schleuder 3.6.0 → 4.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +6 -6
- data/Rakefile +12 -14
- data/bin/schleuder +1 -1
- data/db/migrate/20140501103532_create_lists.rb +1 -1
- data/db/migrate/20140501112859_create_subscriptions.rb +1 -1
- data/db/migrate/{201508092100_add_language_to_lists.rb → 20150809210000_add_language_to_lists.rb} +1 -1
- data/db/migrate/20150812165700_change_keywords_admin_only_defaults.rb +1 -1
- data/db/migrate/20150813235800_add_forward_all_incoming_to_admins.rb +1 -1
- data/db/migrate/{201508141727_change_send_encrypted_only_default.rb → 20150814172700_change_send_encrypted_only_default.rb} +1 -1
- data/db/migrate/{201508222143_add_logfiles_to_keep_to_lists.rb → 20150822214300_add_logfiles_to_keep_to_lists.rb} +1 -1
- data/db/migrate/{201508261723_rename_delivery_disabled_to_delivery_enabled_and_change_default.rb → 20150826172300_rename_delivery_disabled_to_delivery_enabled_and_change_default.rb} +1 -1
- data/db/migrate/{201508261815_strip_gpg_passphrase.rb → 20150826181500_strip_gpg_passphrase.rb} +1 -1
- data/db/migrate/{201508261827_remove_default_mime.rb → 20150826182700_remove_default_mime.rb} +1 -1
- data/db/migrate/20160501172700_fix_headers_to_meta_defaults.rb +1 -1
- data/db/migrate/20170713215059_add_internal_footer_to_list.rb +1 -1
- data/db/migrate/20180110203100_add_sig_enc_to_headers_to_meta_defaults.rb +1 -1
- data/db/migrate/20180723173900_add_deliver_selfsent_to_list.rb +1 -1
- data/db/migrate/20190906194820_add_autocrypt_header_to_list.rb +1 -1
- data/db/migrate/20200118170110_add_set_reply_to_to_sender_and_munge_from.rb +1 -1
- data/db/schema.rb +45 -47
- data/etc/postfix/schleuder_sqlite.cf +1 -1
- data/etc/schleuder-weekly-key-maintenance.service +9 -0
- data/etc/schleuder-weekly-key-maintenance.timer +9 -0
- data/etc/schleuder.yml +3 -3
- data/lib/schleuder-api-daemon/helpers/schleuder-api-daemon-helper.rb +3 -3
- data/lib/schleuder-api-daemon/routes/subscription.rb +4 -4
- data/lib/schleuder.rb +9 -11
- data/lib/schleuder/cli.rb +9 -188
- data/lib/schleuder/cli/cert.rb +2 -2
- data/lib/schleuder/cli/cli_helper.rb +14 -0
- data/lib/schleuder/cli/schleuder_cert_manager.rb +4 -4
- data/lib/schleuder/conf.rb +3 -3
- data/lib/schleuder/errors/base.rb +2 -2
- data/lib/schleuder/errors/decryption_failed.rb +1 -1
- data/lib/schleuder/errors/fatal_error.rb +1 -1
- data/lib/schleuder/errors/key_adduid_failed.rb +1 -1
- data/lib/schleuder/errors/key_generation_failed.rb +1 -1
- data/lib/schleuder/errors/message_empty.rb +1 -1
- data/lib/schleuder/errors/message_too_big.rb +1 -1
- data/lib/schleuder/errors/too_many_keys.rb +1 -1
- data/lib/schleuder/filters/post_decryption/10_request.rb +3 -3
- data/lib/schleuder/filters/post_decryption/20_max_message_size.rb +1 -1
- data/lib/schleuder/filters/post_decryption/30_forward_to_owner.rb +1 -1
- data/lib/schleuder/filters/post_decryption/40_receive_admin_only.rb +1 -1
- data/lib/schleuder/filters/post_decryption/50_receive_authenticated_only.rb +1 -1
- data/lib/schleuder/filters/post_decryption/60_receive_signed_only.rb +1 -1
- data/lib/schleuder/filters/post_decryption/70_receive_encrypted_only.rb +1 -1
