diff -Nru schleuder-2.1.1/bin/schleuder schleuder-2.2.1/bin/schleuder --- schleuder-2.1.1/bin/schleuder 2014-09-29 05:49:25.000000000 +0000 +++ schleuder-2.2.1/bin/schleuder 2012-06-12 09:08:13.000000000 +0000 @@ -1,4 +1,7 @@ -#!/usr/bin/env ruby1.8 +#!/usr/bin/env ruby + +# Don't show warnings, $stdout is being watched by the MTA. +$VERBOSE = nil # TODO: # - make code comments rdoc-compatible. @@ -9,8 +12,8 @@ def usage puts "Usage: -#{File.basename($0)} listname < email -#{File.basename($0)} -test [listname]" +#{File.basename($0)} [-c baseconfig] listname < email +#{File.basename($0)} [-c baseconfig] -test [listname]" exit 1 end @@ -39,19 +42,55 @@ $:.unshift File.dirname(__FILE__) + '/../lib' require 'schleuder' begin - Schleuder.log.debug "I've been called, starting up..." - arg = ARGV.shift - if arg == '-test' + if arg == '-c' + Schleuder.config(ARGV.shift) + arg = ARGV.shift + end + Schleuder.log.debug "I've been called, starting up..." + case arg + when '-test' process_test(ARGV) - elsif arg =~ /[A-Za-z0-9]+/ - process_list(arg.gsub(/-(sendkey|bounces)$/, '')) + when /(-h|--help)/ + usage + when /[A-Za-z0-9]+/ + process_list(arg.gsub(/-(sendkey|bounces|request|owner)(@|$)/, '\2')) else usage end rescue SystemExit => e exit e.status +rescue Errno::EACCES => e + msg = [e.message, e.backtrace].flatten.join("\n") + $stderr.puts "File permission error: %s" % msg + begin + Schleuder.log.fatal e + rescue + begin + Log4r::Logger['log4r'].error e + rescue + end + end + exit 1 rescue Exception => e - Schleuder.log.fatal e rescue puts e.inspect + begin + # Log4r mutes all outputters on first exception so if this rescues from a + # Log4r-error we can't expect the raise of a second exception here. + # Unfortunately there's no direct way to identify exceptions from Log4r + # because it throws StandardErrors and we're subclassing. + callerfile = e.backtrace.first.split(':').first.split('/').last rescue '' + if e.class == StandardError && + ['listlogger.rb', 'schleuderlogger.rb'].include?(callerfile) + raise e + else + Schleuder.log.fatal e + end + rescue => f + msg1 = "Logger exception: #{f}\n#{f.backtrace.join("\n")}" + msg2 = "...while trying to log this exception: #{e}\n#{f.backtrace.join("\n")}" + Log4r::Logger['log4r'].error { "#{msg1}\n\n#{msg2}" } + $stderr.puts(f.message) if $stderr.tty? + end + $stderr.puts "A serious error occurred, please notify the administrators of this list or server!" exit 1 end diff -Nru schleuder-2.1.1/bin/schleuder-fix-gem-dependencies schleuder-2.2.1/bin/schleuder-fix-gem-dependencies --- schleuder-2.1.1/bin/schleuder-fix-gem-dependencies 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/bin/schleuder-fix-gem-dependencies 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,30 @@ +#!/usr/bin/env ruby + +# We need to install one more gem depending on the used ruby-version. +# Unfortunately this isn't possible inside of rubygems, therefore we do it +# here. + +require 'rubygems' +require 'rubygems/dependency_installer.rb' + +inst = Gem::DependencyInstaller.new +spec = Gem::Specification.find_by_name 'schleuder' + +begin + if RUBY_VERSION < "1.9" + name = 'tmail' + ver = '=1.2.3.1' + else + name = 'actionmailer' + ver = '=2.3.14' + end + inst.install name, ver + spec.add_dependency name, ver + # Write spec back to file, from rubygems/installer.rb + File.open(spec.spec_file.untaint, "w") do |f| + f << spec.to_ruby_for_cache + end +rescue Gem::FilePermissionError => e + $stderr.puts "Error: #{e.message}" +end + diff -Nru schleuder-2.1.1/bin/schleuder-init-setup schleuder-2.2.1/bin/schleuder-init-setup --- schleuder-2.1.1/bin/schleuder-init-setup 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/bin/schleuder-init-setup 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,37 @@ +#!/usr/bin/env ruby + +$VERBOSE = nil + +require 'fileutils' +require 'schleuder/utils' +require 'highline/system_extensions' + +def usage + puts "Usage: #{File.basename(__FILE__)} --gem | /path/to/schleuder" + puts "Creates neccessary directories and copies default configurations to /etc/schleuder.\n".fmt +end + +def copy(basedir) + %w(/etc/schleuder /var/log/schleuder).each do |dir| + FileUtils.mkdir(dir) unless File.directory?(dir) + end + files = Dir.glob(File.join(basedir, 'ext', '*')).reject { |f| ['Rakefile'].include?(f) } + FileUtils.cp(files, '/etc/schleuder/') +rescue Errno::EACCES => e + puts "#{e.message}" + puts "Please retry with appropriate privileges!" + exit 1 +end + +case ARGV.first +when nil,/-h|--help/ + usage + exit 1 +when /--gem/ + require 'rubygems' + spec = Gem::Specification.find_by_name('schleuder') + copy(spec.gem_dir) +else + copy(ARGV.first) +end + diff -Nru schleuder-2.1.1/bin/schleuder-migrate-v2.1-to-v2.2 schleuder-2.2.1/bin/schleuder-migrate-v2.1-to-v2.2 --- schleuder-2.1.1/bin/schleuder-migrate-v2.1-to-v2.2 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/bin/schleuder-migrate-v2.1-to-v2.2 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,205 @@ +#!/usr/bin/env ruby + +$:.unshift File.dirname(__FILE__) + '/../lib' +require 'schleuder' +require 'fileutils' +require 'yaml' +require 'open3' +require 'highline/system_extensions' + +def usage + puts "Usage: #{File.basename(__FILE__)} [-c /path/to/base/schleuder.conf] /path/to/a/list.config" + exit 1 +end + +usage if ![1,3].include?(ARGV.length) + +if (list_config = ARGV.shift) == '-c' + baseconfig = File.expand_path(ARGV.shift) + usage unless File.exist?(baseconfig) + Schleuder.config(baseconfig) + list_config = ARGV.shift +end + +usage unless File.exist?(list_config = File.expand_path(list_config)) + +def notice(msg) + puts msg.fmt +end + +def move_listdir(old_dir,old_config) + list_dir = old_config['myaddr'].split('@').reverse + if old_dir =~ /#{list_dir.join('\/')}/ + notice("The current directory of the list seems already to match the new style. Did you already migrate that list? As I can't be sure what might be right or wrong, I exit here.") + exit 1 + end + + hostdir = File.expand_path(File.join(Schleuder.config.lists_dir, list_dir.first)) + FileUtils.mkdir_p(hostdir) unless File.directory?(hostdir) + + FileUtils.mv(old_dir, hostdir) + notice("Moved list-dir to #{File.join(hostdir, Schleuder.list.listname)}.") + File.expand_path(File.join(Schleuder.config.lists_dir, list_dir.join('/'))) +end + +def member_key(member) + key,msg = member.key + unless key + notice("Can't find unique key for #{member}. Reason: #{msg}") + end + member +end + +def fix_list_conf(old_config,new_dir) + if old_config.delete('logging').to_s == 'true' && !old_config['lists_logfile'].nil? + old_config['log_file'] = old_config.delete('lists_logfile') + end + + unless old_config['loglevel'].nil? + old_config['log_level'] = old_config.delete('loglevel') + end + + if old_config.delete('log_rotate_keep') + notice("Schleuder doesn't care about log-rotation anymore, please set up logrotate.conf or similar instead.") + end + + old_config['admins'] = old_config.delete('adminaddr').collect do |admin| + m = member_key(Schleuder::Member.new(:email => admin)) + m.to_hash + end + old_config['key_fingerprint'] = Schleuder.list.key_fingerprint + + File.open(File.join(new_dir, Schleuder.config.lists_configfile),'w') { |f| f << YAML::dump(old_config.to_hash) } + # reload list config + Schleuder.list = Schleuder::List.new(old_config['myaddr']) +end + +def harden_members + Schleuder.list.members = Schleuder.list.members.collect { |member| member_key(member) } +end + +def change_pubkey(old_config) + _name = old_config['myname'] + _email = old_config['myaddr'] + _pass = old_config['gpg_password'] + + # Fix for gpgme-ruby >= 1.0.8 + GPGME::check_version('0.0.0') if GPGME.respond_to?('check_version') + + # Add listname-request@ and listname-ownerhostname as UID. + gpg_adduid = "gpg --no-tty --command-fd 0 --status-fd 1 --yes --edit-key #{_email} adduid" + Open3.popen3(gpg_adduid) do |stdin, stdout, stderr| + owner_done = false + request_done = false + while line = stdout.readline rescue nil; + case line.chomp + when '[GNUPG:] GET_LINE keygen.name' then + reply = _name + when '[GNUPG:] GET_LINE keygen.email' then + if !request_done + email = _email.sub(/@/, '-request@') + request_done = true + else + email = _email.sub(/@/, '-owner@') + end + reply = email + when '[GNUPG:] GET_LINE keygen.comment' then + reply = 'schleuder list' + when '[GNUPG:] GET_HIDDEN passphrase.enter' then + reply = _pass + when '[GNUPG:] GET_LINE keyedit.prompt' then + if !owner_done + reply = "adduid" + owner_done = true + else + reply = "save" + end + else + reply = nil + end + #$stderr.puts line + if reply + #$stderr.puts reply + stdin.puts reply + end + end + end + + # Make list@host the primary UID to avoid confusion. + # For some f***** up reason these two time calling gpg do not work in one run. + gpg_adduid = "gpg --no-tty --command-fd 0 --status-fd 1 --yes --edit-key #{_email}" + Open3.popen3(gpg_adduid) do |stdin, stdout,stderr| + uid_done = false + primary_done = false + while line = stdout.readline rescue nil; + case line.chomp + when '[GNUPG:] GET_LINE keyedit.prompt' then + if ! uid_done + reply = "uid 2" + uid_done = true + elsif ! primary_done + reply = "primary" + primary_done = true + else + reply = "save" + end + when '[GNUPG:] GET_HIDDEN passphrase.enter' then + reply = _pass + else + reply = nil + end + #$stderr.puts line + if reply + #$stderr.puts reply + stdin.puts reply + end + end + end + $stderr.puts + notice("Added address-extensions as UIDs to public key of list.") +end + +## run + + +old_config = YAML.load_file(list_config) +old_config['myname']||=File.basename(File.dirname(list_config)) +Schleuder.list = Schleuder::List.new(File.basename(File.dirname(list_config))) +old_dir = File.dirname(list_config) + +files = Dir["#{old_dir}/*"].inject({}) do |files, file| + files[File.basename(file)] = [:uid, :gid, :mode].inject({}) do |hash, sym| + hash[sym] = File.stat(file).send(sym) + hash + end + files +end + +ENV['GNUPGHOME'] = new_dir = move_listdir(old_dir,old_config) +ENV.delete('GPG_AGENT_INFO') # might interfer with changing uids + +change_pubkey(old_config) +fix_list_conf(old_config, new_dir) +harden_members + +# Fix owner/modes if changed +files.each do |file, stat| + file = File.join(new_dir,file) + [file, "#{file}~"].each do |f| + if File.exist?(f) + File.chown(stat[:uid], stat[:gid], f) if File.stat(f).uid != stat[:uid] || File.stat(f).gid != stat[:gid] + File.chmod(stat[:mode], f) if File.stat(f).mode != stat[:mode] + end + end +end + +puts "There're some manual steps required to finalize the migration: +- add two aliases for the list to your MTA: + #{Schleuder.list.request_addr} + and + #{Schleuder.list.owner_addr} + +Running now the Schleuder test routine, which might give additional hints if something might be wrong" + +Schleuder::Processor.test(old_config['myaddr']) + diff -Nru schleuder-2.1.1/bin/schleuder-newlist schleuder-2.2.1/bin/schleuder-newlist --- schleuder-2.1.1/bin/schleuder-newlist 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/bin/schleuder-newlist 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,384 @@ +#!/usr/bin/env ruby + +$:.unshift File.dirname(__FILE__) + '/../lib' +require 'schleuder' +require 'etc' +require 'open3' + +class ListCreator + def self.usage + puts "Usage: + Required options: + listname@hostname.tld + Not required options (user will be promted unless -nointeractive is set or not run in a terminal), + -realname \"Foo List\" + -adminaddress listadmin@foobar.com + -initmember member1@foobar.com -initmemberkey /path/to/initmember_publickey + Optional options (flags on the same line have to be used together): + -mailuser mail (The user, which will invoke schleuder from your MTA, if non is supplied, the current user is taken) + -privatekeyfile /path/to/privatekey -publickeyfile /path/to/publickey -passphrase key_passphrase + -nointeractive + +#{File.basename($0)} listname@hostname.tld (-realname \"Foo List\") (-adminaddress listadmin@foobar.com) (-initmember member1@foobar.com -initmemberkey /path/to/initmember_publickey) [-privatekeyfile /path/to/privatekey -publickeyfile /path/to/publickey -passphrase key_passphrase] [-nointeractive]" + exit 1 + end + + + def self.process(arg) + # set safe umask + File.umask(0077) + + listname = ARGV.shift.to_s + usage unless listname.split('@').size == 2 + args = Hash.new + interactive = STDIN.tty? + while nextarg = ARGV.shift + if nextarg == '-realname' + args[:list_realname] = ARGV.shift + elsif nextarg == '-c' + Schleuder.config(ARGV.shift) + elsif nextarg == '-adminaddress' + args[:list_adminaddress] = ARGV.shift + elsif nextarg == '-initmember' + args[:list_initmember] = ARGV.shift + elsif nextarg == '-initmemberkey' + args[:list_initmemberkey] = ARGV.shift + elsif nextarg == '-privatekeyfile' + args[:list_privatekeyfile] = ARGV.shift + elsif nextarg == '-publickeyfile' + args[:list_publickeyfile] = ARGV.shift + elsif nextarg == '-passphrase' + args[:list_passphrase] = ARGV.shift + elsif nextarg == '-mailuser' + args[:mailuser] = ARGV.shift + elsif nextarg == '-nointeractive' + interactive = false + else + usage + end + end + Schleuder.log.debug "Calling Processor.newlist(#{listname})" + begin + ListCreator::create(listname,interactive,args) + rescue NewListError => e + puts "Error while creating new list: " + e.message + exit 1 + end + end + + # Creates a new list + # listname: name of the list + # interactive: Wether we can ask for missing informations. This requires ruby-highline! (Default: true) + # args: additional parameters as hash + def self.create(listname,interactive=true,args=nil) + + # verfiy all arguments quite in a huge block + Schleuder.log.debug "Verifying arguments..." + args = Hash.new if args.nil? + begin + require 'highline/import' if interactive + rescue LoadError => ex + puts "Unable to load 'highline'.\n\n" + puts "Please install the highline gem before trying to use" + puts "#{$0} in interactive mode." + exit 1 + end + + # verify basic information + Schleuder.log.debug "Verifying basic information..." + listname = ListCreator::verify_strvar(listname,interactive,"The listname") + listdir = File.join([Schleuder.config.lists_dir, listname.split('@').reverse].flatten) + raise NewListError, "List or parts of a list named: #{listname} already exists!" if File.directory?(listdir) + list_email = ListCreator::verify_emailvar(listname,interactive,"The lists's email address") + list_realname = ListCreator::verify_strvar(args[:list_realname],interactive,"'Realname' (for GPG-key and email-headers)") + list_adminaddress = ListCreator::verify_emailvar(args[:list_adminaddress],interactive,"Admin email address") + + raise NewListError,"Lists' email address and the admin address can't be the same" if list_email == list_adminaddress + + # verify keyfiles + Schleuder.log.debug "Verifying keyfiles..." + list_privatekeyfile = args[:list_privatekeyfile] || 'none' + list_publickeyfile = args[:list_publickeyfile] || 'none' + list_passphrase = args[:list_passphrase] || 'none' + unless args[:mailuser].nil? + mailuser = Etc.getpwnam(args[:mailuser]).uid + else + mailuser = Process::Sys.getuid + end + unless (list_privatekeyfile == 'none') and + (list_publickeyfile == 'none') and + (list_passphrase == 'none') then + list_privatekeyfile = ListCreator::verify_filevar( + args[:list_privatekeyfile] || '', + interactive, + "the lists' private key file" + ) + list_publickeyfile = ListCreator::verify_filevar( + args[:list_publickeyfile] || '', + interactive, + "the lists' public key file" + ) + list_passphrase = ListCreator::verify_strvar( + args[:list_passphrase] || '', + interactive, + "the lists' key passphrase", + false + ) + end + + # Verify init member + Schleuder.log.debug "Verifying init member..." + list_initmember = ListCreator::verify_emailvar( + args[:list_initmember] || '', + interactive, + "Email address of the lists' initial member" + ) + list_initmemberkey = ListCreator::verify_filevar( + args[:list_initmemberkey] || '', + interactive, + "the public key of the lists' initial member" + ) + Schleuder.log.debug "Arguments verified..." + + Schleuder.log.debug "Initialize list..." + list = ListCreator::init_list(listname,listdir) + + Schleuder.log.debug "Set list options..." + list.config.myaddr = list_email.to_s + list.config.myname = list_realname.to_s + + if list_passphrase == 'none' then + list.config.gpg_password = Schleuder::Utils::random_password.to_s + else + list.config.gpg_password = list_passphrase.to_s + end + + if (list_privatekeyfile == 'none' and list_publickeyfile == 'none') then + Schleuder.log.debug "Generate list's keypair..." + puts "Creating list key, this can take some time..." if interactive + ListCreator::generate_fresh_keypair(listdir,list.config,interactive) + else + Schleuder.log.debug "Import list's keypair..." + ListCreator::import_keypair(list,list_privatekeyfile,list_publickeyfile) + end + if (list_initmember != 'none' and list_initmemberkey != 'none') then + Schleuder.log.debug "Add initmember to list..." + ListCreator::add_init_member(list,list_initmember,list_initmemberkey) + end + + # set the lists key_fingerprint + list.config.key_fingerprint = list.key_fingerprint + + # add the admin here, as we should have already imported the key at this point + new_admin = Schleuder::Member.new(:email => list_adminaddress.to_s) + key, msg = new_admin.key + if key + new_admin.key_fingerprint = key.subkeys.first.fingerprint + list.config.admins = new_admin + else + raise NewListError,"Could not find a suitable key for the list admin. Reason: #{msg}" + end + + # store the config + Schleuder.log.debug "Store list config..." + list.config = list.config + Schleuder.log.debug "Changing ownership..." + ListCreator::filepermissions(listdir,mailuser) + Schleuder.log.debug "List successfully created..." + ListCreator::print_list_infos(list) if interactive + end + + private + + def self.init_list(listname,listdir) + require 'fileutils' + FileUtils.mkdir_p(listdir) + list = Schleuder::List.new(listname,true) + ENV['GNUPGHOME'] = listdir + list + end + + def self.add_init_member(list,list_initmember,list_initmemberkey) + if key = Schleuder::Crypt.new(list.config.gpg_password).add_key_from_file(list_initmemberkey).imports.first + list.members = Array.new(1,Schleuder::Member.new({ :email => list_initmember, :key_fingerprint => key.fingerprint })) + else + raise NewListError,"Importing the init member key failed for some reason. Please verify the passed keyfile!" + end + end + + def self.verify_strvar(var,interactive,question, echo=true) + if (var.nil? or var.empty?) and interactive then + str = question+": " + if echo + var = ask(str) + else + var = ask(str) { |question| question.echo = '*' } + end + end + raise NewListError,"Missing mandatory variable: "+question if (var.nil? or var.empty?) + var + end + + def self.verify_emailvar(var,interactive,question) + var = ListCreator::verify_strvar(var,interactive,question) + begin + Schleuder::Utils::verify_addr(question,var) + rescue Exception => e + raise NewListError,"Mandatory emailaddress (#{question}) is not valid: " + e.message + end + var + end + + def self.verify_filevar(var,interactive,question) + if (not var.nil? and not File.exist?(var)) and interactive then + var = ask("Filepath for "+question+": ") + end + raise NewListError,"Missing mandatory file: "+question if (not var.nil? and not File.exist?(var)) + var + end + + def self.progfunc(hook, what, type, current, total) + $stderr.write("#{what}: #{current}/#{total}\r") + $stderr.flush + end + + + def self.generate_fresh_keypair(listdir,listconfig,interactive) + _name = listconfig.myname + _email = listconfig.myaddr + _pass = listconfig.gpg_password + _type = Schleuder.config.gpg_key_type + _length = Schleuder.config.gpg_key_length + _sub_type = Schleuder.config.gpg_subkey_type + _sub_length = Schleuder.config.gpg_subkey_length + if GPGME.respond_to? 'check_version' + GPGME::check_version('0.0.0') + end + GPGME::Ctx.new.genkey( + ListCreator::create_gnupg_params_template(_name,_email,_pass,_type,_length,_sub_type,_sub_length), + nil,nil + ) + + # Add listname-request@hostname as UID. + gpg_adduid = "gpg --no-tty --command-fd 0 --status-fd 1 --yes --edit-key #{_email} adduid" + Open3.popen3(gpg_adduid) do |stdin, stdout| + owner_done = false + request_done = false + while line = stdout.readline rescue nil; + case line.chomp + when '[GNUPG:] GET_LINE keygen.name' then + reply = _name + when '[GNUPG:] GET_LINE keygen.email' then + if ! request_done + email = _email.sub(/@/, '-request@') + request_done = true + else + email = _email.sub(/@/, '-owner@') + end + reply = email + when '[GNUPG:] GET_LINE keygen.comment' then + reply = 'schleuder list' + when '[GNUPG:] GET_HIDDEN passphrase.enter' then + reply = _pass + when '[GNUPG:] GET_LINE keyedit.prompt' then + if ! owner_done + reply = "adduid" + owner_done = true + else + reply = "save" + end + else + reply = nil + end + #$stderr.puts line + if reply + #$stderr.puts reply + stdin.puts reply + end + end + end + + # Make list@host the primary UID to avoid confusion. + # For some f***** up reason these two time calling gpg do not work in one run. + gpg_adduid = "gpg --no-tty --command-fd 0 --status-fd 1 --yes --edit-key #{_email}" + Open3.popen3(gpg_adduid) do |stdin, stdout| + uid_done = false + primary_done = false + while line = stdout.readline rescue nil; + case line.chomp + when '[GNUPG:] GET_LINE keyedit.prompt' then + if ! uid_done + reply = "uid 2" + uid_done = true + elsif ! primary_done + reply = "primary" + primary_done = true + else + reply = "save" + end + when '[GNUPG:] GET_HIDDEN passphrase.enter' then + reply = _pass + else + reply = nil + end + #$stderr.puts line + if reply + #$stderr.puts reply + stdin.puts reply + end + end + end + $stderr.puts + end + + def self.import_keypair(list,list_privatekeyfile,list_publickeyfile) + crypt = Schleuder::Crypt.new(list.config.gpg_password) + Schleuder.log.debug "Importing private key from #{list_privatekeyfile}" + crypt.add_key_from_file(list_privatekeyfile) + Schleuder.log.debug "Importing public key from #{list_publickeyfile}" + crypt.add_key_from_file(list_publickeyfile) + end + + def self.create_gnupg_params_template(name,email,pass,type,length,sub_type,sub_length) + " +Key-Type: #{type} +Key-Length: #{length} +Subkey-Type: #{sub_type} +Subkey-Length: #{sub_length} +Name-Real: #{name} +Name-Comment: schleuder list +Name-Email: #{email} +Expire-Date: 0 +Passphrase: #{pass} +" + end + + def self.filepermissions(listdir, mailuser) + File.chown(mailuser,nil,listdir) + File.chmod(0700,listdir) + Dir.new(listdir).each{ |f| + unless f =~ /^\./ + File.chown(mailuser,nil,listdir+"/"+f) + File.chmod(0600) + end + } + end + + def self.print_list_infos(list) + puts "A new schleuder list called '#{list.config.myname}' has been created.".fmt + puts + puts "To get a working list you have to tell your MTA to handle this list. For various examples have a look at ".fmt + puts + puts "Lists' key fingerprint:".fmt + crypt = Schleuder::Crypt.new(list.config.gpg_password) + key = crypt.get_key(list.config.myaddr).first + puts Schleuder::Utils::get_pretty_fingerprint(key) + end +end + +begin + ListCreator.process(ARGV) +rescue NewListError => e + puts "Error while creating new list: " + e.message + exit 1 +end diff -Nru schleuder-2.1.1/contrib/check-expired-keys.rb schleuder-2.2.1/contrib/check-expired-keys.rb --- schleuder-2.1.1/contrib/check-expired-keys.rb 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/contrib/check-expired-keys.rb 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,59 @@ +#!