Error = 'Message Error';
SeenKey = 0;
SeenDNS = 0;
+mailRBL = {}
+mailRHSBL = {}
+mailWhitelist = {}
+SeenList = {}
DNS = {}
ArbChanges = {"c": "..",
"postalCode": ".*",
"loginShell": ".*",
"emailForward": "^([^<>@]+@.+)?$",
+ "jabberJID": "^([^<>@]+@.+)?$",
"ircNick": ".*",
"icqUin": "^[0-9]*$",
"onVacation": ".*",
- "labledURI": ".*"};
+ "labeledURI": ".*",
+ "mailDisableMessage": ".*",
+ "mailGreylisting": "^(TRUE|FALSE)$",
+ "mailCallout": "^(TRUE|FALSE)$",
+};
DelItems = {"c": None,
"l": None,
"emailForward": None,
"ircNick": None,
"onVacation": None,
- "labledURI": None,
+ "labeledURI": None,
"latitude": None,
"longitude": None,
"icqUin": None,
+ "jabberJID": None,
+ "jpegPhoto": None,
+ "dnsZoneEntry": None,
"sshRSAAuthKey": None,
- "sshDSAAuthKey": None};
+ "sshDSAAuthKey": None,
+ "birthDate" : None,
+ "mailGreylisting": None,
+ "mailCallout": None,
+ "mailRBL": None,
+ "mailRHSBL": None,
+ "mailWhitelist": None,
+ "mailDisableMessage": None,
+ };
# Decode a GPS location from some common forms
def LocDecode(Str,Dir):
if Match == None:
return None;
G = Match.groups();
-
+
attrName = G[0].lower();
for i in DelItems.keys():
if i.lower() == attrName:
def DoSSH(Str,Attrs):
Match = SSH2AuthSplit.match(Str);
if Match == None:
+ Match = re.compile('^1024 (\d+) ').match(Str)
+ if Match is not None:
+ return "SSH1 keys not supported anymore"
return None;
global SeenKey;
# Check for collisions
global l;
- Rec = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"dnsZoneEntry="+G[0]+" *",["uid"]);
+ # [JT 20070409 - search for both tab and space suffixed hostnames
+ # since we accept either. It'd probably be better to parse the
+ # incoming string in order to construct what we feed LDAP rather
+ # than just passing it through as is.]
+ filter = "(|(dnsZoneEntry=%s *)(dnsZoneEntry=%s *))" % (G[0], G[0])
+ Rec = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,filter,["uid"]);
for x in Rec:
if GetAttr(x,"uid") != GetAttr(DnRecord,"uid"):
return "DNS entry is already owned by " + GetAttr(x,"uid")
SeenDNS = 1;
return "DNS Entry replaced with "+Str;
+# Handle an RBL list (mailRBL, mailRHSBL, mailWhitelist)
+def DoRBL(Str,Attrs):
+ Match = re.compile('^mail(rbl|rhsbl|whitelist) ([-a-z0-9.]+)$').match(string.lower(Str))
+ if Match == None:
+ return None
+
+ if Match.group(1) == "rbl":
+ Key = "mailRBL"
+ if Match.group(1) == "rhsbl":
+ Key = "mailRHSBL"
+ if Match.group(1) == "whitelist":
+ Key = "mailWhitelist"
+ Host = Match.group(2)
+
+ global SeenList
+ if SeenList.has_key(Key):
+ Attrs.append((ldap.MOD_ADD,Key,Host))
+ return "%s added %s" % (Key,Host)
+
+ Attrs.append((ldap.MOD_REPLACE,Key,Host))
+ SeenList[Key] = 1;
+ return "%s replaced with %s" % (Key,Host)
+
# Handle an [almost] arbitary change
def HandleChange(Reply,DnRecord,Key):
global PlainText;
else:
Res = DoPosition(Line,Attrs) or DoDNS(Line,Attrs,DnRecord) or \
DoArbChange(Line,Attrs) or DoSSH(Line,Attrs) or \
- DoDel(Line,Attrs);
+ DoDel(Line,Attrs) or DoRBL(Line,Attrs);
except:
Res = None;
Result = Result + "==> %s: %s\n" %(sys.exc_type,sys.exc_value);
Rply = RC.Check(Res[1]);
if Rply != None:
raise Error, Rply;
- RC.Add(Res[1]);
# Connect to the ldap server
ErrType = EX_TEMPFAIL;
# Search for the matching key fingerprint
Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"keyFingerPrint=" + Res[2][1]);
+
+ ErrType = EX_PERMFAIL;
if len(Attrs) == 0:
raise Error, "Key not found"
if len(Attrs) != 1:
raise Error, "Oddly your key fingerprint is assigned to more than one account.."
+ RC.Add(Res[1]);
+
# Determine the sender address
- ErrType = EX_PERMFAIL;
ErrMsg = "A problem occured while trying to formulate the reply";
Sender = Email.getheader("Reply-To");
if Sender == None: