Try to make key acceptance logic clearer

[mirror/userdir-ldap.git] / ud-mailgate

diff --git a/ud-mailgate b/ud-mailgate
index 05756aa..7edb3fd 100755 (executable)
--- a/ud-mailgate
+++ b/ud-mailgate
@@ -323,10 +323,17 @@ def DoSSH(Str, Attrs, badkeys, uid):
    Match = SSHFingerprint.match(output)
    g = Match.groups()
 
-   if int(g[0]) < 1024:
+   if typekey == "ssh-rsa":
+      key_size_ok = (g[0]) >= 2048)
+   elif typekey == "ed25519":
+     key_size_ok = True
+   else:
+     key_size_ok = False
+
+   if not key_size_ok:
       try:
          # Body
-         Subst["__ERROR__"] = "SSH keysize %s is below limit 1024" % (g[0])
+         Subst["__ERROR__"] = "SSH key fails formal criteria.  We only accept RSA keys (>= 2048 bits) or ed25519 keys." % (g[0])
          ErrReply = TemplateSubst(Subst,open(TemplatesDir+"admin-info","r").read())
 
          Child = os.popen("/usr/sbin/sendmail -t","w")
@@ -338,7 +345,7 @@ def DoSSH(Str, Attrs, badkeys, uid):
          sys.exit(EX_TEMPFAIL)
 
       # And now break and stop processing input, which sends a reply to the user.
-      raise UDFormatError, "SSH keys must have at least 1024 bits, processing halted, NOTHING MODIFIED AT ALL"
+      raise UDFormatError, "SSH key fails formal criteria, NOTHING MODIFIED AT ALL"
    elif g[1] in badkeys:
       try:
          # Body
@@ -356,14 +363,11 @@ def DoSSH(Str, Attrs, badkeys, uid):
       # And now break and stop processing input, which sends a reply to the user.
       raise UDFormatError, "Submitted SSH Key known to be bad and insecure, processing halted, NOTHING MODIFIED AT ALL"
 
-   if (typekey == "dss"):
-      return "DSA keys not accepted anymore"
-
    global SeenKey;
    if SeenKey:
      Attrs.append((ldap.MOD_ADD,"sshRSAAuthKey",Str));
      return "SSH Key added "+FormatSSHAuth(Str);
-      
+
    Attrs.append((ldap.MOD_REPLACE,"sshRSAAuthKey",Str));
    SeenKey = 1;
    return "SSH Keys replaced with "+FormatSSHAuth(Str);
@@ -490,7 +494,7 @@ def DoRBL(Str,Attrs):
 
 # Handle a ConfirmSudoPassword request
 def DoConfirmSudopassword(Str, SudoPasswd):
-   Match = re.compile('^confirm sudopassword ('+UUID_FORMAT+') ([a-z0-9.,*]+) ([0-9a-f]{40})$').match(Str)
+   Match = re.compile('^confirm sudopassword ('+UUID_FORMAT+') ([a-z0-9.,*-]+) ([0-9a-f]{40})$').match(Str)
    if Match == None:
       return None
 
@@ -517,7 +521,7 @@ def FinishConfirmSudopassword(l, uid, Attrs, SudoPasswd):
 
    newldap = []
    for entry in inldap:
-      Match = re.compile('^('+UUID_FORMAT+') (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*]+) ([^ ]+)$').match(entry)
+      Match = re.compile('^('+UUID_FORMAT+') (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*-]+) ([^ ]+)$').match(entry)
       if Match == None:
          raise UDFormatError, "Could not parse existing sudopasswd entry"
       uuid = Match.group(1)