1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
package Echolot::Tools;
# (c) 2002 Peter Palfrader <peter@palfrader.org>
# $Id: Tools.pm,v 1.4 2002/07/10 21:46:28 weasel Exp $
#
=pod
=head1 Name
Echolot::Tools - Tools for echolot
=head1 DESCRIPTION
=cut
use strict;
use warnings;
use Carp qw{cluck};
use Digest::MD5 qw{};
sub hash($) {
my ($data) = @_;
($data) = $data =~ m/(.*)/s; # untaint
my $hash = Digest::MD5::md5_hex($data);
return $hash;
};
sub make_random($;%) {
my ($length, %args) = @_;
my $random;
open (FH, Echolot::Config::get()->{'dev_random'}) or
cluck("Cannot open ".Echolot::Config::get()->{'dev_random'}." for reading: $!"),
return 0;
read(FH, $random, $length) or
cluck("Cannot read from ".Echolot::Config::get()->{'dev_random'}.": $!"),
return 0;
close (FH) or
cluck("Cannot close ".Echolot::Config::get()->{'dev_random'}.": $!"),
return 0;
$random = unpack('H*', $random)
if ($args{'armor'} == 1);
return $random;
};
sub make_mac($) {
my ($token) = @_;
my $mac = hash($token . Echolot::Globals::get()->{'storage'}->get_secret() );
return $mac;
};
sub verify_mac($$) {
my ($token, $mac) = @_;
return (hash($token . Echolot::Globals::get()->{'storage'}->get_secret() ) eq $mac);
};
sub make_address($) {
my ($subsystem) = @_;
my $token = $subsystem.'='.time();
my $hash = hash($token . Echolot::Globals::get()->{'storage'}->get_secret() );
my $cut_hash = substr($hash, 0, Echolot::Config::get()->{'hash_len'});
my $complete_token = $token.'='.$cut_hash;
my $address = Echolot::Config::get()->{'my_localpart'}.
Echolot::Config::get()->{'recipient_delimiter'}.
$complete_token.
'@'.
Echolot::Config::get()->{'my_domain'};
return $address;
};
sub verify_address_tokens($) {
my ($address) = @_;
my $delimiter = quotemeta( Echolot::Config::get()->{'recipient_delimiter'});
my ($type, $timestamp, $received_hash) = $address =~ /$delimiter (.*) = (\d+) = ([0-9a-f]+) @/x or
cluck("Could not parse to header '$address'"),
return undef;
my $token = $type.'='.$timestamp;
my $hash = Echolot::Tools::hash($token . Echolot::Globals::get()->{'storage'}->get_secret() );
my $cut_hash = substr($hash, 0, Echolot::Config::get()->{'hash_len'});
($cut_hash eq $received_hash) or
cluck("Hash mismatch in '$address'"),
return undef;
return
{ timestamp => $timestamp,
token => $type };
};
sub send_message(%) {
my (%args) = @_;
defined($args{'To'}) or
cluck ('No recipient address given'),
return 0;
$args{'Subject'} = '' unless (defined $args{'Subject'});
$args{'Body'} = '' unless (defined $args{'Body'});
if (defined $args{'Token'}) {
$args{'From'} = make_address( $args{'Token'} );
} else {
$args{'From'} =
Echolot::Config::get()->{'my_localpart'}.
'@'.
Echolot::Config::get()->{'my_domain'};
};
$args{'Subject'} = 'none' unless (defined $args{'Subject'});
open(SENDMAIL, '|'.Echolot::Config::get()->{'sendmail'}.' -f '.$args{'From'}.' -t')
or cluck("Cannot run sendmail: $!"),
return 0;
printf SENDMAIL "From: %s\n", $args{'From'};
printf SENDMAIL "To: %s\n", $args{'To'};
printf SENDMAIL "Subject: %s\n", $args{'Subject'};
printf SENDMAIL "\n";
for my $line (@lines) {
print SENDMAIL $line;
};
close SENDMAIL;
return 1;
};
1;
# vim: set ts=4 shiftwidth=4:
|