/usr/bin/env ruby +# +# This script checks all public keys in the keyring of the given schleuder-list +# for being expired (or otherwise unusable) and reports the output (if there +# was something found) to the list-admins. +# Key are being reported if they expire within the next 14 days. +# We suggest to run this script from cron once a week. + +$VERBOSE = nil + +require 'schleuder' +include Schleuder + +if ARGV.size != 1 + puts "Usage: #{File.basename(__FILE__)} listname" + exit 1 +elsif ! File.directory?(List.listdir(ARGV.first)) + puts "No such list: '#{ARGV.first}'." + exit 1 +end + +listname = ARGV.first +Schleuder.list = List.new(listname) + +now = Time.now +checkdate = now + 120960000 # two weeks +crypt = Crypt.new('') +msg = '' +unusable = [] +expiring = [] + +crypt.list_keys.each do |key| + if (exp = key.subkeys.first.expires) > Time.utc(1971, 1, 1, 1) + # key has expiry date + if now < exp && exp < checkdate + # key expires in the near future + expdays = ((exp - now)/86400).to_i + expiring << [key, expdays] + end + end + + if not (trust = [:revoked, :expired, :disabled, :invalid].grep(key.trust)).empty? + unusable << [key, trust] + end +end + +expiring.each do |key,days| + msg << "-> Key expires in #{days} days:\n#{key.to_s}\n\n" +end + +unusable.each do |key,trust| + msg << "-> Key is #{trust.join(' and ')}:\n#{key.to_s}\n" +end + +unless msg.empty? + prefix = "Checking the public keys present in the keyring of list #{listname} for usability gave the following result:".fmt + Schleuder.log.notify_admin('keys', prefix + "\n\n" + msg) +end + diff -Nru schleuder-2.1.1/contrib/mutt-schleuder-resend.vim schleuder-2.2.1/contrib/mutt-schleuder-resend.vim --- schleuder-2.1.1/contrib/mutt-schleuder-resend.vim 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/contrib/mutt-schleuder-resend.vim 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,24 @@ +" Reply-helper for mutt with schleuder (>= v2.0.0). +" Will insert a resend-line filled with the address from the quoted Text +" you're replying to. +function! SchleuderInsert(string) + let fromline = search('> From:', 'n') + let addr = matchstr(getline(fromline), '[^ <]*@[^ >]*') + let insline = search('^$', 'n') + " append after the first blank line + let foo = append(insline, a:string . addr) + " can't figure out how to append() a newline, so we simply add another + " empty line + return append(insline+1, '') +endfunction + +function! SchleuderInsertResendEncrypted() + return SchleuderInsert('X-RESEND-ENCRYPTED-ONLY: ') +endfunction + +function! SchleuderInsertResend() + return SchleuderInsert('X-RESEND: ') +endfunction + +nmap ;sr :call SchleuderInsertResend() +nmap ;sc :call SchleuderInsertResendEncrypted() diff -Nru schleuder-2.1.1/contrib/newlist.rb schleuder-2.2.1/contrib/newlist.rb --- schleuder-2.1.1/contrib/newlist.rb 2014-09-29 05:49:25.000000000 +0000 +++ schleuder-2.2.1/contrib/newlist.rb 1970-01-01 00:00:00.000000000 +0000 @@ -1,302 +0,0 @@ -#!/usr/bin/env ruby1.8 - -$:.unshift File.dirname(__FILE__) + '/../lib' -require 'schleuder' -require 'etc' - -class ListCreator - def self.usage - puts "Usage: - Required options: - listname - Not required options (user will be promted unless -nointeractive is set or not run in a terminal), - -email list@test.com - -realname \"Foo List\" - -adminaddress listadmin@foobar.com - -initmember member1@foobar.com -initmemberkey /path/to/initmember_publickey - Optional options (flags on the same line have to be used together): - -mailuser mail (The user, which will invoke schleuder from your MTA, if non is supplied, the current user is taken) - -privatekeyfile /path/to/privatekey -publickeyfile /path/to/publickey -passphrase key_passphrase - -nointeractive - -#{File.basename($0)} listname (-email list@test.com) (-realname \"Foo List\") (-adminaddress listadmin@foobar.com) (-initmember member1@foobar.com -initmemberkey /path/to/initmember_publickey) [-privatekeyfile /path/to/privatekey -publickeyfile /path/to/publickey -passphrase key_passphrase] [-nointeractive]" - exit 1 - end - - - def self.process(arg) - # set safe umask - File.umask(0077) - - listname = ARGV.shift - usage unless listname - args = Hash.new - interactive = STDIN.tty? - while nextarg = ARGV.shift - if nextarg == '-email' - args[:list_email] = ARGV.shift - elsif nextarg == '-realname' - args[:list_realname] = ARGV.shift - elsif nextarg == '-adminaddress' - args[:list_adminaddress] = ARGV.shift - elsif nextarg == '-initmember' - args[:list_initmember] = ARGV.shift - elsif nextarg == '-initmemberkey' - args[:list_initmemberkey] = ARGV.shift - elsif nextarg == '-privatekeyfile' - args[:list_privatekeyfile] = ARGV.shift - elsif nextarg == '-publickeyfile' - args[:list_publickeyfile] = ARGV.shift - elsif nextarg == '-passphrase' - args[:list_passphrase] = ARGV.shift - elsif nextarg == '-mailuser' - args[:mailuser] = ARGV.shift - elsif nextarg == '-nointeractive' - interactive = false - else - usage - end - end - Schleuder.log.debug "Calling Processor.newlist(#{listname})" - begin - ListCreator::create(listname,interactive,args) - rescue NewListError => e - puts "Error while creating new list: " + e.message - exit 1 - end - end - - # Creates a new list - # listname: name of the list - # interactive: Wether we can ask for missing informations. This requires ruby-highline! (Default: true) - # args: additional parameters as hash - def self.create(listname,interactive=true,args=nil) - - # verfiy all arguments quite in a huge block - Schleuder.log.debug "Verifying arguments..." - args = Hash.new if args.nil? - begin - require 'highline/import' if interactive - rescue LoadError => ex - puts "Unable to load 'highline'.\n\n" - puts "Please install the libhighline-ruby1.8 package before trying to use" - puts "#{$0} in interactive mode." - exit 1 - end - - # verify basic information - Schleuder.log.debug "Verifying basic information..." - listname = ListCreator::verify_strvar(listname,interactive,"The listname") - listdir = File.join(Schleuder.config.lists_dir, listname) - raise NewListError, "List or parts of a list named: #{listname} already exists!" if File.directory?(File.join(Schleuder.config.lists_dir, listname)) - list_email = ListCreator::verify_emailvar(args[:list_email],interactive,"The lists's email address") - list_realname = ListCreator::verify_strvar(args[:list_realname],interactive,"'Realname' (for GPG-key and email-headers)") - list_adminaddress = ListCreator::verify_emailvar(args[:list_adminaddress],interactive,"Admin email address") - - raise NewListError,"Lists' email address and the admin address can't be the same" if list_email == list_adminaddress - - # verify keyfiles - Schleuder.log.debug "Verifying keyfiles..." - list_privatekeyfile = args[:list_privatekeyfile] || 'none' - list_publickeyfile = args[:list_publickeyfile] || 'none' - list_passphrase = args[:list_passphrase] || 'none' - if ! args[:mailuser].nil? - mailuser = Etc.getpwnam(args[:mailuser]).uid - elsif Process::Sys.getuid == 0 - mailuser = Etc.getpwnam('schleuder').uid - else - mailuser = Process::Sys.getuid - end - unless (list_privatekeyfile == 'none') and - (list_publickeyfile == 'none') and - (list_passphrase == 'none') then - list_privatekeyfile = ListCreator::verify_filevar( - args[:list_privatekeyfile] || '', - interactive, - "the lists' private key file" - ) - list_publickeyfile = ListCreator::verify_filevar( - args[:list_publickeyfile] || '', - interactive, - "the lists' public key file" - ) - list_passphrase = ListCreator::verify_strvar( - args[:list_passphrase] || '', - interactive, - "the lists' key passphrase" - ) - end - - # Verify init member - Schleuder.log.debug "Verifying init member..." - list_initmember = ListCreator::verify_emailvar( - args[:list_initmember] || '', - interactive, - "Email address of the lists' initial member" - ) - list_initmemberkey = ListCreator::verify_filevar( - args[:list_initmemberkey] || '', - interactive, - "the public key of the lists' initial member" - ) - Schleuder.log.debug "Arguments verified..." - - Schleuder.log.debug "Initialize list..." - list = ListCreator::init_list(listname,listdir) - - Schleuder.log.debug "Set list options..." - list.config.myaddr = list_email - list.config.myname = list_realname - list.config.adminaddr = [list_adminaddress] - if list_passphrase == 'none' then - list.config.gpg_password = Schleuder::Utils::random_password - else - list.config.gpg_password = list_passphrase - end - - if (list_privatekeyfile == 'none' and list_publickeyfile == 'none') then - Schleuder.log.debug "Generate list's keypair..." - puts "Creating list key, this can take some time..." if interactive - ListCreator::generate_fresh_keypair(listdir,list.config,interactive) - else - Schleuder.log.debug "Import list's keypair..." - ListCreator::import_keypair(list,list_privatekeyfile,list_publickeyfile) - end - if (list_initmember != 'none' and list_initmemberkey != 'none') then - Schleuder.log.debug "Add initmember to list..." - ListCreator::add_init_member(list,list_initmember,list_initmemberkey) - end - # store the config - Schleuder.log.debug "Store list config..." - list.config = list.config - Schleuder.log.debug "Changing ownership..." - ListCreator::filepermissions(list,mailuser) - Schleuder.log.debug "List successfully created..." - ListCreator::print_list_infos(list) if interactive - end - - private - - def self.init_list(listname,listdir) - Dir.mkdir(listdir) - list = Schleuder::List.new(listname,true) - ENV['GNUPGHOME'] = listdir - list - end - - def self.add_init_member(list,list_initmember,list_initmemberkey) - Schleuder::Crypt.new(list.config.gpg_password).add_key_from_file(list_initmemberkey) - list.members = Array.new(1,Schleuder::Member.new({ :email => list_initmember })) - end - - def self.verify_strvar(var,interactive,question) - if (var.nil? or var.empty?) and interactive then - var = ask(question+": ") - end - raise NewListError,"Missing mandatory variable: "+question if (var.nil? or var.empty?) - var - end - - def self.verify_emailvar(var,interactive,question) - var = ListCreator::verify_strvar(var,interactive,question) - begin - Schleuder::Utils::verify_addr(question,var) - rescue Exception => e - raise NewListError,"Mandatory emailaddress (#{question}) is not valid: " + e.message - end - var - end - - def self.verify_filevar(var,interactive,question) - if (not var.nil? and not File.exist?(var)) and interactive then - var = ask("Filepath for "+question+": ") - end - raise NewListError,"Missing mandatory file: "+question if (not var.nil? and not File.exist?(var)) - var - end - - def self.progfunc(hook, what, type, current, total) - $stderr.write("#{what}: #{current}/#{total}\r") - $stderr.flush - end - - - def self.generate_fresh_keypair(listdir,listconfig,interactive) - _name = listconfig.myname - _email = listconfig.myaddr - _pass = listconfig.gpg_password - _type = Schleuder.config.gpg_key_type - _length = Schleuder.config.gpg_key_length - _sub_type = Schleuder.config.gpg_subkey_type - _sub_length = Schleuder.config.gpg_subkey_length - if GPGME.respond_to? 'check_version' - GPGME::check_version('0.0.0') - end - GPGME::Ctx.new.genkey( - ListCreator::create_gnupg_params_template(_name,_email,_pass,_type,_length,_sub_type,_sub_length), - nil,nil - ) - $stderr.puts - end - - def self.import_keypair(list,list_privatekeyfile,list_publickeyfile) - crypt = Schleuder::Crypt.new(list.config.gpg_password) - Schleuder.log.debug "Importing private key from #{list_privatekeyfile}" - crypt.add_key_from_file(list_privatekeyfile) - Schleuder.log.debug "Importing public key from #{list_publickeyfile}" - crypt.add_key_from_file(list_publickeyfile) - end - - def self.create_gnupg_params_template(name,email,pass,type,length,sub_type,sub_length) - " -Key-Type: #{type} -Key-Length: #{length} -Subkey-Type: #{sub_type} -Subkey-Length: #{sub_length} -Name-Real: #{name} -Name-Comment: schleuder list -Name-Email: #{email} -Expire-Date: 0 -Passphrase: #{pass} -" - end - - def self.filepermissions(list, mailuser) - listdir = File.expand_path(File.join(Schleuder.config.lists_dir, list.listname)) - File.chown(mailuser,nil,listdir) - File.chmod(0700,listdir) - Dir.new(listdir).each{ |f| - unless f =~ /^\./ - File.chown(mailuser,nil,listdir+"/"+f) - File.chmod(0600) - end - } - File.chown(mailuser,nil,list.configfile) - File.chmod(0600,list.configfile) - unless list.logfile == 'syslog' - # Touch and set permissions on logfile - File.open(list.logfile, 'a').close() - File.chown(mailuser, nil, list.logfile) - File.chmod(0600, list.logfile) - end - end - - def self.print_list_infos(list) - puts "A new schleuder list #{list.config.myname} have been created." - puts - puts "To get a working list you have to tell your MTA to handle this list." - puts "For various examples have a look at:" - puts " * /usr/share/doc/schleuder/README.Debian" - puts " * http://schleuder.nadir.org/documentation/creatinglists" - puts - puts "Lists' key fingerprint:" - puts Schleuder::Utils::get_pretty_fingerprint(Schleuder::Crypt.new(list.config.gpg_password).get_key(list.config.myaddr)) - end -end - -begin - ListCreator::process(ARGV) -rescue NewListError => e - puts "Error while creating new list: " + e.message - exit 1 -end diff -Nru schleuder-2.1.1/contrib/schleuder-migrationhelper.pl schleuder-2.2.1/contrib/schleuder-migrationhelper.pl --- schleuder-2.1.1/contrib/schleuder-migrationhelper.pl 2014-09-29 05:49:25.000000000 +0000 +++ schleuder-2.2.1/contrib/schleuder-migrationhelper.pl 1970-01-01 00:00:00.000000000 +0000 @@ -1,105 +0,0 @@ -#!/usr/bin/env perl - -if ($#ARGV ne 2) { - print "Usage: ".`basename $0`." schleuder-v1-srcdir schleuder-v1-listdir schleuder-v2-listdir \n"; - exit; -} - -unshift @INC, shift(@ARGV); -$srcdir=shift(@ARGV); -$targetdir=shift(@ARGV); - -use YAML; -# from schleuder-1 -require "property.pl"; - -# one helper -sub dumptofile { - $file = $_[0]; - $data = $_[1]; - if (-e $file) { - print "Error: $file exists in this directory! Won't overwrite, skipping.\n"; - return false; - } - open(listconf, ">$file") || die $!; - print "Writing $file\n"; - print listconf YAML::Dump($data); - close(listconf); -} - - -# now for the migration - - -# import gpg-files -foreach $gpgfile(qw(pubring.gpg secring.gpg trustdb.gpg)) { - `gpg --homedir $targetdir --import $srcdir/$gpgfile`; -} -print "\n"; - - -# reading config -my $old = &Property::read($srcdir . "/schleuder.conf"); -my $new = {}; - -$new->{'myaddr'} = $old->{'mail'}->{'myself'}; -$new->{'public_footer'} = $old->{'mail'}->{'publicfooter'}; -$new->{'adminaddr'} = $old->{'mail'}->{'maintainer'}; -$new->{'prefix_in'} = $old->{'mail'}->{'subin'}; -$new->{'prefix_out'} = $old->{'mail'}->{'subout'}; -$new->{'default_mime'} = lc(substr($old->{'mail'}->{'defaultenvelop'}, 1, length($old->{'mail'}->{'defaultenvelop'})-2)); - -if (($old->{'policy'}->{'allow_plaintext_sending'} eq 'yes')||($old->{'policy'}->{'allow_plaintext_sending'} eq 'true')) { - $new->{'allow_plaintext_sending'} = 'true' -} else { - $new->{'allow_plaintext_sending'} = 'false' -} - -# read in gpg_password -open(passfile, $old->{'crypt'}->{'passfile'}) || die $!; -$tmp = ; -chomp($tmp); -$new->{'gpg_password'} = $tmp; -close(passfile); - -# write list-config to file -dumptofile "$targetdir/list.conf", $new; - - -# collect listmembers -@members = (); -push @members, []; - -open(listmembers, $srcdir . "/listmembers") || die $!; -while () { - next if (/^\s*#/); - chomp; - if (/^\s*([^\s:[]+)([^\s:]+)?\:?\s*(.*)/) { - $member = {}; - $member->{'email'}=$1; - $mime = lc(substr($2, 1, length($2)-2)); - if ($mime eq 'appl') { - $mime = 'mime'; - } - if ($mime ne '') { - $member->{'mime'}=$mime; - } - push(@{$members[0]}, $member); - } -} -close(listmembers); - -# write members-list to file -dumptofile "$targetdir/members.conf", @members; - -# touch file to chmod it -`touch $targetdir/list.log`; - -print "chmod'ding dir and files"; -chmod 0700, $targetdir; -foreach $fn (glob("$targetdir/*")) { - chmod 0600, $fn; -} - -print "Done. Please verify manually that all settings are correct\nand chown dir+files!\n"; - diff -Nru schleuder-2.1.1/contrib/schleuder-mutt-resend.vim schleuder-2.2.1/contrib/schleuder-mutt-resend.vim --- schleuder-2.1.1/contrib/schleuder-mutt-resend.vim 2009-12-28 18:25:22.000000000 +0000 +++ schleuder-2.2.1/contrib/schleuder-mutt-resend.vim 1970-01-01 00:00:00.000000000 +0000 @@ -1,22 +0,0 @@ -" Reply-helper for mutt with schleuder (>= v2.0.0) -function! SchleuderInsert(string) - let fromline = search('> From:', 'n') - let addr = matchstr(getline(fromline), '[^ <]*@[^ >]*') - let insline = search('^$', 'n') - " append after the first blank line - let foo = append(insline, a:string . addr) - " can't figure out how to append() a newline, so we simply add another - " empty line - return append(insline+1, '') -endfunction - -function! SchleuderInsertResendEncrypted() - return SchleuderInsert('X-RESEND-ENCRYPTED-ONLY: ') -endfunction - -function! SchleuderInsertResend() - return SchleuderInsert('X-RESEND: ') -endfunction - -nmap ;sr :call SchleuderInsertResend() -nmap ;sc :call SchleuderInsertResendEncrypted() diff -Nru schleuder-2.1.1/contrib/smtpserver.rb schleuder-2.2.1/contrib/smtpserver.rb --- schleuder-2.1.1/contrib/smtpserver.rb 2009-12-28 18:25:22.000000000 +0000 +++ schleuder-2.2.1/contrib/smtpserver.rb 2012-06-12 09:08:13.000000000 +0000 @@ -28,7 +28,7 @@ require 'socket' server = TCPServer.new("localhost", port) -def p msg +def p(msg) #puts "o:" + msg @s.print msg + "\r\n" end diff -Nru schleuder-2.1.1/debian/changelog schleuder-2.2.1/debian/changelog --- schleuder-2.1.1/debian/changelog 2014-09-29 05:49:25.000000000 +0000 +++ schleuder-2.2.1/debian/changelog 2014-09-29 05:46:56.000000000 +0000 @@ -1,3 +1,111 @@ +schleuder (2.2.1-3~ppa1) precise; urgency=low + + * Backport from Debian unstable (snapshots.debian.org) + + -- Francois Marier Mon, 29 Sep 2014 05:42:56 +0000 + +schleuder (2.2.1-3) unstable; urgency=medium + + * Set urgency to medium as this version fixes 3 really annoying bugs. + * Update feature-switch-to-gpgme-2.patch to fix -sendkey. (Closes: #705865) + * Update patches to fix issues with plugin directories with the + default configuration. (Closes: #705876) + * Cherry-pick two upstream patches to fix member listing in 'manage members' + plugin. (Closes: #705877) + * Bump Standards-Version to 3.9.4, no changes required. + + -- Jérémy Bobbio Tue, 07 May 2013 16:06:46 +0200 + +schleuder (2.2.1-2) unstable; urgency=low + + * Support removed (but not purged) package in weekly cron. (Closes: #678487) + * Ensure that /etc/schleuder/lists exists before migrating lists from older + releases format. + * Fix receiving unencrypted messages: transform one missed call to + 'ruby-filemagic' in the 'magic' equivalent. + * Warn for expiring keys for two weeks instead of more than three years in + check-expired-keys. + * Avoid stty calls in check-expired-keys cron avoid weekly error messages. + * Restore the lost debian-no-rubygems.patch: the Debian package does not need + rubygems to work. + * Fix broken member file created by schleuder-newlist when used in + interactive mode. + * Fix spelling mistake in debian/NEWS. Thanks lintian for spotting that one. + * Drop useless Build-Depends on pandoc. Upstream ships manpages since version + 2.2. + + -- Jérémy Bobbio Mon, 15 Oct 2012 14:43:23 +0200 + +schleuder (2.2.1-1) unstable; urgency=low + + * Update README.source. + * Drop the following patches: + - 0004-Deactivate-log-file-rotation-by-default.patch: + Upstream has removed support for log file rotation. + - 0008-Suggest-to-install-highline-package-in-newlist.patch: + highline is required by `bin/schleuder-migrate-v2.1-to-v2.2` and + thus now a hard Depends. + - 0011-Formal-workaround-for-ruby-gpgme-1.0.8-for-use-with-.patch: + It was cherry-picked from upstream master branch. + - 0012-Better-workaround-for-ruby-gpgme-1.0.8-for-use-with-.patch: + It was cherry-picked from upstream master branch. + - 0013-newlist-add-the-necessary-workaround-for-ruby-gpgme-.patch: + It has been integrated upstream. + - 0014-Don-t-echo-passphrase-to-terminal-when-asking-for-it.patch: + It was cherry-picked from master. + * Refresh the following patches: + - 0001-Enable-logging-through-syslog.patch + => feature-logging.patch + - 0002-Allow-list-configuration-files-to-be-in-a-single-dir.patch + => feature-list-conf-dir.patch + - 0003-Add-support-for-multiple-plugins-directory.patch + => feature-multiple-plugins-dir.patch + - 0005-Adjust-other-default-configuration-settings.patch + => debian-default-settings.patch + - 0006-No-need-for-rubygems-we-have-Debian-packages.patch + => debian-no-rubygems.patch + - 0007-Explicitely-use-ruby1.8-in-executable-scripts.patch + => debian-use-ruby1.8.patch + - 0009-Mention-README.Debian-in-newlist.patch + => debian-readme-debian-in-newlist.patch + * New patches: + - bugs-dead-configuration-in-example.patch: + Remove removed setting from example configuration. + - bugs-missing-admin-only-keywords.patch: + Adjust default settings to example configuration. + - bugs-fix-manpages-wrt-2.2.1.patch: + Update manpages with recent changes and improve formatting. + - debian-use-magic-instead-of-filemagic.patch: + Use the 'magic' gem instead of 'ruby-filemagic', as the former is + already in Debian. + * Refresh Depends in debian/control for 2.2.1. + * Install library according to the new Debian Ruby policy. + * Use upstream manpages. + * Install schleuder-newlist from its new location. + * Update README.Debian for Schleuder 2.2. + * Add new default-members.conf to examples. + * Call migration scripts when upgrading from previous version. + * Add weekly reminder for expired member keys. + * Add debian/NEWS to help admins cope with the new version. + * Ship README.plugins at its intended location + * Remove schleuder-migrationhelper.pl from examples (removed upstream). + * Update mutt-schleuder-resend.vim name in examples. + * Do not ship TODO in docs (removed upstream). + + -- Jérémy Bobbio Tue, 19 Jun 2012 17:49:16 +0200 + +schleuder (2.1.1-3) unstable; urgency=low + + * Switch to source format 3.0 (quilt) + * Set "su" directive in logrotate configuration file. (Closes: #657924) + * Prevent schleuder-newlist from echoing passphrase on terminal. + (Closes: #649403) + * Update debian/copyright. + * Update package names to new Ruby packaging practices. + * Bump Standards-Version to 3.9.3, no changes required. + + -- Jérémy Bobbio Fri, 06 Apr 2012 18:59:45 +0200 + schleuder (2.1.1-2) unstable; urgency=medium * Fix Schleuder website URL in schleuder(8) manpage. (Closes: #597737) diff -Nru schleuder-2.1.1/debian/control schleuder-2.2.1/debian/control --- schleuder-2.1.1/debian/control 2014-09-29 05:49:25.000000000 +0000 +++ schleuder-2.2.1/debian/control 2014-09-29 05:46:04.000000000 +0000 @@ -2,8 +2,8 @@ Section: mail Priority: optional Maintainer: Jérémy Bobbio -Build-Depends: debhelper (>= 7.0.50~), pandoc -Standards-Version: 3.9.1 +Build-Depends: debhelper (>= 7.0.50~) +Standards-Version: 3.9.4 Homepage: http://schleuder.nadir.org/ Vcs-Git: git://git.debian.org/git/collab-maint/schleuder.git Vcs-Browser: http://git.debian.org/?p=collab-maint/schleuder.git @@ -14,8 +14,7 @@ ${misc:Depends}, adduser, exim4 | mail-transport-agent, - ruby1.8, libtmail-ruby1.8, libgpgme-ruby1.8 (>= 1.0.2) -Recommends: libhighline-ruby1.8 + ruby1.8, ruby-tmail, ruby-gpgme, ruby-magic, ruby-log4r, ruby-highline Description: GnuPG enabled mailing list manager with remailer-capabilities Schleuder is designed as a tool for group communication: subscribers can communicate encrypted (and pseudonymously) among themselves, receive diff -Nru schleuder-2.1.1/debian/copyright schleuder-2.2.1/debian/copyright --- schleuder-2.1.1/debian/copyright 2014-09-29 05:49:25.000000000 +0000 +++ schleuder-2.2.1/debian/copyright 2014-09-29 05:46:04.000000000 +0000 @@ -1,15 +1,50 @@ -Name: Schleuder +Copyright-Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: Schleuder Source: http://schleuder.nadir.org/ -Copyright: 2009, paz, ng et al. +Files: * +Copyright: 2009-2010, paz, ng et al. License: GPL-2 - On Debian systems the full text of the GNU General Public - License can be found in the `/usr/share/common-licenses/GPL-2' - file. + This program is free software; you can redistribute it + and/or modify it under the terms of the GNU General Public + License as published by the Free Software Foundation; either + version 2 of the License. + . + This program is distributed in the hope that it will be + useful, but WITHOUT ANY WARRANTY; without even the implied + warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR + PURPOSE. See the GNU General Public License for more + details. + . + You should have received a copy of the GNU General Public + License along with this package; if not, write to the Free + Software Foundation, Inc., 51 Franklin St, Fifth Floor, + Boston, MA 02110-1301 USA + . + On Debian systems, the full text of the GNU General Public + License version 2 can be found in the file + `/usr/share/common-licenses/GPL-2'. Files: debian/* -Copyright: 2009, Jérémy Bobbio +Copyright: 2009-2012, Jérémy Bobbio License: GPL-2+ - On Debian systems the full text of the GNU General Public - License can be found in the `/usr/share/common-licenses/GPL-2' - file. + This program is free software; you can redistribute it + and/or modify it under the terms of the GNU General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later + version. + . + This program is distributed in the hope that it will be + useful, but WITHOUT ANY WARRANTY; without even the implied + warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR + PURPOSE. See the GNU General Public License for more + details. + . + You should have received a copy of the GNU General Public + License along with this package; if not, write to the Free + Software Foundation, Inc., 51 Franklin St, Fifth Floor, + Boston, MA 02110-1301 USA + . + On Debian systems, the full text of the GNU General Public + License version 2 can be found in the file + `/usr/share/common-licenses/GPL-2'. diff -Nru schleuder-2.1.1/debian/docs schleuder-2.2.1/debian/docs --- schleuder-2.1.1/debian/docs 2014-09-29 05:49:25.000000000 +0000 +++ schleuder-2.2.1/debian/docs 2014-09-29 05:46:04.000000000 +0000 @@ -1,2 +1 @@ README -TODO diff -Nru schleuder-2.1.1/debian/NEWS schleuder-2.2.1/debian/NEWS --- schleuder-2.1.1/debian/NEWS 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/debian/NEWS 2014-09-29 05:46:02.000000000 +0000 @@ -0,0 +1,64 @@ +schleuder (2.2.1-1) unstable; urgency=low + + Schleuder 2.2 introduces several major changes. Highlights: + + - New `-owner` suffix: the `list-owner@example.org` address will + redirect (and encrypt) messages to the list administrators. + - New `-request` suffix: administrative commands should now be sent to + `list-request@example.org`. Communication commands (e.g. X-RESEND) + - New list administration commands that are more "member" oriented: + `X-ADD-MEMBER`, `X-DELETE-MEMBER`, `X-UNSUBSCRIBE`. Refer to + schleuder(8) to know more about them. + - Listnames are now full email addresses (to support multiple domains). + - Archive support: list messages can now be stored. Please note that + despite the fact that messages are stored encrypted, both private key + and passphrase are stored right next to them. Archiving should not + be done by Schleuder if privacy really matters. + + List configuration updates + -------------------------- + + Upon package upgrade, the lists currently configured will be automatically + updated upon upgarde to the new settings and moved to the new directory + format. An UID for each new address have also been added to the list public + key. For list that you wish to import from an older version, the same + process can be repeated by calling `schleuder-migrate-v2.1-to-v2.2` + manually. + + As the migration procedure updates the list public key, it is advised to + re-export it to keyservers and list users. + + Changes required to the MTA configuration + ----------------------------------------- + + *CAUTION*: The MTA configuration needs to be updated to support + the new command line syntax and the new list suffixes: + + - the `schleuder` command now takes a full recipient address (e.g. + `list@example.org` or `list-owner@example.org`), + - the `-request` and `-owner` addresses should also use the `schleuder` + as transport. + + If you are using Exim or Postfix, please compare your configuration with + the one suggested in README.Debian. + + Updates to Schleuder configuration + ---------------------------------- + + Please review the value of the `keywords_admin_only` setting in + `/etc/schleuder/schleuder.conf`, otherwise you might enable list + users to perform administrative duties. The new default set is: + + ['ADD-MEMBER', 'DELETE-MEMBER', 'DELETE-KEY', + 'SAVE-MEMBERS', 'DEL-KEY'] + + The plugin API has changed. Please update any custom plugins. + + Weekly warnings of expired member keys + -------------------------------------- + + Schleuder 2.2 adds a new script meant to warn list administrators of + expired member keys. The Debian package will run it (through cron) + each week for every known list. + + -- Jérémy Bobbio Sat, 16 Jun 2012 12:19:35 +0200 diff -Nru schleuder-2.1.1/debian/patches/bugs-dead-configuration-in-example.patch schleuder-2.2.1/debian/patches/bugs-dead-configuration-in-example.patch --- schleuder-2.1.1/debian/patches/bugs-dead-configuration-in-example.patch 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/debian/patches/bugs-dead-configuration-in-example.patch 2014-09-29 05:46:03.000000000 +0000 @@ -0,0 +1,36 @@ +From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= +Date: Sat, 16 Jun 2012 16:24:18 +0200 +Subject: [PATCH] bugs/dead-configuration-in-example +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Squashed commit of the following: + +commit f523f54e619e07cc591dc4bd5b44d0dd72c70d2c +Author: Jérémy Bobbio +Date: Sat Jun 16 12:14:45 2012 +0200 + + Remove lists_logfile from example configuration + + This setting is useless since Schleuder uses Log4r (commit a48c4df88). +--- + ext/schleuder.conf | 4 ---- + 1 files changed, 0 insertions(+), 4 deletions(-) + +diff --git a/ext/schleuder.conf b/ext/schleuder.conf +index c056d10..7f11b43 100644 +--- a/ext/schleuder.conf ++++ b/ext/schleuder.conf +@@ -26,10 +26,6 @@ + # Name of the per list config file. + #lists_configfile: list.conf + # +-# Per list logfile name. Will be written into the directory +-# of the list. +-#lists_logfile: list.log +-# + # Name of the per list file containing all members and their + # options. + #lists_memberfile: members.conf +-- diff -Nru schleuder-2.1.1/debian/patches/bugs-do-not-call-stty-in-check-expired.patch schleuder-2.2.1/debian/patches/bugs-do-not-call-stty-in-check-expired.patch --- schleuder-2.1.1/debian/patches/bugs-do-not-call-stty-in-check-expired.patch 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/debian/patches/bugs-do-not-call-stty-in-check-expired.patch 2014-09-29 05:46:03.000000000 +0000 @@ -0,0 +1,42 @@ +From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= +Date: Sun, 14 Oct 2012 22:06:10 +0200 +Subject: [PATCH] bugs/do-not-call-stty-in-check-expired +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Squashed commit of the following: + +commit a06df224d83e152b643d8016870272a4413487b2 +Author: Jérémy Bobbio +Date: Sun Oct 14 22:01:19 2012 +0200 + + Avoid stty calls in check-expired-keys cron + + Using String#fmt (defined in 'schleuder/utils') without any arguments will + trigger calls to stty in order to guess the terminal size. Unfortunately, + this is a pretty useless thing to do in a cron, as there is no tty. This + triggers an error on stderr: + + stty: standard input: Invalid argument + + So, we give a fixed column size to String#fmt to always wrap the generated + email at 72 chars and avoid the impossible guess. +--- + contrib/check-expired-keys.rb | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/contrib/check-expired-keys.rb b/contrib/check-expired-keys.rb +index c87d842..4de5c90 100755 +--- a/contrib/check-expired-keys.rb ++++ b/contrib/check-expired-keys.rb +@@ -53,7 +53,7 @@ unusable.each do |key,trust| + end + + unless msg.empty? +- prefix = "Checking the public keys present in the keyring of list #{listname} for usability gave the following result:".fmt ++ prefix = "Checking the public keys present in the keyring of list #{listname} for usability gave the following result:".fmt(72) + Schleuder.log.notify_admin('keys', prefix + "\n\n" + msg) + end + +-- diff -Nru schleuder-2.1.1/debian/patches/bugs-fix-check-expired-keys-warning-period.patch schleuder-2.2.1/debian/patches/bugs-fix-check-expired-keys-warning-period.patch --- schleuder-2.1.1/debian/patches/bugs-fix-check-expired-keys-warning-period.patch 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/debian/patches/bugs-fix-check-expired-keys-warning-period.patch 2014-09-29 05:46:03.000000000 +0000 @@ -0,0 +1,35 @@ +From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= +Date: Sun, 14 Oct 2012 12:34:22 +0200 +Subject: [PATCH] bugs/fix-check-expired-keys-warning-period +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Squashed commit of the following: + +commit cdc00554cc89361ed71dd805a4c56c81489c46a4 +Author: Jérémy Bobbio +Date: Sun Oct 14 12:33:05 2012 +0200 + + Fix check-expired-keys warning period + + The comment said 'two weeks' but that was enough seconds for actually more than + 3 years! +--- + contrib/check-expired-keys.rb | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/contrib/check-expired-keys.rb b/contrib/check-expired-keys.rb +index 84e0bac..c87d842 100755 +--- a/contrib/check-expired-keys.rb ++++ b/contrib/check-expired-keys.rb +@@ -23,7 +23,7 @@ listname = ARGV.first + Schleuder.list = List.new(listname) + + now = Time.now +-checkdate = now + 120960000 # two weeks ++checkdate = now + (60 * 60 * 24 * 14) # two weeks + crypt = Crypt.new('') + msg = '' + unusable = [] +-- diff -Nru schleuder-2.1.1/debian/patches/bugs-fix-interactive-newlist.patch schleuder-2.2.1/debian/patches/bugs-fix-interactive-newlist.patch --- schleuder-2.1.1/debian/patches/bugs-fix-interactive-newlist.patch 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/debian/patches/bugs-fix-interactive-newlist.patch 2014-09-29 05:46:02.000000000 +0000 @@ -0,0 +1,47 @@ +From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= +Date: Mon, 15 Oct 2012 12:31:16 +0200 +Subject: [PATCH] bugs/fix-interactive-newlist +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Squashed commit of the following: + +commit f6a396b3db19b5de1a12ac145c01cdb7b8ff4ac3 +Author: Jérémy Bobbio +Date: Mon Oct 15 12:25:50 2012 +0200 + + Fix broken member file created by interactive newlist + + HighLine's 'ask' function returns HighLine::String objects. Unfortunately, if + such objects reach the YAML serializer, we then have trouble to unserialize + them, as HighLine is not a required by the 'schleuder' executable. + + So let's transform all HighLine::String to plain String to avoid troubles. +--- + bin/schleuder-newlist | 4 ++-- + 1 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/bin/schleuder-newlist b/bin/schleuder-newlist +index cdaf373..6752c91 100755 +--- a/bin/schleuder-newlist ++++ b/bin/schleuder-newlist +@@ -216,7 +216,7 @@ class ListCreator + end + end + raise NewListError,"Missing mandatory variable: "+question if (var.nil? or var.empty?) +- var ++ var.to_s + end + + def self.verify_emailvar(var,interactive,question) +@@ -234,7 +234,7 @@ class ListCreator + var = ask("Filepath for "+question+": ") + end + raise NewListError,"Missing mandatory file: "+question if (not var.nil? and not File.exist?(var)) +- var ++ var.to_s + end + + def self.progfunc(hook, what, type, current, total) +-- diff -Nru schleuder-2.1.1/debian/patches/bugs-fix-manpages-wrt-2.2.1.patch schleuder-2.2.1/debian/patches/bugs-fix-manpages-wrt-2.2.1.patch --- schleuder-2.1.1/debian/patches/bugs-fix-manpages-wrt-2.2.1.patch 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/debian/patches/bugs-fix-manpages-wrt-2.2.1.patch 2014-09-29 05:46:03.000000000 +0000 @@ -0,0 +1,1988 @@ +From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= +Date: Sat, 16 Jun 2012 16:26:03 +0200 +Subject: [PATCH] bugs/fix-manpages-wrt-2.2.1 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Squashed commit of the following: + +commit 3d7850a6c69d8f8b574983dfb5bb75fa97209d54 +Author: Jérémy Bobbio +Date: Fri Jun 15 15:38:53 2012 +0200 + + manpages: Rebuild manpages in roff and HTML + +commit 5dab77056b25ac75e9588d02c15c33ea3ed1f652 +Author: Jérémy Bobbio +Date: Fri Jun 15 15:38:10 2012 +0200 + + manpages: Improve formatting + +commit e3a64e5d0e2e9333704bc8a7dc15641b77c49ab7 +Author: Jérémy Bobbio +Date: Fri Jun 15 23:07:37 2012 +0200 + + manpages: Document X-GET-VERSION + +commit 53c10fd2a903d3195d8d1846e1067dc14706054a +Author: Jérémy Bobbio +Date: Fri Jun 15 22:32:34 2012 +0200 + + manpages: document X-UNSUBSCRIBE command + +commit 88bab545cf20fed9cdfdf5fc29535ccb04833110 +Author: Jérémy Bobbio +Date: Tue Jun 12 15:56:47 2012 +0200 + + manpages: document -c flag for schleuder and schleuder-newlist + +commit 064d3c1364a69eec539ab41cc7e41a15dff6371a +Author: Jérémy Bobbio +Date: Tue Jun 12 15:55:00 2012 +0200 + + manpages: document -h flag for schleuder + +commit 7d4da79ff6c6b61704f2d87c0dbe4375ffb0df3c +Author: Jérémy Bobbio +Date: Tue Jun 12 15:54:25 2012 +0200 + + manpage: move schleuder options to a dedicated section +--- + man/schleuder-newlist.8 | 156 ++++++++---------- + man/schleuder-newlist.8.html | 109 +++++------- + man/schleuder-newlist.8.ron | 71 +++++---- + man/schleuder.8 | 374 ++++++++++++++++++++++-------------------- + man/schleuder.8.html | 336 ++++++++++++++++++++------------------ + man/schleuder.8.ron | 266 ++++++++++++++++-------------- + 6 files changed, 663 insertions(+), 649 deletions(-) + +diff --git a/man/schleuder-newlist.8 b/man/schleuder-newlist.8 +index 20d5da3..52a2e81 100644 +--- a/man/schleuder-newlist.8 ++++ b/man/schleuder-newlist.8 +@@ -7,31 +7,34 @@ + \fBschleuder\-newlist\fR \- create new Schleuder mailing list + . + .SH "SYNOPSIS" +-schleuder\-newlist \fILISTADDRESS\fR \e [\-realname \fI\e\'Foo\e List\e\'\fR] ++\fBschleuder\-newlist\fR [\-c \fIbaseconfig\fR] \fInewlist@example\.net\fR + . + .br +-\e [\-adminaddress \fIlistadmin@example\.net\fR] ++\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~[\-realname "\fIFoo List\fR"] + . + .br +-\e [\-initmember \fImember1@example\.net\fR ++\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~[\-adminaddress \fIlistadmin@example\.net\fR] + . + .br +-\e \e \-initmemberkey \fI/path/to/initmember_publickey\fR] ++\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~[\-initmember \fImember1@example\.net\fR + . + .br +-\e [\-privatekeyfile \fI/path/to/privatekey\fR ++\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\-initmemberkey \fIpath\-to\-initmember\-publickey\fR] + . + .br +-\e \e \-publickeyfile \fI/path/to/publickey\fR ++\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~[\-privatekeyfile \fIpath\-to\-privatekey\fR + . + .br +-\e \e \-passphrase \fIkey_passphrase\fR] ++\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\-publickeyfile \fIpath\-to\-publickey\fR + . + .br +-\e [\-mailuser mail] ++\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\-passphrase "\fIkey passphrase\fR"] + . + .br +-\e [\-nointeractive] ++\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~[\-mailuser \fIschleuder\fR] ++. ++.br ++\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~\~[\-nointeractive] + . + .SH "DESCRIPTION" + \fBschleuder\-newlist\fR automates the creation of new Schleuder mailing lists\. For more information on Schleuder, please look at \fBschleuder\fR(8)\. +@@ -47,34 +50,47 @@ If no \fB\-privatekeyfile\fR, \fB\-publickeyfile\fR and \fB\-passphrase\fR are p + . + .SH "OPTIONS" + . +-.IP "\(bu" 4 +-\fB\-realname\fR \fI\'Foo List\'\fR: Specify the name of the mailing list\. ++.TP ++\fB\-c\fR \fIpath\-to\-schleuder\-configuration\fR: + . +-.IP "\(bu" 4 +-\fB\-adminaddress\fR \fIlistadmin@example\.net\fR: Specify the email address of a list administrator\. This address will be notified of errors, and depending on configuration may also be allowed to send restricted email commands\. ++.IP ++Specify an alternate configuration directory than the default \fB/etc/schleuder\fR\. + . +-.IP "\(bu" 4 +-\fB\-initmember\fR \fImember1@example\.net\fR: Specify the first subscribed list member address\. Can be the same as the administrator address\. This option must be accompanied by \fB\-initmemberkey\fR\. ++.TP ++\fB\-realname\fR "\fIFoo List\fR" ++Specify the name of the mailing list\. + . +-.IP "\(bu" 4 +-\fB\-initmemberkey\fR \fI/path/to/initmember_publickey\fR: Specify the path to first subscribed list member public key\. \fB\-initmember\fR must also be specified\. ++.TP ++\fB\-adminaddress\fR \fIlistadmin@example\.net\fR ++Specify the email address of a list administrator\. This address will be notified of errors, and depending on configuration may also be allowed to send restricted email commands\. + . +-.IP "\(bu" 4 +-\fB\-privatekeyfile\fR \fI/path/to/privatekey\fR: Specify the path to a previously\-generated private key for the list\. This option must be accompanied by \fB\-publickeyfile\fR and \fB\-passphrase\fR\. ++.TP ++\fB\-initmember\fR \fImember1@example\.net\fR ++Specify the first subscribed list member address\. Can be the same as the administrator address\. This option must be accompanied by \fB\-initmemberkey\fR\. + . +-.IP "\(bu" 4 +-\fB\-publickeyfile\fR \fI/path/to/publickey\fR Specify the path to a previously\-generated public key for the list\. This option must be accompanied by \fB\-privatekeyfile\fR and \fB\-passphrase\fR\. ++.TP ++\fB\-initmemberkey\fR \fIpath\-to\-initmember\-publickey\fR ++Specify the path to first subscribed list member public key\. \fB\-initmember\fR must also be specified\. + . +-.IP "\(bu" 4 +-\fB\-passphrase\fR \fI\'key passphrase\'\fR Specify the passphrase needed to access the private key specified in \fB\-privatekeyfile\fR\. This option must be accompanied by \fB\-publickeyfile\fR as well\. ++.TP ++\fB\-privatekeyfile\fR \fIpath\-to\-privatekey\fR ++Specify the path to a previously\-generated private key for the list\. This option must be accompanied by \fB\-publickeyfile\fR and \fB\-passphrase\fR\. + . +-.IP "\(bu" 4 +-\fB\-mailuser\fR \fIschleuder\fR Specify the system user account under which \fBschleuder\fR(8) will be executed\. (when run as root, this defaults to "schleuder") ++.TP ++\fB\-publickeyfile\fR \fIpath\-to\-publickey\fR ++Specify the path to a previously\-generated public key for the list\. This option must be accompanied by \fB\-privatekeyfile\fR and \fB\-passphrase\fR\. + . +-.IP "\(bu" 4 +-\fB\-nointeractive\fR When specified, no questions will be asked to complete missing information\. ++.TP ++\fB\-passphrase\fR "\fIkey passphrase\fR" ++Specify the passphrase needed to access the private key specified in \fB\-privatekeyfile\fR\. This option must be accompanied by \fB\-publickeyfile\fR as well\. + . +-.IP "" 0 ++.TP ++\fB\-mailuser\fR \fIschleuder\fR ++Specify the system user account under which \fBschleuder\fR(8) will be executed (when run as root, this defaults to \fBschleuder\fR)\. ++. ++.TP ++\fB\-nointeractive\fR ++When specified, no questions will be asked to complete missing information\. + . + .SH "EXAMPLES" + This creates a new list called \fBtest1\fR with the initial member \fBfoo@bar\.ch\fR\. A new keypair will be generated for the list\. +@@ -111,69 +127,26 @@ The list test2 will be created, a keypair from the following files with the pass + .IP "" 0 + . + .SH "FILES" +-/etc/schleuder/schleuder\.conf +-. +-.IP "" 4 +-. +-.nf +- +-Global Schleuder configuration +-. +-.fi + . +-.IP "" 0 +-. +-.P +-/etc/schleuder/default\-list\.conf ++.TP ++\fB/etc/schleuder/schleuder\.conf\fR ++global Schleuder configuration + . +-.IP "" 4 ++.TP ++\fB/etc/schleuder/default\-list\.conf\fR ++default list settings + . +-.nf +- +-Default list settings ++.TP ++\fB/var/schleuderlists/\fR\fIHOSTNAME\fR\fB/\fR\fILISTNAME\fR ++list internal data + . +-.fi ++.TP ++\fB/var/schleuderlists/\fR\fIHOSTNAME\fR\fB/\fR\fILISTNAME\fR\fB/list\.conf\fR ++list settings + . +-.IP "" 0 +-. +-.P +-/var/schleuderlists/HOSTNAME/LISTNAME +-. +-.IP "" 4 +-. +-.nf +- +-List internal data +-. +-.fi +-. +-.IP "" 0 +-. +-.P +-/var/schleuderlists/HOSTNAME/LISTNAME/list\.conf +-. +-.IP "" 4 +-. +-.nf +- +-List settings +-. +-.fi +-. +-.IP "" 0 +-. +-.P +-/var/schleuderlists/HOSTNAME/LISTNAME/members\.conf +-. +-.IP "" 4 +-. +-.nf +- +-List susbcribers\. +-. +-.fi +-. +-.IP "" 0 ++.TP ++\fB/var/schleuderlists/\fR\fIHOSTNAME\fR\fB/\fR\fILISTNAME\fR\fB/members\.conf\fR ++list susbcribers + . + .P + All configuration files are formatted as YAML\. See \fIhttp://www\.yaml\.org/\fR for more details\. +@@ -184,8 +157,11 @@ Known bugs are listed on the Schleuder website\. + .SH "SEE ALSO" + \fBschleuder\fR(8), \fBaliases\fR(5), \fBgnupg\fR(7)\. + . +-.P +-Schleuder website: \fIhttp://schleuder\.nadir\.org/\fR ++.TP ++Schleuder website ++\fIhttp://schleuder\.nadir\.org/\fR + . +-.P +-YAML website: \fIhttp://www\.yaml\.org/\fR ++.TP ++YAML website ++\fIhttp://www\.yaml\.org/\fR ++ +diff --git a/man/schleuder-newlist.8.html b/man/schleuder-newlist.8.html +index fc15960..2991976 100644 +--- a/man/schleuder-newlist.8.html ++++ b/man/schleuder-newlist.8.html +@@ -61,7 +61,7 @@ + FILES + BUGS + SEE ALSO +- ++ + +
    +
  1. schleuder-newlist(8)
    2. +@@ -76,16 +76,16 @@ + +

