1 | Firma CHANGELOG |
---|
2 | --------------- |
---|
3 | |
---|
4 | 07/05/2012 - 0.3-git - rhatto |
---|
5 | |
---|
6 | - Misc updates to keep firma running on newer systems. |
---|
7 | |
---|
8 | 08/08/2007 - 0.3-cvs (rev 1.176) - luis |
---|
9 | |
---|
10 | - Message replay protection wasn't working at all. Fixed. |
---|
11 | |
---|
12 | - SIGNATURE_MADE_BY_SENDER checking wasn't working. Fixed. |
---|
13 | |
---|
14 | - REPLIES_SHOULD_GO_TO_LIST couldn't be disabled by setting |
---|
15 | it to zero. Fixed. |
---|
16 | |
---|
17 | - Improved config files checking. |
---|
18 | |
---|
19 | - Improved logging/printing routine. |
---|
20 | |
---|
21 | - Improved email address syntax checking. |
---|
22 | |
---|
23 | - Fixed a few more bugs in the list creation routine. |
---|
24 | |
---|
25 | 29/07/2007 - 0.3-cvs (rev 1.168) - luis |
---|
26 | |
---|
27 | - firma would always exit successfully (exit code = 0). Fixed. |
---|
28 | |
---|
29 | - Message signature checking was being completely skipped. Fixed. |
---|
30 | |
---|
31 | - Passphrase check for sequentially repeated characters wasn't |
---|
32 | working. Fixed. |
---|
33 | |
---|
34 | - Trying to create a list with the same name (same homedir path, |
---|
35 | actually) of an existing list would cause this list to be |
---|
36 | removed. Fixed. |
---|
37 | |
---|
38 | - firma's user and group would always be set to nobody:nobody, |
---|
39 | disregarding what was entered at the config files. Fixed. |
---|
40 | |
---|
41 | - Not all global variables were being unset at the end of firma's |
---|
42 | execution. Fixed. |
---|
43 | |
---|
44 | - Better list creation routine. Minor bugs fixed. |
---|
45 | |
---|
46 | 31/01/2007 - 0.3-cvs (rev 1.152) - luis |
---|
47 | |
---|
48 | - Removed firma dependecy on bc, cat and tac. |
---|
49 | |
---|
50 | 30/01/2007 - 0.3-cvs (rev 1.151) - luis |
---|
51 | |
---|
52 | - Re-enabling passphrase complexity checking. Not sure why I had |
---|
53 | commented out this part of the code. |
---|
54 | |
---|
55 | - s/Copyright (C) 2005/Copyright (C) 2005-2007/ |
---|
56 | |
---|
57 | - 1,$s/ERROR_MESSAGE=/LogMessage /. This way messages are |
---|
58 | automatically echoed/logged, allowing firma to deal with more |
---|
59 | than one error message on the same execution. So ERROR_MESSAGE |
---|
60 | is no more. |
---|
61 | |
---|
62 | - Removed firma dependecy on awk and test/[. |
---|
63 | |
---|
64 | 19/01/2007 - 0.3-cvs (rev 1.150) - rhatto |
---|
65 | |
---|
66 | Added command "listinfo" |
---|
67 | |
---|
68 | 12/11/2006 - 0.3-cvs (rev 1.148) - rhatto |
---|
69 | |
---|
70 | Increased SubscribeUsers verbosity; tagged as 0.3pre1 :) |
---|
71 | |
---|
72 | 18/10/2006 - 0.3-cvs (rev 1.145) - luis |
---|
73 | |
---|
74 | Fixed major bug: PGP/MIME handling would work only if variable |
---|
75 | REMOVE_THESE_HEADERS_ON_ALL_LISTS was not empty. |
---|
76 | |
---|
77 | 13/10/2006 - 0.3-cvs (rev 1.143) - rhatto |
---|
78 | |
---|
79 | Lots of stuff for today :) |
---|
80 | |
---|
81 | - new list config parameters: |
---|
82 | |
---|
83 | - DELIVERY_RANDOMIZATION: if non-zero, set a random |
---|
84 | delay between 0 and N seconds between each messsage |
---|
85 | delivery; if you run firma with a TLS-enabled MTA and |
---|
86 | mostly of the list messages are sent to others TLS-enabled |
---|
87 | MTAs, then this option will make harder to a sniffer detect |
---|
88 | the traffic of you mailing list, specially if your MTA |
---|
89 | already sends a lot of messages or if you're going |
---|
90 | to have a lot of encrypted mailing lists, all randomizing |
---|
91 | its delivery. |
---|
92 | |
---|
93 | - REPLAY_PROTECTION: when set to "yes", stores sha1sums |
---|
94 | of the last REPLAY_COUNT received messages; then, |
---|
95 | if some message with an already stored sha1sum, then |
---|
96 | its bounced back to the sender and considered as an attempt |
---|
97 | of replay attack. |
---|
98 | |
---|
99 | - REPLAY_COUNT: number of messages to store sha1sums; |
---|
100 | defaults to 10 and only used when REPLAY_PROTECTION |
---|
101 | is set to "yes". |
---|
102 | |
---|
103 | - REPLAY_FILE: file to store sha1sums of messages; |
---|
104 | only used when REPLAY_PROTECTION is set to "yes"; |
---|
105 | defaults to /var/log/firma/replay.db. |
---|
106 | |
---|
107 | - in function NewList: |
---|
