--- inn-2.4.5/samples/filter_nnrpd.pl 2008-06-29 19:56:57.000000000 +0200
+++ inn-2.4.5/samples/filter_nnrpd.pl 2009-01-03 00:10:35.000000000 +0100
@@ -1,5 +1,5 @@
#
-# $Id: filter_nnrpd.pl 5981 2002-12-12 05:01:42Z vinocur $
+# $Id: filter_nnrpd.pl, 2009/01/03 open.news.network.org $
#
# Sample perl filtering code for nnrpd hook.
#
@@ -27,6 +27,14 @@ my %config = (checkincludedtext => 0,
#
# Sample filter
#
+# for Encryption use Crypt::CBC;
+use Crypt::CBC;
+use Compress::Zlib;
+use MIME::Base64;
+use Digest::HMAC_SHA1;
+use Digest::SHA1;
+
+
sub filter_post {
my $rval = "" ; # assume we'll accept.
#
@@ -34,14 +42,14 @@ sub filter_post {
### in their subject, or which have a "Re: " subject, but noReferences:
### header, or which have an invalid From.
#
-## if ($hdr{"Subject"} =~ /make.*money/i) {
-## $rval = "Spam is not acceptable here..." ;
-## } elsif ($hdr{'Subject'} =~ /^Re: /o and $hdr{'References'} eq "") {
-## $rval = "Followup without References:";
-## } elsif ($hdr{'From'} =~ /^\w*$/o or
-## $hdr{'From'} !~ /^(.+?)\@([-\w\d]+\.)*([-\w\d]+)\.([-\w\d]{2,})$/o) {
-## $rval = "From: is invalid, must be user\@[host.]domain.tld";
-## }
+ if ($hdr{"Subject"} =~ /make.*money/i) {
+ $rval = "Spam is not acceptable here..." ;
+### } elsif ($hdr{'Subject'} =~ /^Re: /o and $hdr{'References'} eq "") {
+### $rval = "Followup without References:";
+### } elsif ($hdr{'From'} =~ /^\w*$/o or
+### $hdr{'From'} !~ /^(.+?)\@([-\w\d]+\.)*([-\w\d]+)\.([-\w\d]{2,})$/o) {
+### $rval = "From: is invalid, must be user\@[host.]domain.tld";
+ }
### The next block rejects articles with too much quoted text, if the
@@ -55,6 +63,127 @@ sub filter_post {
}
}
+###########################
+# ka private hierachie rules
+############################
+
+@newsgroups = split(/,/, $hdr{"Newsgroups"});
+ foreach (@newsgroups) {
+ if (/^ka\./i) {
+ $ka++;
+ } else {
+ $nka++;
+ }
+ if (/^net\./i) {
+ $net++;
+ } else {
+ $notnet++;
+ }
+
+
+ }
+ if ($ka && $nka) {
+ if (!defined($hdr{"Followup-To"})) {
+ $fka = 1;
+ } else {
+ @followupgroups = split(/,/, $hdr{"Followup-To"});
+ foreach (@followupgroups) {
+ if (/^ka\./i){
+ $fka++;
+ }
+ }
+ }
+ if ($fka) {
+ $rval = "Keine Crosspostings nach ka.* (-> http://www.karlsruhe.org/)";
+ }
+ }
+ if ($ka > 3) {
+ $rval = "Zu viele Gruppen fuer ka.* (-> http://www.karlsruhe.org/)";
+ }
+
+
+
+
+
+##############################################################
+# encrytion
+# Christian Gall
+# sub encrypt see below
+#############################################################
+
+
+#########################
+# X-Trace encrypt
+########################
+
+ if ($hdr{'X-Trace'} =~ /^(\S+)\s+(.*)\s+(\([^\)]+\))$/) {
+ # $hdr{'X-Trace'} = "$1 " . encrypt($2) . " $3";
+ $hdr{'X-Trace'} = "$1 ".encode_base64(compress(encrypt($2)),"")." $3";
+ $modify_headers = 1;
+ }
+
+#############################################
+# NNTP-Posting-HOST encrypt and Cancelock
+##############################################
+ if($hdr{'Control'}){
+ @control = split(/ /, $hdr{"Control"});
+
+ foreach(@control) {
+ if (/^cancel/i) {
+ $cancel++;
+ }
+ $CancelID = $_;
+ }
+ }
+
+ if ($hdr{'NNTP-Posting-Host'}) {
+ $hdr{'NNTP-Posting-Host'} = encode_base64(encrypt($hdr{'NNTP-Posting-Host' }),"");
+ $hdr{'X-User-ID'} = encode_base64(encrypt($user ),"");
+ if($hdr{'Cancel-Lock'}) {
+ $newlock = $hdr{'Cancel-Lock'};
+ $hmac = Digest::HMAC_SHA1->new("admin");
+ $data = "cancel ".$hdr{'Message-ID'}."$CANCELLOCK";
+ $hmac->add("$data");
+ $digest = $hmac->b64digest;
+ $lock = encode_base64(Digest::SHA1::sha1($digest),"");
+ $hdr{'Cancel-Lock'} = $newlock." sha1:".$lock."";
+ }
+
+ if(!$hdr{'Cancel-Lock'}) {
+ $hmac = Digest::HMAC_SHA1->new("$user");
+ $data = "cancel ".$hdr{'Message-ID'}."$CANCELLOCK";
+ $hmac->add("$data");
+ $digest = $hmac->b64digest;
+ $lock = encode_base64(Digest::SHA1::sha1($digest),"");
+ $hdr{'Cancel-Lock'} = "sha1:".$lock."";
+ }
+
+ # if($cancel) {
+ if($cancel && !$hdr{'Cancel-Key'}) {
+ $hmac = Digest::HMAC_SHA1->new("$user");
+ $data = $hdr{'Control'}."$CANCELLOCK";
+ $hmac->add($data);
+ $digest = $hmac->b64digest;
+ $schluessel = $digest;
+ $hdr{'Cancel-key'} = "sha1:".$schluessel;
+ }
+ if($hdr{'Supersedes'} && !$hdr{'Cancel-Key'}) {
+ $hmac = Digest::HMAC_SHA1->new("$user");
+ $data = "cancel ".$hdr{'Supersedes'}."$CANCELLOCK";
+ $hmac->add($data);
+ $digest = $hmac->b64digest;
+ $schluessel = $digest;
+ $hdr{'Cancel-key'} = "sha1:".$schluessel;
+ }
+
+ $modify_headers = 1;
+
+ }
+
+
+
+
+
return $rval;
}
@@ -72,3 +201,41 @@ sub analyze {
return ($lines, $quoted, $antiquoted);
}
+
+#########################################
+# encrypt X-header
+########################################
+
+sub encrypt {
+
+ my $line = shift;
+ my $cipher = Crypt::CBC->new( {
+ 'key' => 'ServerVerySecretKey',
+ 'cipher' => 'Blowfish',
+ 'prepend_iv' => 1
+ });
+ return $cipher->encrypt_hex($line);
+}
+
+
+###################################################
+# Für das Entschlüsseln:
+#
+#
+# use strict;
+# use warnings;
+#
+# use Crypt::CBC;
+#
+# my $cipher = Crypt::CBC->new( {
+# 'key' => '
+# 'cipher' => 'Blowfish',
+# 'prepend_iv' => 1
+# });
+
+# my $encrypted =
+# chomp($encrypted);
+#
+# print $cipher->decrypt_hex($encrypted) . "\n";
+#
+