X-Git-Url: https://git.deb.at/w?a=blobdiff_plain;f=t-prot;h=e2b36cff8acaa8b236ddc84531a46a835117e7de;hb=1fad38b45847876c7e396a986aed602b167fb34d;hp=7cd2da49933093cff207274dc41e1e6f13c894c1;hpb=9a69a9aaad35184ed236f415208041bf19e747e3;p=pkg%2Ft-prot.git diff --git a/t-prot b/t-prot index 7cd2da4..e2b36cf 100755 --- a/t-prot +++ b/t-prot @@ -1,470 +1,1086 @@ #!/usr/bin/perl -w -# $Id: t-prot,v 1.51 2002/03/23 10:47:32 jochen Exp $ +# $Id: t-prot,v 1.267 2009/12/30 21:34:16 jochen Exp $ -require 5.005; +require 5.006; use strict; +use Fcntl qw(O_EXCL O_WRONLY O_CREAT); use Getopt::Mixed qw(nextOption); +use constant VER => '2.10'; +use constant REV => ''; +use constant REL => q$Revision: 1.267 $=~m/(\d+(?:\.\d+)+)/; +# MTA expecting mail on STDIN +# (you might have to adjust this if using a different MTA) +use constant SENDMAIL => '/usr/sbin/sendmail -oi'; +# From +# (you might have to adjust those if your libc wants different values) +use constant EX_OK => 0; +use constant EX_USAGE => 64; +use constant EX_DATAERR => 65; +use constant EX_UNAVAILABLE => 69; +use constant EX_SOFTWARE => 70; +use constant EX_IOERR => 74; +use constant EX_BOUNCE => EX_UNAVAILABLE; use vars qw( - $VER $REV $REL - $EX_OK $EX_USAGE $EX_DATAERR $EX_UNAVAILABLE $EX_BOUNCE - $ad $ads $boun $cr $diff $elli $footers $hdrs $indent $lsig $maxsig - $mda $ml $ms $mua $ofile $sendmail $sig $sysl $trad $trsp + $ad $ads $bigqn $bigqx $boun $check $check_ratio $cr $diff $elli + $footers $ftr_ad $ftr_ml $hdrs $indent $kamm $kdiff $kminl $kmaxl + $lax $lsig $maxsig $maxlines $mda $ml $gw $ms $ms_smart $msg_quote + $msg_ratio $mua $nohdr $ofile $pgpshort $pgpmove $pgpmovevrf $sig + $sigint $sign $spass $spass_prefix $sysl $trad $trsp + + $gpg_WARNING $gpg_Warning $gpg_Cantcheck $gpg_aka $gpg_bad + $gpg_expired $gpg_good $gpg_bug + + $mutt_attachment $mutt_contenttype $mutt_pgpsigned $mutt_beginsigned + $mutt_pgpclearsigned $mutt_pgpclearsigstart $mutt_pgpencrypted + $mutt_pgpoutstart $mutt_pgpoutend ); -# Version info -$VER = '0.54'; -$REV = ''; -$REL = q$Revision: 1.51 $; chop($REL); -# From -# (you might have to adjust those if not using GNU libc) -$EX_OK = 0; -$EX_USAGE = 64; -$EX_DATAERR = 65; -$EX_UNAVAILABLE = 69; -$EX_BOUNCE = $EX_UNAVAILABLE; -# Please adjust these vals to your needs: -$maxsig = 4; # max. valid signature length -$indent = '>'; # Indent string, regexp to identify a quoted line -$sendmail = '/usr/sbin/sendmail -oi'; # MTA expecting mail on STDIN -$boun = "Blocked by $0: This user does not accept TOFUed email. Please see and for more info. Have a nice day!\n"; -$ofile = '-'; # use STDOUT if nothing is specified +# Please adjust these vals to your needs (they are no constants because +# command line can change them or they are used in rexexp's): +$0 =~ s!^.*/!!; +$maxsig = 4; # max. valid signature length +$maxlines = undef; # no limit of message lines +$indent = '>'; # Indent string, regexp to identify a quoted line +$kminl = 65; # see decomb() for details +$kmaxl = 80; +$kdiff = 20; +$pgpshort = 0; # hide pgp key ids if set +$pgpmove = 0; # move pgp output to bottom if set +$pgpmovevrf = 0; +$sign = 1; # max number of sigs tolerated, undef for no limit +$boun = "Blocked by $0: This user does not accept TOFUed email. Please see and for more info. Have a nice day!\n"; +$ftr_ad = undef; # too hard on performance to be default +$ftr_ml = undef; # too hard on performance to be default +$ofile = '-'; # use STDOUT if nothing is specified +$spass_prefix = 'SPAM: '; +$check_ratio = .75; # 3/4 tofu is enough not to accept the message +$msg_quote = "Blocked by $0: This message has been rejected because of a full quote. Please see http://learn.to/quote/ and http://www.escape.de/users/tolot/mutt/ for more info. Have a nice day!\n"; +$msg_ratio = "Blocked by $0: This message has been rejected because of excessive quoting. Please see http://learn.to/quote/ and http://www.escape.de/users/tolot/mutt/ for more info. Have a nice day!