108 | |
---|
109 | - changed variable DESCRIPTION to KEY_DESCRIPTION. |
---|
110 | - fixed key lenght size. |
---|
111 | - now key information (size and description) is written |
---|
112 | in the list config file; this can help in the future |
---|
113 | as key regeneration support is added. |
---|
114 | |
---|
115 | - fix in config parameters evaluation |
---|
116 | |
---|
117 | - new list config variable LIST_REQUEST_ADDRESS that defaults |
---|
118 | to listname-request@domain. |
---|
119 | |
---|
120 | - in function MimeWrapMessage: changed From: and Reply-To: to |
---|
121 | $LIST_REQUEST_ADDRESS. |
---|
122 | |
---|
123 | - new functions: |
---|
124 | |
---|
125 | - SetDeliveryRandomization |
---|
126 | - DeliveryRandomization |
---|
127 | - ReplayProtectionFlush |
---|
128 | - ReplayProtectionCheck |
---|
129 | |
---|
130 | - in function ReEncryptAndSendListMessage: added a call to |
---|
131 | DeliveryRandomization both when hidden recipient is enabled |
---|
132 | or disabled. |
---|
133 | |
---|
134 | - in function ProcessMessage: added call to ReplayProtectionCheck |
---|
135 | and else clause. |
---|
136 | |
---|
137 | 12/10/2006 - 0.3-cvs (rev 1.138) - rhatto |
---|
138 | |
---|
139 | - new config file evaluation scheme: now config files |
---|
140 | aren't sourced to firma script but instead every |
---|
141 | parameter is evaluated; this makes config evaluation |
---|
142 | more secure. |
---|
143 | |
---|
144 | - all help on admin commands can be obtained by command line: |
---|
145 | |
---|
146 | firma --help subscribe |
---|
147 | firma --help sendkey |
---|
148 | |
---|
149 | - removed config parameters information at the header of |
---|
150 | the script; now this message can be accessed by command line: |
---|
151 | |
---|
152 | firma --help config |
---|
153 | |
---|
154 | - new functions: |
---|
155 | |
---|
156 | - EvalConfigParam |
---|
157 | - SourceFirmaConfig |
---|
158 | - SourceListConfig |
---|
159 | - ConfigHelp |
---|
160 | - AdminHelp |
---|
161 | |
---|
162 | 12/10/2006 - 0.3-cvs (rev 1.127) - rhatto |
---|
163 | |
---|
164 | - now admin messages are being encrypted and then sent |
---|
165 | back to the administrator. |
---|
166 | |
---|
167 | - restored function MimeWrapMessage. |
---|
168 | |
---|
169 | - new function CreateMessageBodyPart. |
---|
170 | |
---|
171 | 11/10/2006 - 0.3-cvs (rev. 1.114) - rhatto |
---|
172 | |
---|
173 | - support of list administration via email |
---|
174 | |
---|
175 | - in function ParseGpgDecryptStderr: added variable |
---|
176 | SIGNATURE_MADE_BY_SENDER, that checks whether the |
---|
177 | signature was made by the sender of the email; |
---|
178 | this is important to check if admin tasks are |
---|
179 | really being request by the list administrator, etc. |
---|
180 | |
---|
181 | - new list config option REQUIRE_SIGNATURE= whether messages |
---|
182 | sent to the list should be (yes) or dont need to be signed |
---|
183 | to be processed (no); defaults to yes; this doesnt affect |
---|
184 | the way email administration works, when signature is mandatory. |
---|
185 | |
---|
186 | - in function ProcessMessage: |
---|
187 | |
---|
188 | - fixed typ0 LIST_ADMINS (should be LIST_ADMIN). |
---|
189 | - check whether SIGNATURE_MADE_BY_SENDER is true. |
---|
190 | - process message according value of MODE, so the function |
---|
191 | can process either normal list messages or admin |
---|
192 | commands. |
---|
193 | |
---|
194 | - in function ChooseUid: added expect exit status checking at |
---|
195 | the bottom of the function. |
---|
196 | |
---|
197 | - new command line option -e, --email-admin-task. |
---|
198 | |
---|
199 | - new global variable MODE is set either |
---|
200 | |
---|
201 | - "admin-interactive". |
---|
202 | - "admin-non-interactive". |
---|
203 | - "list-message". |
---|
204 | |
---|
205 | - new functions |
---|
206 | |
---|
207 | - AdminLog |
---|
208 | - EmailListAdministration |
---|
209 | - AllowMessageProcessing |
---|
210 | |
---|
211 | 10/10/2006 - 0.3-cvs (rev 1.89) - rhatto |
---|
212 | |
---|
213 | - minor fixes |
---|
214 | |
---|
215 | - new variables GPG_FLAGS_NO_BATCH and GPG_NO_BATCH |
---|
216 | for --no-batch processing. |
---|
217 | |
---|
218 | - in function NewList: |
---|
219 | |
---|
220 | - atomic list creation: if something fails, |
---|
221 | $LIST_HOMEDIR is erased. |