    SYNOPSIS

    + +-

    schleuder-newlist LISTADDRESS +-\ [-realname \'Foo\ List\']
    +-\ [-adminaddress listadmin@example.net]
    +-\ [-initmember member1@example.net
    +-\ \ -initmemberkey /path/to/initmember_publickey]
    +-\ [-privatekeyfile /path/to/privatekey
    +-\ \ -publickeyfile /path/to/publickey
    +-\ \ -passphrase key_passphrase]
    +-\ [-mailuser mail]
    +-\ [-nointeractive]

    ++

    schleuder-newlist [-c baseconfig] newlist@example.net
    ++                  [-realname "Foo List"]
    ++                  [-adminaddress listadmin@example.net]
    ++                  [-initmember member1@example.net
    ++                   -initmemberkey path-to-initmember-publickey]
    ++                  [-privatekeyfile path-to-privatekey
    ++                   -publickeyfile path-to-publickey
    ++                   -passphrase "key passphrase"]
    ++                  [-mailuser schleuder]
    ++                  [-nointeractive]

    + +

    DESCRIPTION

    + +@@ -107,37 +107,32 @@ the generated keypair is specified in /etc/schleuder/schleuder.conf + +

    OPTIONS

    + +-
      +-

    • -realname 'Foo List': +-Specify the name of the mailing list.

