X-Git-Url: https://the.earth.li/gitweb/?a=blobdiff_plain;f=autodns.pl;h=fa4e09b6a337cb4005e18f1a2b62d126ad5e3571;hb=f42fd5611d122bd25736db2acb453aad297feb91;hp=11f6b3180e5d1224d7dedb8743437d3aa53ca328;hpb=5f0439a6a86532cb421881271a37539d224aaafd;p=autodns.git

diff --git a/autodns.pl b/autodns.pl
index 11f6b31..fa4e09b 100755
--- a/autodns.pl
+++ b/autodns.pl
@@ -5,10 +5,11 @@
 # http://www.earth.li/projectpurple/progs/autodns.html
 # Released under the GPL.
 #
-# $Id: autodns.pl,v 1.12 2005/05/31 12:20:23 noodles Exp $
+# $Id: autodns.pl,v 1.15 2005/06/15 10:26:25 noodles Exp $
 #
 
 use strict;
+use Date::Parse;
 use Fcntl qw(:flock);
 use File::Temp qw(tempfile);
 use IPC::Open3;
@@ -21,7 +22,7 @@ my ($user, $server, $inprocess, $delcount, $addcount);
 my ($domain, @MAIL, @GPGERROR, @COMMANDS, %zones, $VERSION);
 
 use vars qw($me $ccreply $conffile $domainlistroot @cfgfiles $usersfile
-	$lockfile $reload_command);
+	$lockfile $reload_command $expiry);
 
 $VERSION="0.0.8";
 
@@ -73,7 +74,7 @@ sub valid_domain($) {
 	my $domain = shift;
 	$domain = lc $domain;
 
-	if ($domain =~ /^(?:[a-z0-9-]+\.)+[a-z]{2,4}$/) {
+	if ($domain =~ /^(?:[a-z0-9-]+\.)+[a-z]{2,6}$/) {
 		return 1;
 	} elsif ($domain =~ /^(?:[0-9\/-]+\.)+in-addr.arpa$/) {
 		return 1;
@@ -254,7 +255,7 @@ if ($entity->parts) {
 	my $pid = open3(\*GPGIN, \*GPGOUT, \*GPGERR, "gpg --batch");
 
 	# Feed it the mail.
-	print GPGIN @MAIL;
+	print GPGIN $entity->bodyhandle->as_string;
 	close GPGIN;
 
 	# And grab what it has to say.
@@ -267,10 +268,12 @@ if ($entity->parts) {
 
 # Check who it's from and if the signature was a good one.
 $gpggood=1;
+my $sigtime = 0;
 foreach (@GPGERROR) {
 	chomp;
-	if (/Signature made.* (.*)$/) {
-		$gpguser=$1; 
+	if (/Signature made (.*) using.*ID (.*)$/) {
+		$sigtime = str2time($1);
+		$gpguser=$2; 
 	} elsif (/error/) {
 		$gpggood = 0;
 		print REPLY "Some errors ocurred\n";
@@ -299,6 +302,21 @@ if ($gpggood) {
 	exit;
 }
 
+# Check if the signature is outside our acceptable range.
+if (!defined($sigtime)) {
+	print REPLY "Couldn't parse signature time.\n";
+	close REPLY;
+	exit;
+} elsif ($sigtime > (time + $expiry)) {
+	print REPLY "Signature too far into the future.\n";
+	close REPLY;
+	exit;
+} elsif ($sigtime < (time - $expiry)) {
+	print REPLY "Signature too far into the past.\n";
+	close REPLY;
+	exit;
+}
+
 # Now let's check if we know this person.
 ($user, $priv, $server) = getuserinfo($gpguser);
 
@@ -483,6 +501,10 @@ zone \"$domain\" {
 		print REPLY "LIST - show all the zones currently held by you.\n";
 		print REPLY "ADD <domain> - adds the domain <domain> for processing.\n";
 		print REPLY "DEL <domain> - removes the domain <domain> if you own it.\n";
+		if (($priv & 1) == 1) {
+			print REPLY "MASTER <ip address> - set the nameserver".
+			" we should slave off for subsequent ADD commands.\n";
+		}
 	} elsif ($inprocess) {
 		print REPLY "Unknown command!\n";
 	}