---|
222 | |
---|
223 | - fixed HOMEDIR evaluation. |
---|
224 | |
---|
225 | - input sanitizer. |
---|
226 | |
---|
227 | - can automatically create a passphrase. |
---|
228 | |
---|
229 | - can import admins pubkeys. |
---|
230 | |
---|
231 | - can send list pubkey to admins. |
---|
232 | |
---|
233 | - key size. |
---|
234 | |
---|
235 | - key expiration. |
---|
236 | |
---|
237 | 09/10/2006 - 0.3-cvs (rev 1.74) - rhatto |
---|
238 | |
---|
239 | - new admin commands: |
---|
240 | - "list" show list subscribers. |
---|
241 | - "subscribe" to add users to the list. |
---|
242 | - "sendkey" to send the list pubkey to a given user. |
---|
243 | - "sendkey" to send the list pubkey to a given user. |
---|
244 | - "info" get a subscriber pubkey information. |
---|
245 | |
---|
246 | - changed "quit" exit code on ListAdministration to |
---|
247 | 3 so the main function doesnt get confused between |
---|
248 | a gpg error (that usually is status code 1 or 2) |
---|
249 | and the list administration quit command. |
---|
250 | |
---|
251 | - new firma.conf and list.conf variable |
---|
252 | KEYSERVER= default keyserver to import/export keys |
---|
253 | (defaults to keyserver.noreply.org). |
---|
254 | |
---|
255 | - fixes on permission checking. |
---|
256 | |
---|
257 | - some other small fixes. |
---|
258 | |
---|
259 | - new functions: |
---|
260 | - UnsubscribeUser |
---|
261 | - SubscribeUsers |
---|
262 | - SendListPubkey |
---|
263 | - GetSubscribersInfo |
---|
264 | - FixListOwnership |
---|
265 | - RandomString |
---|
266 | |
---|
267 | - function NewList now asks whether to send or not |
---|
268 | the list pubkey to the admins. |
---|
269 | |
---|
270 | 07/10/2006 - 0.3-cvs (rev 1.49) - rhatto |
---|
271 | |
---|
272 | - new function LogMessage. |
---|
273 | |
---|
274 | - new function prototype UnsubscribeUser. |
---|
275 | |
---|
276 | - fixes on permission checking. |
---|
277 | |
---|
278 | 06/10/2006 - 0.3-cvs (rev 1.43) - rhatto |
---|
279 | |
---|
280 | - user and group verification added just in the bottom of function |
---|
281 | CheckFirmaConfigFile through firma or list configuration parameters |
---|
282 | USER and GROUP. |
---|
283 | |
---|
284 | - new global variable BASENAME contains firma program name. |
---|
285 | |
---|
286 | - NewList: now set permission and ownership to $USER and $GROUP |
---|
287 | in all files of the list folder. |
---|
288 | |
---|
289 | - new function CheckPermission. |
---|
290 | |
---|
291 | - new function CheckListPermissions. |
---|
292 | |
---|
293 | - permission checking when evaluation firma.conf and list |
---|
294 | config file. |
---|
295 | |
---|
296 | - README update |
---|
297 | |
---|
298 | 29/09/2006 - 0.3-cvs (revs. 1.37 - 1.4.2) - luis |
---|
299 | |
---|
300 | - Log to syslog: |
---|
301 | |
---|
302 | firma.conf related variables: |
---|
303 | |
---|
304 | LOG_TO_SYSLOG (on if set to "1") |
---|
305 | LOGGER_BINARY (path to logger's binary) |
---|
306 | SYSLOG_PRIORITY (defaults to "user.err") |
---|
307 | |
---|
308 | - Minimal message munging: By not breaking the MIME structure of messages, |
---|
309 | firma is now as PGP/MIME (and PGP/Inline) compliant as the MUAs used by |
---|
310 | the list subscribers. |
---|
311 | |
---|
312 | - Headers: Message headers are not edited in any way unless firma/the list |
---|
313 | is set to do so. |
---|
314 | |
---|
315 | firma.conf related variable: |
---|
316 | |
---|
317 | REMOVE_THESE_HEADERS_ON_ALL_LISTS |
---|
318 | (space separated case-insensitive entries) |
---|
319 | (may include regexps (e.g., X-.*) |
---|
320 | |
---|
321 | list.conf related variable: REMOVE_THESE_HEADERS (same as above) |
---|
322 | |
---|
323 | - Two new list configuration parameters |
---|
324 | |
---|
325 | SUBJECT_PREFIX |
---|
326 | (prefix to be included in the subject of list messages) |
---|
327 | REPLIES_SHOULD_GO_TO_LIST |
---|
328 | (if set to "1", a Reply-To header containing the list |
---|
329 | address is added to all list messages) |
---|
330 | |
---|
331 | - Body: firma only replaces the original encrypted block with a new one, |
---|
332 | encrypted to all list members. The rest of the message body, if any, |
---|
333 | is left untouched. |
---|
334 | |
---|
335 | - Bounce processing: |
---|
336 | |
---|
337 | A list can now be set to silently ignore invalid messages, instead |
