INN commit: trunk (7 files)
INN Commit
rra at isc.org
Tue Jul 12 09:51:29 UTC 2011
Date: Tuesday, July 12, 2011 @ 02:51:28
Author: iulius
Revision: 9240
controlchan: use convdate instead of DateTime::Format::Mail
* Adapt commit [9238] to no longer have a dependency to the Perl module
DateTime::Format::Mail. Use convdate instead.
* On a date parsing failure, controlchan no longer dies and rejects the
message (which will be actually process only with the "-c" flag disactivating
the cutoff check).
* Add a "-c" flag to controlchan to disable the cutoff check.
* Also add a "-h" flag to print basic usage information.
* Convert controlchan man page into POD:
- mention control.ctl.local;
- document the "-c" and "-h" flags;
- document the need for the Perl modules Encode and MIME::Parser;
- add an example of how to manually invoke controlchan.
Added:
trunk/doc/pod/controlchan.pod
Modified:
trunk/MANIFEST
trunk/control/controlchan.in
trunk/doc/man/ (properties)
trunk/doc/pod/Makefile
trunk/m4/perl.m4
Deleted:
trunk/doc/man/controlchan.8
-------------------------+
MANIFEST | 1
control/controlchan.in | 103 ++++++++++++++++++++++++++++++----------------
doc/man/controlchan.8 | 80 -----------------------------------
doc/pod/Makefile | 3 -
doc/pod/controlchan.pod | 90 ++++++++++++++++++++++++++++++++++++++++
m4/perl.m4 | 1
6 files changed, 162 insertions(+), 116 deletions(-)
Modified: MANIFEST
===================================================================
--- MANIFEST 2011-07-11 15:11:01 UTC (rev 9239)
+++ MANIFEST 2011-07-12 09:51:28 UTC (rev 9240)
@@ -238,6 +238,7 @@
doc/pod/cnfsheadconf.pod Master file for cnfsheadconf.8
doc/pod/cnfsstat.pod Master file for cnfsstat.8
doc/pod/control.ctl.pod Master file for control.ctl.5
+doc/pod/controlchan.pod Master file for controlchan.8
doc/pod/convdate.pod Master file for convdate.1
doc/pod/ctlinnd.pod Master file for ctlinnd.8
doc/pod/cvtbatch.pod Master file for cvtbatch.8
Modified: control/controlchan.in
===================================================================
--- control/controlchan.in 2011-07-11 15:11:01 UTC (rev 9239)
+++ control/controlchan.in 2011-07-12 09:51:28 UTC (rev 9240)
@@ -30,12 +30,13 @@
## :<pathbin>/controlchan
require 5.004_03;
-use DateTime::Format::Mail;
use Encode;
+use Getopt::Std;
use MIME::Parser;
use strict;
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+$0 =~ s!.*/!!;
# globals
my ($cachedctl, $curmsgid);
@@ -43,6 +44,16 @@
my $use_syslog = 0;
my $debug = 0;
+my $usage = "usage: $0 [-ch]\n\n" .
+ "Reads stdin for file names or tokens.\n\n" .
+ " -c Disables cutoff on dates.\n" .
+ " -h Giveis this usage information.\n";
+
+my %opt;
+getopts("ch", \%opt) || die $usage;
+
+die $usage if defined $opt{'h'};
+
# setup logging ###########################################################
# do not log to syslog if stderr is connected to a console
if (not -t 2) {
@@ -107,44 +118,46 @@
next;
}
- # Make sure old control articles are not replayed.
- # Use a loose date parser (not strict).
- my ($postingdate, $injectiondate);
- my $dateparser = DateTime::Format::Mail->new( 'loose' => 1 );
- my $currentdate = DateTime->now();
+ if (not defined $opt{'c'}) {
+ # Make sure old control articles are not replayed.
+ my ($postingdate, $injectiondate);
- # Parse date header fields. We will take the oldest date.
