X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-echelon;h=b2b4f0706c301a5a966393aca05689f908624cd3;hb=refs%2Fheads%2Fsalsa;hp=2be0112c6ae55b67030d76b6c4447ed7b36bac2d;hpb=a86d975ac15e074f142c75ba5c74596be92e740d;p=mirror%2Fuserdir-ldap.git

diff --git a/ud-echelon b/ud-echelon
index 2be0112..b2b4f07 100755
--- a/ud-echelon
+++ b/ud-echelon
@@ -1,48 +1,59 @@
 #!/usr/bin/env python
 # -*- mode: python -*-
-import userdir_gpg, userdir_ldap, sys, traceback, time, ldap, posix;
-import string, pwd
+import userdir_gpg, userdir_ldap, sys, traceback, time, ldap, os, getopt;
+import pwd
+import email, email.parser
 from userdir_gpg import *;
 from userdir_ldap import *;
 
 EX_TEMPFAIL = 75;
 EX_PERMFAIL = 65;      # EX_DATAERR
-Debug = "";
+Debug = None;
 
 # Try to extract a key fingerprint from a PGP siged message
-def TryGPG(Email):
+def TryGPG(mail):
    # Try to get a pgp text
-   Msg = GetClearSig(Email);
-   if string.find(Msg[0],"-----BEGIN PGP SIGNED MESSAGE-----") == -1:
+   try:
+      Msg = GetClearSig(mail, lax_multipart=True);
+   except:
+      # Log an exception.. but continue. This is to deal with 'sort of' 
+      # PGP-MIME things
+      S = "%s: %s -> %s\n" %(Now,MsgID,ErrMsg);
+      S = S + " %s: %s\n" %(sys.exc_type,sys.exc_value);
+      ErrLog.write(S);
       return None;
-      
-   print Msg[0];
-   Res = GPGCheckSig(Msg[0]);
+
+   if Msg[0].find("-----BEGIN PGP SIGNED MESSAGE-----") == -1:
+      return None;
+
+   pgp = GPGCheckSig2(Msg[0]);
 
    # Failed to find a matching sig
-   if Res[0] != None:
+   if not pgp.ok:
+      S = "%s: %s -> PGP Checking failed '%s': %s %s\n" %(Now,MsgID,mail["From"],str(pgp.why),str(pgp.key_info));
+      ErrLog.write(S);
       return None;
       
    # Search for the matching key fingerprint
-   Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"keyfingerprint=" + Res[2][1]);
+   Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"keyFingerPrint=" + pgp.key_fpr);
    if len(Attrs) == 0:
       return None;
    if len(Attrs) != 1:
       raise Error, "Oddly your key fingerprint is assigned to more than one account.."
    
-   return (Attrs[0][1]["uid"][0],"PGP",FormatPGPKey(Res[2][1]));
+   return (Attrs[0][1]["uid"][0],"PGP",FormatPGPKey(pgp.key_fpr));
 
 # Try to guess the name from the email address
-def TryMatcher(Email):
-   Sender = Email.getheader("From");
-   if Sender == None:
+def TryMatcher(mail):
+   Sender = mail["From"];
+   if Sender is None:
       return None;
       
    # Split up the address and invoke the matcher routine
    UID = GetUID(l,SplitEmail(Sender));
    
-   if UID[0] == None:
-      if UID[1] == None or len(UID[1]) == 0:
+   if UID[0] is None:
+      if UID[1] is None or len(UID[1]) == 0:
          return None;
 
       # Print out an error message
@@ -53,9 +64,15 @@ def TryMatcher(Email):
       return None;
     
    return (UID[0],"FROM",Sender);
+
+# Process options
+(options, arguments) = getopt.getopt(sys.argv[1:], "dr")
+for (switch, val) in options:
+   if (switch == '-d'):
+      Debug = "";
    
 # Open the log files
-if Debug == None:
+if Debug is None:
    MainLog = open(Ech_MainLog,"a+",0);
    ErrLog = open(Ech_ErrorLog,"a+",0);
 else:
@@ -71,17 +88,17 @@ try:
    # Get the email 
    ErrType = EX_PERMFAIL;
    ErrMsg = "Failed to understand the email or find a signature:";
-   Email = mimetools.Message(sys.stdin,0);
-   MsgID = Email.getheader("Message-ID");
-   
+   mail = email.parser.Parser().parse(sys.stdin);
+   MsgID = mail["Message-ID"]
+
    # Connect to the ldap server
    ErrType = EX_TEMPFAIL;
    ErrMsg = "An error occured while performing the LDAP lookup";
    global l;
-   l = ldap.open(LDAPServer);
-   if Debug == None:
-      F = open(PassDir+"/pass-"+pwd.getpwuid(posix.getuid())[0],"r");
-      AccessPass = string.split(string.strip(F.readline())," ");
+   l = connectLDAP()
+   if Debug is None:
+      F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r");
+      AccessPass = F.readline().strip().split(" ")
       l.simple_bind_s("uid="+AccessPass[0]+","+BaseDn,AccessPass[1]);
       F.close();
    else:
@@ -90,28 +107,27 @@ try:
    # Try to decode
    ErrType = EX_TEMPFAIL;
    ErrMsg = "An error occured while trying GPG decoding";
-   User = TryGPG(Email);
-   if User == None:
+   User = TryGPG(mail);
+   if User is None:
       ErrMsg = "An error occured while trying Matcher decoding";
-      User = TryMatcher(Email);
+      User = TryMatcher(mail);
 
    # Get any mailing list information   
-   List = Email.getheader("X-Mailing-List");
-   if List == None:
-      List = "-";
+   List = mail['X-Mailing-List']
+   if not List: List = "-";
 
    # Tada, write a log message
-   if User != None:
+   if User is not None:
       Msg = "[%s] \"%s\" \"%s\" \"%s\""%(Now,User[2],List,MsgID);
       MainLog.write("%s %s %s\n"%(User[0],User[1],Msg));
       Dn = "uid=" + User[0] + "," + BaseDn;
       Rec = [(ldap.MOD_REPLACE,"activity-%s"%(User[1]),Msg)];
-      if Debug == None:
+      if Debug is None:
          l.modify_s(Dn,Rec);
       else:
          print Rec;
    else:
-      User = ("-","UKN",Email.getheader("From"));
+      User = ("-","UKN",mail["From"]);
       Msg = "[%s] \"%s\" \"%s\" \"%s\""%(Now,User[2],List,MsgID);
       MainLog.write("%s %s %s\n"%(User[0],User[1],Msg));