      • +-

    • -adminaddress listadmin@example.net: +-Specify the email address of a list administrator. This address will be ++

      ++
      -c path-to-schleuder-configuration:

      ++ ++

      Specify an alternate configuration directory than the default ++/etc/schleuder.

      ++
      -realname "Foo List"

      Specify the name of the mailing list.

      ++
      -adminaddress listadmin@example.net

      Specify the email address of a list administrator. This address will be + notified of errors, and depending on configuration may also be allowed +-to send restricted email commands.

      • +-

    • -initmember member1@example.net: +-Specify the first subscribed list member address. Can be the same as the ++to send restricted email commands.

      ++
      -initmember member1@example.net

      Specify the first subscribed list member address. Can be the same as the + administrator address. This option must be accompanied by +--initmemberkey.

      • +-

    • -initmemberkey /path/to/initmember_publickey: +-Specify the path to first subscribed list member public key. -initmember +-must also be specified.

      • +-

    • -privatekeyfile /path/to/privatekey: +-Specify the path to a previously-generated private key for the list. +-This option must be accompanied by -publickeyfile and -passphrase.

      • +-

    • -publickeyfile /path/to/publickey +-Specify the path to a previously-generated public key for the list. +-This option must be accompanied by -privatekeyfile and -passphrase.

      • +-

    • -passphrase 'key passphrase' +-Specify the passphrase needed to access the private key specified in ++-initmemberkey.

      ++
      -initmemberkey path-to-initmember-publickey

      Specify the path to first subscribed list member public key. -initmember ++must also be specified.

      ++
      -privatekeyfile path-to-privatekey

      Specify the path to a previously-generated private key for the list. ++This option must be accompanied by -publickeyfile and -passphrase.

      ++
      -publickeyfile path-to-publickey

      Specify the path to a previously-generated public key for the list. ++This option must be accompanied by -privatekeyfile and -passphrase.

      ++
      -passphrase "key passphrase"

      Specify the passphrase needed to access the private key specified in + -privatekeyfile. This option must be accompanied by -publickeyfile +-as well.

      • +-

    • -mailuser schleuder +-Specify the system user account under which schleuder(8) will be +-executed. (when run as root, this defaults to "schleuder")

      • +-

    • -nointeractive +-When specified, no questions will be asked to complete missing +-information.

      • +-
    ++as well.

    ++
    -mailuser schleuder

    Specify the system user account under which schleuder(8) will be ++executed (when run as root, this defaults to schleuder).

    ++
    -nointeractive

    When specified, no questions will be asked to complete missing ++information.

    ++ + + +

    EXAMPLES

    +@@ -164,30 +159,14 @@ passphrase test will be imported.

    + +

    FILES

    + +-

    /etc/schleuder/schleuder.conf

    +- +-
    Global Schleuder configuration
+-
    +- +-

    /etc/schleuder/default-list.conf

    +- +-
    Default list settings
+-
    +- +-

    /var/schleuderlists/HOSTNAME/LISTNAME

    ++
    ++
    /etc/schleuder/schleuder.conf

    global Schleuder configuration

    ++
    /etc/schleuder/default-list.conf

    default list settings

    ++
    /var/schleuderlists/HOSTNAME/LISTNAME

    list internal data

    ++
    /var/schleuderlists/HOSTNAME/LISTNAME/list.conf

    list settings

    ++
    /var/schleuderlists/HOSTNAME/LISTNAME/members.conf

    list susbcribers

    ++
    + +-
    List internal data
+-
    +- +-

    /var/schleuderlists/HOSTNAME/LISTNAME/list.conf

    +- +-
    List settings
+-
    +- +-

    /var/schleuderlists/HOSTNAME/LISTNAME/members.conf

    +- +-
    List susbcribers.
+-
    + +

    All configuration files are formatted as YAML. See http://www.yaml.org/ for + more details.

    +@@ -202,9 +181,11 @@ more details.

    + aliases(5), + gnupg(7).

    + +-

    Schleuder website: http://schleuder.nadir.org/

    ++
    ++
    Schleuder website

    http://schleuder.nadir.org/

    ++
    YAML website

    http://www.yaml.org/

    ++
    + +-

    YAML website: http://www.yaml.org/

    + + +
      +diff --git a/man/schleuder-newlist.8.ron b/man/schleuder-newlist.8.ron +index 9559353..c2da206 100644 +--- a/man/schleuder-newlist.8.ron ++++ b/man/schleuder-newlist.8.ron +@@ -3,16 +3,16 @@ schleuder-newlist(8) -- create new Schleuder mailing list + + ## SYNOPSIS + +-schleuder-newlist *LISTADDRESS* +-\ [-realname *\'Foo\ List\'*] +-\ [-adminaddress *listadmin@example.net*] +-\ [-initmember *member1@example.net* +-\ \ -initmemberkey */path/to/initmember_publickey*] +-\ [-privatekeyfile */path/to/privatekey* +-\ \ -publickeyfile */path/to/publickey* +-\ \ -passphrase *key_passphrase*] +-\ [-mailuser mail] +-\ [-nointeractive] ++`schleuder-newlist` [-c ]
      ++                  [-realname ""]
      ++                  [-adminaddress ]
      ++                  [-initmember
      ++                   -initmemberkey ]
      ++                  [-privatekeyfile
      ++                   -publickeyfile
      ++                   -passphrase ""]
      ++                  [-mailuser ]
      ++                  [-nointeractive] + + ## DESCRIPTION + +@@ -34,41 +34,46 @@ the generated keypair is specified in `/etc/schleuder/schleuder.conf`. + + ## OPTIONS + +- * `-realname` *'Foo List'*: ++ * `-c` : ++ ++ Specify an alternate configuration directory than the default ++ `/etc/schleuder`. ++ ++ * `-realname` "": + Specify the name of the mailing list. + +- * `-adminaddress` *listadmin@example.net*: ++ * `-adminaddress` : + Specify the email address of a list administrator. This address will be + notified of errors, and depending on configuration may also be allowed + to send restricted email commands. + +- * `-initmember` *member1@example.net*: ++ * `-initmember` : + Specify the first subscribed list member address. Can be the same as the + administrator address. This option must be accompanied by + `-initmemberkey`. + +- * `-initmemberkey` */path/to/initmember_publickey*: ++ * `-initmemberkey` : + Specify the path to first subscribed list member public key. `-initmember` + must also be specified. + +- * `-privatekeyfile` */path/to/privatekey*: ++ * `-privatekeyfile` : + Specify the path to a previously-generated private key for the list. + This option must be accompanied by `-publickeyfile` and `-passphrase`. + +- * `-publickeyfile` */path/to/publickey* ++ * `-publickeyfile` : + Specify the path to a previously-generated public key for the list. + This option must be accompanied by `-privatekeyfile` and `-passphrase`. + +- * `-passphrase` *'key passphrase'* ++ * `-passphrase` "": + Specify the passphrase needed to access the private key specified in + `-privatekeyfile`. This option must be accompanied by `-publickeyfile` + as well. + +- * `-mailuser` *schleuder* ++ * `-mailuser` : + Specify the system user account under which `schleuder`(8) will be +- executed. (when run as root, this defaults to "schleuder") ++ executed (when run as root, this defaults to `schleuder`). + +- * `-nointeractive` ++ * `-nointeractive`: + When specified, no questions will be asked to complete missing + information. + +@@ -94,20 +99,20 @@ passphrase `test` will be imported. + + ## FILES + +-/etc/schleuder/schleuder.conf +- Global Schleuder configuration ++ * `/etc/schleuder/schleuder.conf`: ++ global Schleuder configuration + +-/etc/schleuder/default-list.conf +- Default list settings ++ * `/etc/schleuder/default-list.conf`: ++ default list settings + +-/var/schleuderlists/HOSTNAME/LISTNAME +- List internal data ++ * `/var/schleuderlists/``/`: ++ list internal data + +-/var/schleuderlists/HOSTNAME/LISTNAME/list.conf +- List settings ++ * `/var/schleuderlists/``/``/list.conf`: ++ list settings + +-/var/schleuderlists/HOSTNAME/LISTNAME/members.conf +- List susbcribers. ++ * `/var/schleuderlists/``/``/members.conf`: ++ list susbcribers + + All configuration files are formatted as YAML. See for + more details. +@@ -122,6 +127,8 @@ Known bugs are listed on the Schleuder website. + `aliases`(5), + `gnupg`(7). + +-Schleuder website: ++ * Schleuder website: ++ + +-YAML website: ++ * YAML website: ++ +diff --git a/man/schleuder.8 b/man/schleuder.8 +index 2a2e09e..665d6c9 100644 +--- a/man/schleuder.8 ++++ b/man/schleuder.8 +@@ -4,13 +4,13 @@ + .TH "SCHLEUDER" "8" "June 2012" "" "" + . + .SH "NAME" +-\fBSchleuder\fR \- A groups email gateway\. ++\fBschleuder\fR \- a groups email gateway + . + .SH "SYNOPSIS" +-schleuder \fILISTADDRESS\fR < EMAIL ++\fBschleuder\fR [\-c \fIbaseconfig\fR] \fIlistaddress\fR < \fIemail\fR + . +-.P +-schleuder \-test [\fILISTADDRESS\fR] ++.br ++\fBschleuder\fR [\-c \fIbaseconfig\fR] \-test [\fIlistaddress\fR] + . + .SH "DESCRIPTION" + Schleuder is a groups email gateway: subscribers can communicate encrypted (and pseudonymously) among themselves, receive emails from non\-subscribers and send emails to non\-subscribers via the list\. +@@ -22,22 +22,19 @@ Schleuder takes care of all decryption and encryption, stripping of headers, for + Email cryptography is handled by using GnuPG\. Schleuder understands all common encapsulation formats: \fBinline\fR, \fBmultipart/encrypted\fR and \fBmultipart/signed\fR\. + . + .P +-\fBschleuder\fR(8) is usually called in delivery mode by a \fIMail Transport Agent\fR with an incoming email piped to its standard input\. For more informations on how to integrate Schleuder with your existing mail setup, please look at the Schleuder website: http://schleuder\.nadir\.org/ +-. +-.P +-If run with the \fB\-test\fR option Schleuder checks that the setup and basic settings are in a workable state\. ++schleuder(8) is usually called in delivery mode by a \fIMail Transport Agent\fR with an incoming email piped to its standard input\. For more informations on how to integrate Schleuder with your existing mail setup, please look at the Schleuder website: \fIhttp://schleuder\.nadir\.org/\fR + . + .P +-\fBschleuder\-newlist\fR(8) automates the creation of new mailing lists\. ++schleuder\-newlist(8) automates the creation of new mailing lists\. + . + .SH "AUTOMATIC SENDING OF LIST PUBLIC KEY" +-To receive the public key of the mailing list anybody can send an email to the special list address which includes \-sendkey as a postfix ++To receive the public key of the mailing list anybody can send an email to the special list address which includes \fB\-sendkey\fR as a postfix: + . + .IP "" 4 + . + .nf + +-listname\-sendkey@example\.com ++listname\-sendkey@example\.org + . + .fi + . +@@ -47,354 +44,373 @@ listname\-sendkey@example\.com + Schleuder will reply with the public key of the list without forwarding the request to the list\-members\. + . + .SH "EMAIL COMMANDS" +-Schleuder provides some special commands for advanced features to be used by list\-members\. Generally they are called by keywords written into the first non\-blank line of an email\. Schleuder scans for those keywords in every incoming email that is encrypted and validly signed by a list\-admin or —— if allowed by the list\'s configuration —— a list\-member\. +-. +-.P +-Administrative commands (membership and key management) must be sent to the request\-address or the list, which includes \-request as a postfix: listname\-request@example\.org ++Schleuder provides some special commands for advanced features to be used by list\-members\. Generally they are called by keywords written into the first non\-blank line of an email\. Schleuder scans for those keywords in every incoming email that is encrypted and validly signed by a list\-admin or \(em if allowed by the list\'s configuration \(em a list\-member\. + . + .P +-Communicative commands (resending) must be sent to the normal list\-address\.Resending is a list\-command, that means it is only allowed in emails sent over the mailing list\. +-. +-.P +-To receive the list of members send: ++Administrative commands (membership and key management) must be sent to the request\-address or the list, which includes \fB\-request\fR as a postfix: + . + .IP "" 4 + . + .nf + +-X\-LIST\-MEMBERS +- +-You will receive a list of list\-admins and list\-members, and their public +-keys (or the lack thereof)\. ++listname\-request@example\.org + . + .fi + . + .IP "" 0 + . + .P +-To see details on one list\-member, including his/her public key: ++Communicative commands (resending) must be sent to the normal list\-address\. + . +-.P +-X\-GET\-MEMBER: you@example\.net ++.SS "Membership management" ++Resending is a list\-command, that means it is only allowed in emails sent over the mailing list\. + . +-.P +-To add a member: ++.TP ++To receive the list of members send: + . + .IP "" 4 + . + .nf + +- X\-ADD\-MEMBER: you@example\.net mime +- \-\-\-\-\-BEGIN PGP PUBLIC KEY BLOCK\-\-\-\-\- +- Version: GnuPG v1\.4\.9 (GNU/Linux) +- +- mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4 +- dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO +- [\.\.\.] +- pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju +- Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB +- =xTv3 +- \-\-\-\-\-END PGP PUBLIC KEY BLOCK\-\-\-\-\- +- +-`mime` could also be `plain` (for receiving `inline`\-encapsulated messages) +-or be skipped (then the list\'s default setting is used)\. +- +-The public key block is also optional\. ++X\-LIST\-MEMBERS + . + .fi + . + .IP "" 0 + . +-.P +-To delete a member from the list: ++.IP ++You will receive a list of list\-admins and list\-members, and their public keys (or the lack thereof)\. ++. ++.TP ++To see details on one list\-member, including his/her public key: + . + .IP "" 4 + . + .nf + +- X\-DELETE\-MEMBER: you@example\.net +- +-Please note that this doesn\'t delete any public keys\. ++X\-GET\-MEMBER: you@example\.net + . + .fi + . + .IP "" 0 +-To receive the list of public keys known to the list ++ ++. ++.TP ++To unsubscribe from the mailing\-list: + . + .IP "" 4 + . + .nf + +- X\-LIST\-KEYS ++X\-UNSUBSCRIBE + . + .fi + . + .IP "" 0 + . +-.P +-To receive a certain public key known to the list ++.IP ++This will remove the member associated with the sender\'s signing key\. ++. ++.TP ++To add a member: + . + .IP "" 4 + . + .nf + +- X\-GET\-KEY: foobar@example\.com ++X\-ADD\-MEMBER: you@example\.net mime ++\-\-\-\-\-BEGIN PGP PUBLIC KEY BLOCK\-\-\-\-\- ++Version: GnuPG v1\.4\.9 (GNU/Linux) + +- You can also specify a KeyID, or parts of it, as long as it identifies +- the key distinctly\. ++mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4 ++dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO ++[\.\.\.] ++pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju ++Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB ++=xTv3 ++\-\-\-\-\-END PGP PUBLIC KEY BLOCK\-\-\-\-\- + . + .fi + . + .IP "" 0 + . +-.P +-To add a public key to the list ++.IP ++\fBmime\fR could also be \fBplain\fR (for receiving \fBinline\fR\-encapsulated messages) or be skipped (then the list\'s default setting is used)\. ++. ++.IP ++The public key block is also optional\. ++. ++.TP ++To delete a member from the list: + . + .IP "" 4 + . + .nf + +- X\-ADD\-KEY: +- \-\-\-\-\-BEGIN PGP PUBLIC KEY BLOCK\-\-\-\-\- +- Version: GnuPG v1\.4\.9 (GNU/Linux) +- +- mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4 +- dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO +- [\.\.\.] +- pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju +- Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB +- =xTv3 +- \-\-\-\-\-END PGP PUBLIC KEY BLOCK\-\-\-\-\- ++X\-DELETE\-MEMBER: you@example\.net + . + .fi + . + .IP "" 0 + . +-.P +-To delete a key from the list\'s keyring: ++.IP ++Please note that this doesn\'t delete any public keys\. ++. ++.SS "Key management" ++. ++.TP ++To receive the list of public keys known to the list: + . + .IP "" 4 + . + .nf + +- X\-DELETE\-KEY: 0xDEADBEEF +- +- You can also specify an email address, as long as it identifies the key +- distinctly\. ++X\-LIST\-KEYS + . + .fi + . + .IP "" 0 +-Resending is a list\-command, that means it is only allowed in emails sent over the mailing list\. ++ + . +-.P +-To send out an email to an external recipient (encrypted if possible, otherwise in the clear) ++.TP ++To receive a certain public key known to the list: + . + .IP "" 4 + . + .nf + +- X\-RESEND: emailaddress@example\.net ++X\-GET\-KEY: foobar@example\.com + . + .fi + . + .IP "" 0 + . +-.P +-Or to send it only if encryption is available ++.IP ++You can also specify a KeyID, or parts of it, as long as it identifies the key distinctly\. ++. ++.TP ++To add a public key to the list: + . + .IP "" 4 + . + .nf + +- X\-RESEND\-ENCRYPTED\-ONLY: emailaddress@example\.net ++X\-ADD\-KEY: ++\-\-\-\-\-BEGIN PGP PUBLIC KEY BLOCK\-\-\-\-\- ++Version: GnuPG v1\.4\.9 (GNU/Linux) ++ ++mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4 ++dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO ++[\.\.\.] ++pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju ++Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB ++=xTv3 ++\-\-\-\-\-END PGP PUBLIC KEY BLOCK\-\-\-\-\- + . + .fi + . + .IP "" 0 ++ + . +-.P +-To specify multiple recipients separate the addresses with spaces or specify the command multiple times: ++.TP ++To delete a key from the list\'s keyring: + . + .IP "" 4 + . + .nf + +- X\-RESEND: you@example\.net me@example\.net +- or +- +- X\-RESEND: you@example\.net +- X\-RESEND: me@example\.net +- +- With the first format don\'t let your Mail User Agent break long lines! ++X\-DELETE\-KEY: 0xDEADBEEF + . + .fi + . + .IP "" 0 + . +-.SH "EXIT STATUS" +-0 ++.IP ++You can also specify an email address, as long as it identifies the key distinctly\. ++. ++.SS "Resending" ++Resending is a list\-command, that means it is only allowed in emails sent over the mailing list\. ++. ++.TP ++To send out an email to an external recipient (encrypted if possible, otherwise in the clear): + . + .IP "" 4 + . + .nf + +-Incoming email was processed without errors\. +- +-Configuration is correct in test mode\. ++X\-RESEND: emailaddress@example\.net + . + .fi + . + .IP "" 0 ++ + . +-.P +-1 ++.TP ++Or to send it only if encryption is available: + . + .IP "" 4 + . + .nf + +-Internal failure in incoming email processing\. +- +-Bad configuration in test mode\. ++X\-RESEND\-ENCRYPTED\-ONLY: emailaddress@example\.net + . + .fi + . + .IP "" 0 ++ + . +-.P +-100 ++.TP ++To specify multiple recipients separate the addresses with spaces or specify the command multiple times: + . + .IP "" 4 + . + .nf + +-Unable to decrypt the received message\. +- +-Unable to verify the signature when configured to only accept signed +-messages\. +- +-Message is cleartext when only encrypted messages are allowed\. +- +-Message is not authenticated as coming from a list\-member when +-authentication is required\. ++X\-RESEND: you@example\.net me@example\.net + . + .fi + . + .IP "" 0 + . +-.SH "FILES" +-/etc/schleuder/schleuder\.conf ++.IP ++or + . + .IP "" 4 + . + .nf + +-Global Schleuder configuration ++X\-RESEND: you@example\.net ++X\-RESEND: me@example\.net + . + .fi + . + .IP "" 0 + . +-.P +-/etc/schleuder/default\-list\.conf ++.IP ++With the first format don\'t let your Mail User Agent break long lines! + . +-.IP "" 4 ++.SS "Misc\." + . +-.nf +- +-Default list settings +-. +-.fi ++.IP "\(bu" 4 ++To know which version of Schleuder is installed: X\-GET\-VERSION + . + .IP "" 0 + . +-.P +-/var/schleuderlists/LISTNAME/list\.conf ++.SH "OPTIONS" + . +-.IP "" 4 ++.TP ++\fB\-c\fR \fIpath\-to\-schleuder\-configuration\fR ++Specify an alternate configuration directory than the default \fB/etc/schleuder\fR\. + . +-.nf +- +-List settings ++.TP ++\fB\-test\fR ++Instead of processing an incoming email, specifying this flag will make Schleuder verify that the setup and basic settings are in a workable state\. + . +-.fi ++.TP ++\fB\-h\fR ++Display usage and exit\. + . +-.IP "" 0 ++.SH "EXIT STATUS" + . +-.P +-/var/schleuderlists/LISTNAME/members\.conf ++.TP ++0 ++Incoming email was processed without errors\. + . +-.IP "" 4 ++.IP ++Configuration is correct in test mode\. + . +-.nf +- +-List susbcribers\. +- +-Each member must have the email\-attribute set\. All other attributes are +-optional\. +- +-The following attributes are available: +- +- * mime: defines the \'pgp\-variant\' to send to the member, possible values are +- `MIME` (for pgp/mime\-formatted mail according to RFC 3156), and `PLAIN` (for +- inline\-pgp)\. The fallback\-default for this is defined in the +- list\.conf\. +- * encrypted_only: schleuder tries to encrypt every outgoing email\. If +- that is not possible under some conditions it sends the email +- unecrypted\. If this attribute is set the member will never receive +- unencrypted emails; the member will be skipped if encrypting is not +- possible\. +- +-Example: +- +- \- email: you@example\.net +- \- email: me@example\.org +- mime: PLAIN +- \- email: them@example\.com +- encrypted_only: true ++.TP ++1 ++Internal failure in incoming email processing\. + . +-.fi ++.IP ++Bad configuration in test mode\. + . +-.IP "" 0 ++.TP ++100 ++Unable to decrypt the received message\. + . +-.P +-/var/schleuderlists/HOSTNAME/LISTNAME ++.IP ++Unable to verify the signature when configured to only accept signed messages\. + . +-.IP "" 4 ++.IP ++Message is cleartext when only encrypted messages are allowed\. + . +-.nf +- +-List internal data ++.IP ++Message is not authenticated as coming from a list\-member when authentication is required\. + . +-.fi ++.SH "FILES" ++. ++.IP "\(bu" 4 ++\fB/etc/schleuder/schleuder\.conf\fR: global Schleuder configuration ++. ++.IP "\(bu" 4 ++\fB/etc/schleuder/default\-list\.conf\fR: default list settings ++. ++.IP "\(bu" 4 ++\fB/var/schleuderlists/\fR\fILISTNAME\fR\fB/list\.conf\fR: list settings ++. ++.IP "\(bu" 4 ++\fB/var/schleuderlists/\fR\fILISTNAME\fR\fB/members\.conf\fR: list susbcribers\. ++. ++.IP ++Each member must have the email\-attribute set\. All other attributes are optional\. ++. ++.IP ++The following attributes are available: ++. ++.IP "\(bu" 4 ++\fBmime\fR: defines the \'pgp\-variant\' to send to the member, possible values are \fBMIME\fR (for pgp/mime\-formatted mail according to RFC 3156), and \fBPLAIN\fR (for inline\-pgp)\. The fallback\-default for this is defined in the \fBlist\.conf\fR\. ++. ++.IP "\(bu" 4 ++\fBencrypted_only\fR: schleuder tries to encrypt every outgoing email\. If that is not possible under some conditions it sends the email unecrypted\. If this attribute is set the member will never receive unencrypted emails; the member will be skipped if encrypting is not possible\. + . + .IP "" 0 + . +-.P +-/var/log/schleuder ++.IP ++Example: + . + .IP "" 4 + . + .nf + +-Schleuder logs directory ++\- email: you@example\.net ++\- email: me@example\.org ++ mime: PLAIN ++\- email: them@example\.com ++ encrypted_only: true + . + .fi + . + .IP "" 0 ++ ++. ++.IP "\(bu" 4 ++\fB/var/schleuderlists/\fR\fIHOSTNAME\fR\fB/\fR\fILISTNAME\fR: list internal data ++. ++.IP "\(bu" 4 ++\fB/var/log/schleuder\fR: Schleuder logs directory ++. ++.IP "" 0 + . + .P + All configuration files are formatted as YAML\. See \fIhttp://www\.yaml\.org/\fR for more details\. + . + .SH "BUGS" +-Known bugs are listed on the Schleuder bugtracker at https://git\.codecoop\.org/projects/schleuder\fBschleuder\-newlist\fR(8), \fBgnupg\fR(7)\. ++Known bugs are listed on the Schleuder bugtracker at \fIhttps://git\.codecoop\.org/projects/schleuder\fR + . +-.P +-Schleuder website: \fIhttp://schleuder\.nadir\.org/\fR ++.SH "SEE ALSO" ++\fBschleuder\-newlist\fR(8), \fBgnupg\fR(7)\. + . +-.P +-Webschleuder website: \fIhttp://webschleuder\.nadir\.org/\fR (web interface to schleuder) ++.TP ++Schleuder website ++\fIhttp://schleuder\.nadir\.org/\fR + . +-.P +-YAML website: \fIhttp://www\.yaml\.org/\fR ++.TP ++Webschleuder website ++\fIhttp://webschleuder\.nadir\.org/\fR (web interface to schleuder) ++. ++.TP ++YAML website ++\fIhttp://www\.yaml\.org/\fR ++ +diff --git a/man/schleuder.8.html b/man/schleuder.8.html +index 3c75436..8eef616 100644 +--- a/man/schleuder.8.html ++++ b/man/schleuder.8.html +@@ -3,7 +3,7 @@ + + + +- Schleuder(8) - A groups email gateway. ++ schleuder(8) - a groups email gateway + + + + +
      + + + +
        +
      1. Schleuder(8)
        2. +
      2. +
      3. Schleuder(8)
        4. +
      + +

