| Deutsch English Français Italiano |
|
<sut4f3$ava$1@backup.pasdenom.info> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!weretis.net!feeder8.news.weretis.net!pasdenom.info!pi2.pasdenom.info!.POSTED.2a01:e0a:21:ea80:8c5e:af88:67a7:ff9a!not-for-mail
From: yamo' <yamo@beurdin.invalid>
Newsgroups: fr.comp.usenet.serveurs
Subject: Re: Serveur pi et Cancel-Key / Cancel-Lock
Date: Sun, 20 Feb 2022 11:17:07 +0100
Organization: pasdenom.info Tests INN 2.6.4 raspbian Bullseye
Message-ID: <sut4f3$ava$1@backup.pasdenom.info>
References: <sdjecb$r3j$1@pi2.pasdenom.info> <sdjg6s$t5b$1@dont-email.me>
<sdobpk$id4$1@pi2.pasdenom.info> <sdocr4$9pe$1@dont-email.me>
<sdr7hm$28v6$1@pasdenom.info> <sds6k2$2nsj$1@pasdenom.info>
<sducah$3of4$1@pasdenom.info> <se6h8q$gjr$1@news.trigofacile.com>
<se8tbu$1jrr$1@pasdenom.info> <slrnsgkh1f.10v9.gerald.niel+spam@home.niel.me>
Reply-To: yamo@groumpf.org
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 20 Feb 2022 10:17:08 -0000 (UTC)
Injection-Info: backup.pasdenom.info; posting-account="stephane"; posting-host="2a01:e0a:21:ea80:8c5e:af88:67a7:ff9a";
logging-data="11242"; mail-complaints-to="abuse@pasdenom.info"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
Firefox/68.0 SeaMonkey/2.53.10.2
Cancel-Lock: sha256:88bzMU0CB1FAMbs1gv90FYRatO/jHBoCfQUgCnLQyV0=
In-Reply-To: <slrnsgkh1f.10v9.gerald.niel+spam@home.niel.me>
Bytes: 5116
Lines: 127
Salut,
Désolé, je réponds à un vieux post du 04/08/2021 à 09:39!
Mais j'ai enfin l'opportunité de tester les modifications proprement...
Gérald Niel a écrit dans le message
<slrnsgkh1f.10v9.gerald.niel+spam@home.niel.me>
<http://al.howardknight.net/?STYPE=msgid&MSGI=%3Cslrnsgkh1f.10v9.gerald.niel%2Bspam%40home.niel.me%3E>
:
> https://home.gegeweb.org/rfc8315.html
>
> filter_nnrpd.pl pour ajouter les cancel-lock/key quand l'utilisateur
> ou l'utilisatrice du serveur poste un article
Ok, j'ai enfin réussit à appliquer le sha256 (cf entêtes de ce post).
> cleanfeed.local (si tu utilises cleanfeed) pour vérifier les clef et
> décider quoi faire.
Je suis en train d'apporter les modifications.
Pour information, voici mes modifications sur les logs (pour avoir
quelque chose de plus lisible dans INNReport).
Aux erreurs près de fins de ligne à cause du formatage du message...
###Cancel-Lock
# https://home.gegeweb.org/rfc8315.html
sub verify_cancel($$$) {
my $r_hdr = shift || die;
my $target = shift;
my $descr = shift;
my $headers = INN::head($target);
if (!$headers){
saveart('bad.cancel',"$descr of non-existing ID $target");
return "$descr of non-existing ID";
}
my %headers;
for my $line(split(/\s*\n/, $headers)) {
if ($line =~ m/^([[:alnum:]-]+):\s+(.*)/) {
$headers{$1} = $2;
}
}
my $lock = $headers{'Cancel-Lock'};
if (defined($lock)) {
my $key = $r_hdr->{'Cancel-Key'} || return "$descr of $target
without Cancel-Key";
#return verify_cancel_key($key, $lock, ' target=' . $target);
return verify_cancel_key($key, $lock, $target);
} else {
# -thh
# no cancel-lock: go ahead and cancel anyway!
INN::cancel($target);
}
return undef;
}
###Cancel-Lock
# https://home.gegeweb.org/rfc8315.html
sub verify_cancel_key($$$) {
my $cancel_key = shift;
my $cancel_lock = shift;
my $msg = shift;
$msg = '' unless(defined($msg));
# -thh
my $target = $msg;
$msg = ' target=' . $msg;
my %lock;
for my $l(split(/\s+/, $cancel_lock)) {
# next unless($l =~ m/^(sha1|md5):(\S+)/);
next unless($l =~ m/^(sha512|sha256|sha1|md5):(\S+)/);
$lock{$2} = $1;
}
for my $k(split(/\s+/, $cancel_key)) {
# unless($k =~ m/^(sha1|md5):(\S+)/) {
unless($k =~ m/^(sha512|sha256|sha1|md5):(\S+)/) {
saveart('bad.cancel',"Invalid Cancel-Key syntax '$k'.$msg");
INN::syslog('info', "Invalid Cancel-Key syntax '$k'.$msg");
next;
}
my $key;
if ($1 eq 'sha512') {
$key = sha512_base64($2);
}
elsif ($1 eq 'sha256') {
$key = sha256_base64($2);
}
elsif ($1 eq 'sha1') {
$key = sha1_base64($2);
}
elsif ($1 eq 'md5') {
$key = md5_base64($2);
}
$key = pad_b64digest($key);
# $key = MIME::Base64::encode_base64($key, '');
if (exists($lock{$key})) {
INN::syslog('info', "Valid Cancel-Key $key found.$msg");
# -thh
# article is canceled now
INN::cancel($target) if ($target);
return undef;
}
}
saveart('bad.cancel', "No Cancel-Key[$cancel_key] matches
Cancel-Lock[$cancel_lock]$msg");
INN::syslog('info',
"No Cancel-Key[$cancel_key] matches Cancel-Lock[$cancel_lock]$msg"
);
return "No Cancel-Key matches Cancel-Lock.$msg";
}
--
Stéphane