schleuder 3.6.0 → 4.0.0

data/lib/schleuder/list_builder.rb

@@ -20,7 +20,7 @@ module Schleuder
     end
 
     def run
-      Schleuder.logger.info "Building new list"
+      Schleuder.logger.info 'Building new list'
 
       if @listname.blank? || ! @listname.match(Conf::EMAIL_REGEXP)
         return [nil, {'email' => ["'#{@listname}' is not a valid email address"]}]
@@ -63,13 +63,13 @@ module Schleuder
 
     def gpg
       @gpg_ctx ||= begin
-        ENV["GNUPGHOME"] = @list_dir
+        ENV['GNUPGHOME'] = @list_dir
         GPGME::Ctx.new
       end
     end
 
     def create_key(list)
-      Schleuder.logger.info "Generating key-pair, this could take a while..."
+      Schleuder.logger.info 'Generating key-pair, this could take a while...'
       gpg.generate_key(key_params(list))
 
       # Get key without knowing the fingerprint yet.
@@ -88,14 +88,14 @@ module Schleuder
     def adduids(list, key)
       # Add UIDs for -owner and -request.
       [list.request_address, list.owner_address].each do |address|
-        err = key.adduid(list.email, address)
+        err = add_uid_to_key(list, address)
         if err.present?
           raise err
         end
       end
       # Go through list.key() to re-fetch the key from the keyring, otherwise
       # we don't see the new UIDs.
-      errors = list.key.set_primary_uid(list.email)
+      errors = set_primary_uid_of_key(list)
       if errors.present?
         raise errors
       end
@@ -135,5 +135,16 @@ module Schleuder
       end
     end
 
+    def set_primary_uid_of_key(list)
+      errors, _ = GPGME::Ctx.gpgcli("--quick-set-primary-uid #{list.email} '#{list.email} <#{list.email}>'")
+      errors.join
+    end
+
+    def add_uid_to_key(list, email)
+      # Specifying the key via fingerprint apparently doesn't work.
+      errors, _ = GPGME::Ctx.gpgcli("--quick-adduid #{list.email} '#{list.email} <#{email}>'")
+      errors.join
+    end
+
   end
 end

data/lib/schleuder/listlogger.rb

@@ -17,7 +17,7 @@ module Schleuder
       if logfiles_to_keep < 1
         logfiles_to_keep = list.class.column_defaults['logfiles_to_keep']
       end
-      suffix_now = Time.now.strftime("%Y%m%d").to_i
+      suffix_now = Time.now.strftime('%Y%m%d').to_i
       del_older_than = suffix_now - logfiles_to_keep
       Pathname.glob("#{list.logfile}.????????").each do |file|
         if file.basename.to_s.match(/\.([0-9]{8})$/)

data/lib/schleuder/mail/message.rb

@@ -24,7 +24,9 @@ module Mail
     # Message#initialize.
     def setup
       if self.encrypted?
-        new = self.decrypt(verify: true)
+        # Specify 'loopback'-pinentry-mode to ensure that gnupg never-ever
+        # tries to interactively ask for a passphrase.
+        new = self.decrypt(verify: true, pinentry_mode: GPGME::PINENTRY_MODE_LOOPBACK)
         # Test if there's a signed multipart inside the ciphertext
         # ("encapsulated" format of pgp/mime).
         if encapsulated_signed?(new)
@@ -55,7 +57,7 @@ module Mail
       end
 
       # Delete the protected headers which might leak information.
-      if new.parts.first && new.parts.first.content_type == "text/rfc822-headers; protected-headers=v1"
+      if new.parts.first && new.parts.first.content_type == 'text/rfc822-headers; protected-headers=v1'
         new.parts.shift
       end
 
@@ -82,7 +84,7 @@ module Mail
 
       if self.protected_headers_subject.present?
         new_part = Mail::Part.new
-        new_part.content_type = "text/rfc822-headers; protected-headers=v1"
+        new_part.content_type = 'text/rfc822-headers; protected-headers=v1'
         new_part.body = "Subject: #{self.subject}\n"
         clean.add_part new_part
       end
@@ -141,7 +143,7 @@ module Mail
       when 1
         signatures.first
       else
-        raise "Multiple signatures found! Cannot handle!"
+        raise 'Multiple signatures found! Cannot handle!'
       end
     end
 
