1 # vim: set syntax=perl ts=4 ai si:
5 use Digest::HMAC_SHA1();
10 sub local_filter_cancel {
11 unless($hdr{Control} =~ m/^cancel\s+(<[^>]+>)/i) {
12 return "Cancel with broken target ID";
14 return verify_cancel(\%hdr, $1, 'Cancel');
17 sub local_filter_after_emp {
18 if (exists( $hdr{'Supersedes'} )) {
19 #return verify_cancel(\%hdr, $hdr{'Supersedes'}, 'Supersedes');
20 # verify_cancel is called, but not returned, so the
21 # posting is unconditionally accepted
22 # verify_cancel calls INN:cancel() if verification suceeds
23 verify_cancel(\%hdr, $hdr{'Supersedes'}, 'Supersedes');
29 sub verify_cancel($$$) {
30 my $r_hdr = shift || die;
34 my $headers = INN::head($target) || return "$descr of non-existing ID $target";
37 for my $line(split(/\s*\n/, $headers)) {
38 if ($line =~ m/^([[:alnum:]-]+):\s+(.*)/) {
43 my $lock = $headers{'Cancel-Lock'};
45 my $key = $r_hdr->{'Cancel-Key'} || return "$descr of $target without Cancel-Key";
46 #return verify_cancel_key($key, $lock, ' target=' . $target);
47 return verify_cancel_key($key, $lock, $target);
50 # no cancel-lock: go ahead and cancel anyway!
57 sub verify_cancel_key($$$) {
58 my $cancel_key = shift;
59 my $cancel_lock = shift;
62 $msg = '' unless(defined($msg));
65 $msg = ' target=' . $msg;
68 for my $l(split(/\s+/, $cancel_lock)) {
69 next unless($l =~ m/^(sha1|md5):(\S+)/);
73 for my $k(split(/\s+/, $cancel_key)) {
74 unless($k =~ m/^(sha1|md5):(\S+)/) {
75 INN::syslog('notice', "Invalid Cancel-Key syntax '$k'.$msg");
81 $key = Digest::SHA1::sha1($2); }
83 $key = Digest::MD5::md5($2);
85 $key = MIME::Base64::encode_base64($key, '');
87 if (exists($lock{$key})) {
88 # INN::syslog('notice', "Valid Cancel-Key $key found.$msg");
90 # article is canceled now
91 INN::cancel($target) if ($target);
97 "No Cancel-Key[$cancel_key] matches Cancel-Lock[$cancel_lock]$msg"
99 return "No Cancel-Key matches Cancel-Lock.$msg";