X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-mailgate;h=1eb42c1bb061de8cc7211298973cde4ffbce1506;hb=f2981c64295da12a8b67fb20380e7391c1979e7d;hp=05756aa2ff367885c75fd8a7e5a847c61f107e10;hpb=950e6acc8178555e33f64f0bda9af99bf9d7cfab;p=mirror%2Fuserdir-ldap.git

diff --git a/ud-mailgate b/ud-mailgate
index 05756aa..1eb42c1 100755
--- a/ud-mailgate
+++ b/ud-mailgate
@@ -323,10 +323,10 @@ def DoSSH(Str, Attrs, badkeys, uid):
    Match = SSHFingerprint.match(output)
    g = Match.groups()
 
-   if int(g[0]) < 1024:
+   if int(g[0]) < 2048 and (typekey != "ed25519"):
       try:
          # Body
-         Subst["__ERROR__"] = "SSH keysize %s is below limit 1024" % (g[0])
+         Subst["__ERROR__"] = "SSH keysize %s is below limit 2048" % (g[0])
          ErrReply = TemplateSubst(Subst,open(TemplatesDir+"admin-info","r").read())
 
          Child = os.popen("/usr/sbin/sendmail -t","w")
@@ -338,7 +338,7 @@ def DoSSH(Str, Attrs, badkeys, uid):
          sys.exit(EX_TEMPFAIL)
 
       # And now break and stop processing input, which sends a reply to the user.
-      raise UDFormatError, "SSH keys must have at least 1024 bits, processing halted, NOTHING MODIFIED AT ALL"
+      raise UDFormatError, "SSH keys must have at least 2048 bits, processing halted, NOTHING MODIFIED AT ALL"
    elif g[1] in badkeys:
       try:
          # Body
@@ -490,7 +490,7 @@ def DoRBL(Str,Attrs):
 
 # Handle a ConfirmSudoPassword request
 def DoConfirmSudopassword(Str, SudoPasswd):
-   Match = re.compile('^confirm sudopassword ('+UUID_FORMAT+') ([a-z0-9.,*]+) ([0-9a-f]{40})$').match(Str)
+   Match = re.compile('^confirm sudopassword ('+UUID_FORMAT+') ([a-z0-9.,*-]+) ([0-9a-f]{40})$').match(Str)
    if Match == None:
       return None
 
@@ -517,7 +517,7 @@ def FinishConfirmSudopassword(l, uid, Attrs, SudoPasswd):
 
    newldap = []
    for entry in inldap:
-      Match = re.compile('^('+UUID_FORMAT+') (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*]+) ([^ ]+)$').match(entry)
+      Match = re.compile('^('+UUID_FORMAT+') (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*-]+) ([^ ]+)$').match(entry)
       if Match == None:
          raise UDFormatError, "Could not parse existing sudopasswd entry"
       uuid = Match.group(1)