projects
/
mirror
/
userdir-ldap.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Do SSL when connecting to the ldap server.
[mirror/userdir-ldap.git]
/
ud-mailgate
diff --git
a/ud-mailgate
b/ud-mailgate
index
b158ba8
..
6341130
100755
(executable)
--- a/
ud-mailgate
+++ b/
ud-mailgate
@@
-30,7
+30,7
@@
SeenList = {}
DNS = {}
SSHFingerprint = re.compile('^(\d+) ([0-9a-f\:]{47}) (.+)$')
DNS = {}
SSHFingerprint = re.compile('^(\d+) ([0-9a-f\:]{47}) (.+)$')
-SSHRSA1Match = re.compile('^
\d+ (\d+) \d+ .*
')
+SSHRSA1Match = re.compile('^
^(.* )?\d+ \d+ \d+
')
ArbChanges = {"c": "..",
"l": ".*",
ArbChanges = {"c": "..",
"l": ".*",
@@
-239,10
+239,12
@@
def LoadBadSSH():
# [options] 1024 35 13188913666680[..] [comment]
def DoSSH(Str, Attrs, badkeys, uid):
Match = SSH2AuthSplit.match(Str);
# [options] 1024 35 13188913666680[..] [comment]
def DoSSH(Str, Attrs, badkeys, uid):
Match = SSH2AuthSplit.match(Str);
+ if Match == None:
+ return None;
g = Match.groups()
typekey = g[1]
if Match == None:
g = Match.groups()
typekey = g[1]
if Match == None:
- Match =SSHRSA1Match.match(Str)
+ Match =
SSHRSA1Match.match(Str)
if Match is not None:
return "RSA1 keys not supported anymore"
return None;
if Match is not None:
return "RSA1 keys not supported anymore"
return None;
@@
-465,7
+467,7
@@
def HandleChange(Reply,DnRecord,Key):
Result = Result + Res + "\n";
# Connect to the ldap server
Result = Result + Res + "\n";
# Connect to the ldap server
- l =
ldap.open(LDAPServer);
+ l =
connectLDAP()
F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r");
AccessPass = F.readline().strip().split(" ")
F.close();
F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r");
AccessPass = F.readline().strip().split(" ")
F.close();
@@
-536,7
+538,7
@@
def HandleChPass(Reply,DnRecord,Key):
Reply = Reply + TemplateSubst(Subst,open(TemplatesDir+"passwd-changed","r").read());
# Connect to the ldap server
Reply = Reply + TemplateSubst(Subst,open(TemplatesDir+"passwd-changed","r").read());
# Connect to the ldap server
- l =
ldap.open(LDAPServer);
+ l =
connectLDAP()
F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r");
AccessPass = F.readline().strip().split(" ")
F.close();
F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r");
AccessPass = F.readline().strip().split(" ")
F.close();
@@
-549,7
+551,8
@@
def HandleChPass(Reply,DnRecord,Key):
raise Error, "This account is locked";
# Modify the password
raise Error, "This account is locked";
# Modify the password
- Rec = [(ldap.MOD_REPLACE,"userPassword","{crypt}"+Pass)];
+ Rec = [(ldap.MOD_REPLACE,"userPassword","{crypt}"+Pass),
+ (ldap.MOD_REPLACE,"shadowLastChange",str(int(time.time()/24/60/60)))];
Dn = "uid=" + GetAttr(DnRecord,"uid") + "," + BaseDn;
l.modify_s(Dn,Rec);
Dn = "uid=" + GetAttr(DnRecord,"uid") + "," + BaseDn;
l.modify_s(Dn,Rec);
@@
-613,7
+616,7
@@
try:
ErrType = EX_TEMPFAIL;
ErrMsg = "An error occured while performing the LDAP lookup";
global l;
ErrType = EX_TEMPFAIL;
ErrMsg = "An error occured while performing the LDAP lookup";
global l;
- l =
ldap.open(LDAPServer);
+ l =
connectLDAP()
l.simple_bind_s("","");
# Search for the matching key fingerprint
l.simple_bind_s("","");
# Search for the matching key fingerprint