- data/lib/schleuder/filters/post_decryption/80_receive_from_subscribed_emailaddresses_only.rb +1 -1
- data/lib/schleuder/filters/pre_decryption/10_forward_bounce_to_admins.rb +1 -1
- data/lib/schleuder/filters/pre_decryption/30_send_key.rb +1 -1
- data/lib/schleuder/filters/pre_decryption/40_fix_exchange_messages.rb +1 -1
- data/lib/schleuder/filters/pre_decryption/50_strip_html_from_alternative.rb +2 -2
- data/lib/schleuder/filters_runner.rb +9 -9
- data/lib/schleuder/gpgme/ctx.rb +15 -35
- data/lib/schleuder/gpgme/key.rb +4 -136
- data/lib/schleuder/gpgme/user_id.rb +2 -0
- data/lib/schleuder/keyword_handlers/attach_list_key.rb +17 -0
- data/lib/schleuder/keyword_handlers/base.rb +36 -0
- data/lib/schleuder/keyword_handlers/get_version.rb +11 -0
- data/lib/schleuder/keyword_handlers/key_management.rb +141 -0
- data/lib/schleuder/keyword_handlers/list_management.rb +19 -0
- data/lib/schleuder/keyword_handlers/resend.rb +208 -0
- data/lib/schleuder/keyword_handlers/sign_this.rb +54 -0
- data/lib/schleuder/keyword_handlers/subscription_management.rb +213 -0
- data/lib/schleuder/keyword_handlers_runner.rb +146 -0
- data/lib/schleuder/list.rb +11 -39
- data/lib/schleuder/list_builder.rb +16 -5
- data/lib/schleuder/listlogger.rb +1 -1
- data/lib/schleuder/mail/message.rb +82 -61
- data/lib/schleuder/runner.rb +18 -16
- data/lib/schleuder/subscription.rb +9 -10
- data/lib/schleuder/validators/boolean_validator.rb +1 -1
- data/lib/schleuder/validators/email_validator.rb +1 -1
- data/lib/schleuder/validators/fingerprint_validator.rb +1 -1
- data/lib/schleuder/validators/greater_than_zero_validator.rb +1 -1
- data/lib/schleuder/validators/no_line_breaks_validator.rb +1 -1
- data/lib/schleuder/version.rb +1 -1
- data/locales/de.yml +48 -36
- data/locales/en.yml +33 -21
- metadata +117 -53
- data/bin/pinentry-clearpassphrase +0 -72
- data/lib/schleuder/plugin_runners/base.rb +0 -91
- data/lib/schleuder/plugin_runners/list_plugins_runner.rb +0 -24
- data/lib/schleuder/plugin_runners/request_plugins_runner.rb +0 -27
- data/lib/schleuder/plugins/attach_listkey.rb +0 -13
- data/lib/schleuder/plugins/get_version.rb +0 -7
- data/lib/schleuder/plugins/key_management.rb +0 -121
- data/lib/schleuder/plugins/list_management.rb +0 -15
- data/lib/schleuder/plugins/resend.rb +0 -199
- data/lib/schleuder/plugins/sign_this.rb +0 -46
- data/lib/schleuder/plugins/subscription_management.rb +0 -207
@@ -3,9 +3,9 @@ class SchleuderApiDaemon < Sinatra::Base
|
|
3
3
|
|
4
4
|
namespace '/subscriptions' do
|
5
5
|
get '.json' do
|
6
|
-
filterkeys = Subscription.configurable_attributes + [
|
6
|
+
filterkeys = Subscription.configurable_attributes + ['list_id', 'email']
|
7
7
|
filter = params.select do |param|
|
8
|
-
filterkeys.include?(param
|
8
|
+
filterkeys.include?(param)
|
9
9
|
end
|
10
10
|
|
11
11
|
logger.debug "Subscription filter: #{filter.inspect}"
|
@@ -43,7 +43,7 @@ class SchleuderApiDaemon < Sinatra::Base
|
|
43
43
|
client_error(sub, 422)
|
44
44
|
end
|
45
45
|
rescue ActiveRecord::RecordNotUnique
|
46
|
-
logger.error
|
46
|
+
logger.error 'Already subscribed'