- if ($hdr{'date'}) {
- $postingdate = $dateparser->parse_datetime($hdr{'date'});
- } else {
- logmsg('Missing Date: header field');
- $parser->filer->purge;
- next;
- }
- if ($hdr{'injection-date'}) {
- $injectiondate = $dateparser->parse_datetime($hdr{'injection-date'});
- } else {
- $injectiondate = $postingdate;
- }
+ # Parse date header fields. We will take the oldest date.
+ if ($hdr{'date'}) {
+ $postingdate = int(convdate('-n', "$hdr{'date'}"));
+ } else {
+ logmsg('Missing Date: header field');
+ $parser->filer->purge;
+ next;
+ }
+ if ($hdr{'injection-date'}) {
+ $injectiondate = int(convdate('-n', "$hdr{'injection-date'}"));
+ } else {
+ $injectiondate = $postingdate;
+ }
- my $articledate = ($postingdate < $injectiondate) ? $postingdate : $injectiondate;
+ my $articledate = ($postingdate < $injectiondate) ? $postingdate : $injectiondate;
- my $mindate = $currentdate->clone->subtract( 'days' => $INN::Config::artcutoff );
- my $maxdate = $currentdate->clone->add( 'days' => 1 );
+ # Compute the allowed interval of time:
+ # artcutoff days in the past, one day in the future.
+ my $currentdate = int(convdate('-n'));
+ my $mindate = $currentdate - $INN::Config::artcutoff * 86400;
+ my $maxdate = $currentdate + 86400;
- if ($articledate > $maxdate) {
- logmsg('Control article injected or posted in the future ('
- . $articledate->datetime() . ')');
- $parser->filer->purge;
- next;
- }
+ if ($articledate > $maxdate) {
+ logmsg('Control article injected or posted in the future ('
+ . convdate('-d', '-c', "$articledate") . ')');
+ $parser->filer->purge;
+ next;
+ }
- if ($INN::Config::artcutoff > 0 && $articledate < $mindate) {
- logmsg('Control article too old ('
- . $articledate->datetime() . '), artcutoff set to '
- . $INN::Config::artcutoff . ' days');
- $parser->filer->purge;
- next;
+ if ($INN::Config::artcutoff > 0 && $articledate < $mindate) {
+ logmsg('Control article too old ('
+ . convdate('-d', '-c', "$articledate")
+ . '), artcutoff set to ' . $INN::Config::artcutoff . ' days');
+ $parser->filer->purge;
+ next;
+ }
}
$curmsgid = $hdr{'message-id'};
@@ -556,6 +569,28 @@
logdie('ctlinnd returned status ' . ($st & 255)) if $st > 0;
}
+# Run convdate on the given arguments.
+# The result can be numeric (with -n) or a string (with -d).
+sub convdate {
+ my (@args) = @_;
+ my $result = 0;
+
+ my $pid = open(my $CONVDATE, '-|');
+ logdie("Cannot fork: $!") if $pid < 0;
+ if ($pid == 0) {
+ # exec() properly escapes its arguments to prevent shell injection.
