tAdd simple authorisation based on From: field - scribo - Email-based phlog generator
HTML git clone git://git.z3bra.org/scribo.git
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit 0e895bfa4bdd8266b659a9b2cab1c57ab7e1f45c
DIR parent 6d46f8051a81903f4c47f459a2bee9cd79ef7048
HTML Author: Willy Goiffon <dev@z3bra.org>
Date: Tue, 8 Sep 2020 14:24:49 +0200
Add simple authorisation based on From: field
Diffstat:
M config.def.h | 1 +
M rfc5322.c | 20 ++++++++++++++++++++
M rfc5322.h | 2 ++
M scribo.c | 11 +++++++++++
4 files changed, 34 insertions(+), 0 deletions(-)
---
DIR diff --git a/config.def.h b/config.def.h
t@@ -1,6 +1,7 @@
char *basedir = ".";
char *datefmt = "%c";
+char *author = "contact@z3bra.org";
char *host = "z3bra.org";
int port = 70;
DIR diff --git a/rfc5322.c b/rfc5322.c
t@@ -51,3 +51,23 @@ rfc5322_unfold(char *body, char *line, size_t n)
return strlcat(body, strsep(&line, "\r\n"), n);
}
+
+char *
+rfc5322_addr(const char *s)
+{
+ static char addr[HDRSIZ];
+ char *p;
+
+ if (!(p = strrchr(s, '<'))) {
+ strlcpy(addr, s, HDRSIZ);
+ return addr;
+ }
+
+ strlcpy(addr, p + 1, HDRSIZ);
+ if ((p = strchr(addr, '>'))) {
+ *p = '\0';
+ return addr;
+ }
+
+ return NULL;
+}
DIR diff --git a/rfc5322.h b/rfc5322.h
t@@ -1,3 +1,5 @@
char *rfc5322_headername(const char *);
char *rfc5322_headerbody(const char *);
size_t rfc5322_unfold(char *, char *, size_t);
+char *rfc5322_addr(const char *);
+
DIR diff --git a/scribo.c b/scribo.c
t@@ -134,6 +134,11 @@ verifyheaders(struct headers *head)
if (!head)
return -1;
+ if (!header(head, "From")) {
+ fprintf(stderr, "Missing header: From\n");
+ return -1;
+ }
+
if (!header(head, "Date")) {
fprintf(stderr, "Missing header: Date\n");
return -1;
t@@ -155,6 +160,12 @@ verifyheaders(struct headers *head)
return -1;
}
+ char *addr = rfc5322_addr(header(head, "From"));
+ if (strncmp(addr, author, strlen(author))) {
+ fprintf(stderr, "<%s> is not authorized to publish content\n", addr);
+ return -1;
+ }
+
return 0;
}