(view this code in a separate window)
#!/usr/bin/perl
#
# gpgrunit
#
# Run encrypted/signed commands received via email.
# Trigger this via .forward, .procmailrc, etc.
#
# Copyright 2002, Bri Hatch
#
# Released under the GPL. See COPYING file
# for more information.
use strict;
use FileHandle;
use IPC::Open2;
sub bail { print "Exiting\n"; exit 0}
# Some random variables.
my $GPG='/usr/bin/gpg';
my $SENDMAIL='/usr/sbin/sendmail';
my $VALID_FROM=0;
my $HOSTNAME=`hostname`;
chomp $HOSTNAME;
# Change if needed.
# (Most .forward-style mail filtering
# software will set HOME anyway, so you
# can likely do without.)
$ENV{HOME}='/home/xahria';
chdir $ENV{HOME} or bail;
# Scan header for magic Subject line
while (<STDIN>) {
bail if /^$/;
last if /^Subject: Run GPG Commands/;
}
# Skip rest of header
while (<STDIN>) { last if /^$/; }
# Launch gpg to snag commands and GPG header
open2(*RD, *WR, "$GPG 2>&1" );
WR->autoflush();
# Feed the encoded message to GPG
print WR <STDIN>;
close WR;
# Read decrypted output
while (<RD>) {
$VALID_FROM=1
# change to the actual PGP confirmation, obviously.
if /Good signature from "Xahria <xahria\@my_email.com>"/;
# Skip past normal gpg output until we see the
# beginning of our command section
last if /^SEND_TO:/;
}
# Bail if it wasn't signed by the correct GPG key.
bail unless $VALID_FROM;
# Snag return email address from the gpg-signed message.
my($EMAIL) = (/^SEND_TO:(.*)/);
open SENDMAIL, "|$SENDMAIL -t" or bail;
# Send email back to the sender.
print SENDMAIL <<EOM;
To: $EMAIL
From: Xahria <xahria\@my_email.com>
Subject: Commands output
Here are the results of your commands on $HOSTNAME
EOM
# Read and execute commands.
while (<RD>) {
my $command = $_;
chomp $command;
print SENDMAIL "\n\n---\Running $command\n";
print SENDMAIL `$command`;
}
close SENDMAIL;