---|
338 | of sending bounces as it normally does. |
---|
339 | |
---|
340 | list.conf related variable: |
---|
341 | |
---|
342 | SILENTLY_DISCARD_INVALID_MESSAGES (on if set to "1") |
---|
343 | |
---|
344 | - Non-fatal errors: Not all errors thrown by firma are fatal, as it used to be. |
---|
345 | Less critical errors just print/log a warning now. |
---|
346 | |
---|
347 | - Message sending: Messages are sent to all recipients at once. The addresses |
---|
348 | are passed as arguments to the mail program, so firma no longer depends on |
---|
349 | the To, Cc, Bcc headers of the message being sent. These headers are also |
---|
350 | left untouched on the original message. |
---|
351 | |
---|
352 | - Better performance: firma now processes both valid and invalid messages faster. |
---|
353 | |
---|
354 | 04/09/2005 - 0.3-cvs (rev 1.36) - luis |
---|
355 | |
---|
356 | - As a temporary solution until compliance to PGP/MIME standards |
---|
357 | can be implemented, messages are being decoded using the |
---|
358 | command "mimencode -q -u". This command assumes that the entire |
---|
359 | message is Quoted-Printable encoded. So, for now, no Base64 |
---|
360 | encoded messages should go through firma. |
---|
361 | |
---|
362 | - Message's signature checking is being more thoroughly parsed |
---|
363 | so that firma can send more specific bounce messages. Added |
---|
364 | three different messages, informing the sender either that |
---|
365 | his/her address is not subscribed to the list, or that the |
---|
366 | received message was not signed, or that it was not encrypted |
---|
367 | with the list's public key. |
---|
368 | |
---|
369 | - Signature checking output, as displayed in the top of the list |
---|
370 | messages, is more verbose now, showing all UIDs of the signing |
---|
371 | key instead of just the primary one. |
---|
372 | |
---|
373 | - Expired, revoked or disabled public keys are no longer |
---|
374 | processed when checking if a given list has any subscribers |
---|
375 | or when a message is being sent to the list. |
---|
376 | |
---|
377 | - GetSubscribersList output is now stored in variable |
---|
378 | SUBSCRIBERS_LIST for better performance of the functions |
---|
379 | depending on it. For the same reason, GetGpgDecryptStderr |
---|
380 | output is now stored in variable GPG_DECRYPT_STDERR. |
---|
381 | |
---|
382 | - Major changes on functions SendListMessage, SendWarningMessage, |
---|
383 | SendBounceMessage and ProcessMessage to implement all the items |
---|
384 | above. |
---|
385 | |
---|
386 | - Re-declared global array MESSAGE_BODY as a global variable and |
---|
387 | added/removed some other variables: |
---|
388 | |
---|
389 | recipients -> ( removed ) |
---|
390 | ( new ) -> GPG_DECRYPT_STDERR, SUBSCRIBERS_LIST |
---|
391 | |
---|
392 | - Added two small routines to declare/unset all global |
---|
393 | variables. |
---|
394 | |
---|
395 | 03/09/2005 - 0.3-cvs (rev 1.35) - luis |
---|
396 | |
---|
397 | - In the PASSPHRASE, characters can now be sequentially repeated |
---|
398 | up to 4 times instead of 3. |
---|
399 | |
---|
400 | 02/09/2005 - 0.3-cvs (rev 1.34) - luis |
---|
401 | |
---|
402 | - Added two optional (and experimental) parameters to firma.conf: |
---|
403 | USE_GPG_HIDDEN_RECIPIENT_OPTION and SEND_MESSAGES_USING_BCC. If |
---|
404 | both are enabled, firma will use GnuPG's --hidden-recipient |
---|
405 | option (available from version 1.4.0 onwards) and send list |
---|
406 | messages to all subscribers at once, using BCC. This should |
---|
407 | speed up message processing, specially on lists with several |
---|
408 | subscribers. |
---|
409 | |
---|
410 | - Major changes on functions SendListMessage and SendWarningMessage |
---|
411 | to implement the two options above, and some minor changes on |
---|
412 | functions SendBounceMessage and ProcessMessage. |
---|
413 | |
---|
414 | - Added a new check on function CheckFirmaConfigFile, to make sure |
---|
415 | GnuPG's version is 1.4.0 or later in case |
---|
416 | USE_GPG_HIDDEN_RECIPIENT_OPTION is enabled. |
---|
417 | |
---|
418 | - Added/removed some local variables: |
---|
419 | email -> ( removed ) |
---|
420 | ( new ) -> subscriber, email_address, recipients |
---|
421 | |
---|
422 | - Corrected misspelled words and fixed typos on comments. |