      NAME

      +

      + Schleuder - A groups email gateway. +

      + +

      SYNOPSIS

      + +

      schleuder LISTADDRESS < EMAIL

      + +

      schleuder -test [LISTADDRESS]

      + +

      DESCRIPTION

      + +

      Schleuder is a groups email gateway: subscribers can communicate +encrypted (and pseudonymously) among themselves, receive emails from +non-subscribers and send emails to non-subscribers via the list.

      + +

      Schleuder takes care of all decryption and encryption, stripping of headers, +format conversions, etc. Schleuder can also send out its own public key +upon request and process administrative commands received by email.

      + +

      Email cryptography is handled by using GnuPG. Schleuder understands all common +encapsulation formats: inline, multipart/encrypted and multipart/signed.

      + +

      schleuder(8) is usually called in delivery mode by a Mail Transport Agent +with an incoming email piped to its standard input. For more informations on +how to integrate Schleuder with your existing mail setup, please look at the +Schleuder website: http://schleuder.nadir.org/

      + +

      If run with the -test option Schleuder checks that the setup and basic settings are in a workable state.

      + +

      schleuder-newlist(8) automates the creation of new mailing lists.

      + +

      AUTOMATIC SENDING OF LIST PUBLIC KEY

      + +

      To receive the public key of the mailing list anybody can send an email to the +special list address which includes -sendkey as a postfix

      + +
      listname-sendkey@example.com
+
      + +

      Schleuder will reply with the public key of the list without forwarding the request +to the list-members.

      + +

      EMAIL COMMANDS

      + +

      Schleuder provides some special commands for advanced features to be used by +list-members. Generally they are called by keywords written into the first +non-blank line of an email. Schleuder scans for those keywords in every +incoming email that is encrypted and validly signed by a list-admin or —— if +allowed by the list's configuration —— a list-member.

      + +

      Administrative commands (membership and key management) must be sent to the +request-address or the list, which includes -request as a postfix: listname-request@example.org

      + +

      Communicative commands (resending) must be sent to the normal list-address.

      + +

      Membership management

      + +

      Resending is a list-command, that means it is only allowed in emails sent over the mailing list.

      + +

      To receive the list of members send:

      + +
      X-LIST-MEMBERS
+
+You will receive a list of list-admins and list-members, and their public
+keys (or the lack thereof).
+
      + +

      To see details on one list-member, including his/her public key:

      + +

      X-GET-MEMBER: you@example.net

      + +

      To add a member:

      + +
           X-ADD-MEMBER: you@example.net mime
+     -----BEGIN PGP PUBLIC KEY BLOCK-----
+     Version: GnuPG v1.4.9 (GNU/Linux)
+
+     mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4
+     dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO
+     [...]
+     pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju
+     Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB
+     =xTv3
+     -----END PGP PUBLIC KEY BLOCK-----
+
+`mime` could also be `plain` (for receiving `inline`-encapsulated messages)
+or be skipped (then the list's default setting is used).
+
+The public key block is also optional.
+
      + +

      To delete a member from the list:

      + +
            X-DELETE-MEMBER:  you@example.net
+
+Please note that this doesn't delete any public keys.
+
      + +

      Key management

      + +

      To receive the list of public keys known to the list

      + +
           X-LIST-KEYS
+
      + +

      To receive a certain public key known to the list

      + +
           X-GET-KEY: foobar@example.com
+
+     You can also specify a KeyID, or parts of it, as long as it identifies
+     the key distinctly.
+
      + +

      To add a public key to the list

      + +
           X-ADD-KEY:
+     -----BEGIN PGP PUBLIC KEY BLOCK-----
+     Version: GnuPG v1.4.9 (GNU/Linux)
+
+     mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4
+     dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO
+     [...]
+     pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju
+     Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB
+     =xTv3
+     -----END PGP PUBLIC KEY BLOCK-----
+
      + +

      To delete a key from the list's keyring:

      + +
          X-DELETE-KEY: 0xDEADBEEF
+
+    You can also specify an email address, as long as it identifies the key
+    distinctly.
+
      + +

      Resending

      + +

      Resending is a list-command, that means it is only allowed in emails sent over the mailing list.

      + +

      To send out an email to an external recipient (encrypted if possible, otherwise in the clear)

      + +
           X-RESEND: emailaddress@example.net
+
      + +

      Or to send it only if encryption is available

      + +
           X-RESEND-ENCRYPTED-ONLY: emailaddress@example.net
+
      + +

      To specify multiple recipients separate the addresses with spaces or specify the command multiple times:

      + +
                   X-RESEND: you@example.net me@example.net
+    or
+
+             X-RESEND: you@example.net
+             X-RESEND: me@example.net
+
+    With the first format don't let your Mail User Agent break long lines!
+
      + +

      EXIT STATUS

      + +

      0

      + +
      Incoming email was processed without errors.
+
+Configuration is correct in test mode.
+
      + +

      1

      + +
      Internal failure in incoming email processing.
+
+Bad configuration in test mode.
+
      + +

      100

      + +
      Unable to decrypt the received message.
+
+Unable to verify the signature when configured to only accept signed
+messages.
+
+Message is cleartext when only encrypted messages are allowed.
+
+Message is not authenticated as coming from a list-member when
+authentication is required.
+
      + +

      FILES

      + +

      /etc/schleuder/schleuder.conf

      + +
      Global Schleuder configuration
+
      + +

      /etc/schleuder/default-list.conf

      + +
      Default list settings
+
      + +

      /var/schleuderlists/LISTNAME/list.conf

      + +
      List settings
+
      + +

      /var/schleuderlists/LISTNAME/members.conf

      + +
      List susbcribers.
+
+Each member must have the email-attribute set. All other attributes are
+optional.
+
+The following attributes are available:
+
+ * mime: defines the 'pgp-variant' to send to the member, possible values are
+   `MIME` (for pgp/mime-formatted mail according to RFC 3156), and `PLAIN` (for
+    inline-pgp). The fallback-default for this is defined in the
+    list.conf.
+ * encrypted_only: schleuder tries to encrypt every outgoing email. If
+   that is not possible under some conditions it sends the email
+   unecrypted. If this attribute is set the member will never receive
+   unencrypted emails; the member will be skipped if encrypting is not
+   possible.
+
+Example:
+
+     - email: you@example.net
+     - email: me@example.org
+       mime: PLAIN
+     - email: them@example.com
+       encrypted_only: true
+
      + +

      /var/schleuderlists/HOSTNAME/LISTNAME

      + +
      List internal data
+
      + +

      /var/log/schleuder

      + +
      Schleuder logs directory
+
      + +

      All configuration files are formatted as YAML. See http://www.yaml.org/ for +more details.

      + +

      BUGS

      + +

      Known bugs are listed on the Schleuder bugtracker at +https://git.codecoop.org/projects/schleuder

      + +

      SEE ALSO

      + +

      schleuder-newlist(8), +gnupg(7).

      + +

      Schleuder website: http://schleuder.nadir.org/

      + +

      Webschleuder website: http://webschleuder.nadir.org/ (web interface to schleuder)

