|
#!/usr/bin/ruby -Ku
|
|
|
|
# http://www.ruby-doc.org/stdlib/libdoc/net/imap/rdoc/index.html
|
|
|
|
$: << "./lib"
|
|
|
|
#require 'socket'
|
|
require 'tempfile'
|
|
require 'shellwords'
|
|
require 'cyborghood/imap'
|
|
require 'cyborghood/mail'
|
|
require 'cyborghood/objects'
|
|
require 'cyborghood/services/dns'
|
|
|
|
#Socket.gethostname
|
|
|
|
class CommandParser
|
|
def self.run(order)
|
|
result_list = []
|
|
order.commands.each do |cmd|
|
|
logger.info "Executing command: #{cmd}"
|
|
begin
|
|
result_list << execute_cmd(order.user, cmd, order.refs)
|
|
rescue
|
|
logger.info "Command failed: " + $!
|
|
end
|
|
end
|
|
result_list
|
|
end
|
|
|
|
private
|
|
|
|
def self.execute_cmd(user, cmdstr, refs)
|
|
cmdline = Shellwords.shellwords(cmdstr)
|
|
subsys = cmdline.shift
|
|
|
|
result = OpenStruct.new
|
|
result.cmd = cmdstr
|
|
ok = true
|
|
case subsys.upcase
|
|
when "DNS"
|
|
case cmdline.shift.upcase
|
|
when "INFO"
|
|
if cmdline.empty?
|
|
list = CyborgHood::DnsDomain.find_by_manager(user)
|
|
txt_list = list.collect{|z| z.cn }.sort.join(", ")
|
|
logger.info "User is manager of the following zones: " + txt_list
|
|
result.message = "You are manager of the following zones: " + txt_list
|
|
else
|
|
ok = false
|
|
end
|
|
when "GET"
|
|
case cmdline.shift.upcase
|
|
when "ZONE"
|
|
zone = cmdline.shift.downcase
|
|
dom = CyborgHood::DnsDomain.new(zone)
|
|
logger.info "User requesting zone content for '#{zone}'"
|
|
if dom.hosted?
|
|
if dom.managed_by? user
|
|
logger.info "User is manager of the zone"
|
|
srv_dns = CyborgHood::Services::DNS.new(zone)
|
|
result.message = "Requested zone content attached."
|
|
result.refs = [srv_dns.read_zone]
|
|
else
|
|
logger.info "User is not allowed to manage the zone"
|
|
result.message = "You are not allowed to manage this zone."
|
|
end
|
|
else
|
|
logger.info "Zone not hosted"
|
|
result.message "This zone is not hosted here."
|
|
end
|
|
else
|
|
ok = false
|
|
end
|
|
when "SET"
|
|
case cmdline.shift.upcase
|
|
when "ZONE"
|
|
zone = cmdline.shift.downcase
|
|
dom = CyborgHood::DnsDomain.new(zone)
|
|
logger.info "User requesting zone content for '#{zone}'"
|
|
if dom.hosted?
|
|
if dom.managed_by? user
|
|
logger.info "User is manager of the zone"
|
|
srv_dns = CyborgHood::Services::DNS.new(zone)
|
|
|
|
content_ref = cmdline.shift.downcase
|
|
if content_ref =~ /^@(\d+)$/
|
|
part_ref = $1.to_i
|
|
if (1..refs.size).include? part_ref
|
|
part = refs[part_ref]
|
|
if part.content_type == "text/plain"
|
|
f = Tempfile.new(zone)
|
|
f.write(part.body)
|
|
f.close
|
|
logger.debug "Created temporary zone file '#{f.path}'"
|
|
|
|
srv_dns = CyborgHood::Services::DNS.new(zone)
|
|
current_serial = srv_dns.serial
|
|
logger.debug "Current serial: #{current_serial}"
|
|
|
|
result = srv_dns.check_zone_file(f.path)
|
|
if result.ok
|
|
logger.debug "New serial: #{result.serial}"
|
|
# allow new serial or missing serial (to allow creating a new zone or replacing a broken zone)
|
|
if current_serial.nil? or result.serial > current_serial
|
|
begin
|
|
srv_dns.write_zone_from_file(f.path)
|
|
logger.info "zone changed"
|
|
rescue
|
|
logger.debug "Writing zone file failed"
|
|
raise
|
|
ensure
|
|
f.close!
|
|
end
|
|
else
|
|
logger.info "zone serial is not superior to current serial"
|
|
result.message = "Zone serial is not superior to current serial."
|
|
f.close!
|
|
return result
|
|
end
|
|
else
|
|
logger.info "new zone file is invalid"
|
|
result.message = "invalid zone data"
|
|
f.close!
|
|
return result
|
|
end
|
|
|
|
f.close!
|
|
else
|
|
logger.info "attachment for zone is not plain text"
|
|
result.message = "Attachment has wrong type."
|
|
return result
|
|
end
|
|
else
|
|
logger.info "attachement for zone not found"
|
|
result.message = "Attachment number not found."
|
|
return result
|
|
end
|
|
else
|
|
ok = false
|
|
end
|
|
else
|
|
logger.info "User is not allowed to manage the zone"
|
|
result.message = "You are not allowed to manage this zone."