---|
423 | |
---|
424 | 30/08/2005 - v0.2.5 (rev 1.33) - rhatto |
---|
425 | |
---|
426 | - Added GPL copyright notice and firma contact email |
---|
427 | |
---|
428 | 23/08/2005 - 0.3-cvs (rev 1.32) - luis |
---|
429 | |
---|
430 | - Fixed a possible infinite loop (added on rev 1.30) on function |
---|
431 | GetMessageHeaders. It could be triggered, for example, by a |
---|
432 | message without a body. |
---|
433 | |
---|
434 | - Like the other header variables (FROM, SUBJECT), the variable |
---|
435 | DATE now holds only the given date and no longer the entire |
---|
436 | "Date:" line. |
---|
437 | |
---|
438 | 17/08/2005 - 0.3-cvs (rev 1.31) - luis |
---|
439 | |
---|
440 | - On function GetMessage, renamed variable "STDIN" |
---|
441 | to "stdin" and declared it as local. |
---|
442 | |
---|
443 | 17/08/2005 - 0.3-cvs (rev 1.30) - luis |
---|
444 | |
---|
445 | - Changed project description to: "firma: GnuPG-based encrypted |
---|
446 | mailing list manager" |
---|
447 | |
---|
448 | - Added/renamed/removed variables and arrays: |
---|
449 | |
---|
450 | o Configuration file variables: |
---|
451 | MAIL -> MAIL_AGENT |
---|
452 | MAIL_ARGS -> MAIL_AGENT_ARGS |
---|
453 | GPG -> GPG_BINARY |
---|
454 | LISTNAME -> LIST_ADDRESS |
---|
455 | LISTADMIN -> LIST_ADMIN |
---|
456 | GPGDIR -> LIST_HOMEDIR |
---|
457 | PASSWD -> PASSPHRASE |
---|
458 | |
---|
459 | o GnuPG variables: |
---|
460 | GPGFLAGS -> GPG_FLAGS |
---|
461 | GPGCOMMAND -> GPG |
---|
462 | GPGLIST -> GPG_LIST_KEYS |
---|
463 | GPGDECRYPT -> GPG_DECRYPT |
---|
464 | GPGENCRYPT -> GPG_ENCRYPT |
---|
465 | |
---|
466 | o Other global variables: |
---|
467 | FIRMA_LIST_PATH -> LISTS_DIR |
---|
468 | FROMADD -> SENDER_ADDRESS |
---|
469 | array -> ARRAY |
---|
470 | CONFIG_FILE -> LIST_NAME |
---|
471 | CONFIG_PATH -> LIST_PATH |
---|
472 | CONFIG -> LIST_CONFIG_FILE |
---|
473 | LINES, n, i -> ( removed ) |
---|
474 | ( new ) -> FIRMA_CONFIG_FILE |
---|
475 | |
---|
476 | o Global arrays: |
---|
477 | MESSAGE -> ORIG_MESSAGE |
---|
478 | GPG_MESSAGE -> ORIG_GPG_MESSAGE |
---|
479 | LIST_MESSAGE -> MESSAGE_BODY |
---|
480 | USED_ARRAYS -> GLOBAL_ARRAYS |
---|
481 | ADMINCOMMANDS -> ( removed ) |
---|
482 | ( new ) -> ORIG_MESSAGE_HEADERS |
---|
483 | |
---|
484 | o Local variables: |
---|
485 | ADMIN -> administrator |
---|
486 | EMAIL -> email |
---|
487 | KEYID -> keyid |
---|
488 | signal -> ( removed ) |
---|
489 | ( new ) -> element, i, j, uid_count, chosen_uid_number |
---|
490 | |
---|
491 | - firma now uses two different configuration files: a general one, |
---|
492 | containing the variables MAIL_AGENT, MAIL_AGENT_ARGS, GPG_BINARY and |
---|
493 | LISTS_DIR, and a list specific file, containing the variables |
---|
494 | LIST_ADDRESS, LIST_ADMIN, LIST_HOMEDIR and PASSPHRASE. |
---|
495 | |
---|
496 | - Edited the comments at the beginning of the script to reflect the |
---|
497 | change above. |
---|
498 | |
---|
499 | - As suggested by the Advanced Bash-Scripting Guide (ABSG)[1], added |
---|
500 | descriptive headers to all functions, describing its function, what |
---|
501 | it expects as input, on what other functions it depends and what exit |
---|
502 | codes it returns. |
---|
503 | |
---|
504 | - Also as suggested by the ABSG[1], renamed all functions from |
---|
505 | all_lower_case_names to MixedCaseNames. |
---|
506 | |
---|
507 | - Renamed some functions to make their use more clear: |
---|
508 | gpg_args -> DeclareGpgVars |
---|
509 | check_config -> split into two: CheckFirmaConfigFile |
---|
510 | and CheckListConfigFile |
---|
511 | get_gpg_stderr -> GetGpgDecryptStderr |
---|
512 | message_list -> SendListMessage |
---|
513 | message_list_error -> SendWarningMessage |
---|
514 | message_list_return -> SendBounceMessage |
---|
515 | list_admin -> ListAdministration |
---|
516 | |
---|
517 | - Added some more GnuPG flags: |
---|
518 | o To the GPG_FLAGS variable: --no-options, --no-default-keyring, |
---|
519 | --no-auto-check-trustdb |
---|
520 | o And to the GPG_ENCRYPT variable: --local-user $LIST_ADDRESS, |
---|
521 | --no-emit-version, --trust-model always |
---|
522 | The last one replaced the "--always-trust" option, since its |
---|
523 | deprecated according to GnuPG's manual. |
---|
524 | |
---|
525 | - Minor changes on functions: Usage, Check*ConfigFile, GetMessage, |
