#!/usr/bin/env python
# -*- mode: python -*-
-import userdir_gpg, userdir_ldap, sys, traceback, time, ldap, posix;
-import string, pwd
+import userdir_gpg, userdir_ldap, sys, traceback, time, ldap, os, getopt;
+import pwd
from userdir_gpg import *;
from userdir_ldap import *;
EX_TEMPFAIL = 75;
EX_PERMFAIL = 65; # EX_DATAERR
-Debug = "";
+Debug = None;
# Try to extract a key fingerprint from a PGP siged message
def TryGPG(Email):
# Try to get a pgp text
- Msg = GetClearSig(Email);
- if string.find(Msg[0],"-----BEGIN PGP SIGNED MESSAGE-----") == -1:
+ try:
+ Msg = GetClearSig(Email);
+ except:
+ # Log an exception.. but continue. This is to deal with 'sort of'
+ # PGP-MIME things
+ S = "%s: %s -> %s\n" %(Now,MsgID,ErrMsg);
+ S = S + " %s: %s\n" %(sys.exc_type,sys.exc_value);
+ ErrLog.write(S);
return None;
-
- print Msg[0];
+
+ if Msg[0].find("-----BEGIN PGP SIGNED MESSAGE-----") == -1:
+ return None;
+
Res = GPGCheckSig(Msg[0]);
# Failed to find a matching sig
if Res[0] != None:
+ S = "%s: %s -> PGP Checking failed '%s': %s %s\n" %(Now,MsgID,Email.getheader("From"),str(Res[0]),str(Res[2]));
+ ErrLog.write(S);
return None;
# Search for the matching key fingerprint
- Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"keyfingerprint=" + Res[2][1]);
+ Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"keyFingerPrint=" + Res[2][1]);
if len(Attrs) == 0:
return None;
if len(Attrs) != 1:
return None;
return (UID[0],"FROM",Sender);
+
+# Process options
+(options, arguments) = getopt.getopt(sys.argv[1:], "dr")
+for (switch, val) in options:
+ if (switch == '-d'):
+ Debug = "";
# Open the log files
if Debug == None:
global l;
l = ldap.open(LDAPServer);
if Debug == None:
- F = open(PassDir+"/pass-"+pwd.getpwuid(posix.getuid())[0],"r");
- AccessPass = string.split(string.strip(F.readline())," ");
+ F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r");
+ AccessPass = F.readline().strip().split(" ")
l.simple_bind_s("uid="+AccessPass[0]+","+BaseDn,AccessPass[1]);
F.close();
else: