Revision 3d444084
Added by Marc Dequènes almost 16 years ago
- ID 3d4440844dbef4fedc839d7d9cb0408ab5cc94bd
lib/cyborghood/mail.rb | ||
---|---|---|
include ActionMailer::Quoting
|
||
include ActionMailer::Utils
|
||
|
||
MAX_DRIFT_TIME = 600
|
||
|
||
def initialize(msg = nil)
|
||
@config = Config.instance
|
||
|
||
... | ... | |
else
|
||
logger.info "Mail is from user #{user.uid} (#{user.cn})"
|
||
|
||
signed_content = pgp_signed_part()
|
||
if signed_content.multipart?
|
||
if signed_content.parts[0].content_type == "text/plain"
|
||
command_txt = signed_content.parts[0].body
|
||
refs = signed_content.parts.collect{|p| p.dup }
|
||
drift = Time.new.to_i - sig_check.timestamp.to_i
|
||
logger.debug "Signature drift time: #{drift}"
|
||
if drift > 0 and drift < MAX_DRIFT_TIME
|
||
signed_content = pgp_signed_part()
|
||
if signed_content.multipart?
|
||
if signed_content.parts[0].content_type == "text/plain"
|
||
command_txt = signed_content.parts[0].body
|
||
refs = signed_content.parts.collect{|p| p.dup }
|
||
end
|
||
else
|
||
command_txt = signed_content.body if signed_content.content_type == "text/plain"
|
||
refs = []
|
||
end
|
||
else
|
||
command_txt = signed_content.body if signed_content.content_type == "text/plain"
|
||
refs = []
|
||
end
|
||
|
||
if command_txt
|
||
commands = []
|
||
command_txt.each_line do |line|
|
||
line.chomp!
|
||
sline = line.strip
|
||
# skip empty lines and comments
|
||
next if sline == "" or sline[0, 1] == "#"
|
||
# stop processing when detecting message signature
|
||
break if line == "-- "
|
||
|
||
commands << sline
|
||
if command_txt
|
||
commands = []
|
||
command_txt.each_line do |line|
|
||
line.chomp!
|
||
sline = line.strip
|
||
# skip empty lines and comments
|
||
next if sline == "" or sline[0, 1] == "#"
|
||
# stop processing when detecting message signature
|
||
break if line == "-- "
|
||
|
||
commands << sline
|
||
end
|
||
|
||
logger.debug "Mail OK"
|
||
order = {:ok => true, :user => user, :commands => commands, :refs => refs}
|
||
else
|
||
order[:user] = user
|
||
logger.info "Mail does not contain a proper MIME part for commands"
|
||
end
|
||
|
||
order = {:ok => true, :user => user, :commands => commands, :refs => refs}
|
||
else
|
||
logger.info "Mail does not contain a proper MIME part for commands"
|
||
logger.info "Mail rejected as it may be a replay (signature timestamp is too old)"
|
||
order = {:ok => false, :user => user, :msg => "The signature was made too long ago (perhaps your system clock is not up-to-date). Rejected message to avoid replay attacks."}
|
||
end
|
||
end
|
||
else
|
Also available in: Unified diff
[evol] check if signature timestamp is not too old or reject it (first part of the replay protection)