Project

General

Profile

Download (10.6 KB) Statistics
| Branch: | Tag: | Revision:
d32ee48a Marc Dequenes
#--
# CyborgHood, a distributed system management software.
# Copyright (c) 2009 Marc Dequènes (Duck) <Duck@DuckCorp.org>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#++
30406d66 Marc Dequenes
# add Rails load path for Debian, until rails framework is split properly
a051c3cd Marc Dequenes
DEB_RAILS_PATH = "/usr/share/rails" unless Object.constants.include?("DEB_RAILS_PATH")
30406d66 Marc Dequenes
Dir.new(DEB_RAILS_PATH).each do |file|
next if file =~ /^\./
path = File.join(DEB_RAILS_PATH, file, "lib")
$: << path if File.directory?(path)
end

bc4894ce Marc Dequenes
require 'cyborghood/base'
require 'delegate'
require 'tmail'
861ef12d Marc Dequenes
require 'tmail_gpg'
30406d66 Marc Dequenes
require 'action_mailer/quoting'
require 'action_mailer/utils'
275e20ec Marc Dequenes
require 'net/smtp'
c7904e2c Marc Dequenes
require 'fileutils'
require 'digest/md5'

bc4894ce Marc Dequenes
# This class handles RFC3156 signed messages, validates them, and extract orders properly.
# Encrypted content are not implemented yet.
c427bfc7 Marc Dequenes
module CyborgHood
f0a75e9c Marc Dequènes (Duck)
class Command
attr_reader :cmdline, :cmdsplit

def initialize(cmdline, cmdsplit)
@cmdline = cmdline
@cmdsplit = cmdsplit
end
end

class SharedParameter
attr_reader :type, :content

def initialize(content, type = nil)
@content = content
@type = type
end
end

class ParameterReference
attr_reader :reference

def initialize(reference)
@reference = reference
end
end

5425b3f0 Marc Dequènes (Duck)
class Order
f0a75e9c Marc Dequènes (Duck)
attr_accessor :ok, :message, :system_message, :user, :commands, :shared_parameters
5425b3f0 Marc Dequènes (Duck)
attr_writer = :warn_sender

def initialize(ok, message = nil, system_message = nil)
@ok = ok
@message = message
@system_message = system_message
end

def warn_sender
# send reply message if user is identified or in selected situations
# (@warn_sender acts as an override)
@warn_sender || @user
end
end

c427bfc7 Marc Dequenes
class Mail < Delegator
30406d66 Marc Dequenes
include ActionMailer::Quoting
include ActionMailer::Utils
ebccdcc4 Marc Dequènes (Duck)
include GetText
30406d66 Marc Dequenes
145e9993 Marc Dequènes (Duck)
MAX_DRIFT_TIME = 3600
3d444084 Marc Dequenes
ebccdcc4 Marc Dequènes (Duck)
attr_accessor :user, :signature_timestamp
5425b3f0 Marc Dequènes (Duck)
30406d66 Marc Dequenes
def initialize(msg = nil)
275e20ec Marc Dequenes
@config = Config.instance

30406d66 Marc Dequenes
if msg.nil?
@mail = TMail::Mail.new
7193ea94 Marc Dequenes
set_custom_headers
ebccdcc4 Marc Dequènes (Duck)
elsif msg.is_a? TMail::Mail
@mail = msg
30406d66 Marc Dequenes
else
# unquote headers and transform into TMail object
@mail = TMail::Mail.parse(TMail::Unquoter.unquote_and_convert_to(msg, "UTF-8"))
end
c427bfc7 Marc Dequenes
end

def __getobj__
@mail
end

def parse
c7904e2c Marc Dequenes
if is_marked?
5425b3f0 Marc Dequènes (Duck)
return Order.new(false, "Replay detected.")
c7904e2c Marc Dequenes
end

960c259e Marc Dequenes
return parse_signed() if is_pgp_signed?
return parse_encrypted() if is_pgp_encrypted?
5425b3f0 Marc Dequènes (Duck)
# don't parse commands if user is not identified
return parse_plain if self.user

Order.new(false, "Mail not RFC3156 compliant.")
960c259e Marc Dequenes
end

09b32d70 Marc Dequenes
def create_reply
tmail_reply = @mail.create_reply
tmail_reply.from_addrs = TMail::Address.parse(@config.mail.from_address || self.to.first)
reply = self.class.new(tmail_reply.to_s)
reply.set_custom_headers
5425b3f0 Marc Dequènes (Duck)
reply.user = self.user
09b32d70 Marc Dequenes
reply
end