      + +

      YAML website: http://www.yaml.org/

      + + +
        +
      1. +
      2. June 2012
        3. +
      3. Schleuder(8)
        4. +
      + +
      + + diff -Nru schleuder-2.1.1/man/schleuder.8.ron schleuder-2.2.1/man/schleuder.8.ron --- schleuder-2.1.1/man/schleuder.8.ron 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/man/schleuder.8.ron 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,233 @@ +schleuder(8) Schleuder - A groups email gateway. +====================================================================================== + +## SYNOPSIS + +schleuder *LISTADDRESS* < EMAIL + +schleuder -test [*LISTADDRESS*] + +## DESCRIPTION + +Schleuder is a groups email gateway: subscribers can communicate +encrypted (and pseudonymously) among themselves, receive emails from +non-subscribers and send emails to non-subscribers via the list. + +Schleuder takes care of all decryption and encryption, stripping of headers, +format conversions, etc. Schleuder can also send out its own public key +upon request and process administrative commands received by email. + +Email cryptography is handled by using GnuPG. Schleuder understands all common +encapsulation formats: `inline`, `multipart/encrypted` and `multipart/signed`. + +`schleuder`(8) is usually called in delivery mode by a *Mail Transport Agent* +with an incoming email piped to its standard input. For more informations on +how to integrate Schleuder with your existing mail setup, please look at the +Schleuder website: http://schleuder.nadir.org/ + +If run with the `-test` option Schleuder checks that the setup and basic settings are in a workable state. + +`schleuder-newlist`(8) automates the creation of new mailing lists. + +## AUTOMATIC SENDING OF LIST PUBLIC KEY + +To receive the public key of the mailing list anybody can send an email to the +special list address which includes -sendkey as a postfix + + listname-sendkey@example.com + +Schleuder will reply with the public key of the list without forwarding the request +to the list-members. + +## EMAIL COMMANDS + +Schleuder provides some special commands for advanced features to be used by +list-members. Generally they are called by keywords written into the first +non-blank line of an email. Schleuder scans for those keywords in every +incoming email that is encrypted and validly signed by a list-admin or —— if +allowed by the list's configuration —— a list-member. + +Administrative commands (membership and key management) must be sent to the +request-address or the list, which includes -request as a postfix: listname-request@example.org + +Communicative commands (resending) must be sent to the normal list-address. + +# Membership management + +Resending is a list-command, that means it is only allowed in emails sent over the mailing list. + +To receive the list of members send: + X-LIST-MEMBERS + + You will receive a list of list-admins and list-members, and their public + keys (or the lack thereof). + +To see details on one list-member, including his/her public key: + + X-GET-MEMBER: you@example.net + +To add a member: + + X-ADD-MEMBER: you@example.net mime + -----BEGIN PGP PUBLIC KEY BLOCK----- + Version: GnuPG v1.4.9 (GNU/Linux) + + mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4 + dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO + [...] + pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju + Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB + =xTv3 + -----END PGP PUBLIC KEY BLOCK----- + + `mime` could also be `plain` (for receiving `inline`-encapsulated messages) + or be skipped (then the list's default setting is used). + + The public key block is also optional. + +To delete a member from the list: + + X-DELETE-MEMBER: you@example.net + + Please note that this doesn't delete any public keys. + + +# Key management + +To receive the list of public keys known to the list + X-LIST-KEYS + +To receive a certain public key known to the list + + X-GET-KEY: foobar@example.com + + You can also specify a KeyID, or parts of it, as long as it identifies + the key distinctly. + +To add a public key to the list + X-ADD-KEY: + -----BEGIN PGP PUBLIC KEY BLOCK----- + Version: GnuPG v1.4.9 (GNU/Linux) + + mQGiBEjVO7oRBADQvT6wtD2IzzIiK0NbrcilCKCp4MWb8cYXTXguwPQI6y0Nerz4 + dsK6J0X1Vgeo02tqA4xd3EDK8rdqL2yZfl/2egH8+85R3gDk+kqkfEp4pwCgp6VO + [...] + pNlF/qkaWwRb048h+iMrW21EkouLKTDPFkdFbapV2X5KJZIcfhO1zEbwc1ZKF3Ju + Q9X5GRmY62hz9SCZnsC0jeYAni8OUQV9NXfXlS/vePBUnOL08NQB + =xTv3 + -----END PGP PUBLIC KEY BLOCK----- + +To delete a key from the list's keyring: + + X-DELETE-KEY: 0xDEADBEEF + + You can also specify an email address, as long as it identifies the key + distinctly. + + +# Resending + +Resending is a list-command, that means it is only allowed in emails sent over the mailing list. + +To send out an email to an external recipient (encrypted if possible, otherwise in the clear) + X-RESEND: emailaddress@example.net + +Or to send it only if encryption is available + X-RESEND-ENCRYPTED-ONLY: emailaddress@example.net + +To specify multiple recipients separate the addresses with spaces or specify the command multiple times: + + X-RESEND: you@example.net me@example.net + or + + X-RESEND: you@example.net + X-RESEND: me@example.net + + With the first format don't let your Mail User Agent break long lines! + + +## EXIT STATUS + +0 + Incoming email was processed without errors. + + Configuration is correct in test mode. + +1 + Internal failure in incoming email processing. + + Bad configuration in test mode. + +100 + Unable to decrypt the received message. + + Unable to verify the signature when configured to only accept signed + messages. + + Message is cleartext when only encrypted messages are allowed. + + Message is not authenticated as coming from a list-member when + authentication is required. + +## FILES + +/etc/schleuder/schleuder.conf + Global Schleuder configuration + +/etc/schleuder/default-list.conf + Default list settings + +/var/schleuderlists/LISTNAME/list.conf + List settings + +/var/schleuderlists/LISTNAME/members.conf + List susbcribers. + + Each member must have the email-attribute set. All other attributes are + optional. + + The following attributes are available: + + * mime: defines the 'pgp-variant' to send to the member, possible values are + `MIME` (for pgp/mime-formatted mail according to RFC 3156), and `PLAIN` (for + inline-pgp). The fallback-default for this is defined in the + list.conf. + * encrypted_only: schleuder tries to encrypt every outgoing email. If + that is not possible under some conditions it sends the email + unecrypted. If this attribute is set the member will never receive + unencrypted emails; the member will be skipped if encrypting is not + possible. + + Example: + + - email: you@example.net + - email: me@example.org + mime: PLAIN + - email: them@example.com + encrypted_only: true + +/var/schleuderlists/HOSTNAME/LISTNAME + List internal data + +/var/log/schleuder + Schleuder logs directory + +All configuration files are formatted as YAML. See for +more details. + +## BUGS + +Known bugs are listed on the Schleuder bugtracker at +https://git.codecoop.org/projects/schleuder + +SEE ALSO +======== + +`schleuder-newlist`(8), +`gnupg`(7). + +Schleuder website: + +Webschleuder website: (web interface to schleuder) + +YAML website: diff -Nru schleuder-2.1.1/man/schleuder-newlist.8 schleuder-2.2.1/man/schleuder-newlist.8 --- schleuder-2.1.1/man/schleuder-newlist.8 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/man/schleuder-newlist.8 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,191 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "SCHLEUDER\-NEWLIST" "8" "June 2012" "" "" +. +.SH "NAME" +\fBschleuder\-newlist\fR \- create new Schleuder mailing list +. +.SH "SYNOPSIS" +schleuder\-newlist \fILISTADDRESS\fR \e [\-realname \fI\e\'Foo\e List\e\'\fR] +. +.br +\e [\-adminaddress \fIlistadmin@example\.net\fR] +. +.br +\e [\-initmember \fImember1@example\.net\fR +. +.br +\e \e \-initmemberkey \fI/path/to/initmember_publickey\fR] +. +.br +\e [\-privatekeyfile \fI/path/to/privatekey\fR +. +.br +\e \e \-publickeyfile \fI/path/to/publickey\fR +. +.br +\e \e \-passphrase \fIkey_passphrase\fR] +. +.br +\e [\-mailuser mail] +. +.br +\e [\-nointeractive] +. +.SH "DESCRIPTION" +\fBschleuder\-newlist\fR automates the creation of new Schleuder mailing lists\. For more information on Schleuder, please look at \fBschleuder\fR(8)\. +. +.P +\fBschleuder\-newlist\fR does various input validation, and can generate a key or import one\. It will give you as well an easy interface to build new lists in a scripted manner\. +. +.P +It also supports an interactive mode, with which the user will be prompted for missing mandatory options\. The interactive mode can be disabled, using the \fB\-nointercative\fR flag; it is automatically disabled if the script isn\'t run within a valid tty\. +. +.P +If no \fB\-privatekeyfile\fR, \fB\-publickeyfile\fR and \fB\-passphrase\fR are provided, the list will create a new keypair with a random password\. The type and length of the generated keypair is specified in \fB/etc/schleuder/schleuder\.conf\fR\. +. +.SH "OPTIONS" +. +.IP "\(bu" 4 +\fB\-realname\fR \fI\'Foo List\'\fR: Specify the name of the mailing list\. +. +.IP "\(bu" 4 +\fB\-adminaddress\fR \fIlistadmin@example\.net\fR: Specify the email address of a list administrator\. This address will be notified of errors, and depending on configuration may also be allowed to send restricted email commands\. +. +.IP "\(bu" 4 +\fB\-initmember\fR \fImember1@example\.net\fR: Specify the first subscribed list member address\. Can be the same as the administrator address\. This option must be accompanied by \fB\-initmemberkey\fR\. +. +.IP "\(bu" 4 +\fB\-initmemberkey\fR \fI/path/to/initmember_publickey\fR: Specify the path to first subscribed list member public key\. \fB\-initmember\fR must also be specified\. +. +.IP "\(bu" 4 +\fB\-privatekeyfile\fR \fI/path/to/privatekey\fR: Specify the path to a previously\-generated private key for the list\. This option must be accompanied by \fB\-publickeyfile\fR and \fB\-passphrase\fR\. +. +.IP "\(bu" 4 +\fB\-publickeyfile\fR \fI/path/to/publickey\fR Specify the path to a previously\-generated public key for the list\. This option must be accompanied by \fB\-privatekeyfile\fR and \fB\-passphrase\fR\. +. +.IP "\(bu" 4 +\fB\-passphrase\fR \fI\'key passphrase\'\fR Specify the passphrase needed to access the private key specified in \fB\-privatekeyfile\fR\. This option must be accompanied by \fB\-publickeyfile\fR as well\. +. +.IP "\(bu" 4 +\fB\-mailuser\fR \fIschleuder\fR Specify the system user account under which \fBschleuder\fR(8) will be executed\. (when run as root, this defaults to "schleuder") +. +.IP "\(bu" 4 +\fB\-nointeractive\fR When specified, no questions will be asked to complete missing information\. +. +.IP "" 0 +. +.SH "EXAMPLES" +This creates a new list called \fBtest1\fR with the initial member \fBfoo@bar\.ch\fR\. A new keypair will be generated for the list\. +. +.IP "" 4 +. +.nf + + schleuder\-newlist foobar@example\.org \e + \-realname "bal jak" \e + \-adminaddress admin@example\.org \e + \-initmember foo@example\.com \-initmemberkey /tmp/foo\.pub +. +.fi +. +.IP "" 0 +. +.P +The list test2 will be created, a keypair from the following files with the passphrase \fBtest\fR will be imported\. +. +.IP "" 4 +. +.nf + + schleuder\-newlist test2@example\.com \e + \-realname "bal jak" \e + \-adminaddress foobar@example\.org \e + \-privatekeyfile ~/tmp/test2\.priv \e + \-publickeyfile /tmp/test2\.pub \e + \-passphrase test +. +.fi +. +.IP "" 0 +. +.SH "FILES" +/etc/schleuder/schleuder\.conf +. +.IP "" 4 +. +.nf + +Global Schleuder configuration +. +.fi +. +.IP "" 0 +. +.P +/etc/schleuder/default\-list\.conf +. +.IP "" 4 +. +.nf + +Default list settings +. +.fi +. +.IP "" 0 +. +.P +/var/schleuderlists/HOSTNAME/LISTNAME +. +.IP "" 4 +. +.nf + +List internal data +. +.fi +. +.IP "" 0 +. +.P +/var/schleuderlists/HOSTNAME/LISTNAME/list\.conf +. +.IP "" 4 +. +.nf + +List settings +. +.fi +. +.IP "" 0 +. +.P +/var/schleuderlists/HOSTNAME/LISTNAME/members\.conf +. +.IP "" 4 +. +.nf + +List susbcribers\. +. +.fi +. +.IP "" 0 +. +.P +All configuration files are formatted as YAML\. See \fIhttp://www\.yaml\.org/\fR for more details\. +. +.SH "BUGS" +Known bugs are listed on the Schleuder website\. +. +.SH "SEE ALSO" +\fBschleuder\fR(8), \fBaliases\fR(5), \fBgnupg\fR(7)\. +. +.P +Schleuder website: \fIhttp://schleuder\.nadir\.org/\fR +. +.P +YAML website: \fIhttp://www\.yaml\.org/\fR diff -Nru schleuder-2.1.1/man/schleuder-newlist.8.html schleuder-2.2.1/man/schleuder-newlist.8.html --- schleuder-2.1.1/man/schleuder-newlist.8.html 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/man/schleuder-newlist.8.html 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,218 @@ + + + + + + schleuder-newlist(8) - create new Schleuder mailing list + + + + +
      + + + +
        +
      1. schleuder-newlist(8)
        2. +
      2. +
      3. schleuder-newlist(8)
        4. +
      + +

      NAME

      +

      + schleuder-newlist - create new Schleuder mailing list +

      + +

      SYNOPSIS

      + +

      schleuder-newlist LISTADDRESS +\ [-realname \'Foo\ List\']
      +\ [-adminaddress listadmin@example.net]
      +\ [-initmember member1@example.net
      +\ \ -initmemberkey /path/to/initmember_publickey]
      +\ [-privatekeyfile /path/to/privatekey
      +\ \ -publickeyfile /path/to/publickey
      +\ \ -passphrase key_passphrase]
      +\ [-mailuser mail]
      +\ [-nointeractive]

      + +

      DESCRIPTION

      + +

      schleuder-newlist automates the creation of new Schleuder mailing lists. For +more information on Schleuder, please look at schleuder(8).

      + +

      schleuder-newlist does various input validation, and can generate a key or +import one. It will give you as well an easy interface to build new lists in a +scripted manner.

      + +

      It also supports an interactive mode, with which the user will be prompted for +missing mandatory options. The interactive mode can be disabled, using the +-nointercative flag; it is automatically disabled if the script isn't run +within a valid tty.

      + +

      If no -privatekeyfile, -publickeyfile and -passphrase are provided, the +list will create a new keypair with a random password. The type and length of +the generated keypair is specified in /etc/schleuder/schleuder.conf.

      + +

      OPTIONS

      + +
        +

      • -realname 'Foo List': +Specify the name of the mailing list.

        • +

      • -adminaddress listadmin@example.net: +Specify the email address of a list administrator. This address will be +notified of errors, and depending on configuration may also be allowed +to send restricted email commands.

        • +

      • -initmember member1@example.net: +Specify the first subscribed list member address. Can be the same as the +administrator address. This option must be accompanied by +-initmemberkey.

        • +

      • -initmemberkey /path/to/initmember_publickey: +Specify the path to first subscribed list member public key. -initmember +must also be specified.

        • +

      • -privatekeyfile /path/to/privatekey: +Specify the path to a previously-generated private key for the list. +This option must be accompanied by -publickeyfile and -passphrase.

        • +

      • -publickeyfile /path/to/publickey +Specify the path to a previously-generated public key for the list. +This option must be accompanied by -privatekeyfile and -passphrase.

        • +

      • -passphrase 'key passphrase' +Specify the passphrase needed to access the private key specified in +-privatekeyfile. This option must be accompanied by -publickeyfile +as well.

        • +

      • -mailuser schleuder +Specify the system user account under which schleuder(8) will be +executed. (when run as root, this defaults to "schleuder")

        • +

      • -nointeractive +When specified, no questions will be asked to complete missing +information.

        • +
      + + +

      EXAMPLES

      + +

      This creates a new list called test1 with the initial member foo@bar.ch. +A new keypair will be generated for the list.

      + +
        schleuder-newlist foobar@example.org \
+      -realname "bal jak" \
+      -adminaddress admin@example.org \
+      -initmember foo@example.com -initmemberkey /tmp/foo.pub
+
      + +

      The list test2 will be created, a keypair from the following files with the +passphrase test will be imported.

      + +
        schleuder-newlist test2@example.com \
+      -realname "bal jak" \
+      -adminaddress foobar@example.org \
+      -privatekeyfile ~/tmp/test2.priv \
+      -publickeyfile /tmp/test2.pub \
+      -passphrase test
+
      + +

      FILES

      + +

      /etc/schleuder/schleuder.conf

      + +
      Global Schleuder configuration
+
      + +

      /etc/schleuder/default-list.conf

      + +
      Default list settings
+
      + +

      /var/schleuderlists/HOSTNAME/LISTNAME

      + +
      List internal data
+
      + +

      /var/schleuderlists/HOSTNAME/LISTNAME/list.conf

      + +
      List settings
+
      + +

      /var/schleuderlists/HOSTNAME/LISTNAME/members.conf

      + +
      List susbcribers.
+
      + +

      All configuration files are formatted as YAML. See http://www.yaml.org/ for +more details.

      + +

      BUGS

      + +

      Known bugs are listed on the Schleuder website.

      + +

      SEE ALSO

      + +

      schleuder(8), +aliases(5), +gnupg(7).

