Better way to validate cookies and others improvs

    - Added GPLv3+ short header in source files (genpass.pl, gpigeon-template.cgi and link-template-tmpl.cgi).
    - Added some security headers in the example nginx configuration
    file, and renamed the NGINXCONFDIR variable in the Makefile to SITESENABLED, it makes a bit more sense.
    - Hastily drawed a more fitting .ico/mascot for the project
    - Tweaked the styles.css to be somewhat more
    responsive. Some tags in index.html and
    gpigeon-template.cgi and link-template-tmpl.cgi
    have now an id for styling.
    - Fixed and improved cookie validation.
    While working on the multi-user alternative, I
    noticed that the ValidCookies() function was flimsy, I
    was used eq... I learned about 'cmp' and throwed some UA
    and IP address match to make it a bit more robust.
    - Improved the genpass.pl script, if you want a
    argon2id of your password, you can now launch it in interactive mode with the '-i' arg. It'll fill the ARGON2ID_HASH variable in the existing config.mk with the hash of the provided password
    - Fixed inconsistencies in the Makefile. I was overwriting changes
    with sed for no good reason instead of using the -i switch ! I also moved
    the mail address, mail sender, and gpg id checks to the top of the file
    since they are the most important. Also, the 0xlong is not needed in
    config.def.mk anymore, we extract via the mail address.

1 files changed, 42 insertions, 47 deletions

diff --git a/Makefile b/Makefile
index 24b9489..000e898 100644
--- a/Makefile
+++ b/Makefile
@@ -6,10 +6,35 @@
 BOLD=\033[01m
 RED=\033[31m
 STOP=\033[0m
-RANDOM_ARGON2 := $(shell perl genpass.pl > genpass.txt && tail -1 genpass.txt)
 include config.mk
+RANDOM_ARGON2 := $(shell perl genpass.pl > genpass.txt && tail -1 genpass.txt)
+_GPGID := $(shell gpg --with-colons -k $(MYMAIL_ADDR) | grep "pub:u" | cut -d':' -f5)
 
 gpigeon: gpigeon-template.cgi link-tmpl-template.cgi
+	@if test -n '$(MYMAIL_ADDR)'; then \
+        	printf "Your mail address is ${BOLD}$(MYMAIL_ADDR)${STOP}\n"; \
+		sed -e 's|your_addr_goes_here|$(MYMAIL_ADDR)|g' link-tmpl-template.cgi > link-tmpl.cgi; \
+    	else \
+        	printf "${RED}There's no mail adress configured for gpigeon in your config.mk !${STOP}\n" ; \
+        	$(MAKE) clean ; \
+        	exit 1; \
+	fi
+	
+	@if test -n '$(MAILSENDER)'; then \
+		printf "Encrypted mails will be sent from ${BOLD}$(MAILSENDER)${STOP}\n"; \
+		sed -e 's|sender_addr_goes_here|$(MAILSENDER)|g' -i link-tmpl.cgi; \
+	else \
+		printf "\t${RED}No mail sender adress configured in your config.mk. Fix this.${STOP}\n" ; \
+		$(MAKE) clean ; \
+		exit 1; \
+	fi
+	@if test -n '$(_GPGID)'; then \
+	    printf "Your GPG 0xlong id is ${BOLD}$(_GPGID)${STOP}\n";\
+		sed -e 's|gpgid_goes_here|0x$(_GPGID)|g' -i link-tmpl.cgi;\
+	else \
+	    printf "${RED}It seems that no public GPG key is tied to ${BOLD}$(MYMAIL_ADDR)${STOP}\n";\
+		exit 1; \
+	fi
 	@if test -z '$(PREFIX)'; then \
 		printf "\n$(RED)No \u0024PREFIX variable defined in config.mk.\n";\
 		printf "Look into config.def.mk for the defaults and fix that.$(STOP)\n";\
@@ -41,70 +66,40 @@ gpigeon: gpigeon-template.cgi link-tmpl-template.cgi
 	fi
 	@if test -n '$(LINK_TEMPLATE_PATH)'; then \
 		printf "\nLink template is at ${BOLD}$(LINK_TEMPLATE_PATH)${STOP}"; \
-		sed -e 's|link_template_path_goes_here|$(LINK_TEMPLATE_PATH)|g' gpigeon-template.cgi > gpigeon.cgi; \
+		sed -e 's|link_template_path_goes_here|$(LINK_TEMPLATE_PATH)|g' -i  gpigeon.cgi; \
 	else \
 		printf "\n${RED}The path for the link template wasn't set in your config.mk. Fix that.${STOP}" ;\
 		exit 1;\
 	fi
 	
