Inn-2.4.5.filter nnrpd.patch

--- inn-2.4.5/samples/filter_nnrpd.pl 2008-06-29 19:56:57.000000000 +0200 +++ inn-2.4.5/samples/filter_nnrpd.pl 2009-01-03 00:10:35.000000000 +0100 @@ -1,5 +1,5 @@ # -# $Id: filter_nnrpd.pl 5981 2002-12-12 05:01:42Z vinocur $ +# $Id: filter_nnrpd.pl, 2009/01/03 open.news.network.org $ # # Sample perl filtering code for nnrpd hook. # @@ -27,6 +27,14 @@ my %config = (checkincludedtext => 0, # # Sample filter # +# for Encryption use Crypt::CBC; +use Crypt::CBC; +use Compress::Zlib; +use MIME::Base64; +use Digest::HMAC_SHA1; +use Digest::SHA1; + + sub filter_post { my $rval = "" ; # assume we'll accept. # @@ -34,14 +42,14 @@ sub filter_post { ### in their subject, or which have a "Re: " subject, but noReferences: ### header, or which have an invalid From. # -## if ($hdr{"Subject"} =~ /make.*money/i) { -## $rval = "Spam is not acceptable here..." ; -## } elsif ($hdr{'Subject'} =~ /^Re: /o and $hdr{'References'} eq "") { -## $rval = "Followup without References:"; -## } elsif ($hdr{'From'} =~ /^\w*$/o or -## $hdr{'From'} !~ /^(.+?)\@([-\w\d]+\.)*([-\w\d]+)\.([-\w\d]{2,})$/o) { -## $rval = "From: is invalid, must be user\@[host.]domain.tld"; -## } + if ($hdr{"Subject"} =~ /make.*money/i) { + $rval = "Spam is not acceptable here..." ; +### } elsif ($hdr{'Subject'} =~ /^Re: /o and $hdr{'References'} eq "") { +### $rval = "Followup without References:"; +### } elsif ($hdr{'From'} =~ /^\w*$/o or +### $hdr{'From'} !~ /^(.+?)\@([-\w\d]+\.)*([-\w\d]+)\.([-\w\d]{2,})$/o) { +### $rval = "From: is invalid, must be user\@[host.]domain.tld"; + } ### The next block rejects articles with too much quoted text, if the @@ -55,6 +63,127 @@ sub filter_post { } } +########################### +# ka private hierachie rules +############################ + +@newsgroups = split(/,/, $hdr{"Newsgroups"}); + foreach (@newsgroups) { + if (/^ka\./i) { + $ka++; + } else { + $nka++; + } + if (/^net\./i) { + $net++; + } else { + $notnet++; + } + + + } + if ($ka && $nka) { + if (!defined($hdr{"Followup-To"})) { + $fka = 1; + } else { + @followupgroups = split(/,/, $hdr{"Followup-To"}); + foreach (@followupgroups) { + if (/^ka\./i){ + $fka++; + } + } + } + if ($fka) { + $rval = "Keine Crosspostings nach ka.* (-> http://www.karlsruhe.org/)"; + } + } + if ($ka > 3) { + $rval = "Zu viele Gruppen fuer ka.* (-> http://www.karlsruhe.org/)"; + } + + + + + +############################################################## +# encrytion +# Christian Gall +# sub encrypt see below +############################################################# + + +######################### +# X-Trace encrypt +######################## + + if ($hdr{'X-Trace'} =~ /^(\S+)\s+(.*)\s+(\([^\)]+\))$/) { + # $hdr{'X-Trace'} = "$1 " . encrypt($2) . " $3"; + $hdr{'X-Trace'} = "$1 ".encode_base64(compress(encrypt($2)),"")." $3"; + $modify_headers = 1; + } + +############################################# +# NNTP-Posting-HOST encrypt and Cancelock +############################################## + if($hdr{'Control'}){ + @control = split(/ /, $hdr{"Control"}); + + foreach(@control) { + if (/^cancel/i) { + $cancel++; + } + $CancelID = $_; + } + } + + if ($hdr{'NNTP-Posting-Host'}) { + $hdr{'NNTP-Posting-Host'} = encode_base64(encrypt($hdr{'NNTP-Posting-Host' }),""); + $hdr{'X-User-ID'} = encode_base64(encrypt($user ),""); + if($hdr{'Cancel-Lock'}) { + $newlock = $hdr{'Cancel-Lock'}; + $hmac = Digest::HMAC_SHA1->new("admin"); + $data = "cancel ".$hdr{'Message-ID'}."$CANCELLOCK"; + $hmac->add("$data"); + $digest = $hmac->b64digest; + $lock = encode_base64(Digest::SHA1::sha1($digest),""); + $hdr{'Cancel-Lock'} = $newlock." sha1:".$lock.""; + } + + if(!$hdr{'Cancel-Lock'}) { + $hmac = Digest::HMAC_SHA1->new("$user"); + $data = "cancel ".$hdr{'Message-ID'}."$CANCELLOCK"; + $hmac->add("$data"); + $digest = $hmac->b64digest; + $lock = encode_base64(Digest::SHA1::sha1($digest),""); + $hdr{'Cancel-Lock'} = "sha1:".$lock.""; + } + + # if($cancel) { + if($cancel && !$hdr{'Cancel-Key'}) { + $hmac = Digest::HMAC_SHA1->new("$user"); + $data = $hdr{'Control'}."$CANCELLOCK"; + $hmac->add($data); + $digest = $hmac->b64digest; + $schluessel = $digest; + $hdr{'Cancel-key'} = "sha1:".$schluessel; + } + if($hdr{'Supersedes'} && !$hdr{'Cancel-Key'}) { + $hmac = Digest::HMAC_SHA1->new("$user"); + $data = "cancel ".$hdr{'Supersedes'}."$CANCELLOCK"; + $hmac->add($data); + $digest = $hmac->b64digest; + $schluessel = $digest; + $hdr{'Cancel-key'} = "sha1:".$schluessel; + } + + $modify_headers = 1; + + } + + + + + return $rval; } @@ -72,3 +201,41 @@ sub analyze { return ($lines, $quoted, $antiquoted); } + +######################################### +# encrypt X-header +######################################## + +sub encrypt { + + my $line = shift; + my $cipher = Crypt::CBC->new( { + 'key' => 'ServerVerySecretKey', + 'cipher' => 'Blowfish', + 'prepend_iv' => 1 + }); + return $cipher->encrypt_hex($line); +} + + +################################################### +# Für das Entschlüsseln: +# +# +# use strict; +# use warnings; +# +# use Crypt::CBC; +# +# my $cipher = Crypt::CBC->new( { +# 'key' => '', +# 'cipher' => 'Blowfish', +# 'prepend_iv' => 1 +# }); + +# my $encrypted = ; +# chomp($encrypted); +# +# print $cipher->decrypt_hex($encrypted) . "\n"; +# +
Nicht definiert