X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-mailgate;h=1f63e683fa6490beb738a2a28be88eb8a35f4828;hb=700d6f9e31a105da431ab1f003aac1673977567e;hp=0d6d330212a14d9fc29ae4c6fc82eaa8e51294da;hpb=8a552664fb81b23f7e6ad23864f1b031a2592b47;p=mirror%2Fuserdir-ldap.git

diff --git a/ud-mailgate b/ud-mailgate
index 0d6d330..1f63e68 100755
--- a/ud-mailgate
+++ b/ud-mailgate
@@ -331,10 +331,11 @@ def DoSSH(Str, Attrs, badkeys, uid):
             Subst["__ERROR__"] = "SSH key with fingerprint %s known as bad key" % (g[1])
             ErrReply = TemplateSubst(Subst, open(TemplatesDir + "admin-info", "r").read())
 
-            Child = os.popen("/usr/sbin/sendmail -t", "w")
-            Child.write(ErrReplyHead)
-            Child.write(ErrReply)
-            if Child.close() is not None:
+            Child = subprocess.Popen(['/usr/sbin/sendmail', '-t'], stdin=subprocess.PIPE)
+            Child.stdin.write(ErrReplyHead)
+            Child.stdin.write(ErrReply)
+            Child.stdin.close()
+            if Child.wait() != 0:
                 raise UDExecuteError("Sendmail gave a non-zero return code")
         except Exception:
             sys.exit(EX_TEMPFAIL)
@@ -371,6 +372,10 @@ def DoDNS(Str, Attrs, DnRecord):
        aaaarecord is None:
         return None
 
+    # Check for punycode.  We ought to validate it before we allow it in our zone.
+    if Str.lower().startswith('xn--'):
+        return "Punycode not allowed: " + Str
+
     # Check if the name is already taken
     G = re.match(r'^([-\w+]+)\s', Str)
     if G is None:
@@ -854,10 +859,10 @@ try:
 
     # Send the message through sendmail
     ErrMsg = "A problem occured while trying to send the reply"
-    Child = os.popen("/usr/sbin/sendmail -t", "w")
-    #   Child = os.popen("cat","w")
-    Child.write(Reply)
-    if Child.close() is not None:
+    Child = subprocess.Popen(['/usr/sbin/sendmail', '-t'], stdin=subprocess.PIPE)
+    Child.stdin.write(Reply)
+    Child.stdin.close()
+    if Child.wait() != 0:
         raise UDExecuteError("Sendmail gave a non-zero return code")
 
 except Exception:
@@ -883,10 +888,11 @@ except Exception:
     try:
         ErrReply = TemplateSubst(Subst, open(TemplatesDir + "error-reply", "r").read())
 
-        Child = os.popen("/usr/sbin/sendmail -t -oi -f ''", "w")
-        Child.write(ErrReplyHead)
-        Child.write(ErrReply)
-        if Child.close() is not None:
+        Child = subprocess.Popen(['/usr/sbin/sendmail', '-t', '-oi', '-f', ''], stdin=subprocess.PIPE)
+        Child.stdin.write(ErrReplyHead)
+        Child.stdin.write(ErrReply)
+        Child.stdin.close()
+        if Child.wait() != 0:
             raise UDExecuteError("Sendmail gave a non-zero return code")
     except Exception:
         sys.exit(EX_TEMPFAIL)