 	@if test -n '$(ARGON2ID_HASH)'; then\
-		printf "\nThe argon2id hash is ${BOLD}$(ARGON2ID_HASH)${STOP}"; \
-		sed -e 's|argon2id_hash_goes_here|$(ARGON2ID_HASH)|g' gpigeon-template.cgi > gpigeon.cgi; \
+		printf "\nThe argon2id hash is ${BOLD}${ARGON2ID_HASH}${STOP}\n"; \
+		sed -e 's|argon2id_hash_goes_here|$(ARGON2ID_HASH)|g' -i gpigeon.cgi; \
  	else \
-		sed -e 's|argon2id_hash_goes_here|$(RANDOM_ARGON2)|g' gpigeon-template.cgi > gpigeon.cgi; \
+		sed -e 's|argon2id_hash_goes_here|$(RANDOM_ARGON2)|g' -i gpigeon.cgi; \
 		printf "\nThe variable ARGON2ID_HASH wasn't declared in your config.mk thus a password \nand its argon2id hash as been generated (look into `pwd`/genpass.txt)."; \
 		printf "\nYour password is:\n${BOLD}`head -1 genpass.txt`${STOP}"; \
 		printf "\nAnd the hash is:\n${BOLD}%s${STOP}\n\n" '${RANDOM_ARGON2}'; \
 		rm -f genpass.txt; \
 	fi
-	
-
-	
-	@if test -n '$(MYGPG_ID_0XLONG)'; then \
-		printf "Mails will be encrypted to you with the ${BOLD}$(MYGPG_ID_0XLONG)${STOP} GPG key\n"; \
-		sed -e 's|gpgid_goes_here|$(MYGPG_ID_0XLONG)|g' link-tmpl-template.cgi > link-tmpl.cgi; \
-		gpg --armor --export $(MYGPG_ID_0XLONG) > gpg.txt; \
-	else \
-		printf "${RED}No GPG key found because the 0xlong fingerprint format wasn't set in config.mk. Fix this.${STOP}\n";\
-		$(MAKE) clean;\
-		exit 1 ;\
-	fi
-
 	@if test -n '$(MSG_FORM_CHAR_LIMIT)'; then \
         	printf "Message form will have a message limit of ${BOLD}$(MSG_FORM_CHAR_LIMIT) characters${STOP}\n"; \
-		sed -e "s|msg_char_limit_goes_here|$(MSG_FORM_CHAR_LIMIT)|g" link-tmpl-template.cgi > link-tmpl.cgi;\
+		sed -e "s|msg_char_limit_goes_here|$(MSG_FORM_CHAR_LIMIT)|g" -i link-tmpl.cgi;\
     	else \
 	        printf "${RED}No character limits were defined in your config.mk. Fix that.${STOP}\n" ;\
 	        $(MAKE) clean ;\
         	exit 1;\
 	fi
 	
-	@if test -n '$(MYMAIL_ADDR)'; then \
-        	printf "Your mail address is ${BOLD}$(MYMAIL_ADDR)${STOP}\n"; \
-		sed -e 's|your_addr_goes_here|$(MYMAIL_ADDR)|g' link-tmpl-template.cgi > link-tmpl.cgi; \
-    	else \
-        	printf "There's no mail adress configured for gpigeon in your config.mk !\n" ; \
-        	$(MAKE) clean ; \
-        	exit 1; \
-	fi
-	
 	