|
47
47
|
status 422
|
48
48
|
json errors: {email: ['is already subscribed']}
|
49
49
|
end
|
@@ -70,7 +70,7 @@ class SchleuderApiDaemon < Sinatra::Base
|
|
70
70
|
# For an already existing subscription, only update fingerprint if a
|
71
71
|
# new one has been selected from the upload.
|
72
72
|
if fingerprint.present?
|
73
|
-
args[
|
73
|
+
args['fingerprint'] = fingerprint
|
74
74
|
end
|
75
75
|
if sub.update(args)
|
76
76
|
200
|
data/lib/schleuder.rb
CHANGED
@@ -17,6 +17,8 @@ require 'open3'
|
|
17
17
|
# Require mandatory libs. The database-layer-lib is required below.
|
18
18
|
require 'mail-gpg'
|
19
19
|
require 'active_record'
|
20
|
+
require 'active_support'
|
21
|
+
require 'active_support/core_ext/string'
|
20
22
|
|
21
23
|
# An extra from mail-gpg
|
22
24
|
require 'hkp'
|
@@ -48,10 +50,9 @@ require 'schleuder/version'
|
|
48
50
|
require 'schleuder/logger_notifications'
|
49
51
|
require 'schleuder/logger'
|
50
52
|
require 'schleuder/listlogger'
|
51
|
-
require 'schleuder/
|
52
|
-
require 'schleuder/
|
53
|
-
|
54
|
-
Dir["#{libdir}/schleuder/plugins/*.rb"].each do |file|
|
53
|
+
require 'schleuder/keyword_handlers_runner'
|
54
|
+
require 'schleuder/keyword_handlers/base'
|
55
|
+
Dir["#{libdir}/schleuder/keyword_handlers/*.rb"].each do |file|
|
55
56
|
require file
|
56
57
|
end
|
57
58
|
require 'schleuder/filters_runner'
|
@@ -64,13 +65,10 @@ require 'schleuder/list_builder'
|
|
64
65
|
require 'schleuder/subscription'
|
65
66
|
|
66
67
|
# Setup
|
67
|
-
ENV[
|
68
|
-
ENV[
|
69
|
-
ENV[
|
70
|
-
ENV[
|
71
|
-
# Ensure that gnupg never-ever tries to ask for a passphrase.
|
72
|
-
ENV["GPG_TTY"] = "/nonexistant-#{rand}"
|
73
|
-
ENV["DISPLAY"] = nil
|
68
|
+
ENV['SCHLEUDER_CONFIG'] ||= '/etc/schleuder/schleuder.yml'
|
69
|
+
ENV['SCHLEUDER_LIST_DEFAULTS'] ||= '/etc/schleuder/list-defaults.yml'
|
70
|
+
ENV['SCHLEUDER_ENV'] ||= 'production'
|
71
|
+
ENV['SCHLEUDER_ROOT'] = rootdir.to_s
|
74
72
|
|
75
73
|
GPGME::Ctx.set_gpg_path_from_env
|
76
74
|
GPGME::Ctx.check_gpg_version
|
data/lib/schleuder/cli.rb
CHANGED
@@ -5,11 +5,13 @@ require 'charlock_holmes'
|
|
5
5
|
|
6
6
|
require_relative '../schleuder'
|
7
7
|
require 'schleuder/cli/subcommand_fix'
|
8
|
+
require 'schleuder/cli/cli_helper'
|
8
9
|
require 'schleuder/cli/schleuder_cert_manager'
|
9
10
|
require 'schleuder/cli/cert'
|
10
11
|
|
11
12
|
module Schleuder
|
12
13
|
class Cli < Thor
|
14
|
+
include CliHelper
|
13
15
|
|
14
16
|
register(Cert,
|
15
17
|
'cert',
|
@@ -51,7 +53,7 @@ module Schleuder
|
|
51
53
|
exit 1
|
52
54
|
end
|
53
55
|
|
54
|
-
desc 'check_keys', 'Check all lists for unusable or expiring keys and send the results to the list-admins. (This is supposed to be run from cron weekly.)'