4311d63d Marc Dequènes (Duck)
def create_simple_reject_reply(msg)
reply = create_reply()
reply.set_content_type("text", "plain", {'charset' => "utf-8"})
ebccdcc4 Marc Dequènes (Duck)
reply.set_disposition("inline")
4311d63d Marc Dequènes (Duck)
reply.quoted_printable_body = msg
reply.sign
5425b3f0 Marc Dequènes (Duck)
reply.crypt(reply.user.keyFingerPrint) unless reply.user.nil?
4311d63d Marc Dequènes (Duck)
reply
end

09b32d70 Marc Dequenes
def set_custom_headers
@mail['Organization'] = @config.mail.organization
end

def check_headers
@mail.header.keys.each do |h|
@mail[h] = quote_address_if_necessary(@mail[h].to_s, "utf-8")
end
end

def deliver
check_headers

smtp_server = @config.mail.smtp_server || "localhost"
smtp_port = @config.mail.smtp_port || 25
smtp_from = @mail.from_addrs.collect{|a| a.address}.join(", ")
smtp_to = @mail.to_addrs.collect{|a| a.address}
Net::SMTP.start(smtp_server, smtp_port) do |smtp|
#p @mail.to_s
smtp.send_message(@mail.to_s, smtp_from, smtp_to)
end
end

def to_s
@mail.to_s
end

def crypt(fingerprint)
c0979b3e Marc Dequenes
@mail = @mail.create_encrypted(fingerprint)
09b32d70 Marc Dequenes
end

def sign
c0979b3e Marc Dequenes
# we don't check the uid, as their is only one signer
@mail = @mail.create_signed(@config.mail.key_id) do |uid_hint, passphrase_info, prev_was_bad|
09b32d70 Marc Dequenes
@config.mail.key_passphrase
end
end

def sign_and_crypt(fingerprint)
c0979b3e Marc Dequenes
# not using sign_and_crypt(), to avoid repeating code
09b32d70 Marc Dequenes
sign()
crypt(fingerprint)
end

def quoted_printable_body=(txt)
@mail.transfer_encoding = "quoted-printable"
@mail.body = [normalize_new_lines(txt)].pack("M*")
end

private

5425b3f0 Marc Dequènes (Duck)
def parse_plain
command_txt = nil
f0a75e9c Marc Dequènes (Duck)
shared_params = nil
5425b3f0 Marc Dequènes (Duck)
if multipart?
if parts[0].content_type == "text/plain"
command_txt = self.parts[0].body
f0a75e9c Marc Dequènes (Duck)
shared_params = {}
i = 1
self.parts.each do |p|
shared_params[i] = SharedParameter.new(p.body, p.content_type)
filename = p.header['content-type'].params('filename')
shared_params[filename] = ParameterReference.new(i) if filename
i += 1
end
5425b3f0 Marc Dequènes (Duck)
end
else
command_txt = self.body if self.content_type == "text/plain"
f0a75e9c Marc Dequènes (Duck)
shared_params = {}
5425b3f0 Marc Dequènes (Duck)
end
unless command_txt
7cae0102 Marc Dequènes (Duck)
order = Order.new(false, N_("Mail does not contain a proper text part for commands."))
5425b3f0 Marc Dequènes (Duck)
order.user = self.user
return order
end

commands = []
command_txt.each_line do |line|
line.chomp!
sline = line.strip
# skip empty lines and comments
next if sline == "" or sline[0, 1] == "#"
# stop processing when detecting message signature
break if line == "-- "
7193ea94 Marc Dequenes
f0a75e9c Marc Dequènes (Duck)
used_refs = []
cmd_parts = sline.shellsplit.collect do |word|
if =~ /^@([a-zA-Z0-9._-]+)$/
ref = $1
d_ref, d_param = dereference_param(shared_params, param)
# TODO: should add error message for attachment not found in the Command
used_refs << d_ref
d_param
else
word
end
end

commands << Command.new(sline, cmd_parts)
5425b3f0 Marc Dequènes (Duck)
end

f0a75e9c Marc Dequènes (Duck)
shared_params.delete_if{|ref, param| not used_refs.include?(ref) }

5425b3f0 Marc Dequènes (Duck)
logger.debug "Mail OK"
ebccdcc4 Marc Dequènes (Duck)
mark_processed(self.signature_timestamp)
5425b3f0 Marc Dequènes (Duck)
order = Order.new(true)
order.user = self.user
order.commands = commands
f0a75e9c Marc Dequènes (Duck)
order.references = shared_params
e9eb9974 Marc Dequènes (Duck)
order
5425b3f0 Marc Dequènes (Duck)
end

f0a75e9c Marc Dequènes (Duck)
def dereference_param(shared_params, param)
if param.is_a? SharedParameter
[ref, ParameterReference(ref)]
elsif param.is_a? ParameterReference
d_ref = param.reference
d_param = shared_params[d_ref]
return dereference_param(shared_params, d_param)
else
nil
end
end