+ exec("$INN::Config::pathbin/convdate", @args) or
+ logdie("Cannot exec convdate: $!");
+ } else {
+ $result = <$CONVDATE>;
+ close($CONVDATE);
+ }
+
+ $result = 0 if not $result;
+ chomp $result;
+ return $result;
+}
+
sub shlock {
my $lockfile = shift;
Property changes on: trunk/doc/man
___________________________________________________________________
Modified: svn:ignore
- active.5
active.times.5
actsync.8
archive.8
auth_krb5.8
batcher.8
buffchan.8
buffindexed.conf.5
ckpasswd.8
cnfsheadconf.8
cnfsstat.8
control.ctl.5
convdate.1
ctlinnd.8
cvtbatch.8
cycbuff.conf.5
distrib.pats.5
distributions.5
docheckgroups.8
domain.8
expire.ctl.5
expire.8
expireover.8
expirerm.8
fastrm.1
getlist.1
grephistory.1
ident.8
incoming.conf.5
inews.1
inn.conf.5
INN__Config.3pm
innbind.8
inncheck.8
innconfval.1
innd.8
inndf.8
innfeed.conf.5
innfeed.8
innmail.1
innupgrade.8
innxmit.8
libauth.3
libinnhist.3
libstorage.3
list.3
mailpost.8
makedbz.8
makehistory.8
mod-active.8
moderators.5
motd.news.5
newsfeeds.5
news.daily.8
news2mail.8
newslog.5
newsgroups.5
ninpaths.8
nnrpd.8
nntpsend.8
nntpsend.ctl.5
ovdb.5
ovdb_init.8
ovdb_monitor.8
ovdb_server.8
ovdb_stat.8
overchan.8
passwd.nntp.5
perl-nocem.8
pgpverify.1
prunehistory.8
pullnews.1
qio.3
radius.8
radius.conf.5
rc.news.8
readers.conf.5
rnews.1
sasl.conf.5
scanlogs.8
send-uucp.8
sendinpaths.8
shlock.1
simpleftp.1
sm.1
storage.conf.5
subscriptions.5
tally.control.8
tdx-util.8
tinyleaf.8
tst.3
uwildmat.3
+ active.5
active.times.5
actsync.8
archive.8
auth_krb5.8
batcher.8
buffchan.8
buffindexed.conf.5
ckpasswd.8
cnfsheadconf.8
cnfsstat.8
control.ctl.5
controlchan.8
convdate.1
ctlinnd.8
cvtbatch.8
cycbuff.conf.5
distrib.pats.5
distributions.5
docheckgroups.8
domain.8
expire.ctl.5
expire.8
expireover.8
expirerm.8
fastrm.1
getlist.1
grephistory.1
ident.8
incoming.conf.5
inews.1
inn.conf.5
INN__Config.3pm
innbind.8
inncheck.8
innconfval.1
innd.8
inndf.8
innfeed.conf.5
innfeed.8
innmail.1
innupgrade.8
innxmit.8
libauth.3
libinnhist.3
libstorage.3
list.3
mailpost.8
makedbz.8
makehistory.8
mod-active.8
moderators.5
motd.news.5
newsfeeds.5
news.daily.8
news2mail.8
newslog.5
newsgroups.5
ninpaths.8
nnrpd.8
nntpsend.8
nntpsend.ctl.5
ovdb.5
ovdb_init.8
ovdb_monitor.8
ovdb_server.8
ovdb_stat.8
overchan.8
passwd.nntp.5
perl-nocem.8
pgpverify.1
prunehistory.8
pullnews.1
qio.3
radius.8
radius.conf.5
rc.news.8
readers.conf.5
rnews.1
sasl.conf.5
scanlogs.8
send-uucp.8
sendinpaths.8
shlock.1
simpleftp.1
sm.1
storage.conf.5
subscriptions.5
tally.control.8
tdx-util.8
tinyleaf.8
tst.3
uwildmat.3
Deleted: doc/man/controlchan.8
===================================================================
--- doc/man/controlchan.8 2011-07-11 15:11:01 UTC (rev 9239)
+++ doc/man/controlchan.8 2011-07-12 09:51:28 UTC (rev 9240)
@@ -1,80 +0,0 @@
-.\" $Revision$
-.TH CONTROLCHAN 8
-.SH NAME
-controlchan \- channel\-fed control message handler
-.SH SYNOPSIS
-.B controlchan
-.SH DESCRIPTION
-.I Controlchan
-removes the responsibility for handling control messages
-(except cancels) from
-.IR innd (8)
-and instead processes them from a channel or file feed.
-To reduce load,
-.I controlchan
-keeps a copy of
-.I control.ctl
-in memory and checks permissions (including any required PGP headers) before any
-scripts are called. Also, the default (``bad message'') case is handled
-internally. The ``drop'' case is handled with far less fuss.