      + +

      Schleuder website: http://schleuder.nadir.org/

      + +

      YAML website: http://www.yaml.org/

      + + +
        +
      1. +
      2. June 2012
        3. +
      3. schleuder-newlist(8)
        4. +
      + +
      + + diff -Nru schleuder-2.1.1/man/schleuder-newlist.8.ron schleuder-2.2.1/man/schleuder-newlist.8.ron --- schleuder-2.1.1/man/schleuder-newlist.8.ron 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/man/schleuder-newlist.8.ron 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,127 @@ +schleuder-newlist(8) -- create new Schleuder mailing list +========================================================= + +## SYNOPSIS + +schleuder-newlist *LISTADDRESS* +\ [-realname *\'Foo\ List\'*] +\ [-adminaddress *listadmin@example.net*] +\ [-initmember *member1@example.net* +\ \ -initmemberkey */path/to/initmember_publickey*] +\ [-privatekeyfile */path/to/privatekey* +\ \ -publickeyfile */path/to/publickey* +\ \ -passphrase *key_passphrase*] +\ [-mailuser mail] +\ [-nointeractive] + +## DESCRIPTION + +`schleuder-newlist` automates the creation of new Schleuder mailing lists. For +more information on Schleuder, please look at `schleuder`(8). + +`schleuder-newlist` does various input validation, and can generate a key or +import one. It will give you as well an easy interface to build new lists in a +scripted manner. + +It also supports an interactive mode, with which the user will be prompted for +missing mandatory options. The interactive mode can be disabled, using the +`-nointercative` flag; it is automatically disabled if the script isn't run +within a valid tty. + +If no `-privatekeyfile`, `-publickeyfile` and `-passphrase` are provided, the +list will create a new keypair with a random password. The type and length of +the generated keypair is specified in `/etc/schleuder/schleuder.conf`. + +## OPTIONS + + * `-realname` *'Foo List'*: + Specify the name of the mailing list. + + * `-adminaddress` *listadmin@example.net*: + Specify the email address of a list administrator. This address will be + notified of errors, and depending on configuration may also be allowed + to send restricted email commands. + + * `-initmember` *member1@example.net*: + Specify the first subscribed list member address. Can be the same as the + administrator address. This option must be accompanied by + `-initmemberkey`. + + * `-initmemberkey` */path/to/initmember_publickey*: + Specify the path to first subscribed list member public key. `-initmember` + must also be specified. + + * `-privatekeyfile` */path/to/privatekey*: + Specify the path to a previously-generated private key for the list. + This option must be accompanied by `-publickeyfile` and `-passphrase`. + + * `-publickeyfile` */path/to/publickey* + Specify the path to a previously-generated public key for the list. + This option must be accompanied by `-privatekeyfile` and `-passphrase`. + + * `-passphrase` *'key passphrase'* + Specify the passphrase needed to access the private key specified in + `-privatekeyfile`. This option must be accompanied by `-publickeyfile` + as well. + + * `-mailuser` *schleuder* + Specify the system user account under which `schleuder`(8) will be + executed. (when run as root, this defaults to "schleuder") + + * `-nointeractive` + When specified, no questions will be asked to complete missing + information. + +## EXAMPLES + +This creates a new list called `test1` with the initial member `foo@bar.ch`. +A new keypair will be generated for the list. + + schleuder-newlist foobar@example.org \ + -realname "bal jak" \ + -adminaddress admin@example.org \ + -initmember foo@example.com -initmemberkey /tmp/foo.pub + +The list test2 will be created, a keypair from the following files with the +passphrase `test` will be imported. + + schleuder-newlist test2@example.com \ + -realname "bal jak" \ + -adminaddress foobar@example.org \ + -privatekeyfile ~/tmp/test2.priv \ + -publickeyfile /tmp/test2.pub \ + -passphrase test + +## FILES + +/etc/schleuder/schleuder.conf + Global Schleuder configuration + +/etc/schleuder/default-list.conf + Default list settings + +/var/schleuderlists/HOSTNAME/LISTNAME + List internal data + +/var/schleuderlists/HOSTNAME/LISTNAME/list.conf + List settings + +/var/schleuderlists/HOSTNAME/LISTNAME/members.conf + List susbcribers. + +All configuration files are formatted as YAML. See for +more details. + +## BUGS + +Known bugs are listed on the Schleuder website. + +## SEE ALSO + +`schleuder`(8), +`aliases`(5), +`gnupg`(7). + +Schleuder website: + +YAML website: diff -Nru schleuder-2.1.1/plugins/manage_keys_plugin.rb schleuder-2.2.1/plugins/manage_keys_plugin.rb --- schleuder-2.1.1/plugins/manage_keys_plugin.rb 2009-12-28 18:25:22.000000000 +0000 +++ schleuder-2.2.1/plugins/manage_keys_plugin.rb 2012-06-12 09:08:13.000000000 +0000 @@ -1,61 +1,113 @@ module Schleuder class ManageKeysPlugin < Plugin - def match(mail) - mail.keywords.keys.include?('X-LIST-KEYS') || mail.keywords.keys.include?('X-ADD-KEY') || mail.keywords.keys.include?('X-DEL-KEY') || mail.keywords.keys.include?('X-SEND-KEY') + def initialize + @plugin_type = :request end - - def process(mail) - msg = "" - k = mail.keywords.keys - case - when k.include?('X-LIST-KEYS') - Schleuder.log.debug 'LIST-KEYS requested' - mail.crypt.list_keys.each do |k| - msg << "#{k.to_s}\n" - end - when k.include?('X-ADD-KEY') - Schleuder.log.debug 'ADD-KEY requested' - res = mail.crypt.add_key(mail.body) - res.imports.each do |i| - msg << "#{mail.crypt.get_key(i.fpr).to_s}\n--> " - if i.status == 1 - msg << "imported" - else - msg << "not imported" - end - msg << "\n\n" + + def list_keys(mail, value) + Schleuder.log.debug 'LIST-KEY requested' + listkeys(mail) + end + + def add_key(mail, value) + Schleuder.log.debug 'ADD-KEY requested' + addkey(mail, mail.body) + end + + def del_key(mail, value) + Schleuder.log.debug 'DEL-KEY requested' + # TODO: implement callback to sender with Hash to prevent replay + # attacks. + # Split at slash to work around some people's habit to include the + # bitlength and key-type ("2048R/DEADBEEF"). If there's no slash this + # won't do no harm. We need to force the string'iness to avoid nil's, + # though. + val = value.split('/').last.to_s + msg = "The DEL-KEY-keyword is deprecated and will be removed some day in the future. Please use DELETE-KEY instead.".fmt + msg << delkey(mail, val) + msg + end + + def delete_key(mail, value) + Schleuder.log.debug 'DELETE-KEY requested' + delkey(mail, value.split('/').last) + end + + def send_key(mail, value) + Schleuder.log.debug 'SEND-KEY requested' + val = value.split('/').last + msg = "The SEND-KEY-keyword is deprecated and will be removed some day in the future. Please use GET-KEY instead.".fmt + msg << getkey(mail, val) + msg + end + + def get_key(mail, value) + Schleuder.log.debug 'GET-KEY requested' + val = value.split('/').last + getkey(mail, val) + end + + private + + def listkeys(mail) + m = "" + mail.crypt.list_keys.each do |k| + if not (trust = [:revoked, :expired, :disabled, :invalid].grep(k.trust)).empty? + m << "*Warning*: Key is #{trust.join(' and ')}!\n" end - msg << "\n\nImportResult.inspect:\n=> #{res.inspect}" - when k.include?('X-DEL-KEY') - # TODO: implement callback to sender with Hash to prevent replay attacks - req = mail.keywords['X-DEL-KEY'] - key = mail.crypt.get_key(req) - unless key - msg << "#{req}\n\n--> No matching key present, nothing deleted." - else - msg << "#{key.to_s}\n--> " - res = mail.crypt.delete_key(key) - if res == true - msg << "deleted" + m << "#{k.to_s}" + if (exp = k.subkeys.first.expires) > Time.utc(1971, 1, 1, 1) + if exp < Time.now + m << "Expired at #{exp}.\n" else - msg << "not deleted\n\nException: #{res.to_s}" + m << "Expires at #{exp}.\n" end end - msg << "\n" - when k.include?('X-SEND-KEY') - Schleuder.log.debug 'SEND-KEY requested' - req = mail.keywords['X-SEND-KEY'] - keyblock = mail.crypt.export(req) - if keyblock.empty? - msg << "#{req}\n\n--> No matching key present." + m << "\n" + end + m + end + + def addkey(mail, key) + m = "" + res = mail.crypt.add_key(key) + res.imports.each do |i| + if i.status == 1 + action = "imported" else - msg << "#{mail.crypt.get_key(req).to_s}\n\n#{keyblock}" + action = "not imported" end - msg << "\n" + m << "#{mail.crypt.get_key(i.fpr).to_s}\n--> #{action}\n\n" end + m << "\nImportResult.inspect:\n=> #{res.inspect}" + m + end - reply(mail, msg) + def delkey(mail, req) + unless (key = mail.crypt.get_key(req)).first + msg = "Failed to lookup key (#{req}) that should be deleted. Reason: #{key[1].capitalize}." + Schleuder.log.debug msg + return "--> #{msg}\n\n" + end + Schleuder.log.debug "Key to be deleted: #{key.inspect}" + res = mail.crypt.delete_key(key.first) + if res == true + action = "Key deleted." + else + action = "Key not deleted.\nException: #{res.to_s}" + end + "#{key.to_s}\n--> #{action}\n\n" end + + def getkey(mail, req) + keyblock = mail.crypt.export(req) + if keyblock.empty? + "#{req}\n\n--> No matching key present.\n" + else + "#{mail.crypt.list_keys(req).to_s.gsub(/^pub /, "\npub ")}\n\n#{keyblock}\n" + end + end + end end diff -Nru schleuder-2.1.1/plugins/manage_members_plugin.rb schleuder-2.2.1/plugins/manage_members_plugin.rb --- schleuder-2.1.1/plugins/manage_members_plugin.rb 2009-12-28 18:25:22.000000000 +0000 +++ schleuder-2.2.1/plugins/manage_members_plugin.rb 2012-06-12 09:08:13.000000000 +0000 @@ -1,27 +1,151 @@ module Schleuder class ManageMembersPlugin < Plugin - def match(mail) - mail.keywords.keys.include?('X-GET-MEMBERS') || mail.keywords.keys.include?('X-SAVE-MEMBERS') + def initialize + @plugin_type = :request end - - def _get_membersfile - File.read("#{Schleuder.config.lists_dir}/#{Schleuder.list.listname}/#{Schleuder.config.lists_memberfile}") - end - - def process(mail) - if mail.keywords.keys.include?('X-GET-MEMBERS') - Schleuder.log.debug 'GET-MEMBERS requested' - msg = _get_membersfile - elsif mail.keywords.keys.include?('X-SAVE-MEMBERS') - Schleuder.log.debug 'SAVE-MEMBERS requested' - if mail.body.strip.empty? - msg = "Error, empty input. You need to write the members list yaml-formatted into the body." + + def get_members(mail, value) + # TODO: deprecation-notice + Schleuder.log.debug 'GET-MEMBERS requested' + get_membersfile + end + + def save_members(mail, value) + # TODO: deprecation-notice + Schleuder.log.debug 'SAVE-MEMBERS requested' + if mail.body.strip.empty? + "Error, empty input. You need to write the members list yaml-formatted into the body." + else + Schleuder.list.members = YAML.load(mail.body) + "Saving was successful.\n\nCurrent members.conf:\n\n#{get_membersfile}\n" + end + end + + def add_member(mail, value) + Schleuder.log.debug 'ADD-MEMBER requested' + addmember(mail, value, mail.body) + end + + def delete_member(mail, value) + Schleuder.log.debug 'DELETE-MEMBER requested' + deletemember(mail, value) + end + + def list_members(mail, value) + Schleuder.log.debug 'LIST-MEMBERS requested' + listmembers(mail) + end + + def get_member(mail, value) + Schleuder.log.debug 'GET-MEMBER requested' + getmember(mail, value) + end + + def listmembers(mail) + msg = '' + msg << "Default mime-setting for this list: #{Schleuder.list.config.default_mime.downcase}.\n" + msg << "\nAdmins for this list:\n\n#{_list_members(Schleuder.list.config.admins)}" + msg << "\n\nMembers:\n\n#{_list_members(Schleuder.list.members)}" + msg + end + + def _list_members(members) + members.collect { |member| + res = member.email.dup + res << " (mime: #{member.mime.downcase})" if member.mime && !member.mime.downcase.eql?(Schleuder.list.config.default_mime.downcase) + res << " :: #{_list_keys(member)}\n\n" + }.join('') + end + + def _list_keys(member) + result = '' + key, msg = member.key(false) # also get a potentially expired key -> will + # also inform about multiple keys on the list + # that might not me the case otherwise + if key + if key.trust.eql?(:expired) + result << "*Warning*: Key expired! " + elsif key.trust.eql?(:revoked) + result << "*Warning*: Key revoked! " + end + result << member.key_descr + else + result << "*Warning*: #{msg}" + end + result + end + + def addmember(mail, string, key) + email, mime = string.split(' ') + mem = Member.new({:email => email}) + mem.mime = mime if mime + # TODO: test if address already subscribed + Schleuder.list.members = Schleuder.list.members << mem + msg = "#{mem}\n--> Member saved.\n\n" + if key + mail.crypt.add_key(key).imports.each do |i| + msg << "#{mail.crypt.key_descr(mail.crypt.get_key(i.fpr))}\n" + if i.status.eql? 1 + msg << "--> Key imported.\n\n" + else + msg << "--> Key *not* imported (no error, maybe already present?).\n\n" + end + end + msg << "\n" + end + msg << "Updated members-list:\n\n#{_list_members(mail)}" + msg + end + + def deletemember(mail, string) + msg = '' + members = Schleuder.list.members.dup + members.delete_if {|mem| mem.email.eql?(string)} + if members.eql? Schleuder.list.members + msg << "Member #{string} not found" + else + if Schleuder.list.members = members + msg << "Member #{string} deleted.\n" else - Schleuder.list.members = YAML.load(mail.body) - msg = "Saving was successful.\n\nCurrent members.conf:\n\n#{_get_membersfile}\n" + msg = "Something failed. Please ask the maintainer of this list to figure out what\nhappened (e.g. by mailing to #{Schleuder.list.owner_addr}).\n" end end - reply(mail, msg) + msg << "\nUpdated members-list:\n\n#{_list_members(mail)}\n" + msg + end + + def getmember(mail, string) + Schleuder.log.debug "string: #{string.inspect}" + msg = '' + member = Schleuder.list.find_member_by_email string + unless member + return "Member #{string} not found.\n" + end + msg << "Email: #{member.email}\nMime: " + if member.mime + msg << member.mime.downcase + else + msg << "#{Schleuder.list.config.default_mime.downcase} (list-default)" + end + msg << "\n\n" + keys = mail.crypt.list_keys(member.email) + if keys.empty? + msg << "*Warning*: No key!\n\n" + else + if keys.size > 1 + msg << "*Warning*: Multiple keys!\n\n" + end + msg << "Key(s):\n\n" + keys.each do |key| + msg << "#{key.to_s}Fingerprint: #{key.subkeys.first.fpr}\n\n" + end + end + msg + end + + private + def get_membersfile + File.read(Schleuder.list.members_file) end end end diff -Nru schleuder-2.1.1/plugins/manage_self_plugin.rb schleuder-2.2.1/plugins/manage_self_plugin.rb --- schleuder-2.1.1/plugins/manage_self_plugin.rb 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/plugins/manage_self_plugin.rb 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,26 @@ +module Schleuder + class ManageSelfPlugin < Plugin + def initialize + @plugin_type = :request + end + + def unsubscribe(mail, foo) + Schleuder.log.debug 'UNSUBSCRIBE requested' + msg = '' + + key = Plugin.signing_key(mail) + member = Schleuder.list.find_member_by_key(key) || Schleuder.list.find_admin_by_key(key) + + members = Schleuder.list.members.dup + members.delete_if {|mem| mem.email.eql?(member.email)} + + if Schleuder.list.members = members + msg << "Your address #{member.email} hast been unsubscribed.\n" + else + msg = "Something failed. Please ask the maintainer of this list to figure out what\nhappened (e.g. by mailing to #{Schleuder.list.owner_addr}).\n" + end + msg + end + + end +end diff -Nru schleuder-2.1.1/plugins/resend_plugin.rb schleuder-2.2.1/plugins/resend_plugin.rb --- schleuder-2.1.1/plugins/resend_plugin.rb 2009-12-28 18:25:22.000000000 +0000 +++ schleuder-2.2.1/plugins/resend_plugin.rb 2012-06-12 09:08:13.000000000 +0000 @@ -1,28 +1,34 @@ module Schleuder class ResendPlugin < Plugin - - def match(mail) - mail.keywords.keys.include?('X-RESEND') || mail.keywords.keys.include?('X-RESEND-ENCRYPTED-ONLY') + def initialize + @plugin_type = :list end - - def process(mail) - if r = fetch(mail, 'X-RESEND-ENCRYPTED-ONLY') - r.each { |m| m.encrypted_only = true } - mail.resend_to.concat r - end - if r = fetch(mail, 'X-RESEND') - mail.resend_to.concat r - end + + def resend(mail, value) + store_address(mail, value, false) end - def fetch mail, word - if mail.keywords[word] - r = [] - mail.keywords[word].split(/[ ,;]+/).each do |recip| - r << Member.new({'email' => recip.strip}) - end + def resend_encrypted_only(mail, value) + store_address(mail, value, true) + end + + def store_address(mail, value, encrypted_only) + if mail.to.to_a.include? Schleuder.list.request_addr + msg = "The resend-command may only be used in message sent over the list, not messages sent to the request-address." + Schleuder.log.warn msg + return msg.fmt + end + if Utils.emailaddress? value + m = Member.new({'email' => value}) + if encrypted_only + m.encrypted_only = true + end + mail.resend_to << m + else + Schleuder.log.warn "Skipping invalid email address given with resend-keyword: #{value}" + mail.metadata[:error] << "Invalid address given: '#{value}'." end - r or false + mail end end diff -Nru schleuder-2.1.1/plugins/send_log_plugin.rb schleuder-2.2.1/plugins/send_log_plugin.rb --- schleuder-2.1.1/plugins/send_log_plugin.rb 2014-09-29 05:49:25.000000000 +0000 +++ schleuder-2.2.1/plugins/send_log_plugin.rb 1970-01-01 00:00:00.000000000 +0000 @@ -1,13 +0,0 @@ -module Schleuder - class SendLogPlugin < Plugin - def match(mail) - mail.keywords.keys.include?('X-SEND-LOG') - end - - def process(mail) - log = File.read(Schleuder.list.logfile) - reply(mail, log) - end - end -end - diff -Nru schleuder-2.1.1/plugins/version_plugin.rb schleuder-2.2.1/plugins/version_plugin.rb --- schleuder-2.1.1/plugins/version_plugin.rb 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/plugins/version_plugin.rb 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,12 @@ +module Schleuder + class VersionPlugin < Plugin + def initialize + @plugin_type = :request + end + + def get_version(mail, value) + require 'schleuder/version' + "This list runs on schleuder v#{Schleuder::VERSION}.\n\nFor documentation see " + end + end +end diff -Nru schleuder-2.1.1/README schleuder-2.2.1/README --- schleuder-2.1.1/README 2009-12-28 18:25:22.000000000 +0000 +++ schleuder-2.2.1/README 2012-06-12 09:08:13.000000000 +0000 @@ -1,27 +1,19 @@ Introduction ------------ -Schleuder is a gpg-enabled mailinglist with remailer-capabilities. It is -designed to server as a tool for group communication: subscribers can -communicate encrypted (and pseudonymously) among themselves, receive emails -from non-subscribers and send emails to non-subscribers via the list. Schleuder -takes care of all de- and encryption, stripping of headers, formatting -conversions, etc. Further schleuder can send out its own public key upon -request and receive administrative commands by email. +Schleuder is a group's email gateway: subscribers can communicate encrypted +(and pseudonymously) among themselves, receive emails from non-subscribers and +send emails to non-subscribers via the list. Schleuder takes care of all de- +and encryption, stripping of headers, formatting conversions, etc. Further +schleuder can send out its own public key upon request and receive +administrative commands by email. For further documentation please see http://schleuder.nadir.org or do `git clone git://schleuder.nadir.org/schleuder-wiki.git`. You'll also find installation instructions there. - -(If you're paranoid (it's a public wiki! Anyone can write into it and kill your -cat!) stick to the 'reviewed'-tag, that one we checked personally. It is is -signed with the public key of schleuder2@nadir.org (1024D/6E1C6F25 -2009-03-20), so you can verify it.) - -Anticipated in short: schleuder requires ruby, gpgme and some rubygems, -installation is copying some files and editing a few lines in a config file. -Quite simple and unscary, just go ahead. +(Anticipated in short: schleuder requires ruby, gpgme and some rubygems, +installation is copying some files and editing a few lines in a config file.) Feedback diff -Nru schleuder-2.1.1/schleuder.gemspec schleuder-2.2.1/schleuder.gemspec --- schleuder-2.1.1/schleuder.gemspec 1970-01-01 00:00:00.000000000 +0000 +++ schleuder-2.2.1/schleuder.gemspec 2012-06-12 09:08:13.000000000 +0000 @@ -0,0 +1,32 @@ +# encoding: utf-8 + +$: << File.expand_path('../lib', __FILE__) +require 'schleuder/version' + +Gem::Specification.new do |s| + s.name = "schleuder" + s.version = Schleuder::VERSION + s.authors = %w(paz ng) + s.email = "schleuder2@nadir.org" + s.homepage = "http://schleuder2.nadir.org" + s.summary = "Schleuder is a group's gateway: a gpg-enabled mailinglist with remailing-capabilities." + s.description = "Schleuder is a group's gateway: subscribers can communicate encrypted (and pseudonymously) among themselves, receive emails from non-subscribers and send emails to non-subscribers via the list.\n\nSchleuder takes care of all decryption and encryption, stripping of headers, formatting conversions, etc. Schleuder can also send out its own public key upon request and process administrative commands by email." + s.files = `git ls-files lib plugins ext contrib`.split("\n") + %w(README LICENSE man/schleuder.8 man/schleuder-newlist.8) + s.executables = %w(schleuder schleuder-newlist schleuder-fix-gem-dependencies schleuder-init-setup schleuder-migrate-v2.1-to-v2.2) + s.platform = Gem::Platform::RUBY + s.require_path = 'lib' + s.rubyforge_project = '[none]' + s.signing_key = '../schleuder-signingkey-gem-private_key.pem' + s.cert_chain = ['gem-public_cert.pem'] + s.add_dependency('gpgme', '= 1.0.8') + s.add_dependency('highline', '>= 1.6.1') + s.add_dependency('log4r', '>= 1.1.9') + s.add_dependency('ruby-filemagic', '>= 0.4.2') + s.post_install_message = " + + Note: There's still one dependency missing, which we can't install in + this run of rubygems. Please execute schleuder-fix-gem-dependencies to + complete the installation! + +" +end diff -Nru schleuder-2.1.1/TODO schleuder-2.2.1/TODO --- schleuder-2.1.1/TODO 2009-12-28 18:25:22.000000000 +0000 +++ schleuder-2.2.1/TODO 1970-01-01 00:00:00.000000000 +0000 @@ -1,15 +0,0 @@ -Some things left To Do -====================== - -The milestones on the road in sight are: - -* Re-organize logging: Maybe switch to syslog completely? At least delegate - log-rotation to tools built for that. - -* Facilitate packaging. We want to provide schleuder as a gem and also make - life easier for package-maintainers. - -* Learn from users and list-admins to improve usability. - -* Encourage people to write and share plugins. -