projects
/
mirror
/
userdir-ldap.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
release
[mirror/userdir-ldap.git]
/
ud-echelon
diff --git
a/ud-echelon
b/ud-echelon
index
2be0112
..
2c0f984
100755
(executable)
--- a/
ud-echelon
+++ b/
ud-echelon
@@
-1,40
+1,51
@@
#!/usr/bin/env python
# -*- mode: python -*-
#!/usr/bin/env python
# -*- mode: python -*-
-import userdir_gpg, userdir_ldap, sys, traceback, time, ldap, posix;
-import string, pwd
+import userdir_gpg, userdir_ldap, sys, traceback, time, ldap, os, getopt;
+import pwd
+import email, email.parser
from userdir_gpg import *;
from userdir_ldap import *;
EX_TEMPFAIL = 75;
EX_PERMFAIL = 65; # EX_DATAERR
from userdir_gpg import *;
from userdir_ldap import *;
EX_TEMPFAIL = 75;
EX_PERMFAIL = 65; # EX_DATAERR
-Debug =
""
;
+Debug =
None
;
# Try to extract a key fingerprint from a PGP siged message
# Try to extract a key fingerprint from a PGP siged message
-def TryGPG(
E
mail):
+def TryGPG(
e
mail):
# Try to get a pgp text
# Try to get a pgp text
- Msg = GetClearSig(Email);
- if string.find(Msg[0],"-----BEGIN PGP SIGNED MESSAGE-----") == -1:
+ try:
+ Msg = GetClearSig(email);
+ except:
+ # Log an exception.. but continue. This is to deal with 'sort of'
+ # PGP-MIME things
+ S = "%s: %s -> %s\n" %(Now,MsgID,ErrMsg);
+ S = S + " %s: %s\n" %(sys.exc_type,sys.exc_value);
+ ErrLog.write(S);
return None;
return None;
-
- print Msg[0];
- Res = GPGCheckSig(Msg[0]);
+
+ if Msg[0].find("-----BEGIN PGP SIGNED MESSAGE-----") == -1:
+ return None;
+
+ pgp = GPGCheckSig2(Msg[0]);
# Failed to find a matching sig
# Failed to find a matching sig
- if Res[0] != None:
+ if not pgp.ok:
+ S = "%s: %s -> PGP Checking failed '%s': %s %s\n" %(Now,MsgID,email["From"],str(pgp.why),str(pgp.key_info));
+ ErrLog.write(S);
return None;
# Search for the matching key fingerprint
return None;
# Search for the matching key fingerprint
- Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"key
fingerprint=" + Res[2][1]
);
+ Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"key
FingerPrint=" + pgp.key_fpr
);
if len(Attrs) == 0:
return None;
if len(Attrs) != 1:
raise Error, "Oddly your key fingerprint is assigned to more than one account.."
if len(Attrs) == 0:
return None;
if len(Attrs) != 1:
raise Error, "Oddly your key fingerprint is assigned to more than one account.."
- return (Attrs[0][1]["uid"][0],"PGP",FormatPGPKey(
Res[2][1]
));
+ return (Attrs[0][1]["uid"][0],"PGP",FormatPGPKey(
pgp.key_fpr
));
# Try to guess the name from the email address
# Try to guess the name from the email address
-def TryMatcher(
E
mail):
- Sender =
Email.getheader("From")
;
+def TryMatcher(
e
mail):
+ Sender =
email["From"]
;
if Sender == None:
return None;
if Sender == None:
return None;
@@
-53,6
+64,12
@@
def TryMatcher(Email):
return None;
return (UID[0],"FROM",Sender);
return None;
return (UID[0],"FROM",Sender);
+
+# Process options
+(options, arguments) = getopt.getopt(sys.argv[1:], "dr")
+for (switch, val) in options:
+ if (switch == '-d'):
+ Debug = "";
# Open the log files
if Debug == None:
# Open the log files
if Debug == None:
@@
-71,17
+88,17
@@
try:
# Get the email
ErrType = EX_PERMFAIL;
ErrMsg = "Failed to understand the email or find a signature:";
# Get the email
ErrType = EX_PERMFAIL;
ErrMsg = "Failed to understand the email or find a signature:";
-
Email = mimetools.Message(sys.stdin,0
);
- MsgID =
Email.getheader("Message-ID");
-
+
email = email.parser.Parser().parse(sys.stdin
);
+ MsgID =
email["Message-ID"]
+
# Connect to the ldap server
ErrType = EX_TEMPFAIL;
ErrMsg = "An error occured while performing the LDAP lookup";
global l;
# Connect to the ldap server
ErrType = EX_TEMPFAIL;
ErrMsg = "An error occured while performing the LDAP lookup";
global l;
- l =
ldap.open(LDAPServer);
+ l =
connectLDAP()
if Debug == None:
if Debug == None:
- F = open(PassDir+"/pass-"+pwd.getpwuid(
posix
.getuid())[0],"r");
- AccessPass =
string.split(string.strip(F.readline())," ");
+ F = open(PassDir+"/pass-"+pwd.getpwuid(
os
.getuid())[0],"r");
+ AccessPass =
F.readline().strip().split(" ")
l.simple_bind_s("uid="+AccessPass[0]+","+BaseDn,AccessPass[1]);
F.close();
else:
l.simple_bind_s("uid="+AccessPass[0]+","+BaseDn,AccessPass[1]);
F.close();
else:
@@
-90,14
+107,15
@@
try:
# Try to decode
ErrType = EX_TEMPFAIL;
ErrMsg = "An error occured while trying GPG decoding";
# Try to decode
ErrType = EX_TEMPFAIL;
ErrMsg = "An error occured while trying GPG decoding";
- User = TryGPG(
E
mail);
+ User = TryGPG(
e
mail);
if User == None:
ErrMsg = "An error occured while trying Matcher decoding";
if User == None:
ErrMsg = "An error occured while trying Matcher decoding";
- User = TryMatcher(
E
mail);
+ User = TryMatcher(
e
mail);
# Get any mailing list information
# Get any mailing list information
- List = Email.getheader("X-Mailing-List");
- if List == None:
+ if 'X-Mailing-List' in email:
+ List = email['X-Mailing-List']
+ else:
List = "-";
# Tada, write a log message
List = "-";
# Tada, write a log message
@@
-111,7
+129,7
@@
try:
else:
print Rec;
else:
else:
print Rec;
else:
- User = ("-","UKN",
Email.getheader
("From"));
+ User = ("-","UKN",
email
("From"));
Msg = "[%s] \"%s\" \"%s\" \"%s\""%(Now,User[2],List,MsgID);
MainLog.write("%s %s %s\n"%(User[0],User[1],Msg));
Msg = "[%s] \"%s\" \"%s\" \"%s\""%(Now,User[2],List,MsgID);
MainLog.write("%s %s %s\n"%(User[0],User[1],Msg));