 	
 	@if [ '${HAS_MAILSERVER}' == '1' ]; then \
 		printf "Local mail server setup. ${BOLD}Mail::Sendmail module will be used to send the mails${STOP}.\n"; \
 	else \
 		printf "External mail server setup. ${BOLD}Net::SMTPS module will be used to send the mails${STOP}.\n"; \
-		if test -n '$(MAILSENDER)'; then \
-			printf "\tEncrypted mails will be sent from ${BOLD}$(MAILSENDER)${STOP}\n"; \
-			sed -e 's|sender_addr_goes_here|$(MAILSENDER)|g' link-tmpl-template.cgi > link-tmpl.cgi; \
-		else \
-			printf "\t${RED}No mail sender adress configured in your config.mk. Fix this.${STOP}\n" ; \
-			$(MAKE) clean ; \
-			exit 1; \
-		fi; \
 		if test -n '$(MAILSENDER_PW)'; then \
 			printf "\tPassword for ${BOLD}${MAILSENDER}${STOP} is %s.\n" '${MAILSENDER_PW}'; \
-			sed -e 's|sender_pw_goes_here|$(MAILSENDER_PW)|g' link-tmpl-template.cgi > link-tmpl.cgi; \
+			sed -e 's|sender_pw_goes_here|$(MAILSENDER_PW)|g' -i link-tmpl.cgi; \
 		else\
 			printf "\t${RED}Password for the sender address wasn't set in your config.mk. Fix this${STOP}.\n";\
 			$(MAKE) clean ; \
@@ -112,7 +107,7 @@ gpigeon: gpigeon-template.cgi link-tmpl-template.cgi
 		fi; \
 		if test -n '$(SMTP_DOMAIN)'; then \
 			printf "\tSMTP server: ${BOLD}$(SMTP_DOMAIN)${STOP}\n"; \
-			sed -e 's|smtp_domain_goes_here|$(SMTP_DOMAIN)|g' link-tmpl-template.cgi > link-tmpl.cgi; \
+			sed -e 's|smtp_domain_goes_here|$(SMTP_DOMAIN)|g' -i link-tmpl.cgi; \
 		else\
 			printf "\t${RED}No SMTP server was configured in your config.mk. Fix this.${STOP}\n";\
 			$(MAKE) clean ; \
@@ -120,19 +115,16 @@ gpigeon: gpigeon-template.cgi link-tmpl-template.cgi
 		fi; \
 		if test -n '$(SMTP_PORT)'; then \
 			printf "\tSMTP port: ${BOLD}$(SMTP_PORT)${STOP}\n"; \
-			sed -e 's|smtp_port_goes_here|$(SMTP_PORT)|g' link-tmpl-template.cgi > link-tmpl.cgi; \
+			sed -e 's|smtp_port_goes_here|$(SMTP_PORT)|g' -i link-tmpl.cgi; \
 		else \
 			printf "\t${RED}No SMTP port configured in your config.mk. Fix this${STOP}.\n"; \
 			$(MAKE) clean ; \
 			exit 1; \
 		fi; \
 	fi
-	@sed -e 's|has_mailserver_goes_here|$(HAS_MAILSERVER)|g' link-tmpl-template.cgi > link-tmpl.cgi 
-	@sed -e 's|gpg_homedir_goes_here|$(_GPG_HOMEDIR)|g' link-tmpl-template.cgi > link-tmpl.cgi
-	@if test -n '$(WWWDOMAIN)' && test -n '$(WWWPREFIX)'; then\
-		$(MAKE) nginxconf;\
-		printf "Done generating $(WWWDOMAIN).conf for nginx.";\
-	fi
+	@sed -e 's|has_mailserver_goes_here|$(HAS_MAILSERVER)|g' -i link-tmpl.cgi 
+	@sed -e 's|gpg_homedir_goes_here|$(_GPG_HOMEDIR)|g' -i link-tmpl.cgi
+	$(MAKE) nginxconf
 	@printf "\nDone preparing files. You can now type\nsudo make install\nin your terminal.\n"
 		
 install:
@@ -146,13 +138,16 @@ install:
 	install -Dm644 index.html favicon.ico styles.css -t $(DESTDIR)$(WWWPREFIX)/gpigeon/
 	install -Dm755 merci/* -t $(DESTDIR)$(PREFIX)/merci/
 	@if test -e '$(WWWDOMAIN).conf'; then\
-		printf "\nInstalling $(WWWDOMAIN).conf into $(NGINXCONFDIR)\n";\
-		install -Dm644 $(WWWDOMAIN).conf -t $(DESTDIR)$(NGINXCONFDIR);\
+		printf "\nInstalling $(WWWDOMAIN).conf into $(SITESENABLED)\n";\
+		install -Dm644 $(WWWDOMAIN).conf -t $(DESTDIR)$(SITESENABLED);\
 	fi
 	chown $(WWWUSER):$(WWWUSER) -R $(DESTDIR)$(PREFIX)/gpigeon || exit 1;
 	chown $(WWWUSER):$(WWWUSER) -R $(DESTDIR)$(WWWPREFIX)/gpigeon || exit 1;
 
 nginxconf: nginx-example.conf
+	@if test -n '$(WWWDOMAIN)' && test -n '$(WWWPREFIX)'; then\
+		printf "Done generating $(WWWDOMAIN).conf for nginx.";\
+	fi
 	@sed -e 's|wwwpath_goes_here|$(WWWPREFIX)|g;s|domain_goes_here|$(WWWDOMAIN)|g' nginx-example.conf > $(WWWDOMAIN).conf ;\