@@ -161,8 +163,10 @@ module Mail
     # subscription-assigned fingerprints are (should be) the ones of the
     # primary keys, so we need to look up the key.
     def signing_key
-      if signature.present?
-        @signing_key ||= list.keys(signature.fpr).first
+      @signing_key ||= begin
+        if signature.present?
+          list.keys(signature.fpr).first
+        end
       end
     end
 
@@ -209,7 +213,7 @@ module Mail
     end
 
     def bounced?
-      @bounced ||= bounce_detected? || (error_status != "unknown")
+      @bounced ||= bounce_detected? || (error_status != 'unknown')
     end
 
     def error_status
@@ -224,23 +228,8 @@ module Mail
         return []
       end
 
-      @keywords = []
-      look_for_keywords = true
-      lines = part.decoded.lines.map do |line|
-        # TODO: Find multiline arguments (add-key). Currently add-key has to
-        # read the whole body and hope for the best.
-        if look_for_keywords && (m = line.match(/^x-([^:\s]*)[:\s]*(.*)/i))
-          command = m[1].strip.downcase
-          arguments = m[2].to_s.strip.downcase.split(/[,; ]{1,}/)
-          @keywords << [command, arguments]
-          nil
-        else
-          if look_for_keywords && line.match(/\S+/i)
-            look_for_keywords = false
-          end
-          line
-        end
-      end
+      @keywords, lines = extract_keywords(part.decoded.lines)
+      new_body = lines.join
 
       # Work around problems with re-encoding the body. If we delete the
       # content-transfer-encoding prior to re-assigning the body, and let Mail
@@ -249,7 +238,6 @@ module Mail
       part.content_transfer_encoding = nil
 
       # Set the right charset on the now parsed body
-      new_body = lines.compact.join
       part.charset = new_body.encoding.to_s
       part.body = new_body
 
@@ -292,19 +280,19 @@ module Mail
         if signing_key.present?
           signature_state = signature.to_s
         else
-          signature_state = I18n.t("signature_states.unknown", fingerprint: self.signature.fingerprint)
+          signature_state = I18n.t('signature_states.unknown', fingerprint: self.signature.fingerprint)
         end
       else
-        signature_state = I18n.t("signature_states.unsigned")
+        signature_state = I18n.t('signature_states.unsigned')
       end
       signature_state
     end
 
     def encryption_state
       if was_encrypted?
-        encryption_state = I18n.t("encryption_states.encrypted")
+        encryption_state = I18n.t('encryption_states.encrypted')
       else
-        encryption_state = I18n.t("encryption_states.unencrypted")
+        encryption_state = I18n.t('encryption_states.unencrypted')
       end
       encryption_state
     end
@@ -360,7 +348,7 @@ module Mail
         self['List-Help'] = '<https://schleuder.org/>'
 
         postmsg = if list.receive_admin_only
-                    "NO (Admins only)"
+                    'NO (Admins only)'
                   elsif list.receive_authenticated_only
                     "<mailto:#{list.email}> (Subscribers only)"
                   else
@@ -437,7 +425,6 @@ module Mail
       end
     end
 
-
     def attach_list_key!(list)
       filename = "#{list.email}.asc"
       self.add_file({
@@ -451,6 +438,40 @@ module Mail
 