5425b3f0 Marc Dequènes (Duck)
def parse_signed
09b32d70 Marc Dequenes
sigs_check = verify_pgp_signature()
7cae0102 Marc Dequènes (Duck)
return Order.new(false, N_("Mail not formatted correctly (signed part).")) if sigs_check.nil? or sigs_check.size != 1
09b32d70 Marc Dequenes
sig_check = sigs_check.first
7cae0102 Marc Dequènes (Duck)
return Order.new(false, N_("Mail content tampered or badly signed: ") + sig_check.to_s) unless sig_check.status == 0
5425b3f0 Marc Dequènes (Duck)
logger.info "Mail content was properly signed by key #{sig_check.fingerprint}"
user = Person.find_by_fingerprint(sig_check.fingerprint)
if user.nil?
7cae0102 Marc Dequènes (Duck)
order = Order.new(false, N_("Mail is from an unknown person."))
5425b3f0 Marc Dequènes (Duck)
order.warn_sender = true
return order
end

logger.info "Mail is from user #{user.uid} (#{user.cn})"
self.user = user

drift = Time.new.to_i - sig_check.timestamp.to_i
logger.debug "Signature drift time: #{drift}"
unless drift.abs < MAX_DRIFT_TIME
if drift > 0
7cae0102 Marc Dequènes (Duck)
order = Order.new(false, N_("The signature was made too long ago (check your system clock). Rejected message to avoid replay attacks."))
5425b3f0 Marc Dequènes (Duck)
order.user = self.user
c427bfc7 Marc Dequenes
else
5425b3f0 Marc Dequènes (Duck)
# mark message to prevent later replay of the message
mark_processed(sig_check.timestamp)
7cae0102 Marc Dequènes (Duck)
order = Order.new(false, N_("The signature was made in the future (check your system clock). Rejected message to avoid replay attacks."))
5425b3f0 Marc Dequènes (Duck)
order.user = self.user
c427bfc7 Marc Dequenes
end
5425b3f0 Marc Dequènes (Duck)
return order
c427bfc7 Marc Dequenes
end

5425b3f0 Marc Dequènes (Duck)
signed_content = pgp_signed_part()

# create a fake mail and chain parsing operations
plain_mail = self.class.new(signed_content)
plain_mail.user = self.user
ebccdcc4 Marc Dequènes (Duck)
plain_mail.signature_timestamp = sig_check.timestamp
5425b3f0 Marc Dequènes (Duck)
# propagate message_id to be able to mark messages (replay protection)
ebccdcc4 Marc Dequènes (Duck)
plain_mail.message_id = @mail.message_id
5425b3f0 Marc Dequènes (Duck)
return plain_mail.parse
c427bfc7 Marc Dequenes
end
275e20ec Marc Dequenes
960c259e Marc Dequenes
def parse_encrypted
catch :notforme do
begin
# block is not passed to delegate (limitation ?)
09b32d70 Marc Dequenes
clear_message = @mail.pgp_decrypt do |uid_hint, passphrase_info, prev_was_bad|
960c259e Marc Dequenes
logger.info "Mail crypted for #{uid_hint}"

# check if requesting passphrase for the expected key
key_id = passphrase_info.split(" ")[1]
throw :notforme if key_id != @config.mail.key_id[-(key_id.size)..-1]

# sending key
@config.mail.key_passphrase
end

# create a fake mail and chain parsing operations
clear_mail = self.class.new(clear_message)
5425b3f0 Marc Dequènes (Duck)
clear_mail.user = self.user
c7904e2c Marc Dequenes
# propagate message_id to be able to mark messages (replay protection)
clear_mail.message_id = @mail.message_id
960c259e Marc Dequenes
return clear_mail.parse
rescue GPGME::Error, NotImplementedError => e
raise CyberError.new(:unrecoverable, "protocol/mail", e.message)
end
end

7cae0102 Marc Dequènes (Duck)
Order.new(false, N_("Mail not formatted correctly (encrypted part)."))
960c259e Marc Dequenes
end
c7904e2c Marc Dequenes
def mark_dir
d4b5798a Marc Dequènes (Duck)
File.join(Config::VAR_DIR, "marks")
c7904e2c Marc Dequenes
end

def mark_filename
File.join(mark_dir(), Digest::MD5.hexdigest(self.message_id))
end

def mark_processed(time)
FileUtils.mkdir_p(mark_dir())
File.open(mark_filename(), "w") do |fp|
fp.write self.message_id
end
File.utime(Time.now.to_i, time.to_i, mark_filename())
end

def is_marked?
File.exists?(mark_filename())
end
c427bfc7 Marc Dequenes
end
end