|
56
|
+
desc 'check_keys', 'Check all lists for unusable or expiring keys and send the results to the list-admins. (This is supposed to be run from cron or systemd weekly.)'
|
55
57
|
def check_keys
|
56
58
|
List.all.each do |list|
|
57
59
|
I18n.locale = list.language
|
@@ -66,30 +68,26 @@ module Schleuder
|
|
66
68
|
permission_notice
|
67
69
|
end
|
68
70
|
|
69
|
-
desc 'refresh_keys [list1@example.com]',
|
71
|
+
desc 'refresh_keys [list1@example.com]', 'Refresh all keys of all list from the keyservers sequentially (one by one or on the passed list). (This is supposed to be run from cron or systemd weekly.)'
|
70
72
|
def refresh_keys(list=nil)
|
71
73
|
GPGME::Ctx.send_notice_if_gpg_does_not_know_import_filter
|
72
|
-
work_on_lists(:refresh_keys,list)
|
74
|
+
work_on_lists(:refresh_keys, list)
|
73
75
|
permission_notice
|
74
76
|
end
|
75
77
|
|
76
|
-
desc 'pin_keys [list1@example.com]', "Find keys for subscriptions without a pinned key and try to pin a certain key (one by one or based on the passed list)."
|
77
|
-
def pin_keys(list=nil)
|
78
|
-
work_on_lists(:pin_keys,list)
|
79
|
-
end
|
80
78
|
|
81
|
-
desc 'install',
|
79
|
+
desc 'install', 'Set-up or update Schleuder environment (create folders, copy files, fill the database).'
|
82
80
|
def install
|
83
81
|
config_dir = Pathname.new(ENV['SCHLEUDER_CONFIG']).dirname
|
84
82
|
root_dir = Pathname.new(ENV['SCHLEUDER_ROOT'])
|
85
83
|
|
86
84
|
# Check if lists_dir contains v2-data.
|
87
85
|
if Dir.glob("#{Conf.lists_dir}/*/*/members.conf").size > 0
|
88
|
-
msg = "Lists directory #{Conf.lists_dir} appears to contain data from a Schleuder version 2.x installation.\nPlease
|
86
|
+
msg = "Lists directory #{Conf.lists_dir} appears to contain data from a Schleuder version 2.x installation.\nPlease remove this data and retry the installation. Schleuder version 4 doesn't support migrating these old lists, in case you need to, please install Schleuder version 3 first."
|
89
87
|
fatal msg, 2
|
90
88
|
end
|
91
89
|
|
92
|
-
[Conf.lists_dir, Conf.listlogs_dir, config_dir].each do |dir|
|
90
|
+
[Conf.keyword_handlers_dir, Conf.lists_dir, Conf.listlogs_dir, config_dir].each do |dir|
|
93
91
|
dir = Pathname.new(dir)
|
94
92
|
if ! dir.exist?
|
95
93
|
begin
|
@@ -101,7 +99,7 @@ module Schleuder
|
|
101
99
|
end
|
102
100
|
end
|
103
101
|
|
104
|
-
Pathname.glob(root_dir.join(
|
102
|
+
Pathname.glob(root_dir.join('etc').join('*.yml')).each do |file|
|
105
103
|
target = config_dir.join(file.basename)
|
106
104
|
if ! target.exist?
|
107
105
|
if target.dirname.writable?
|
@@ -131,184 +129,7 @@ module Schleuder
|
|
131
129
|
fatal exc.message
|
132
130
|
end
|
133
131
|
|
134
|
-
desc 'migrate-v2-list /path/to/listdir', 'Migrate list from v2.2 to v3.'