     private
 
+
+    def extract_keywords(content_lines)
+      keywords = []
+      in_keyword_block = false
+      found_blank_line = false
+      content_lines.each_with_index do |line, i|
+        if match = line.match(/^x-([^:\s]*)[:\s]*(.*)/i)
+          keyword = match[1].strip.downcase
+          arguments = match[2].to_s.strip.downcase.split(/[,; ]{1,}/)
+          keywords << [keyword, arguments]
+          in_keyword_block = true
+
+          # Set this line to nil to have it stripped from the message.
+          content_lines[i] = nil
+        elsif line.blank? && keywords.any?
+          # Look for blank lines after the first keyword had been found.
+          # These might mark the end of the keywords-block — unless more keywords follow.
+          found_blank_line = true
+          # Swallow the line: before the actual content begins we want to drop blank lines.
+          content_lines[i] = nil
+          # Stop interpreting the following line as argument to the previous keyword.
+          in_keyword_block = false
+        elsif in_keyword_block == true
+          # Interpret line as arguments to the previous keyword.
+          keywords[-1][-1] += line.downcase.strip.split(/[,; ]{1,}/)
+          content_lines[i] = nil
+        elsif found_blank_line
+          # Any line that isn't blank and does not start with "x-" stops the keyword parsing.
+          break
+        end
+      end
+      [keywords, content_lines.compact]
+    end
+
     # mail.signed? throws an error if it finds
     # pgp boundaries, so we must use the Mail::Gpg
     # methods.
@@ -480,7 +501,7 @@ module Mail
     end
 
     def _add_subject_prefix(suffix)
-      attrib = "subject_prefix"
+      attrib = 'subject_prefix'
       if suffix
         attrib << "_#{suffix}"
       end
@@ -540,7 +561,7 @@ module Mail
       return '99' if unicode_subject.match(/auto.*reply|férias|ferias|Estarei ausente|estou ausente|vacation|vocation|(out|away).*office|on holiday|abwesenheits|autorespond|Automatische|eingangsbestätigung/i)
 
       # Feedback-Type: abuse
-      return '96' if self.to_s.match(/Feedback-Type\: abuse/i)
+      return '96' if self.to_s.match(/Feedback-Type: abuse/i)
 
       if self.parts[1]
         match_parts = self.parts[1].body.match(/(Status:.|550 |#)([245]\.[0-9]{1,3}\.[0-9]{1,3})/)
@@ -563,41 +584,41 @@ module Mail
       return true if self.subject.to_s.match(/(returned|undelivered) mail|mail delivery( failed)?|(delivery )(status notification|failure)|failure notice|undeliver(able|ed)( mail)?|return(ing message|ed) to sender/i)
       return true if self.subject.to_s.match(/auto.*reply|vacation|vocation|(out|away).*office|on holiday|abwesenheits|autorespond|Automatische|eingangsbestätigung/i)
       return true if self['precedence'].to_s.match(/auto.*(reply|responder|antwort)/i)
-      return true if self.from.to_s.match(/^(MAILER-DAEMON|POSTMASTER)\@/i)
+      return true if self.from.to_s.match(/^(MAILER-DAEMON|POSTMASTER)@/i)
       false
     end
 