|
|
end
|
|
else
|
|
logger.info "Zone not hosted"
|
|
result.message "This zone is not hosted here."
|
|
end
|
|
else
|
|
ok = false
|
|
end
|
|
else
|
|
ok = false
|
|
end
|
|
else
|
|
ok = false
|
|
end
|
|
|
|
if not ok
|
|
result.message = "Command not recognized"
|
|
result.refs = nil
|
|
logger.info "Command not recognized: #{cmdstr}"
|
|
end
|
|
|
|
result
|
|
end
|
|
end
|
|
|
|
# imap.store(message_id, "+FLAGS", [:Deleted])
|
|
# imap.expunge()
|
|
|
|
module CyborgHood
|
|
# not yet ready to be a real Cyborg
|
|
class Postman #< Cyborg
|
|
def initialize
|
|
# load config
|
|
Config.load(self.human_name.downcase)
|
|
@config = Config.instance
|
|
|
|
ldap_config = @config.ldap
|
|
ldap_config.logger = logger
|
|
ActiveLdap::Base.establish_connection(ldap_config.marshal_dump)
|
|
|
|
# setup logs
|
|
unless @config.log.nil?
|
|
logger.output_level(@config.log.console_level) unless @config.log.console_level.nil?
|
|
logger.log_to_file(@config.log.file) unless @config.log.file.nil?
|
|
end
|
|
|
|
@stop_asap = false
|
|
|
|
logger.info "Bot '#{self.human_name}' loaded"
|
|
end
|
|
|
|
def run
|
|
imap = IMAP.new(@config.imap)
|
|
imap.check_mail do |msg|
|
|
if @stop_asap
|
|
logger.info "Bot was asked to stop..."
|
|
break
|
|
end
|
|
|
|
mail = Mail.new(msg)
|
|
logger.info "Received mail with ID '#{mail.message_id}': #{mail.from_addrs} -> #{mail.to_addrs} (#{mail.subject})"
|
|
|
|
# ignore mails not signed
|
|
unless mail.is_pgp_signed?
|
|
logger.info "Mail not signed or not RFC3156 compliant, ignoring..."
|
|
next
|
|
end
|
|
|
|
logger.debug "Signed content detected"
|
|
begin
|
|
order = mail.parse
|
|
rescue CyberError => e
|
|
case e.severity
|
|
when :dangerous
|
|
logger.fatal " (#{e.message})"
|
|
exit 2
|
|
when :unrecoverable
|
|
logger.error "Internal processing error, skipping mail (#{e.message})"
|
|
next
|
|
when :ignorable
|
|
end
|
|
end
|
|
if order.nil?
|
|
logger.info "Mail is invalid, ignoring..."
|
|
next
|
|
elsif not order.ok
|
|
mail_reply = mail.create_reply
|
|
mail_reply.quoted_printable_body = "A message (ID: #{mail.message_id}) apparently from you was rejected for the following reason:\n #{order.msg}"
|
|
mail_reply.deliver
|
|
next
|
|
end
|
|
|
|
result_list = CommandParser.run(order)
|
|
|
|
mail_reply = mail.create_reply
|
|
reply_txt = "Hello #{order.user.cn},\n\nFollows the transcript of your commands:\n"
|
|
reply_attachments = []
|
|
result_list.each do |result|
|
|
reply_txt << "> #{result.cmd}\n"
|
|
reply_txt << "#{result.message}\n"
|
|
reply_attachments += result.refs unless result.refs.nil?
|
|
end
|
|
if reply_attachments.empty?
|
|
mail_reply.set_content_type("text", "plain")
|
|
mail_reply.set_disposition("inline")
|
|
mail_reply.quoted_printable_body = reply_txt
|
|
else
|
|
|
|
mail_reply.set_content_type("multipart", "mixed", {'boundary' => TMail.new_boundary})
|
|
parts = []
|
|
|
|
p = CyborgHood::Mail.new
|
|
p.set_content_type("text", "plain", {'charset' => "utf-8"})
|
|
p.set_disposition("inline")
|
|
p.quoted_printable_body = reply_txt
|
|
mail_reply.parts << p
|
|
|
|
reply_attachments.each do |attachment|
|
|
p = CyborgHood::Mail.new
|
|
p.set_content_type("text", "plain", {'charset' => "utf-8"})
|
|
p.set_disposition("attachment", {'filename' => "test.rb"})
|
|
p.quoted_printable_body = attachment
|
|
mail_reply.parts << p
|
|
end
|
|
end
|
|
mail_reply.crypt(order.user.keyFingerPrint)
|
|
mail_reply.deliver
|
|
end
|
|
end
|
|
|
|
def ask_to_stop
|
|
@stop_asap = true
|
|
end
|
|
end
|
|
end
|
|
|
|
bot = CyborgHood::Postman.new
|
|
|
|
trap('INT') do
|
|
bot.ask_to_stop
|
|
end
|
|
trap('TERM') do
|
|
bot.ask_to_stop
|
|
end
|
|
|
|
bot.run
|