|
135
|
-
def migrate_v2_list(path)
|
136
|
-
dir = Pathname.new(path)
|
137
|
-
if ! dir.readable? || ! dir.directory?
|
138
|
-
fatal "Not a readable directory: `#{path}`."
|
139
|
-
end
|
140
|
-
|
141
|
-
%w[list.conf members.conf pubring.gpg].each do |file|
|
142
|
-
if ! (dir + file).exist?
|
143
|
-
fatal "Not a complete schleuder v2.2 listdir: missing #{file}"
|
144
|
-
end
|
145
|
-
end
|
146
|
-
|
147
|
-
conf = YAML.load(File.read(dir + 'list.conf'))
|
148
|
-
if conf.nil? || conf.empty?
|
149
|
-
fatal "list.conf is blank"
|
150
|
-
end
|
151
|
-
listname = conf['myaddr']
|
152
|
-
if listname.nil? || listname.empty?
|
153
|
-
fatal "myaddr is blank in list.conf"
|
154
|
-
end
|
155
|
-
|
156
|
-
# Identify list-fingerprint.
|
157
|
-
ENV['GNUPGHOME'] = dir.to_s
|
158
|
-
listkey = GPGME::Key.find(:public, "<#{listname}>").first
|
159
|
-
if listkey.nil?
|
160
|
-
fatal "Failed to identify the list's OpenPGP-key!"
|
161
|
-
end
|
162
|
-
|
163
|
-
# Create list.
|
164
|
-
begin
|
165
|
-
list, messages = Schleuder::ListBuilder.new({email: listname, fingerprint: listkey.fingerprint}).run
|
166
|
-
rescue => exc
|
167
|
-
fatal exc
|
168
|
-
end
|
169
|
-
if messages
|
170
|
-
fatal messages.values.join(" - ")
|
171
|
-
elsif list.errors.any?
|
172
|
-
fatal list.errors.full_messages.join(" - ")
|
173
|
-
end
|
174
|
-
|
175
|
-
# Import keys
|
176
|
-
list.import_key(File.read(dir + 'pubring.gpg'))
|
177
|
-
list.import_key(File.read(dir + 'secring.gpg'))
|
178
|
-
|
179
|
-
# Clear passphrase of imported list-key.
|
180
|
-
output = list.key.clearpassphrase(conf['gpg_password'])
|
181
|
-
if output.present?
|
182
|
-
fatal "while clearing passphrase of list-key: #{output.inspect}"
|
183
|
-
end
|
184
|
-
|
185
|
-
# Set list-options.
|
186
|
-
List.configurable_attributes.each do |option|
|
187
|
-
option = option.to_s
|
188
|
-
if conf.keys.include?(option)
|
189
|
-
value = case option
|
190
|
-
when /^keywords_/
|
191
|
-
filter_keywords(conf[option])
|
192
|
-
when 'log_level'
|
193
|
-
conf[option].to_s.downcase
|
194
|
-
else
|
195
|
-
conf[option]
|
196
|
-
end
|
197
|
-
list.set_attribute(option, value)
|
198
|
-
end
|
199
|
-
end
|
200
|
-
|
201
|
-
# Set changed options.
|
202
|
-
changed_options = {
|
203
|
-
'prefix' => 'subject_prefix',
|
204
|
-
'prefix_in' => 'subject_prefix_in',
|
205
|
-
'prefix_out' => 'subject_prefix_out',
|
206
|
-
'dump_incoming_mail' => 'forward_all_incoming_to_admins',
|
207
|
-
'receive_from_member_emailaddresses_only' => 'receive_from_subscribed_emailaddresses_only',
|
208
|
-
'bounces_notify_admin' => 'bounces_notify_admins',
|
209
|
-
'max_message_size' => 'max_message_size_kb'
|
210
|
-
}
|
211
|
-
|
212
|
-
changed_options.each do |old, new|
|
213
|
-
if conf.keys.include?(old)
|
214
|
-
list.set_attribute(new, conf[old])
|
215
|
-
end
|
216
|
-
end
|
217
|
-
list.save!