---|
526 | GetSubscribersList, SendListMessage, SendWarningMessage, |
---|
527 | SendBounceMessage, ProcessMessage, NewList and ChooseUid |
---|
528 | |
---|
529 | o Usage: |
---|
530 | Explained what options expect an argument; |
---|
531 | Commented out the -r (--list-request) option description, since |
---|
532 | it's not implemented yet; |
---|
533 | Added a description of the administrative tasks accepted by the |
---|
534 | -a option; |
---|
535 | Other minor changes. |
---|
536 | |
---|
537 | o Check*ConfigFile: |
---|
538 | Added a check to see if the LISTS_DIR is an existing directory; |
---|
539 | Added a check to avoid more than 3 sequential repetitions of the |
---|
540 | same character in the PASSPHRASE; |
---|
541 | Other minor changes in the PASSPHRASE, LIST_ADDRESS and |
---|
542 | LIST_ADMIN checks. |
---|
543 | |
---|
544 | o GetMessage: |
---|
545 | Added a check to see if the message was successfully stored in |
---|
546 | the ORIG_MESSAGE array. |
---|
547 | |
---|
548 | o GetSubscribersList: |
---|
549 | Added a check to see if there are any subscribers to send |
---|
550 | messages to in a given list. |
---|
551 | |
---|
552 | o SendListMessage, SendWarningMessage, SendBounceMessage: |
---|
553 | Just minor changes. |
---|
554 | |
---|
555 | o ProcessMessage: |
---|
556 | (* SECURITY FIX *) A public key with an UID containing GOODSIG |
---|
557 | in its name, comment or email address would be able to send |
---|
558 | messages to any list. And a UID containing BADSIG in any of |
---|
559 | these fields, would be able to send messages to the list |
---|
560 | administrator(s) of any list. Fixed. |
---|
561 | |
---|
562 | o NewList: |
---|
563 | Just minor changes. |
---|
564 | |
---|
565 | o ChooseUid: |
---|
566 | Declared keyid, uid_count and chosen_uid_number as local |
---|
567 | variables, moving them to the beginning of the function; |
---|
568 | Minor syntax changes in the checks; |
---|
569 | Added lots of comments, explaining what the checks and the |
---|
570 | expect script are doing. |
---|
571 | |
---|
572 | - Major changes on functions: GetGpgMessage, GetMessageHeaders, |
---|
573 | ListAdministration and "main" |
---|
574 | |
---|
575 | o GetGpgMessage: |
---|
576 | Improved function to run faster, specially when processing large |
---|
577 | messages (over 50KB or so). |
---|
578 | |
---|
579 | o GetMessageHeaders: |
---|
580 | Improved to run faster independent of the size of the message |
---|
581 | being processed. |
---|
582 | |
---|
583 | o ListAdministration: |
---|
584 | Structured function using the "case" bash builtin; |
---|
585 | Made command parsing more consistent: checking if a given |
---|
586 | command exists, if the right number of arguments were passed, |
---|
587 | if the arguments are valid for this command, and, if anything |
---|
588 | is wrong, showing descriptive and concise error messages; |
---|
589 | New administrative tasks can be easily added to this new nested |
---|
590 | "case" structure. |
---|
591 | |
---|
592 | o "main": |
---|
593 | Also structured using the "case" bash builtin; |
---|
594 | The long options --admin-task, --create-newlist, --help, |
---|
595 | --process-message and --version are now accepted; |
---|
596 | Commented out the -r (--list-request) option, since it's not |
---|
597 | implemented yet; |
---|
598 | Made the command-line options parsing more consistent (read |
---|
599 | explanation above); |
---|
600 | Changed "umask" from 0777 to 0077. Otherwise, function NewList |
---|
601 | cannot create configuration files for new lists; |
---|
602 | Improved parsing of option -a (--admin-task), removing |
---|
603 | unnecessary commands and routines from this part of the code; |
---|
604 | Again, new command-line options can be easily added to this new |
---|
605 | nested "case" structure. |
---|
606 | |
---|
607 | [1] http://www.tldp.org/LDP/abs/html/unofficialst.html |
---|
608 | |
---|
609 | 10/08/2005 - 0.3-cvs (rev 1.29) - rhatto |
---|
610 | |
---|
611 | - Fix: Now LIST_MESSAGE _really_ works |
---|
612 | |
---|
613 | 09/08/2005 - 0.3-cvs (rev 1.28) - rhatto |
---|
614 | |
---|
615 | - Deleted var 'x' |
---|
616 | |
---|
617 | 07/08/2005 - 0.3-cvs (rev 1.19) - rhatto |
---|
618 | |
---|
619 | - Main function organization |
---|
620 | - umask 0777 to prevent any files got wrong permissions |