\n"; # end of user adjusted vals +# set the defaults to the C locale +$mutt_attachment = '[-- Attachment #'; +$mutt_contenttype = '[-- Type: '; +$mutt_pgpsigned = '[-- End of signed data --]'; +$mutt_beginsigned = '[-- The following data is signed --]'; +$mutt_pgpclearsigstart = '[-- BEGIN PGP SIGNED MESSAGE --]'; +$mutt_pgpclearsigned = '[-- END PGP SIGNED MESSAGE --]'; +$mutt_pgpencrypted = '[-- End of PGP/MIME encrypted data --]'; +$mutt_pgpoutstart = '[-- PGP output follows (current time:'; +$mutt_pgpoutend = '[-- End of PGP output --]'; + +# set the defaults to the C locale +$gpg_WARNING = 'WARNING: '; +# (yes, the translations in gnupg's po files *are* braindamaged): +$gpg_Warning = 'WARNING: '; +$gpg_Cantcheck = 'Can\'t check signature: '; +$gpg_aka = ' aka '; +$gpg_bad = 'BAD signature from '; +$gpg_expired = 'Note: This key has expired!'; +$gpg_good = 'Good signature from'; +# (actually, this bugs me quite often since upgrading gpg from v1.0.7): +$gpg_bug = '... this is a bug ('; + + # help(): print help text and exit with appropriate exit code sub help { print "Usage: $0 [options] - -a remove ad footers; requires -A -A=DIRECTORY ad footer directory, treat ad footers as signature + -a remove ad footers; requires -A + --bigq[=n[,x]] remove all but x lines of quotes with more than n + lines; default is n=30 and x=10 + --body input has no headers; does not work with --pgp-short; + multipart messages will not be detected -c merge multiple blank lines + --check[=FLAGS] check various criteria, print error message and quit; + see man page for details -d, --debug print notice to syslog when bouncing; requires -p --diff tolerate diffs appended *after* the signature -e force ellipsis for excessive punctuation + --ftr-ad enable aggressive ad footer matching; requires -A + --ftr-ml enable aggressive mailing list footer matching; req. -L + --groupwise delete Novell Groupwise style TOFU -h, --help show this short help and exit -i=INFILE file to be read; '-' for STDIN (default) - -L=DIRECTORY mailling list footer directory, treat mailing list + -k try to fix \"Kammquotes\" + --kminl=n min. line length for wrapped line; requires -k + --kmaxl=n max. line length for wrapped line; requires -k + --kdiff=n max. length difference between wrapped lines; req. -k + -L=DIRECTORY mailing list footer directory, treat mailing list footers as signature -l delete mailing list footer; requires -L + --lax-security use unsafe writing method; USE ON YOUR OWN RISK! + --locale=LOCALE internationalization; currently only used with -Mmutt -M, --mua=MUA turn on special treatment for some mail user agents -m delete MS style TOFU; careful: might be too agressive - -o=OUTFILE file to be written to; '-' for STDOUT (default) + --max-lines=x maximum number of message lines + --ms-smart try to be smart with MS style TOFU; req. -Mmutt and -m + -o=OUTFILE file to be written to; '-' for STDOUT (default), 'NONE' + for no output at all -P=MESSAGE user defined bounce message; requires -p - -p=ADDRESS redirect to ADDRESS if no TOFU was found + -p[=ADDRESS] redirect to ADDRESS if no TOFU was found + --pgp-move move pgp verification output to bottom; requires -Mmutt + --pgp-move-vrf move pgp output if verified and good; requires -Mmutt + --pgp-short hide non-relevant pgp key uids; requires -Mmutt -r delete mail header lines -S[=n] supress signatures with more than n lines; default is $maxsig if n not specified -s delete signature + --sigsmax[=n] max number of sigs tolerated, no value for unlimited + --spass enable SpamAssassin workaround -t delete traditional style TOFU -v, --version show version string and exit -w delete trailing whitespaces\n"; - exit($EX_USAGE); + exit(EX_USAGE); } # version(): print version info and exit with appropriate exit code sub version { - print "$0 v$VER$REV ($REL), Jochen Striepe + print "$0 v".VER.REV." (Rev. ".REL."), Jochen Striepe Get the latest version at \n"; - exit($EX_OK); + exit(EX_OK); +} + +# sigint_handler(): what to do if we receive a single SIGINT +sub sigint_handler { + $sigint = 1; } # remove_footers(): remove any trailing appearance of footers contained # in the given directory. sub remove_footers { - my $L = shift; # array of message lines - my $S = shift; # array to store removed lines in - my $F = shift; # footers dir name - my $O = shift; # remove only one footer? - - if ($F && scalar(@$L)) { - opendir(DIR, $F) || die "Could not open $F: $!"; - my @feet = grep { /^[^.]