-.PP
-Normally,
-.I controlchan
-is invoked by
-.IR innd (8)
-as configured in
-.IR newsfeeds .
-An example entry is below. Make sure that you've created the newsgroup
-control.cancel so that
-.I controlchan
-doesn't have to scan through cancels, which it won't process anyway.
-.sp 1
-.in +0.5i
-.nf
-controlchan!\\
- :!*,control,control.*,!control.cancel\\
- :AC,Tc,Wnsm\\
- :<pathbin in inn.conf>/controlchan
-.fi
-.in -0.5i
-.sp 1
-Note that in the (very, very unlikely) event that you need to process
-ihave/sendme control messages, be sure that
-.I logipaddr
-is set to false in
-.IR inn.conf ,
-because in this case controlchan needs a site name, not an IP address.
-.sp 1
-.I Controlchan
-tries to report all log messages through
-.IR syslog (3),
-unless connected to an interactive terminal. To enable
-.IR syslog (3)'ing
-for versions of Perl prior to 5.6.0,
-you will need to have run ``h2ph'' on your
-system include files at some point (this is required to
-make ``Sys::Syslog'' work). If you have not done so, do this:
-.sp 1
-.nf
-.in +0.5i
-cd /usr/include
-h2ph * sys/*
-.in -0.5i
-.fi
-.sp 1
-If you run FreeBSD, you will need to run the following in addition:
-.sp 1
-.nf
-.in +0.5i
-h2ph machine/*
-.in -0.5i
-.fi
-.SH HISTORY
-Written by Katsuhiro Kondou <kondou at nec.co.jp> for InterNetNews.
-.de R$
-This is revision \\$3, dated \\$4.
-..
-.R$ $Id$
-.SH "SEE ALSO"
-control.ctl(5),
-inn.conf(5).
Modified: doc/pod/Makefile
===================================================================
--- doc/pod/Makefile 2011-07-11 15:11:01 UTC (rev 9239)
+++ doc/pod/Makefile 2011-07-12 09:51:28 UTC (rev 9240)
@@ -31,7 +31,7 @@
MAN8 = ../man/actsync.8 ../man/archive.8 ../man/auth_krb5.8 \
../man/batcher.8 ../man/buffchan.8 \
../man/ckpasswd.8 ../man/cnfsheadconf.8 ../man/cnfsstat.8 \
- ../man/ctlinnd.8 ../man/cvtbatch.8 ../man/docheckgroups.8 \
+ ../man/controlchan.8 ../man/ctlinnd.8 ../man/cvtbatch.8 ../man/docheckgroups.8 \
../man/domain.8 ../man/expire.8 ../man/expireover.8 \
../man/expirerm.8 ../man/ident.8 \
../man/innbind.8 ../man/inncheck.8 ../man/innd.8 ../man/inndf.8 \
@@ -118,6 +118,7 @@
../man/ckpasswd.8: ckpasswd.pod ; $(POD2MAN) -s 8 $? > $@
../man/cnfsheadconf.8: cnfsheadconf.pod ; $(POD2MAN) -s 8 $? > $@
../man/cnfsstat.8: cnfsstat.pod ; $(POD2MAN) -s 8 $? > $@
+../man/controlchan.8: controlchan.pod ; $(POD2MAN) -s 8 $? > $@
../man/ctlinnd.8: ctlinnd.pod ; $(POD2MAN) -s 8 $? > $@
../man/cvtbatch.8: cvtbatch.pod ; $(POD2MAN) -s 8 $? > $@
../man/docheckgroups.8: docheckgroups.pod ; $(POD2MAN) -s 8 $? > $@
Added: doc/pod/controlchan.pod
===================================================================
--- doc/pod/controlchan.pod (rev 0)
+++ doc/pod/controlchan.pod 2011-07-12 09:51:28 UTC (rev 9240)
@@ -0,0 +1,90 @@
+=head1 NAME
+
+controlchan - Channel-fed control message handler
+
+=head1 SYNOPSIS
+
+B<controlchan> [B<-ch>]
+
+=head1 DESCRIPTION
+
+B<controlchan> removes the responsibility for handling control messages
+(except cancels) from B<innd> and instead processes them from a channel
+or file feed.