     def detect_bounce_status_code_from_text(text)
       # Parses a text and uses pattern matching to determines its error status (RFC 3463)
       # from: https://github.com/mailtop/bounce_email
-      return "5.0.0" if text.match(/Status: 5\.0\.0/i)
-      return "5.1.1" if text.match(/no such (address|user)|Recipient address rejected|User unknown|does not like recipient|The recipient was unavailable to take delivery of the message|Sorry, no mailbox here by that name|invalid address|unknown user|unknown local part|user not found|invalid recipient|failed after I sent the message|did not reach the following recipient|nicht zugestellt werden|o pode ser entregue para um ou mais/i)
-      return "5.1.2" if text.match(/unrouteable mail domain|Esta casilla ha expirado por falta de uso|I couldn't find any host named/i)
+      return '5.0.0' if text.match(/Status: 5\.0\.0/i)
+      return '5.1.1' if text.match(/no such (address|user)|Recipient address rejected|User unknown|does not like recipient|The recipient was unavailable to take delivery of the message|Sorry, no mailbox here by that name|invalid address|unknown user|unknown local part|user not found|invalid recipient|failed after I sent the message|did not reach the following recipient|nicht zugestellt werden|o pode ser entregue para um ou mais/i)
+      return '5.1.2' if text.match(/unrouteable mail domain|Esta casilla ha expirado por falta de uso|I couldn't find any host named/i)
       if text.match(/mailbox is full|Mailbox quota (usage|disk) exceeded|quota exceeded|Over quota|User mailbox exceeds allowed size|Message rejected\. Not enough storage space|user has exhausted allowed storage space|too many messages on the server|mailbox is over quota|mailbox exceeds allowed size|excedeu a quota/i)
-        return "5.2.2" if text.match(/This is a permanent error||(Status: |)5\.2\.2/i)
-        return "4.2.2"
-      end
-      return "5.1.0" if text.match(/Address rejected/)
-      return "4.1.2" if text.match(/I couldn't find any host by that name/)
-      return "4.2.0" if text.match(/not yet been delivered/i)
-      return "5.1.1" if text.match(/mailbox unavailable|No such mailbox|RecipientNotFound|not found by SMTP address lookup|Status: 5\.1\.1/i)
-      return "5.2.3" if text.match(/Status: 5\.2\.3/i) # Too messages in folder
-      return "5.4.0" if text.match(/Status: 5\.4\.0/i) # too many hops
-      return "5.4.4" if text.match(/Unrouteable address/i)
-      return "4.4.7" if text.match(/retry timeout exceeded/i)
-      return "5.2.0" if text.match(/The account or domain may not exist, they may be blacklisted, or missing the proper dns entries./i)
-      return "5.5.4" if text.match(/554 TRANSACTION FAILED/i)
-      return "4.4.1" if text.match(/Status: 4.4.1|delivery temporarily suspended|wasn't able to establish an SMTP connection/i)
-      return "5.5.0" if text.match(/550 OU\-002|Mail rejected by Windows Live Hotmail for policy reasons/i)
-      return "5.1.2" if text.match(/PERM_FAILURE: DNS Error: Domain name not found/i)
-      return "4.2.0" if text.match(/Delivery attempts will continue to be made for/i)
-      return "5.5.4" if text.match(/554 delivery error:/i)
-      return "5.1.1" if text.match(/550-5.1.1|This Gmail user does not exist/i)
-      return "5.7.1" if text.match(/5.7.1 Your message.*?was blocked by ROTA DNSBL/i) # AA added
-      return "5.7.2" if text.match(/not have permission to post messages to the group/i)
-      return "5.3.2" if text.match(/Technical details of permanent failure|Too many bad recipients/i) && (text.match(/The recipient server did not accept our requests to connect/i) || text.match(/Connection was dropped by remote host/i) || text.match(/Could not initiate SMTP conversation/i)) # AA added
-      return "4.3.2" if text.match(/Technical details of temporary failure/i) && (text.match(/The recipient server did not accept our requests to connect/i) || text.match(/Connection was dropped by remote host/i) || text.match(/Could not initiate SMTP conversation/i)) # AA added
-      return "5.0.0" if text.match(/Delivery to the following recipient failed permanently/i) # AA added
+        return '5.2.2' if text.match(/This is a permanent error||(Status: |)5\.2\.2/i)
+        return '4.2.2'
+      end
+      return '5.1.0' if text.match(/Address rejected/)
+      return '4.1.2' if text.match(/I couldn't find any host by that name/)
+      return '4.2.0' if text.match(/not yet been delivered/i)
+      return '5.1.1' if text.match(/mailbox unavailable|No such mailbox|RecipientNotFound|not found by SMTP address lookup|Status: 5\.1\.1/i)
+      return '5.2.3' if text.match(/Status: 5\.2\.3/i) # Too messages in folder
+      return '5.4.0' if text.match(/Status: 5\.4\.0/i) # too many hops
+      return '5.4.4' if text.match(/Unrouteable address/i)
+      return '4.4.7' if text.match(/retry timeout exceeded/i)
+      return '5.2.0' if text.match(/The account or domain may not exist, they may be blacklisted, or missing the proper dns entries./i)
+      return '5.5.4' if text.match(/554 TRANSACTION FAILED/i)
+      return '4.4.1' if text.match(/Status: 4.4.1|delivery temporarily suspended|wasn't able to establish an SMTP connection/i)
+      return '5.5.0' if text.match(/550 OU-002|Mail rejected by Windows Live Hotmail for policy reasons/i)
+      return '5.1.2' if text.match(/PERM_FAILURE: DNS Error: Domain name not found/i)
+      return '4.2.0' if text.match(/Delivery attempts will continue to be made for/i)
+      return '5.5.4' if text.match(/554 delivery error:/i)
+      return '5.1.1' if text.match(/550-5.1.1|This Gmail user does not exist/i)
+      return '5.7.1' if text.match(/5.7.1 Your message.*?was blocked by ROTA DNSBL/i) # AA added
+      return '5.7.2' if text.match(/not have permission to post messages to the group/i)
+      return '5.3.2' if text.match(/Technical details of permanent failure|Too many bad recipients/i) && (text.match(/The recipient server did not accept our requests to connect/i) || text.match(/Connection was dropped by remote host/i) || text.match(/Could not initiate SMTP conversation/i)) # AA added
+      return '4.3.2' if text.match(/Technical details of temporary failure/i) && (text.match(/The recipient server did not accept our requests to connect/i) || text.match(/Connection was dropped by remote host/i) || text.match(/Could not initiate SMTP conversation/i)) # AA added
+      return '5.0.0' if text.match(/Delivery to the following recipient failed permanently/i) # AA added
       return '5.2.3' if text.match(/account closed|account has been disabled or discontinued|mailbox not found|prohibited by administrator|access denied|account does not exist/i)
     end
   end