/ && -f "$F/$_" } readdir DIR; - closedir DIR; - - foreach my $f (@feet) { - open(IN, "$F/$f") || die "Could not open $F/$f: $!"; - my @l = ; - close IN; - - while (scalar(@l)<=scalar(@$L)) { - my $y = 0; - for(my $x=1; $x<=scalar(@l); $x++) { - chomp($l[scalar(@l)-$x]); - if (index($$L[scalar(@$L)-$x], $l[scalar(@l)-$x])!=0) { - $y = 1; - } - } - if (!$y) { - unshift(@$S, @$L[$#$L-$#l..$#$L]); - splice(@$L, $#$L-$#l); - while (scalar(@$L) && $$L[$#$L] =~ /^\s*$/) { - unshift(@$S, pop(@$L)); - } - if ($O) { last; } - } - else { last; } - } - } - } + my $L = shift; # array of message lines + my $S = shift; # array to store removed lines in + my $F = shift; # footers dir name + my $O = shift; # remove only one footer? + my $V = shift; # allow footers match before end of message + my $off; + + if (!defined $V) { + for ($off = 0; $#$L>=$off && $$L[$#$L-$off] =~ /^\s*$/; $off++) {;}; + } + + if ($F && scalar(@$L)) { + if (!opendir(DIR, $F)) + { print STDERR "Could not open $F: $!\n"; exit(EX_IOERR); } + my @feet = grep { /^[^.]/ && -f "$F/$_" } readdir DIR; + closedir DIR; + + foreach my $f (@feet) { + if (!open(IN, "$F/$f")) + { print STDERR "Could not open $F/$f: $!\n"; exit(EX_IOERR); } + my @l = ; + close IN; + + if (!scalar(@l)) { next; } + for (my $z=0; $z<=$#l; $z++) { chomp($l[$z]); } + + if (defined $V) { + WIPE: for (my $z=scalar(@$L)-scalar(@l); $z>=0; $z--) { + if (scalar(@l)+$z<=scalar(@$L)) { + my $y = 0; + for(my $x=1; $x<=scalar(@l); $x++) { + if (index($$L[scalar(@$L)-$x-$z], + $l[scalar(@l)-$x])!=0) { + $y = 1; + } + } + if (!$y) { + unshift(@$S, @$L[$#$L-$#l-$z..$#$L]); + splice(@$L, $#$L-$#l-$z); + while (scalar(@$L) && $$L[$#$L] =~ /^\s*$/) { + unshift(@$S, pop(@$L)); + } + if ($O) { last; } else { goto WIPE; } + } + } + } + } + else { + while (scalar(@l)<=scalar(@$L)) { + for(my $x=1; $x<=scalar(@l); $x++) { + if (index($$L[scalar(@$L)-$x-$off], $l[scalar(@l)-$x])!=0) { + goto FINISH; + } + } + unshift(@$S, @$L[$#$L-$off-$#l..$#$L]); + splice(@$L, $#$L-$off-$#l); + while (scalar(@$L) && $$L[$#$L] =~ /^\s*$/) { + unshift(@$S, pop(@$L)); + } + if ($O) { last; } + } + FINISH: + } + } + } +} + +# decomb(): Try to detect and fix zig-zag shaped quoting (a.k.a. German +# "Kammquoting"). +sub decomb { + my $L = shift; # array of message lines + my $V = shift; # array with verbatim list + my $max = 0; # plausible wraparound pos + + # We scan the whole message first for a plausible common maximum line + # length where longer lines would be wrapped. + for (my $x=0; $x<$#$L; $x++) { + if ($$V[$x]!=1 && $max$max || + (index($$L[$x+1], ' ')<0 && + length($$L[$x])+length($$L[$x+1])>$max)) && + (length($$L[$x])+length($$L[$x+1])<$kmaxl) && + (length($$L[$x])+length($$L[$x+1])>$kminl) && + (length($$L[$x])-length($$L[$x+1])>$kdiff) && + ($$L[$x+2] !~ /^\s*$/)) + { + $$L[$x] =~ s/\s*$/' ' . $$L[$x+1]/e; + splice(@$L, $x+1, 1); + splice(@$V, $x+1, 1); + } + } +} + +# debigq(): Finds big quotes (more than $n lines quoted) and deletes all +# but $x lines of them. +sub debigq { + my $L = shift; # array of message lines + my $V = shift; # array with verbatim list + my $k = 0; + + for (my $i=0; $i<=$#$L; $i++) { + + if ($$V[$i]) { + $k = 0; + next; + } + + if (index($$L[$i], $indent)==0) { $k++; } else { + if ($k>$bigqn) { + my $x = $k-$bigqx; + $i -= $k; + + $$L[$i] = "[---=| Quote block shrinked by $0: " . + "$x lines snipped |=---]\n"; + $i++; + splice(@$L, $i, $x-1); + splice(@$V, $i, $x-1); + + $i++; + } + $k = 0; + } + } +} + +# pgp(): treat mutt(1)'s pgp/gpg output contained in signed or encrypted +# messages +sub pgp { + + sub verified { + my $L = shift; # message body + my $X = shift; # start