|
218
|
-
|
219
|
-
# Subscribe members
|
220
|
-
members = YAML.load(File.read(dir + 'members.conf'))
|
221
|
-
members.uniq!{|m| m['email'] }
|
222
|
-
members.each do |member|
|
223
|
-
fingerprint = find_fingerprint(member, list)
|
224
|
-
list.subscribe(member['email'], fingerprint)
|
225
|
-
end
|
226
|
-
|
227
|
-
# Subscribe or flag admins
|
228
|
-
conf['admins'].each do |member|
|
229
|
-
sub = list.subscriptions.where(email: member['email']).first
|
230
|
-
if sub
|
231
|
-
sub.admin = true
|
232
|
-
sub.save!
|
233
|
-
else
|
234
|
-
adminfpr = find_fingerprint(member, list)
|
235
|
-
# if we didn't find an already imported subscription for the admin
|
236
|
-
# address, it wasn't a member, so we don't enable delivery for it
|
237
|
-
list.subscribe(member['email'], adminfpr, true, false)
|
238
|
-
end
|
239
|
-
end
|
240
|
-
|
241
|
-
# Notify of removed options
|
242
|
-
say "Please note: the following options have been *removed*:
|
243
|
-
* `default_mime` for lists (we only support pgp/mime for now),
|
244
|
-
* `archive` for lists,
|
245
|
-
* `gpg_passphrase` for lists,
|
246
|
-
* `log_file`, `log_io`, `log_syslog` for lists (we only log to
|
247
|
-
syslog (before list-creation) and a file (after it) for now),
|
248
|
-
* `mime` for subscriptions/members (we only support pgp/mime for now),
|
249
|
-
* `send_encrypted_only` for members/subscriptions.
|
250
|
-
|
251
|
-
If you really miss any of them please tell us.
|
252
|
-
|
253
|
-
Please also note that the following keywords have been renamed:
|
254
|
-
* list-members => list-subscriptions
|
255
|
-
* add-member => subscribe
|
256
|
-
* delete-member => unsubscribe
|
257
|
-
|
258
|
-
Please notify the users and admins of this list of these changes.
|
259
|
-
"
|
260
|
-
|
261
|
-
say "\nList #{listname} migrated to schleuder v3."
|
262
|
-
if messages.present?
|
263
|
-
say messages.gsub(' // ', "\n")
|
264
|
-
end
|
265
|
-
permission_notice
|
266
|
-
rescue => exc
|
267
|
-
fatal "#{exc}\n#{exc.backtrace.first}"
|
268
|
-
end
|
269
|
-
|
270
132
|
no_commands do
|
271
|
-
def fatal(msg, exitcode=1)
|
272
|
-
error("Error: #{msg}")
|
273
|
-
exit exitcode
|
274
|
-
end
|
275
|
-
|
276
|
-
KEYWORDS = {
|
277
|
-
'add-member' => 'subscribe',
|
278
|
-
'delete-member' => 'unsubscribe',
|
279
|
-
'list-members' => 'list-subscriptions',
|
280
|
-
'subscribe' => 'subscribe',
|
281
|
-
'unsubscribe' => 'unsubscribe',
|
282
|
-
'list-subscriptions' => 'list-subscriptions',
|
283
|
-
'set-finterprint' => 'set-fingerprint',
|
284
|
-
'add-key' => 'add-key',
|
285
|
-
'delete-key' => 'delete-key',
|
286
|
-
'list-keys' => 'list-keys',
|
287
|
-
'get-key' => 'get-key',
|
288
|
-
'fetch-key' => 'fetch-key'
|
289
|
-
}
|
290
|
-
|
291
|
-
def filter_keywords(value)
|
292
|
-
Array(value).map do |keyword|
|
293
|
-
KEYWORDS[keyword.downcase]
|
294
|
-
end.compact
|
295
|
-
end
|
296
|
-
|
297
|
-
def find_fingerprint(member, list)
|
298
|
-
email = member['email']
|
299
|
-
fingerprint = member['key_fingerprint']
|
300
|
-
if fingerprint.present?