data/lib/schleuder/runner.rb

@@ -4,12 +4,12 @@ module Schleuder
       error = setup_list(recipient)
       return error if error
 
-      logger.info "Parsing incoming email."
+      logger.info 'Parsing incoming email.'
 
       # is it valid utf-8?
       msg_scrubbed = false
       unless msg.valid_encoding?
-        logger.warn "Converting message due to invalid characters"
+        logger.warn 'Converting message due to invalid characters'
         detection = CharlockHolmes::EncodingDetector.detect(msg)
         begin
           msg = CharlockHolmes::Converter.convert(msg, detection[:encoding], 'UTF-8')
@@ -18,7 +18,7 @@ module Schleuder
           # so we scrub the invalid characters to be able to
           # at least parse the message somehow. Though this might
           # result in data loss.
-          logger.warn "Scrubbing message due to invalid characters"
+          logger.warn 'Scrubbing message due to invalid characters'
           msg = msg.scrub
           msg_scrubbed = true
         end
@@ -27,7 +27,7 @@ module Schleuder
       @mail = Mail.create_message_to_list(msg, recipient, list)
 
       if msg_scrubbed
-        @mail.add_pseudoheader(:note, I18n.t("pseudoheaders.scrubbed_message"))
+        @mail.add_pseudoheader(:note, I18n.t('pseudoheaders.scrubbed_message'))
       end
 
       error = run_filters('pre')
@@ -40,9 +40,10 @@ module Schleuder
       rescue GPGME::Error::BadPassphrase,
              GPGME::Error::DecryptFailed,
              GPGME::Error::NoData,
-             GPGME::Error::NoSecretKey
+             GPGME::Error::NoSecretKey,
+             GPGME::Error::Canceled
 
-        logger.warn "Decryption of incoming message failed."
+        logger.warn 'Decryption of incoming message failed.'
         return Errors::DecryptionFailed.new(list)
       end
 
@@ -50,29 +51,29 @@ module Schleuder
       return error if error
 
       if ! @mail.was_validly_signed?
-        logger.debug "Message was not validly signed, adding subject_prefix_in"
+        logger.debug 'Message was not validly signed, adding subject_prefix_in'
         @mail.add_subject_prefix_in!
       end
 
       if ! @mail.was_encrypted?
-        logger.debug "Message was not encrypted, skipping plugins"
+        logger.debug 'Message was not encrypted, skipping keyword-handlers'
       elsif @mail.was_validly_signed?
-        # Plugins
-        logger.debug "Message was encrypted and validly signed"
-        PluginRunners::ListPluginsRunner.run(list, @mail).compact
+        # run KeywordHandlers
+        logger.debug 'Message was encrypted and validly signed'
+        KeywordHandlersRunner.run(type: :list, list: list, mail: @mail).compact
       end
 
       # Don't send empty messages over the list.
       if @mail.empty?
-        logger.info "Message found empty, not sending it to list."
+        logger.info 'Message found empty, not sending it to list.'
         return Errors::MessageEmpty.new(@list)
       end
 
-      logger.debug "Adding subject_prefix"
+      logger.debug 'Adding subject_prefix'
       @mail.add_subject_prefix!
 