line + my $Z = shift; # end line + + my $ok = 0; + + while ($X<$Z) { + if (index($$L[$X], "gpg: $gpg_WARNING")==0 || + index($$L[$X], "gpg: $gpg_Warning")==0 || + index($$L[$X], "gpg: $gpg_bad")==0 || + index($$L[$X], "gpg: $gpg_Cantcheck")==0 || + index($$L[$X], "gpg: $gpg_expired")==0 || + index($$L[$X], "gpg: $gpg_bug")==0) + { return 0; } + if (index($$L[$X], "gpg: $gpg_good")==0) + { $ok = 1; } + $X++; + } + + return $ok; + } + + my $L = shift; # message body + my $V = shift; # verbatim list + my $H = shift; # headers + + my @tmp = (); + my $tmp = 0; + + for (my $x=0; $x1 && + index($$L[$i], "gpg: $gpg_aka")==0 && + index($$L[$i], $from)<0) + { + splice(@$L, $i, 1); + splice(@$V, $i, 1); + $i--; + } + elsif ($$L[$i]=~/^(?:\e[^\a]+\a)?(?:\Q$mutt_pgpoutend\E)/o) + { + if ($pgpmove || + ($pgpmovevrf && (!$sigint) && verified($L, $x+1, $i))) + { + push(@{$tmp[++$tmp]}, "\n", @$L[$x..($i+1)]); + splice(@$L, $x, $i-$x+2); + splice(@$V, $x, $i-$x+2); + $i -= $#{$tmp[$tmp]}-2; + } + $x = $i; + last; + } + } + } + elsif ($tmp && + $$L[$x] =~ /^ + (?:\e[^\a]+\a)? + (?:\Q$mutt_pgpencrypted\E | + \Q$mutt_pgpclearsigned\E| + \Q$mutt_pgpsigned\E) + /ox) + { + splice(@$L, $x+1, 0, @{$tmp[$tmp]}); + for (my $i=$x; $i0) { + push(@$L, @{$tmp[$tmp--]}); + pop(@tmp); + for (my $i=$#$V; $i<$#$L; $i++) { push(@$V, 0); } + } } # write_msg(): output sub write_msg { - my $O = shift; - my $l; - - open(OUT, $O) || die "Could not open $O: $!"; - while (scalar(@_)) { - $l = shift; - if (defined $l) { - $^W = 0; - print OUT @$l; - $^W = 1; - } - } - close OUT; + my $O = shift; + my $l; + + if ((!$lax) && ($O =~ /^>(.*)/) && ($1 ne '-')) { + if (!sysopen(OUT, $1, O_EXCL|O_CREAT|O_WRONLY)) { + print STDERR "Could not open $1: $!\n"; exit(EX_IOERR); + } + } + elsif (!open(OUT, $O)) { + print STDERR "Could not open $O: $!\n"; exit(EX_IOERR); + } + while (scalar(@_)) { + $l = shift; + if (defined $l) { + $^W = 0; + print OUT @$l; + $^W = 1; + } + } + close OUT; } # process_msg(): This one proc does *everything* what has to be done with # the lines of the message sub process_msg { - my $lines = shift; - - my ($j, $x, $verb) = (0, 0, 0); - my (@ads, @hdr, @bo1, @bo2, @ftr, @sig, @vrb, @att) = - ((), (), (), (), (), (), (), (), ()); - - # First, remove and store lines we might need later... - # Remove headers: - for ($x=0; $x<$#$lines; $x++) { if (@$lines[$x] =~ /^$/) { last; }; } - @hdr = @$lines[0..$x]; - splice(@$lines, 0, $x+1); - - # See if we have a multipart content type. If yes, see if it is already - # ripped (e.g. by mutt(1)), otherwise only leave the first part if it - # is plain text (if not, we are done - non-text messages are not our - # business). - if (lc($mua) ne 'mutt') { - for ($x=0; $x=scalar(@$lines)) { exit($EX_DATAERR); } - - if ($bar =~ /^text\/plain/i) { - my $z; - for ($z=1; $x+$z<@$lines; $z++) { - if (index($$lines[$x+$z], '--'.$foo)==0) { - last; - } - } - if ($x+$z>=scalar(@$lines)) { exit($EX_DATAERR); } - - @bo2 = @$lines[$x+$z..$#$lines]; - splice(@$lines, $x+$z); - if ($$lines[$#$lines] =~ /^\s*$/) { - unshift(@bo2, pop @$lines); - } - @bo1 = @$lines[0..$x]; - splice(@$lines, 0, $x+1); - last; - } - else { - write_msg(($mda?"|$sendmail $mda":">$ofile"), - ($hdrs?undef:\@hdr), $lines); - exit; - } - } - } - } - last; - } - } - } - - - # Protect verbatims: - $verb = 0; - for ($x=0; $x[]*\[-- Attachment #(\d+)(: .*)? --\]\s*$/ && - (($1 ne '1') || - ($x[]*\[-- Type: text\/plain/))) || - ($$lines[$x] =~ /^[^>[]*\[-- End of .* data --\]\s*$/)) - { - @att = @$lines[$x..$#$lines]; - splice(@$lines, $x); - if (scalar(@$lines) && $$lines[$#$lines] =~ /^\s*$/) { - unshift(@att, pop(@$lines)); - } - last; - } - } - - # Pipe message/rfc822 parts to another instance of process_msg() - # for further processing. - # Please note that we cannot see what a hierarchy the original - # message had -- if there were message/rfc822 parts within other - # message/rfc822 parts constellations can occur which we cannot - # resolve. Therefore we simply do not even try to be smart. This - # should work for most situations: - if (scalar(@att)) { - for ($x=0; $x<$#att; $x++) { - if ($vrb[scalar(@$lines)+$x]) { next; } - # The following regexp is quite ugly because for most - # users the line is coloured using termcap... (bah!) - if ($att[$x]=~/^[^>[]*\[-- Attachment #\d+(: .