#! /bin/sh
##  $Revision: 1.15 $
##  Initial parsing of control messages.

##  =()<. @<_PATH_SHELLVARS>@>()=
. /usr/contrib/lib/news/innshellvars
WRITELOG=${NEWSBIN}/writelog

PGPVERIFY=false
if [ "X$WANT_PGPVERIFY" = XDO ]; then
	PGPVERIFY=true 
fi

MAILFAILURES=false
if [ "X$MAIL_BADCONTROLS" = XDO ]; then
	MAILFAILURES=true
fi

AZ=ABCDEFGHIJKLMNOPQRSTUVWXYZ
az=abcdefghijklmnopqrstuvwxyz
ZN=0123456789
# Attempt to sanitize the address
FROM="`echo \"$1\" | tr ${AZ} ${az} | tr -dc \\\055${az}${ZN}+_.@%`"
REPLYTO="$2"
case "$3" in
"")
    ARTICLE=/dev/null
    ;;
/*)
    ARTICLE="$3"
    ;;
*)
    ARTICLE="${SPOOL}/$3"
    ;;
esac
PATHHOST="$4"

umask 002
TEMP=${TMPDIR}/ctl$$
##  Avoid egrep bugs with empty or-patterns.
test -z "${PROG}" && PROG=all
${EGREP} "^(${PROG}|all):" <${CTLFILE} >${TEMP}

##  Get any arguments.
if grep "^Control:[ 	]*${PROG}" <${ARTICLE} >/dev/null 2>&1 ; then
    set X `${SED} -n -e "s/^Control:[ 	]*${PROG}//p" -e '/^$/q' <${ARTICLE}`
    shift
else
    if grep "^Subject:[ 	]*cmsg[ 	]*${PROG}" \
		<${ARTICLE} >/dev/null 2>&1 ; then
	set X `${SED} -n -e "s/^Subject:[ 	]*cmsg[ 	]*${PROG}//p" \
		-e '/^$/q' <${ARTICLE}`
	shift
    else
	rm -f ${TEMP}
	if $MAILFAILURES; then
		${SED} -e 's/^~/~~/' < ${ARTICLE} \
			| ${MAILCMD} -s "Bad header by ${FROM}" ${NEWSMASTER}
	fi
	cat ${ARTICLE} |
	     writelog $MOST_LOGS/badcontrol.log "`date` Bad header by ${FROM}"
	exit
    fi
fi

# Check characters in values of variables that will be inside an eval
TRANS1="`echo \"$1\" | tr ${AZ} ${az} | tr -dc \\\055${az}${ZN}+_.`"
if [ ${1}X != ${TRANS1}X ]; then
    rm -f ${TEMP}
    if $MAILFAILURES; then
	${SED} -e 's/^~/~~/' < ${ARTICLE} \
	    | ${MAILCMD} -s "Malformed newsgroup name by ${FROM}" ${NEWSMASTER}
    fi
    cat ${ARTICLE} |
	writelog $MOST_LOGS/badcontrol.log \
	    "`date` Malformed newsgroup name by ${FROM}"
    exit
fi
TRANSP="`echo \"$PROG\" | tr ${AZ} ${az} | tr -dc \\\055${az}${ZN}+_.`"
if [ ${PROG}X != ${TRANSP}X ]; then
    rm -f ${TEMP}
    if $MAILFAILURES; then
	${SED} -e 's/^~/~~/' < ${ARTICLE} \
	    | ${MAILCMD} -s "Unexpected program name by ${FROM}" ${NEWSMASTER}
    fi
    cat ${ARTICLE} |
	writelog $MOST_LOGS/badcontrol.log \
	    "`date` Unexpected program name by ${FROM}"
    exit
fi

ACTION=mail
IFS=:
exec <${TEMP}
while read MESSAGE FROM_PAT NG_PAT ACT_PAT ; do
    eval "case \"${FROM}\" in
    ${FROM_PAT})
	##  Got a match -- if newgroup/rmgroup, must also
	##  match the newsgroup pattern.
	case \"${PROG}\" in
	newgroup|rmgroup)
	    case \"$1\" in
	    ${NG_PAT})
		ACTION=${ACT_PAT}
		;;
	    esac
	    ;;
	*)
	    ACTION=${ACT_PAT}
	    ;;
	esac
    ;;
    esac"
done
rm -f ${TEMP}
IFS="`echo stn | tr stn ' \011\012'`"

LOGFILE=mail
case ${ACTION} in
drop)
    exit
    ;;
log)
    echo "`date` Ignored ${PROG} ${ARTICLE} by ${FROM} (${PATHHOST})" 1>&2
    exit
    ;;
log=*)
    LOGFILE=`expr "${ACTION}" : 'log=[	 ]*\(.*\)'`
    ACTION=logit
    ;;
doit=*)
    LOGFILE=`expr "${ACTION}" : 'doit=[	 ]*\(.*\)'`
    ACTION=doit
    ;;
verify-*=*)
    LOGFILE=`expr "${ACTION}" : 'verify-.*=[	 ]*\(.*\)'`
    PGPAUTH=`expr "${ACTION}" : 'verify-\([^=]*\)'`
    ACTION=verify
    ;;
verify-*)
    PGPAUTH=`expr "${ACTION}" : 'verify-\([^=]*\)'`
    ACTION=verify
    ;;
esac

case "${LOGFILE}" in
"")
    LOGFILE=/dev/null
    ;;
mail|/*)
    ;;
*)
    LOGFILE=${MOST_LOGS}/${LOGFILE}.log
    ;;
esac
export LOGFILE

if $PGPVERIFY; then
    PGPSENDER=`pgpverify < ${ARTICLE}`;
    PGP_STATUS=$?
    case "${ACTION}:${PGP_STATUS}" in
    verify:0)
        case "${PGPAUTH}" in
        "")
            ACTION=mail
	    LOGFILE=mail
            ;;
        ${PGPSENDER})
            ACTION=doit
            ;;
        *)
            ACTION=mail
	    LOGFILE=mail
            ;;
        esac       
        ;;
    # code 255 is failure to run pgp.
    verify:255)
	ACTION=logit
	LOGFILE=failedpgp.log
	;;
    # pgp ran, but failed to verify message.
    verify:*)
       ACTION=logit
       LOGFILE=badpgp.log
       ;;
    esac
fi