---|
621 | - Created USED_ARRAYS containing all the used array names |
---|
622 | - Small routine to unset all arrays |
---|
623 | |
---|
624 | 07/05/2005 - 0.3-cvs (rev 1.13) - rhatto |
---|
625 | |
---|
626 | - firma now uses sendmail or any smtp wrapper directly: |
---|
627 | - Specify your smtp wrapper through MAIL var, e.g.: |
---|
628 | MAIL=/usr/sbin/sendmail |
---|
629 | MAIL=/usr/bin/ssmtp |
---|
630 | - Command-line arguments passed to the wrapper must |
---|
631 | be specified in var MAIL_ARGS |
---|
632 | - Change in functions get_message and get_gpg_message, |
---|
633 | introducing the variable LINES (total lines of the |
---|
634 | received message). |
---|
635 | - New array: LIST_MESSAGE: keeps the encrypted message |
---|
636 | sent to each subscriber; needed to the smtp wrapper |
---|
637 | and will help PGP/MIME handling. |
---|
638 | |
---|
639 | 05/08/2005 - 0.3-cvs (rev 1.6) - luis |
---|
640 | |
---|
641 | - New functions: list_admin, choose_uid and version. |
---|
642 | - Renamed functions |
---|
643 | GPGSTDERR -> get_gpg_stderr |
---|
644 | SUBSCRIBERS -> get_subscribers_list |
---|
645 | get_headers -> get_message_headers |
---|
646 | - New args: |
---|
647 | -h: calls function usage |
---|
648 | -v: calls function version |
---|
649 | - Option -a passes STDIN line by line to list_admin |
---|
650 | - Added some checks in the main procedure |
---|
651 | - Some minor syntax changes |
---|
652 | |
---|
653 | 02/08/2005 - 0.3-cvs - rhatto |
---|
654 | |
---|
655 | - Completed function newlist (still needs tests) |
---|
656 | - New function: gpg_args |
---|
657 | |
---|
658 | 25/05/2005 - v0.2.4 - rhatto |
---|
659 | |
---|
660 | - Message is now stored in two arrays, MESSAGE and GPG_MESSAGE. |
---|
661 | Temporary files are no longer needed. Deleted TMP var. |
---|
662 | - Adapted firma to work with these two arrays. Lots of changes along |
---|
663 | the code. |
---|
664 | - Reorganized the code again, splitting part of the process_message |
---|
665 | function into three new functions (get_message, get_gpg_message |
---|
666 | and get_headers). |
---|
667 | - new functions: get_message, get_gpg_message, get_headers, |
---|
668 | - added export LANG=en_US |
---|
669 | |
---|
670 | 14/05/2005 - v0.2.3 - rhatto |
---|
671 | |
---|
672 | - Changed project description. |
---|
673 | - Two new variables: VERSION and CONFIG. The later stores the path |
---|
674 | to the configuration file. |
---|
675 | - Reorganized the code, splitting it into two functions |
---|
676 | (check_config and process_message). |
---|
677 | - An exit code of 1 is now given if an error occurs. |
---|
678 | - Implemented a simple command line syntax: firma now has to be |
---|
679 | called along with an option (e.g., -p to process a message), |
---|
680 | followed by the path to the configuration file to be used. |
---|
681 | - Created a new function (usage), which displays firma's usage if |
---|
682 | its called without a command line option. |
---|
683 | - Rearranged some comments along the code. |
---|
684 | - New functions are: check_config, eval_config, usage, process_message and |
---|
685 | splited the code into these routines |
---|
686 | |
---|
687 | 12/05/2005 - v0.2.2 - luis |
---|
688 | |
---|
689 | major code cleanup and bug fix release |
---|
690 | |
---|
691 | - New: Implemented size and complexity checks for the lists' passphrase. |
---|
692 | - firma would not work as expected if the PASSWD variable contained |
---|
693 | characters such as $, `, ', ", \. Fixed. Now PASSWD has to be |
---|
694 | enclosed in single quotes and cannot contain any single quote in |
---|
695 | its value. |
---|
696 | - Checked the entire code and tried to make it clearer and more |
---|
697 | consistent. Lots of small changes and minor fixes. |
---|
698 | - BASH was looking for the configuration file first on its PATH and |
---|
699 | only then on the current directory. Disabled sourcepath to avoid |
---|
700 | this behavior. |
---|
701 | - A From header containing more than one "<" would turn the variable |
---|
702 | FROMADD useless. Fixed. |
---|
703 | - When a message's signature is found invalid, the notification |
---|
704 | about it is now sent separately for the sender and the list |
---|
705 | administrators. |
---|
706 | - Other minor fixes and improvements. |
---|