*)? --\]\s*$/ && - $att[$x+1] =~ /^[^>[]*\[-- Type: message\/rfc822/) - { - $x += 2; - while ($att[$x] !~ /^\s*$/) { $x++; } - $x++; - - my @tmp = @att[$x..$#att]; - process_msg(\@tmp); - splice(@att, $x, scalar(@att)-$x, @tmp); - } - } - } - } - - # Remove ML footers: - remove_footers($lines, \@ftr, $footers, undef); - - # Remove ad footers: - remove_footers($lines, \@ads, $ads, undef); - - # Remove signature: - if (scalar(@$lines)) { - for ($x=0; $x$lsig))) { - if ($lsig && !$sig) { - push(@sig, "[---=| Overlong signature removed by $0: " . - (scalar(@$lines)-$x) . " lines snipped |=---]\n"); - } - splice(@$lines, $x); - } - elsif ($#$lines-$x<=($lsig?$lsig:$maxsig)) { - @sig = @$lines[$x..$#$lines]; - splice(@$lines, $x); - } - last; - } - } - } - - # Now care about TOFU. - # One common mispractice is M$ style TOFU: - if ($ms) { - # bloat this array if you want more internationalization: - my @tofu = ('Original Message', - 'Ursprüngliche Nachricht', - 'Ursprungliche Nachricht', - 'Mensagem original'); - - DONE: for ($x=0; $x=0; $x--) { - if ((!$vrb[$x]) && $$lines[$x] =~ /^\s*$/) { - if ($t<2) { $t++; } else { splice(@$lines, $x, 1); } - } - else { $t = 0; } - } - } - - # Everything changing the body is done now. Time to fix the line count - # header so naive clients do not get confused. Just to be sure, append - # the old line count to X-headers. - my $l = scalar(@bo1) + scalar(@$lines) + scalar(@att) + scalar(@bo2) + - (!$sig?scalar(@sig):0) + (!$ml?scalar(@ftr):0) + - (!$ad?scalar(@ads):0); - for ($x=0; $x=scalar(@$lines)) { exit(EX_DATAERR); } + + if ($bar =~ m!^text/plain!) { + my $z; + for ($z=1; $x+$z<@$lines; $z++) { + if (index($$lines[$x+$z], '--'.$foo)==0) { + last; + } + } + if ($x+$z>=scalar(@$lines)) { exit(EX_DATAERR); } + + @bo2 = @$lines[$x+$z..$#$lines]; + splice(@$lines, $x+$z); + if ($$lines[$#$lines] =~ /^\s*$/) { + unshift(@bo2, pop @$lines); + } + @bo1 = @$lines[0..$x]; + splice(@$lines, 0, $x+1); + + # remove mailing list and ad footers within this + # attachment: + remove_footers($lines, \@ftr, $footers, undef, $ftr_ml); + remove_footers($lines, \@ads, $ads, undef, $ftr_ad); + + last; + } + else { + write_msg(($mda?'|'.SENDMAIL." $mda":">$ofile"), + ($hdrs?undef:\@hdr), $lines); + exit; + } + } + } + } + last; + } + } + } + + + # Protect verbatims: + $verb = 0; + for ($x=0; $x=$check_ratio) { + print $msg_ratio; + exit EX_UNAVAILABLE; + } + } + + if ($mua eq 'mutt') { + # See if we find pgp output generated by mutt before we scramble + # the thing. If yes, see if we can beautify it. + if ($pgpshort || $pgpmove || $pgpmovevrf) { pgp($lines, \@vrb, \@hdr); } + + # Remove all but the first attachment (if this is text/plain) + # mutt did introduce (bah!). Remember, all this ugliness could + # be replaced with a proper and clean edit_filter patch in + # mutt(1) itself... + for ($x=$#$lines; $x>=0; $x--) { + if ($vrb[$x]) { next; } + # The following regexp's are quite ugly because for most users + # these lines are coloured using termcap... (bah!) + if (($$lines[$x] =~ + /^(?:\e[^\a]+\a)?\Q$mutt_attachment\E(\d+)/o && + (($1 ne '1') || + ($x<$#$lines && + $$lines[$x+1] !~ m!^ + (?:\e[^\a]+\a)? + (?:\Q$mutt_contenttype\E) + (?:text/plain|application/pgp) + !ox))) || + ($$lines[$x] =~ /^ + (?:\e[^\a]+\a)? + (?:\Q$mutt_pgpsigned\E | + \Q$mutt_pgpclearsigned\E| + \Q$mutt_pgpencrypted\E) + /ox)) + { + # Strip attachments to prepare further processing + unshift(@att, @$lines[$x..$#$lines]); + splice(@$lines, $x); + # Try to fix trailing empty lines + while (scalar(@$lines) && $$lines[$#$lines] =~ + /^(?:\e[^\a]+\a)?