X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-mailgate;h=fdc3cfd28a145ec2b19eedbcb79c2e3015eb1702;hb=c7637cf2e45f2e0223e27a0eee30767172aada48;hp=a37b047b59a620017d86a4a80dce10f088ee3296;hpb=200c280e08a33e415aae8c7f0da289284d2c4504;p=mirror%2Fuserdir-ldap.git diff --git a/ud-mailgate b/ud-mailgate index a37b047..fdc3cfd 100755 --- a/ud-mailgate +++ b/ud-mailgate @@ -10,6 +10,7 @@ import userdir_gpg, userdir_ldap, sys, traceback, time, ldap, os, commands import pwd, tempfile import subprocess +import email, email.parser from userdir_gpg import * from userdir_ldap import * @@ -41,12 +42,12 @@ ValidHostNames = [] # will be initialized in later SSHFingerprint = re.compile('^(\d+) ([0-9a-f\:]{47}) (.+)$') SSHRSA1Match = re.compile('^^(.* )?\d+ \d+ \d+') -GenderTable = {"male": 1, - "1": 1, - "female": 2, - "2": 2, - "unspecified": 9, - "9": 9, +GenderTable = {"male": '1', + "1": '1', + "female": '2', + "2": '2', + "unspecified": '9', + "9": '9', }; ArbChanges = {"c": "..", @@ -506,6 +507,9 @@ def FinishConfirmSudopassword(l, uid, Attrs): global SudoPasswd result = "\n" + if len(SudoPasswd) == 0: + return None + res = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"uid="+uid, ['sudoPassword']); if len(res) != 1: raise UDFormatError, "Not exactly one hit when searching for user" @@ -611,16 +615,16 @@ def HandleChange(Reply,DnRecord,Key): # Connect to the ldap server l = connect_to_ldap_and_check_if_locked(DnRecord) - if CommitChanges == 1: # only if we are still good to go + if CommitChanges == 1 and len(Attrs) > 0: # only if we are still good to go try: Res = FinishConfirmSudopassword(l, GetAttr(DnRecord,"uid"), Attrs) - Result = Result + Res + "\n"; + if not Res is None: + Result = Result + Res + "\n"; except Error, e: CommitChanges = 0 Result = Result + "FinishConfirmSudopassword raised an error (%s) - no changes committed\n"%(e); - # Modify the record - if CommitChanges == 1: + if CommitChanges == 1 and len(Attrs) > 0: Dn = "uid=" + GetAttr(DnRecord,"uid") + "," + BaseDn; l.modify_s(Dn,Attrs); @@ -747,8 +751,8 @@ try: # Get the email ErrType = EX_PERMFAIL; ErrMsg = "Failed to understand the email or find a signature:"; - Email = mimetools.Message(sys.stdin,0); - Msg = GetClearSig(Email); + mail = email.parser.Parser().parse(sys.stdin); + Msg = GetClearSig(mail); ErrMsg = "Message is not PGP signed:" if Msg[0].find("-----BEGIN PGP SIGNED MESSAGE-----") == -1 and \ @@ -769,11 +773,8 @@ try: global PlainText; ErrMsg = "Problem stripping MIME headers from the decoded message" if Msg[1] == 1: - try: - Index = pgp.text.index("\n\n") + 2 - except ValueError: - Index = pgp.text.index("\n\r\n") + 3 - PlainText = pgp.text[Index:] + e = email.parser.Parser().parsestr(pgp.text) + PlainText = e.get_payload(decode=True) else: PlainText = pgp.text @@ -796,22 +797,13 @@ try: # Check the signature against the replay cache RC = ReplayCache(ReplayCacheFile); - RC.Clean(); - ErrMsg = "The replay cache rejected your message. Check your clock!"; - Rply = RC.Check(pgp.sig_info); - if Rply != None: - RC.close() - raise UDNotAllowedError, Rply; - RC.Add(pgp.sig_info); - RC.close() + RC.process(pgp.sig_info) # Determine the sender address ErrMsg = "A problem occured while trying to formulate the reply"; - Sender = Email.getheader("Reply-To"); - if Sender == None: - Sender = Email.getheader("From"); - if Sender == None: - raise UDFormatError, "Unable to determine the sender's address"; + Sender = mail['Reply-To'] + if not Sender: Sender = mail['From'] + if not Sender: raise UDFormatError, "Unable to determine the sender's address"; # Formulate a reply Date = time.strftime("%a, %d %b %Y %H:%M:%S +0000",time.gmtime(time.time()));