +181,30 @@ function CheckFirmaConfigFile { # optional parameters else - if [[ "$USE_GPG_HIDDEN_RECIPIENT_OPTION" == "1" && "$($GPG_BINARY --version | head -n1 | tr -dc '[:digit:]')" -lt "140" ]]; then + # check USE_GPG_HIDDEN_RECIPIENT_OPTION value + if [[ -n "$USE_GPG_HIDDEN_RECIPIENT_OPTION" && \ + "$USE_GPG_HIDDEN_RECIPIENT_OPTION" != "0" && \ + "$USE_GPG_HIDDEN_RECIPIENT_OPTION" != "1" + ]]; then + LogMessage "\ -WARNING: GPG's \"--hidden-recipient\" option is only available from version 1.4.0 onwards. +WARNING: USE_GPG_HIDDEN_RECIPIENT_OPTION should be set either to '0' or '1'. WARNING: Setting USE_GPG_HIDDEN_RECIPIENT_OPTION to '0'." - USE_GPG_HIDDEN_RECIPIENT_OPTION=0 - fi + USE_GPG_HIDDEN_RECIPIENT_OPTION="0" + + elif [[ -z "$USE_GPG_HIDDEN_RECIPIENT_OPTION" ]]; then + USE_GPG_HIDDEN_RECIPIENT_OPTION="0" + elif [[ "$USE_GPG_HIDDEN_RECIPIENT_OPTION" == "1" ]]; then + + if [[ "$($GPG_BINARY --version | head -n1 | tr -dc '[:digit:]')" -lt "140" ]]; then - if [[ "$LOG_TO_SYSLOG" == "1" ]]; then - if [[ ! -f "$LOGGER_BINARY" || ! -x "$LOGGER_BINARY" ]]; then LogMessage "\ -WARNING: logger binary ($LOGGER_BINARY) could not be found. -WARNING: Setting LOG_TO_SYSLOG to '0'." - LOG_TO_SYSLOG=0 +WARNING: GPG's \"--hidden-recipient\" option is only available from version 1.4.0 onwards. +WARNING: Setting USE_GPG_HIDDEN_RECIPIENT_OPTION to '0'." + USE_GPG_HIDDEN_RECIPIENT_OPTION="0" + fi + fi if [[ -z "$(echo "$FIRMA_USER" | tr -d '[:space:]')" ]]; then @@ -275,7 +322,7 @@ WARNING: $LIST_NAME: Setting REPLAY_COUNT to '150'." else # REPLAY_COUNT is either empty/equals '0' (defaults to '150') or contains a valid value REPLAY_COUNT="$(( 10#$(echo "$REPLAY_COUNT" | tr -dc '[:digit:]') ))" - if [[ "$REPLAY_COUNT" -eq "0" ]]; then + if [[ "$REPLAY_COUNT" == "0" ]]; then REPLAY_COUNT="150" fi @@ -399,16 +446,16 @@ function ParseGpgDecryptStderr { cut -d : -f 5 )" then - ENCRYPTED_TO_LIST=1 + ENCRYPTED_TO_LIST="1" # if it was, check if its signature is valid if echo "$gpg_decrypt_stderr" | \ grep -q '^\[GNUPG:] GOODSIG' then - GOOD_SIGNATURE=1 + GOOD_SIGNATURE="1" - if [[ -n "$SENDER_ADDRESS" ]]; then + if [[ -z "$SENDER_ADDRESS" ]]; then GetSenderAddress fi @@ -427,21 +474,21 @@ function ParseGpgDecryptStderr { echo "$gpg_decrypt_stderr" | \ grep -q '^\[GNUPG:] BADSIG' then - BAD_SIGNATURE=1 + BAD_SIGNATURE="1" # else, check if the signature couldn't be verified elif echo "$gpg_decrypt_stderr" | \ grep -q '^\[GNUPG:] ERRSIG' then - SIGNATURE_CHECKING_FAILED=1 + SIGNATURE_CHECKING_FAILED="1" # else, check if the message could at least be decrypted elif echo "$gpg_decrypt_stderr" | \ grep -q '^\[GNUPG:] DECRYPTION_OKAY' then - MESSAGE_DECRYPTION_OKAY=1 + MESSAGE_DECRYPTION_OKAY="1" fi fi @@ -537,8 +584,8 @@ function EditListMessageHeaders { if [[ -n "$REMOVE_THESE_HEADERS" ]]; then # remove local variables contents, in case they have been used above - header='' - sed_args='' + header="" + sed_args="" for header in $REMOVE_THESE_HEADERS; do sed_args="$sed_args -e /^${header}/Id" @@ -646,7 +693,7 @@ function GetSenderAddress { local from - from=$(echo "$ORIG_MESSAGE" | grep -im 1 '^From:') + from="$(echo "$ORIG_MESSAGE" | grep -im 1 '^From:')" SENDER_ADDRESS=$( if [[ -z "$(echo $from | grep '>$')" ]]; then echo $from @@ -1482,9 +1529,9 @@ function CheckPermission { #------------------------------------------------------------- local file="$1" - local perms="$(ls -ld $file)" + local perms="$(ls -ld "$file")" - perms=${perms:4:6} + perms="${perms:4:6}" if [[ "$perms" != "------" ]]; then LogMessage "WARNING: Configuration files must not be group or world writable/readable! Wrong permission for file $file" return 1 @@ -1853,16 +1900,16 @@ function RandomString { n="$(( 10#$(echo "$1" | tr -dc '[:digit:]') ))" if [[ "$n" == "0" ]]; then - n=6 + n="6" fi - if [[ $n -gt 62 ]]; then + if [[ "$n" -gt "62" ]]; then return 1 fi - while [[ $n -ne 0 ]]; do n=$((n-1)) ; pos=$((RANDOM%${#alpha}+1)) + while [[ "$n" != "0" ]]; do n="$((n-1))" ; pos="$((RANDOM%${#alpha}+1))" echo -n "$alpha" | sed "s/\(.\)\{$pos\}.*/\1/" - alpha=$(echo $alpha | sed "s/.//$pos") + alpha="$(echo $alpha | sed "s/.//$pos")" done | tr -d '\012' ; echo return 0 @@ -1901,10 +1948,10 @@ function EmailListAdministration { local sender found local command - found=0 + found="0" for sender in $LIST_ADMIN; do if [[ "$sender" == "$SENDER_ADDRESS" ]]; then - found=1 + found="1" break fi done @@ -2473,11 +2520,6 @@ case $# in # evaluate its parameters SourceFirmaConfig - # set SYSLOG_PRIORITY to the default value, if needed - if [[ "$LOG_TO_SYSLOG" == "1" ]]; then - SYSLOG_PRIORITY=${SYSLOG_PRIORITY:-"user.err"} - fi - # and finally check firma.conf parameters and permissions if CheckFirmaConfigFile && CheckPermission $FIRMA_CONFIG_FILE; then @@ -2513,7 +2555,7 @@ case $# in -a|--admin-task) MODE="admin-interactive" - # while a quit command isn't entered (returns 2), read STDIN + # while a "quit" command isn't entered (returns 3), read STDIN while (( $EXIT_CODE != 3 )) && read -rep "Command> " STDIN; do # if line is not empty or commented, process command if [[ -n "$STDIN" && "$STDIN" != "#"* ]]; then -- cgit v1.2.3