\s*$/) { + unshift(@att, pop(@$lines)); + } + + # Remove ML and ad footers within attachments: + my @tmp; + if ($ml) { remove_footers($lines, \@tmp, $footers, undef); } + if ($ad) { remove_footers($lines, \@tmp, $ads, undef); } + $x = scalar(@$lines); + } + } + + # care about the rest + if (scalar(@att)) { + for ($x=0; $x<$#att; $x++) { + if ($vrb[scalar(@$lines)+$x]) { next; } + + # Pipe message/rfc822 parts to another instance of + # process_msg() for further processing. + # Please note that we cannot see what a hierarchy the + # original message had -- if there were message/rfc822 + # parts within other message/rfc822 parts constellations + # can occur which we cannot resolve. Therefore we simply + # do not even try to be smart. This should work for most + # situations. + # The following regexp is quite ugly because for most + # users the line is coloured using termcap... (bah!) + if ($att[$x] =~ + /^(?:\e[^\a]+\a)?\Q$mutt_attachment\E\d+/o && + $att[$x+1] =~ m!^ + (?:\e[^\a]+\a)? + (?:\Q$mutt_contenttype\E) (?:message/rfc822|multipart/alternative) + !ox) + { + $x += 2; + while ($att[$x] !~ /^\s*$/) { $x++; } + $x++; + + my @tmp = @att[$x..$#att]; + process_msg(\@tmp); + splice(@att, $x, scalar(@att)-$x, @tmp); + $x += scalar(@tmp); + } + } + } + } + + # Remove signature: + if (scalar(@$lines)) { + my $sn = 0; + my $chk_empty = 1; + my $empty = 0; + + for ($x = $#$lines; $x>=0; $x--) { + if (!$vrb[$x]) { + if ($$lines[$x] =~ /^-- $/) { + if ($diff) { + for (my $i=1; $x+$i+1$lsig))) { + if ($lsig && !$sig) { + unshift(@sig, "[---=| Overlong signature removed by $0: " . + (scalar(@$lines)-$x) . " lines snipped |=---]\n"); + } + splice(@$lines, $x); + } + else { + unshift(@sig, @$lines[$x..$#$lines]); + splice(@$lines, $x); + } + if (defined($sign) && ++$sn==$sign) { last; } else { next; } + } + # any trailing newlines? + elsif ($chk_empty && $$lines[$x] =~ /^\s*$/) { $empty++; } + elsif ($chk_empty) { $chk_empty = 0; } + } + } + } + + # See if there is some Kammquoting to fix: + if ($kamm) { decomb($lines, \@vrb); } + + # Now care about TOFU. + # One common mispractice is M$ and Groupwise style TOFU: + if ($ms||$gw) { + # bloat this array if you want more internationalization: + my @tofu = ('Original Message', + 'Original-Nachricht', + 'Ursprüngliche Nachricht', + 'Ursprüngliche Nachricht', + 'Ursprungliche Nachricht', + 'Mensagem original', + 'Ursprungligt meddelande', + 'Oorspronkelijk bericht', + 'Message d\'origine', + 'Forwarded message', + 'Weitergeleitete Nachricht / Forwarded Message'); + my $k = 0; # any text above? + my $tmp = 0; # flagged if inside PGP output + + DONE: for ($x=0; $x>>[^\<]+<[^\>]+> \d\d?\/\d\d?\/\d\d? \d\d?:\d\d [AP]M >>>/ || + $$lines[$x] =~ /^>>> On [A-Z][a-z][a-z]?, [A-Z][a-z][a-z]? \d\d?, \d\d\d\d at [ \d]\d:\d\d [AP]M, in message/))) { + $x++; + $trad = 0; + $bigqn = 0; + last DONE; + } + } + + if ((!$k) && $$lines[$x] !~ /^\s*$/o && + ((!$mua) || + ($mua eq 'mutt' && + $$lines[$x] !~ + /^(?:\e[^\a]+\a)?(?:\Q$mutt_attachment\E)/o && + $$lines[$x] !~ + /^(?:\e[^\a]+\a)?(?:\Q$mutt_contenttype\E)/o)) && + ((!$spass) || index($$lines[$x], $spass_prefix)!=0)) + { + if ($mua eq 'mutt' && (!$tmp) && + $$lines[$x] =~ + /^(?:\e[^\a]+\a)?(?:\Q$mutt_pgpoutstart\E)/o) { + $tmp = 1; + } elsif ($mua eq 'mutt' && $tmp && + ($$lines[$x] =~ + /^(?:\e[^\a]+\a)?(?:\Q$mutt_beginsigned\E)/o || + $$lines[$x] =~ + /^(?:\e[^\a]+\a)?(?:\Q$mutt_pgpclearsigstart\E)/o)) { + $tmp = 0; + } elsif (!$tmp) { + $k = 1; + } + } + } + } + + # try to avoid false positives and only delete m$ style tofu if + # there is text above + if ($k) { + if (!$ms_smart) { goto CLEAN; } + + # first, see if there is pgp stuff inside the tofu: + my $p = 0; # levels of pgp signed parts + + for (my $i=$x+1; $i=0; $i--) { + if ($$lines[$i] =~ /^$indent/o) { + $j++; + $k = $i; + } + elsif ($$lines[$i] !~ /^\s*$/) { last; } + } + + if ($j) { + # if there is no text above, we will assume the message is meant + # as forwarding and therefore OK + for (my $i=$k-1; $i>=0; $i--) { + if ($$lines[$i] !