       # Subscriptions
-      logger.debug "Creating clean copy of message"
+      logger.debug 'Creating clean copy of message'
       copy = @mail.clean_copy(list.headers_to_meta.any?)
       list.send_to_subscriptions(copy, @mail)
       nil
@@ -105,10 +106,11 @@ module Schleuder
     end
 
     def filters_runner_pre_decryption
-      @filters_runner_pre_decryption ||= Filters::Runner.new(list,'pre')
+      @filters_runner_pre_decryption ||= Filters::Runner.new(list, 'pre')
     end
+
     def filters_runner_post_decryption
-      @filters_runner_post_decryption ||= Filters::Runner.new(list,'post')
+      @filters_runner_post_decryption ||= Filters::Runner.new(list, 'post')
     end
 
     def logger

data/lib/schleuder/subscription.rb

@@ -4,26 +4,26 @@ module Schleuder
 
     validates :list_id, inclusion: {
                           in: -> (id) { List.pluck(:id) },
-                          message: "must refer to an existing list"
+                          message: 'must refer to an existing list'
                         }
-    validates :email, presence: true, email: true, uniqueness: {scope: :list_id}
+    validates :email, presence: true, email: true
+    validates :email, uniqueness: { scope: :list_id, case_sensitive: true }
     validates :fingerprint, allow_blank: true, fingerprint: true
     validates :delivery_enabled, :admin, boolean: true
 
     before_validation {
       self.email = Mail::Address.new(self.email).address
+      self.email.downcase! if self.email.present?
     }
 
     default_scope { order(:email) }
 
-    scope :without_fingerprint, -> { where(fingerprint: [nil,'']) }
-
     def to_s
       email
     end
 
     def self.configurable_attributes
-      [:fingerprint, :admin, :delivery_enabled]
+      ['fingerprint', 'admin', 'delivery_enabled']
     end
 
     def fingerprint=(arg)
@@ -38,7 +38,7 @@ module Schleuder
       # TODO: make key-related methods a concern, so we don't have to go
       # through the list and neither re-implement the methods here.
       # Prefix '0x' to force GnuPG to match only hex-values, not UIDs.
-      list.keys("0x#{self.fingerprint}").first
+      @key ||= list.keys("0x#{self.fingerprint}").first
     end
 
     def send_mail(mail, incoming_mail=nil)
@@ -52,7 +52,7 @@ module Schleuder
           notify_of_missed_message(:absent)
           return false
         else
-          list.logger.warn "Sending plaintext because no key is present!"
+          list.logger.warn 'Sending plaintext because no key is present!'
         end
       elsif ! self.key.usable?
         if self.list.send_encrypted_only?
@@ -87,7 +87,7 @@ module Schleuder
       if self.list.munge_from? && ! incoming_mail.nil? 
         # If the option "munge_from" is set to true, we will add the original senders' from-header to ours.
         # We munge the from-header to avoid issues with DMARC.
-        mail.from = I18n.t("header_munging", from: incoming_mail.from.first, list: self.list.email, list_address: self.list.email)
+        mail.from = I18n.t('header_munging', from: incoming_mail.from.first, list: self.list.email, list_address: self.list.email)
       else
         mail.from = self.list.email
       end
@@ -100,7 +100,7 @@ module Schleuder
       self.list.logger.warn "Not sending to #{self.email}: key is unusable because it is #{reason} and sending plain text not allowed"
       mail = ensure_headers(Mail.new)
       mail.subject = I18n.t('notice')
-      mail.body = I18n.t("missed_message_due_to_unusable_key", list_email: self.list.email) + I18n.t('errors.signoff')
+      mail.body = I18n.t('missed_message_due_to_unusable_key', list_email: self.list.email) + I18n.t('errors.signoff')
       mail.gpg self.list.gpg_sign_options
       mail.deliver
     end
@@ -112,6 +112,5 @@ module Schleuder
     def delete_key
       list.delete_key(self.fingerprint)
     end
-
   end
 end