+
+The two Perl modules C<Encode> and C<MIME::Parser> are required by
+B<controlchan>.
+
+To reduce load, B<controlchan> keeps a copy of F<control.ctl> and
+F<control.ctl.local> in memory and checks permissions (including any required
+PGP headers) before any scripts are called. These two configuration
+files are automatically reloaded when B<controlchan> notices they have
+been modified. Also, the default case of an unrecognized control article
+is handled internally. The C<drop> case is handled with far less fuss.
+
+Normally, B<controlchan> is invoked by B<innd> as configured in F<newsfeeds>.
+An example entry is below. Make sure that the newsgroup C<control.cancel>
+exists so that B<controlchan> does not have to scan through cancels,
+which it will not be processing anyway.
+
+ controlchan!\
+ :!*,control,control.*,!control.cancel\
+ :AC,Tc,Wnsm\
+ :<pathbin in inn.conf>/controlchan
+
+B<controlchan> can also be manually invoked with a mere path to a file
+(containing a complete control article with its headers and its body)
+or a token on its standard input:
+
+ echo '/path/to/a/control/article' | controlchan
+ echo '@0303465234000000000000235AE000000002@' | controlchan
+
+Note that in the (very, very unlikely) event that you need to process
+ihave/sendme control messages, be sure that I<logipaddr> is set to false
+in F<inn.conf>, because in this case B<controlchan> needs a site name,
+not an IP address.
+
+B<controlchan> tries to report all log messages through syslog(3),
+unless connected to an interactive terminal. To enable syslog(3)'ing for
+versions of Perl prior to 5.6.0, you will need to have run B<h2ph> on your system
+include files at some point (this is required to make C<Sys::Syslog> work).
+If you have not done so, do this:
+
+ cd /usr/include
+ h2ph * sys/*
+
+If you run FreeBSD, you will need to run the following in addition:
+
+ h2ph machine/*
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-c>
+
+By default, B<controlchan> does not process articles whose Date:
+or Injection-Date: header fields are too far in the past (more than
+I<artcutoff> days, as set in F<inn.conf>) or one day in the future.
+It allows to prevent a malicious replay of old control articles.
+
+Using the B<-c> flag disables this check on the cutoff date.
+
+=item B<-h>
+
+Gives usage information.
+
+=back
+
+=head1 HISTORY
+
+Written by Katsuhiro Kondou <kondou at nec.co.jp> for InterNetNews. Converted to
+POD by Julien Elie.
+
+$Id$
+
+=head1 SEE ALSO
+
+control.ctl(5), inn.conf(5).
+
+=cut
Property changes on: trunk/doc/pod/controlchan.pod
___________________________________________________________________
Added: svn:keywords
+ Author Date Id Revision
Added: svn:eol-style
+ native
Modified: m4/perl.m4
===================================================================
--- m4/perl.m4 2011-07-11 15:11:01 UTC (rev 9239)
+++ m4/perl.m4 2011-07-12 09:51:28 UTC (rev 9240)
@@ -48,7 +48,6 @@
dnl We also check for useful Perl modules.
INN_PATH_PROG_ENSURE([PERL], [perl])
_INN_PERL_VERSION(5.004_03)
-INN_PERL_MODULE([DateTime::Format::Mail], [controlchan])
INN_PERL_MODULE([Encode], [controlchan])
INN_PERL_MODULE([GD], [innreport's HTML output])
INN_PERL_MODULE([MIME::Parser], [controlchan])
More information about the inn-committers
mailing list