X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-mailgate;h=63411303f2ae2b168a84a437a91543cdf65f1db3;hb=595923978a9ad55f4ec55b1aabef44683b111911;hp=48a38a19da4844ed0771424512a46bc5b78ac1d3;hpb=529a3f21a560e3f6ff85c875ccd4b2a9fb3b37bd;p=mirror%2Fuserdir-ldap.git

diff --git a/ud-mailgate b/ud-mailgate
index 48a38a1..6341130 100755
--- a/ud-mailgate
+++ b/ud-mailgate
@@ -30,6 +30,7 @@ SeenList = {}
 DNS = {}
 
 SSHFingerprint = re.compile('^(\d+) ([0-9a-f\:]{47}) (.+)$')
+SSHRSA1Match = re.compile('^^(.* )?\d+ \d+ \d+')
 
 ArbChanges = {"c": "..",
 	      "l": ".*",
@@ -48,6 +49,7 @@ ArbChanges = {"c": "..",
               "mailDisableMessage": ".*",
 	      "mailGreylisting": "^(TRUE|FALSE)$",
 	      "mailCallout": "^(TRUE|FALSE)$",
+	      "VoIP": ".*",
 };
 
 DelItems = {"c": None,
@@ -75,6 +77,7 @@ DelItems = {"c": None,
             "mailRHSBL": None,
             "mailWhitelist": None,
             "mailDisableMessage": None,
+            "VoIP": None,
             };
 
 # Decode a GPS location from some common forms
@@ -236,12 +239,14 @@ def LoadBadSSH():
 #  [options] 1024 35 13188913666680[..] [comment]
 def DoSSH(Str, Attrs, badkeys, uid):
    Match = SSH2AuthSplit.match(Str);
+   if Match == None:
+      return None;
    g = Match.groups()
    typekey = g[1]
    if Match == None:
-      Match = re.compile('^1024 (\d+) ').match(Str)
+      Match = SSHRSA1Match.match(Str)
       if Match is not None:
-         return "SSH1 keys not supported anymore"
+         return "RSA1 keys not supported anymore"
       return None;
 
    (fd, path) = tempfile.mkstemp(".pub", "sshkeytry", "/tmp")
@@ -462,7 +467,7 @@ def HandleChange(Reply,DnRecord,Key):
       Result = Result + Res + "\n";
 
    # Connect to the ldap server
-   l = ldap.open(LDAPServer);
+   l = connectLDAP()
    F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r");
    AccessPass = F.readline().strip().split(" ")
    F.close();
@@ -533,7 +538,7 @@ def HandleChPass(Reply,DnRecord,Key):
    Reply = Reply + TemplateSubst(Subst,open(TemplatesDir+"passwd-changed","r").read());
    
    # Connect to the ldap server
-   l = ldap.open(LDAPServer);
+   l = connectLDAP()
    F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r");
    AccessPass = F.readline().strip().split(" ")
    F.close();
@@ -546,7 +551,8 @@ def HandleChPass(Reply,DnRecord,Key):
       raise Error, "This account is locked";
 
    # Modify the password
-   Rec = [(ldap.MOD_REPLACE,"userPassword","{crypt}"+Pass)];
+   Rec = [(ldap.MOD_REPLACE,"userPassword","{crypt}"+Pass),
+          (ldap.MOD_REPLACE,"shadowLastChange",str(int(time.time()/24/60/60)))];
    Dn = "uid=" + GetAttr(DnRecord,"uid") + "," + BaseDn;
    l.modify_s(Dn,Rec);
 
@@ -610,7 +616,7 @@ try:
    ErrType = EX_TEMPFAIL;
    ErrMsg = "An error occured while performing the LDAP lookup";
    global l;
-   l = ldap.open(LDAPServer);
+   l = connectLDAP()
    l.simple_bind_s("","");
 
    # Search for the matching key fingerprint