~ /^\s*$/o) { + $x = 0; + last; + } + } + if ($x) { + $j = 0; + } else { + splice(@$lines, $k); + } + } + } + + # OK, if we found TOFU, we will leave a message that we were here... + if ($j) { + # make sendmail bounce if we shall be picky + # and indeed found something: + if ($mda) { + if ($mda ne '1') { + print STDERR $boun; + + if ($sysl) { + eval { require Sys::Syslog; }; + if ($@) { warn $@; } else { + Sys::Syslog::setlogsock('unix'); + Sys::Syslog::openlog("$0[$$]", 'pid', 'mail'); + Sys::Syslog::syslog('debug', 'bounced message %s', $hdr[0]); + Sys::Syslog::closelog(); + } + } + } + + exit EX_BOUNCE; + } + + # if we were invoked just for checking and indeed found something, + # print out the error message and quit: + if ($check) { + print $msg_quote; + exit EX_UNAVAILABLE; + } + + push(@$lines, "[---=| TOFU protection by $0: " . + "$j lines snipped |=---]\n"); + } + elsif ($mda eq '1') { exit EX_OK; } + + # Care for huge blocks of quoted original message: + if ($bigqn) { debigq($lines, \@vrb); } + + # Care for trailing whitespaces: + if ($trsp) { + for ($x=0; $x=0; $x--) { + if ((!$vrb[$x]) && $$lines[$x] =~ /^\s*$/) { + if ($t<2) { $t++; } else { splice(@$lines, $x, 1); } + } + else { $t = 0; } + } + } + + # Everything changing the body is done now. Time to fix the line count + # header so naive clients do not get confused. Just to be sure, append + # the old line count to X-headers. + my $l = scalar(@bo1) + scalar(@$lines) + scalar(@att) + scalar(@bo2) + + (!$sig?scalar(@sig):0) + (!$ml?scalar(@ftr):0) + + (!$ad?scalar(@ads):0); + if ($linecount-$l!=0) { + for ($x=0; $xd diff help>h mua>M version>v'); +Getopt::Mixed::init('a A=s c d e h i=s k L=s l m M=s o=s P=s p:s r S:i'. + ' s t v w bigq:s body check:s debug>d diff ftr-ad ftr-ml groupwise'. + ' help>h kminl=i kmaxl=i kdiff=i lax-security locale=s max-lines=i'. + ' ms-smart mua>M pgp-short pgp-move pgp-move-vrf sigsmax:i spass'. + ' version>v'); while (my ($opt, $val, $pretty) = nextOption()) { - if ($opt eq 'a') { $ad = 1; } - elsif ($opt eq 'A') { $ads = $val; } - elsif ($opt eq 'c') { $cr = 1; } - elsif ($opt eq 'd') { $sysl = 1; } - elsif ($opt eq 'diff') { $diff = 1; } - elsif ($opt eq 'e') { $elli = 1; } - elsif ($opt eq 'i') { $ifile = $val; } - elsif ($opt eq 'L') { $footers = $val; } - elsif ($opt eq 'l') { $ml = 1; } - elsif ($opt eq 'm') { $ms = 1; } - elsif ($opt eq 'M') { $mua = $val; } - elsif ($opt eq 'o') { $ofile = $val; } - elsif ($opt eq 'P') { $boun = $val; } - elsif ($opt eq 'p') { $mda = $val; } - elsif ($opt eq 'r') { $hdrs = 1; } - elsif ($opt eq 'S') { $lsig = $val ? $val : $maxsig; } - elsif ($opt eq 's') { $sig = 1; } - elsif ($opt eq 't') { $trad = 1; } - elsif ($opt eq 'v') { version(); } - elsif ($opt eq 'w') { $trsp = 1; } - else { help(); } + if ($opt eq 'a') { $ad = 1; } + elsif ($opt eq 'A') { $ads = $val; } + elsif ($opt eq 'bigq') { + if ($val !~ /^(?:(\d+)(?:,(\d+))?)?$/) { help(); } + $bigqn = $1?$1:30; + $bigqx = $2?$2:10; + if ($bigqn<=0 || $bigqx<=0 || $bigqn<=$bigqx) { help(); } + } + elsif ($opt eq 'body') { $nohdr = 1; $hdrs = 1; } + elsif ($opt eq 'c') { $cr = 1; } + elsif ($opt eq 'check') { + $check = 1; + while ($val && $val =~ s/^([^,\s]+)(?:,(\S+))?$/$2/) { + my $foo = $1; + + if ($foo =~ /^ratio=(0?\.\d+)$/) { + $check_ratio = $1?$1:1; + } + } + } + elsif ($opt eq 'd') { $sysl = 1; } + elsif ($opt eq 'diff') { $diff = 1; } + elsif ($opt eq 'e') { $elli = 1; } + elsif ($opt eq 'ftr-ad') { $ftr_ad = 1; $ad = 1; } + elsif ($opt eq 'ftr-ml') { $ftr_ml = 1; $ml = 1; } + elsif ($opt eq 'groupwise') { $gw = 1; } + elsif ($opt eq 'i') { $ifile = $val; } + elsif ($opt eq 'k') { $kamm = 1; } + elsif ($opt eq 'kminl') { $kminl = $val; $kamm = 1; } + elsif ($opt eq 'kmaxl') { $kmaxl = $val; $kamm = 1; } + elsif ($opt eq 'kdiff') { $kdiff = $val; $kamm = 1; } + elsif ($opt eq 'L') { $footers = $val; } + elsif ($opt eq 'l') { $ml = 1; } + elsif ($opt eq 'lax-security') { $lax = 1; } + elsif ($opt eq 'locale') { $locale = $val; } + elsif ($opt eq 'm') { $ms = 1; } + elsif ($opt eq 'max-lines') { $maxlines = $val; } + elsif ($opt eq 'ms-smart') { $ms_smart = 1; $ms = 1; } + elsif ($opt eq 'M') { + $mua = lc($val); + + if ($mua eq 'mutt') { + # mutt still displays the message when ^C'ing pgp verification: + $SIG{'INT'} = 'sigint_handler'; + } + } + elsif ($opt eq 'o') { $ofile = $val; } + elsif ($opt eq 'P') { $boun = $val; } + elsif ($opt eq 'p') { $mda = $val ? $val : '1'; } + elsif ($opt eq 'pgp-short') { $pgpshort = 1; } + elsif ($opt eq 'pgp-move') { $pgpmove = 1; } + elsif ($opt eq 'pgp-move-vrf') { $pgpmovevrf = 1; } + elsif ($opt eq 'r') { $hdrs = 1; } + elsif ($opt eq 'S') { $lsig = $val ? $val : $maxsig; } + elsif ($opt eq 's') { $sig = 1; } + elsif ($opt eq 'sigsmax') { $sign = $val ? $val : undef; } + elsif ($opt eq 'spass') { $spass = 1; } + elsif ($opt eq 't') { $trad = 1; } + elsif ($opt eq 'v') { version(); } + elsif ($opt eq 'w') { $trsp = 1; } + else { help(); } } Getopt::Mixed::cleanup(); -if (($ml && $footers eq '')||($ad && $ads eq '')) { help(); } +if (($ml && $footers eq '')|| # no -l without -L + ($ad && $ads eq '')|| # no -a without -A + ($nohdr && $pgpshort)|| # --body and --pgp-short are like oil and water + ($ifile eq '')|| # no empty -i + ($ofile eq '')) # no empty -o +{ help(); } + + +if ($mua eq 'mutt') { + if (defined $locale && $locale ne '' && $locale ne 'C' && $locale ne 'POSIX') { + eval { require Locale::gettext; }; + if ($@) { warn $@; exit(EX_SOFTWARE); } else { + Locale::gettext::textdomain('mutt'); + ($mutt_attachment) = + Locale::gettext::gettext("[-- Attachment #%d") =~ + m/^([^%]*)/; + ($mutt_contenttype) = + Locale::gettext::gettext("[-- Type: %s/%s, Encoding: %s, Size: %s --]\n") =~ + m/^([^%]*)/; + ($mutt_pgpsigned) = + Locale::gettext::gettext("[-- End of signed data --]\n") =~ + m/^(.*)\n/m; + ($mutt_beginsigned) = + Locale::gettext::gettext("[-- The following data is signed --]\n\n") =~ + m/^(.*)\n/m; + ($mutt_pgpclearsigned) = + Locale::gettext::gettext("[-- END PGP SIGNED MESSAGE --]\n") =~ + m/^(.*)\n/m; + ($mutt_pgpclearsigstart) = + Locale::gettext::gettext("[-- BEGIN PGP SIGNED MESSAGE --]\n") =~ + m/^(.*)\n/m; + ($mutt_pgpencrypted) = + Locale::gettext::gettext("[-- End of PGP/MIME encrypted data --]\n") =~ + m/^(.*)\n/m; + ($mutt_pgpoutstart) = + Locale::gettext::gettext("[-- PGP output follows (current time: %c) --]\n") =~ + m/^([^%]*)/; + ($mutt_pgpoutend) = + Locale::gettext::gettext("[-- End of PGP output --]\n") =~ + m/^(.*)\n/m; + + Locale::gettext::textdomain('gnupg'); + ($gpg_WARNING) = + Locale::gettext::gettext("WARNING: using insecure random number generator!!\n") =~ + m/^([^:]*: )/; + ($gpg_Warning) = + Locale::gettext::gettext("WARNING: message was encrypted with a weak key in the symmetric cipher.\n") =~ + m/^([^:]*: )/; + ($gpg_Cantcheck) = + Locale::gettext::gettext("Can't check signature: %s\n") =~ + m/^([^%]*)/; + ($gpg_aka) = + Locale::gettext::gettext((' 'x16).'aka "%s"') =~ + m/^([^"«%]*)["«%]/; + ($gpg_bad) = + Locale::gettext::gettext('BAD signature from "%s"') =~ + m/^([^"«%]*)["«%]/; + ($gpg_expired) = + Locale::gettext::gettext("Note: This key has expired!\n") =~ + m/^(.*)\n/m; + ($gpg_good) = + Locale::gettext::gettext('Good signature from "%s"') =~ + m/^(([^"«%]*))["«%]/; + ($gpg_bug) = + Locale::gettext::gettext("... this is a bug (%s:%d:%s)\n") =~ + m/^([^%]*)/; + } + } + +} +else { + if ($ms_smart || $pgpshort || $pgpmove || $pgpmovevrf) { help(); } +} # Read message: -open(IN, $ifile) || die "Could not open $ifile: $!"; +if (!open(IN, $ifile)) + { print STDERR "Could not open $ifile: $!\n"; exit(EX_IOERR); } my @message = ; close IN; +# First, check msg length and stop processing if msg is too long: +if ((defined $maxlines) && (@message > $maxlines)) { + if ($ofile ne 'NONE') { + write_msg(($mda?'|'.SENDMAIL." $mda":">$ofile"), \@message); + } + exit(EX_DATAERR); +} + # this should be self-explanatory: process_msg(\@message); # Finally, print clean lines: -write_msg(($mda?"|$sendmail $mda":">$ofile"), \@message); +if ($ofile ne 'NONE') { + write_msg(($mda?'|'.SENDMAIL." $mda":">$ofile"), \@message); +} +# vim600:set foldmethod=marker: # eof