|
301
|
-
return fingerprint
|
302
|
-
end
|
303
|
-
|
304
|
-
key = list.distinct_key(email)
|
305
|
-
if key
|
306
|
-
return key.fingerprint
|
307
|
-
else
|
308
|
-
return nil
|
309
|
-
end
|
310
|
-
end
|
311
|
-
|
312
133
|
def shellexec(cmd)
|
313
134
|
result = `#{cmd} 2>&1`
|
314
135
|
if $?.exitstatus > 0
|
data/lib/schleuder/cli/cert.rb
CHANGED
@@ -8,9 +8,9 @@ module Schleuder
|
|
8
8
|
cert = Conf.api['tls_cert_file']
|
9
9
|
fingerprint = SchleuderCertManager.generate('schleuder', key, cert)
|
10
10
|
puts "Fingerprint of generated certificate: #{fingerprint}"
|
11
|
-
puts
|
11
|
+
puts 'Have this fingerprint included into the configuration-file of all clients that want to connect to your Schleuder API.'
|
12
12
|
if Process.euid == 0
|
13
|
-
puts
|
13
|
+
puts '! Warning: this process was run as root — please make sure the above files are accessible by the user that is running `schleuder-api-daemon`.'
|
14
14
|
end
|
15
15
|
end
|
16
16
|
|
@@ -22,11 +22,11 @@ class SchleuderCertManager
|
|
22
22
|
ef.subject_certificate = cert
|
23
23
|
ef.issuer_certificate = cert
|
24
24
|
cert.extensions = [
|
25
|
-
ef.create_extension(
|
26
|
-
ef.create_extension(
|
25
|
+
ef.create_extension('basicConstraints', 'CA:TRUE', true),
|
26
|
+
ef.create_extension('subjectKeyIdentifier', 'hash'),
|
27
27
|
]
|
28
|
-
cert.add_extension ef.create_extension(
|
29
|
-
|
28
|
+
cert.add_extension ef.create_extension('authorityKeyIdentifier',
|
29
|
+
'keyid:always,issuer:always')
|
30
30
|
|
31
31
|
cert.sign key, OpenSSL::Digest::SHA256.new
|
32
32
|
|
data/lib/schleuder/conf.rb
CHANGED
@@ -17,7 +17,7 @@ module Schleuder
|
|
17
17
|
DEFAULTS = {
|
18
18
|
'lists_dir' => '/var/lib/schleuder/lists',
|
19
19
|
'listlogs_dir' => '/var/lib/schleuder/lists',
|
20
|
-
'
|
20
|
+
'keyword_handlers_dir' => '/usr/local/lib/schleuder/keyword_handlers',
|
21
21
|
'filters_dir' => '/usr/local/lib/schleuder/filters',
|
22
22
|
'log_level' => 'warn',
|
23
23
|
'superadmin' => 'root@localhost',
|
@@ -62,8 +62,8 @@ module Schleuder
|
|
62
62
|
instance.config['listlogs_dir']
|
63
63
|
end
|
64
64
|
|
65
|
-
def self.
|
66
|
-
instance.config['
|
65
|
+
def self.keyword_handlers_dir
|
66
|
+
instance.config['keyword_handlers_dir']
|
67
67
|
end
|
68
68
|
|
69
69
|
def self.filters_dir
|
@@ -2,7 +2,7 @@ module Schleuder
|
|
2
2
|
module Errors
|
3
3
|
class KeyGenerationFailed < Base
|
4
4
|
def initialize(listdir, listname)
|
5
|
-
super t('errors.key_generation_failed',
|
5
|
+
super t('errors.key_generation_failed', listdir: listdir, listname: listname)
|
6
6
|
end
|
7
7
|
end
|
8
8
|
end
|