X-Git-Url: https://the.earth.li/gitweb/?a=blobdiff_plain;f=autodns.pl;h=fa4e09b6a337cb4005e18f1a2b62d126ad5e3571;hb=f42fd5611d122bd25736db2acb453aad297feb91;hp=11f6b3180e5d1224d7dedb8743437d3aa53ca328;hpb=5f0439a6a86532cb421881271a37539d224aaafd;p=autodns.git diff --git a/autodns.pl b/autodns.pl index 11f6b31..fa4e09b 100755 --- a/autodns.pl +++ b/autodns.pl @@ -5,10 +5,11 @@ # http://www.earth.li/projectpurple/progs/autodns.html # Released under the GPL. # -# $Id: autodns.pl,v 1.12 2005/05/31 12:20:23 noodles Exp $ +# $Id: autodns.pl,v 1.15 2005/06/15 10:26:25 noodles Exp $ # use strict; +use Date::Parse; use Fcntl qw(:flock); use File::Temp qw(tempfile); use IPC::Open3; @@ -21,7 +22,7 @@ my ($user, $server, $inprocess, $delcount, $addcount); my ($domain, @MAIL, @GPGERROR, @COMMANDS, %zones, $VERSION); use vars qw($me $ccreply $conffile $domainlistroot @cfgfiles $usersfile - $lockfile $reload_command); + $lockfile $reload_command $expiry); $VERSION="0.0.8"; @@ -73,7 +74,7 @@ sub valid_domain($) { my $domain = shift; $domain = lc $domain; - if ($domain =~ /^(?:[a-z0-9-]+\.)+[a-z]{2,4}$/) { + if ($domain =~ /^(?:[a-z0-9-]+\.)+[a-z]{2,6}$/) { return 1; } elsif ($domain =~ /^(?:[0-9\/-]+\.)+in-addr.arpa$/) { return 1; @@ -254,7 +255,7 @@ if ($entity->parts) { my $pid = open3(\*GPGIN, \*GPGOUT, \*GPGERR, "gpg --batch"); # Feed it the mail. - print GPGIN @MAIL; + print GPGIN $entity->bodyhandle->as_string; close GPGIN; # And grab what it has to say. @@ -267,10 +268,12 @@ if ($entity->parts) { # Check who it's from and if the signature was a good one. $gpggood=1; +my $sigtime = 0; foreach (@GPGERROR) { chomp; - if (/Signature made.* (.*)$/) { - $gpguser=$1; + if (/Signature made (.*) using.*ID (.*)$/) { + $sigtime = str2time($1); + $gpguser=$2; } elsif (/error/) { $gpggood = 0; print REPLY "Some errors ocurred\n"; @@ -299,6 +302,21 @@ if ($gpggood) { exit; } +# Check if the signature is outside our acceptable range. +if (!defined($sigtime)) { + print REPLY "Couldn't parse signature time.\n"; + close REPLY; + exit; +} elsif ($sigtime > (time + $expiry)) { + print REPLY "Signature too far into the future.\n"; + close REPLY; + exit; +} elsif ($sigtime < (time - $expiry)) { + print REPLY "Signature too far into the past.\n"; + close REPLY; + exit; +} + # Now let's check if we know this person. ($user, $priv, $server) = getuserinfo($gpguser); @@ -483,6 +501,10 @@ zone \"$domain\" { print REPLY "LIST - show all the zones currently held by you.\n"; print REPLY "ADD - adds the domain for processing.\n"; print REPLY "DEL - removes the domain if you own it.\n"; + if (($priv & 1) == 1) { + print REPLY "MASTER - set the nameserver". + " we should slave off for subsequent ADD commands.\n"; + } } elsif ($inprocess) { print REPLY "Unknown command!\n"; }