707 | - Fix LISTNAME and LISTADMIN case sensitiveness. |
---|
708 | |
---|
709 | 18/04/2005 - v0.2.1 - luis |
---|
710 | |
---|
711 | - Added some simple checks for the values entered in the |
---|
712 | configuration file. If any of these checks fail, firma exits and |
---|
713 | shows what should be corrected in the file. |
---|
714 | |
---|
715 | - GPGLIST now lists public keys using GnuPG's option |
---|
716 | "--with-colons". Definitely much easier to parse. |
---|
717 | |
---|
718 | - added --no-permission-warning on $GPGCOMMAND. |
---|
719 | |
---|
720 | - first tests with --hidden-recipient, but not added |
---|
721 | |
---|
722 | - Fixed the FROMADD variable. It wasn't working on the last version |
---|
723 | |
---|
724 | - FROMADD=$(echo $FROMADD \ |
---|
725 | | if grep -q "<" ; \ |
---|
726 | then echo $FROMADD | grep -o "<.*>" | sed -e "s/[<>]//g" ; \ |
---|
727 | else echo $FROMADD ; \ |
---|
728 | fi) |
---|
729 | |
---|
730 | + FROMADD=$(echo $FROM \ |
---|
731 | | if grep -q "<" ; \ |
---|
732 | then echo $FROM | grep -o "<.*>" | sed -e "s/[<>]//g" ; \ |
---|
733 | else echo $FROM ; \ |
---|
734 | fi) |
---|
735 | |
---|
736 | - created routines to check config file vars |
---|
737 | |
---|
738 | - changed SUBJECT to SUBJECT=$(grep -m 1 "^Subject:" $TMP | cut -d : -f 2- | sed "s/^ //") |
---|
739 | |
---|
740 | - changed FROM to FROM=$(grep -m 1 "^From:" $TMP | cut -f 2 -d :) |
---|
741 | |
---|
742 | 17/04/2005 - v0.2 - luis |
---|
743 | |
---|
744 | - Lists can now have a passphrase. Added option "--passphrase-fd 0" |
---|
745 | to the GPGDECRYPT and GPGENCRYPT variables. |
---|
746 | - Added a new variable to the configuration file: LISTADMIN. It |
---|
747 | should contain the email address of one or more list |
---|
748 | administrator(s). |
---|
749 | - Added signature checking for received messages. If the signature |
---|
750 | is found valid, the message is sent to the list. If its invalid, |
---|
751 | its returned to the sender and to the list administrator(s). If |
---|
752 | the message was not encrypted and/or signed, a note is returned |
---|
753 | to the sender. |
---|
754 | - Added a few options to the GPGCOMMAND variable: "--batch", |
---|
755 | "--no-tty", "--no-use-agent" and "--no-permission-warning". |
---|
756 | |
---|
757 | GPGCOMMAND="$GPG \ |
---|
758 | --quiet \ |
---|
759 | --homedir $GPGDIR \ |
---|
760 | --batch \ |
---|
761 | --no-tty \ |
---|
762 | --no-use-agent" |
---|
763 | |
---|
764 | - Added two new functions: GPGSTDERR and SUBSCRIBERS. The first gets |
---|
765 | GnuPG's STDERR and discards its STDOUT and the later returns the |
---|
766 | subscribers list. |
---|
767 | |
---|
768 | function GPGSTDERR { |
---|
769 | echo "$PASSWD" \ |
---|
770 | | ($GPGDECRYPT --status-fd 2 $TMP.gpg 1> /dev/null) 2>&1 ; |
---|
771 | } |
---|
772 | |
---|
773 | function SUBSCRIBERS { |
---|
774 | $GPGLIST \ |
---|
775 | | sed -n '/$LISTNAME/d;/pub/p' \ |
---|
776 | | grep -o '<.*>' \ |
---|
777 | | sed -e 's/[<>]//g' ; |
---|
778 | } |
---|
779 | |
---|
780 | - Added a new variable, FROMADD, which contains the sender's email |
---|
781 | address. |
---|
782 | |
---|
783 | FROMADD=$(echo $FROMADD \ |
---|
784 | | if grep -q '<' ; \ |
---|
785 | then echo $FROMADD | grep -o '<.*>' | sed -e 's/[<>]//g' ; \ |
---|
786 | else echo $FROMADD ; \ |
---|
787 | fi) |
---|
788 | |
---|
789 | TODO: find a better place to this var. |
---|
790 | |
---|
791 | Feb 2005 - v0.1 - rhatto |
---|
792 | |
---|
793 | - First public release and proof of concept. |
---|
794 | - Based on pgplist (http://www.rediris.es/app/pgplist/index.en.html), |
---|
795 | but completely written from scratch. |
---|
796 | - Strips all mail headers. |
---|
797 | - Use keyring as database. |
---|
798 | - List variables are sourced from a configuration file. |
---|
799 | - List subscription is managed through GnuPG's public keyrings, one |
---|
800 | keyring for each mailing list. |
---|
801 | - Message is read from STDIN, passed to it by postfix or some |
---|
802 | other MTA. |
---|
803 | - Encrypted message is saved in a temporary file on disk. The |
---|
804 | decrypted message though is not stored in disk, but passed to |
---|
805 | the MTA through a pipe. |
---|
806 | - Message is then decrypted, re-encrypted and sent separately to |
---|
807 | each list subscriber. |
---|
808 | |
---|