From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/48587 Path: main.gmane.org!not-for-mail From: Simon Josefsson Newsgroups: gmane.emacs.gnus.general Subject: Re: Hashcash Date: Thu, 02 Jan 2003 19:33:28 +0100 Sender: owner-ding@hpc.uh.edu Message-ID: References: <87y9brejam.fsf@mail.paradoxical.net> <873ctztyth.fsf@mail.paradoxical.net> <20020801222925.A10502@mastaler.com> <02Aug5.165400edt.119167@gateway.intersystems.com> <02Aug6.103518edt.119321@gateway.intersystems.com> <02Aug6.141550edt.119068@gateway.intersystems.com> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: main.gmane.org 1041532432 11792 80.91.224.249 (2 Jan 2003 18:33:52 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Thu, 2 Jan 2003 18:33:52 +0000 (UTC) Cc: Paul Foley Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by main.gmane.org with esmtp (Exim 3.35 #1 (Debian)) id 18UAAA-00033v-00 for ; Thu, 02 Jan 2003 19:33:50 +0100 Original-Received: from sina.hpc.uh.edu ([129.7.128.10] ident=lists) by malifon.math.uh.edu with esmtp (Exim 3.20 #1) id 18UAAR-0004Ix-00; Thu, 02 Jan 2003 12:34:08 -0600 Original-Received: by sina.hpc.uh.edu (TLB v0.09a (1.20 tibbs 1996/10/09 22:03:07)); Thu, 02 Jan 2003 12:35:00 -0600 (CST) Original-Received: from yxa.extundo.com (178.230.13.217.in-addr.dgcsystems.net [217.13.230.178]) by sina.hpc.uh.edu (8.9.3/8.9.3) with ESMTP id MAA24491 for ; Thu, 2 Jan 2003 12:34:43 -0600 (CST) Original-Received: from latte.josefsson.org (yxa.extundo.com [217.13.230.178]) (authenticated bits=0) by yxa.extundo.com (8.12.6/8.12.6) with ESMTP id h02IXTRr014733 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 2 Jan 2003 19:33:30 +0100 Original-To: ding@hpc.uh.edu Mail-Copies-To: nobody X-Payment: hashcash 1.1 0:030102:ding@hpc.uh.edu:91b9fcc6f88c0515 X-Hashcash: 0:030102:ding@hpc.uh.edu:91b9fcc6f88c0515 X-Payment: hashcash 1.1 0:030102:mycroft@actrix.gen.nz:d068942546c34f21 X-Hashcash: 0:030102:mycroft@actrix.gen.nz:d068942546c34f21 In-Reply-To: (Lars Magne Ingebrigtsen's message of "Mon, 30 Dec 2002 01:22:55 +0100") User-Agent: Gnus/5.090008 (Oort Gnus v0.08) Emacs/21.2 (i386-debian-linux-gnu) Precedence: list X-Majordomo: 1.94.jlt7 Xref: main.gmane.org gmane.emacs.gnus.general:48587 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:48587 Lars Magne Ingebrigtsen writes: > There doesn't seem to be any code in there to verify the hashcash > payment. Does anybody have anything for doing that? I lobbied for this in SpamAssassin, and there are patches available, but nothing seems to happen. They seemed to want to wait for a standard to emerge, which seemed very backwards to what SA is all about to me, but anyway. I noticed that Lars updated Gnus' hashcash.el from upstream that has verify functions, but it seems XEmacs specific, and it didn't work in incomming mail buffers with RFC 822 body separators. Patch attached; Paul do you think it is OK? > Also, the posting code seems to be synchronous. I think it would be > nice to put the hashcash generation in the background, and postpone > the sending until the message has been hashcashed. Has anybody done > any work in that area? Could, perhaps, the delayed nndrafts code be > used for that? Sounds like a good idea. We'd might as well write a complete elisp implementation of it, since it justs loop over a SHA-1 computation. --- hashcash.el.~1.6~ Thu Jan 2 17:52:32 2003 +++ hashcash.el Thu Jan 2 19:28:44 2003 @@ -37,11 +37,19 @@ "*The default minimum number of bits to accept on incoming payments." :type 'integer) -(defcustom hashcash-accept-resources `((,(user-mail-address) nil)) +(defcustom hashcash-accept-resources `((,(if (fboundp 'user-mail-address) + (user-mail-address) + user-mail-address) . nil)) "*An association list mapping hashcash resources to payment amounts. Resources named here are to be accepted in incoming payments. If the corresponding AMOUNT is NIL, the value of `hashcash-default-accept-payment' -is used instead.") +is used instead." + :type '(repeat (cons (string) + (choice (const :tag "Default" nil) + (const :tag "20 bits" 20) + (const :tag "25 bits" 25) + (const :tag "30 bits" 30) + (integer))))) (defcustom hashcash "/usr/local/bin/hashcash" "*The path to the hashcash binary.") @@ -93,11 +101,19 @@ (defun hashcash-check-payment (token str val) "Check the validity of a hashcash payment." - (zerop (call-process hashcash nil nil nil "-c" + (zerop (save-excursion + (set-buffer (get-buffer-create " *hashcash verify*")) + (erase-buffer) + (insert (format "%s -c -d -f %s -b %s -r %s %s\n" + hashcash hashcash-double-spend-database + (number-to-string val) str token)) + ;; hashcash uses isatty() to set -quiet flag, so we don't + ;; see anything. process-connection-type doesn't help. + (call-process hashcash nil t nil "-c" "-d" "-f" hashcash-double-spend-database "-b" (number-to-string val) "-r" str - token))) + token)))) ;;;###autoload (defun hashcash-insert-payment (arg) @@ -112,14 +128,16 @@ ;;;###autoload (defun hashcash-verify-payment (token &optional resource amount) "Verify a hashcash payment" - (let ((key (cadr (split-string-by-char token ?:)))) + (let ((key (caddr (split-string token ":")))) (cond ((null resource) (let ((elt (assoc key hashcash-accept-resources))) - (and elt (hashcash-check-payment token (car elt) - (or (cadr elt) hashcash-default-accept-payment))))) + (and elt (hashcash-check-payment + token (car elt) + (or (cdr elt) hashcash-default-accept-payment))))) ((equal token key) (hashcash-check-payment token resource - (or amount hashcash-default-accept-payment))) + (or amount + hashcash-default-accept-payment))) (t nil)))) ;;;###autoload @@ -159,7 +177,8 @@ hashcash-default-accept-payment))) (save-excursion (goto-char (point-min)) - (search-forward mail-header-separator) + (or (search-forward (concat "\n" mail-header-separator "\n") nil t) + (search-forward-regexp "[^:]+:\\([^\n]\\|\n[ \t]\\)+\n\n" nil t)) (beginning-of-line) (let ((end (point)) (ok nil))