Modify the SSH1 key check so it matches all RSA1 keys, not only those of size 1024

[mirror/userdir-ldap.git] / ud-mailgate

diff --git a/ud-mailgate b/ud-mailgate
index 48a38a1..b158ba8 100755 (executable)
--- a/ud-mailgate
+++ b/ud-mailgate
@@ -30,6 +30,7 @@ SeenList = {}
 DNS = {}
 
 SSHFingerprint = re.compile('^(\d+) ([0-9a-f\:]{47}) (.+)$')
+SSHRSA1Match = re.compile('^\d+ (\d+) \d+ .*')
 
 ArbChanges = {"c": "..",
              "l": ".*",
@@ -48,6 +49,7 @@ ArbChanges = {"c": "..",
               "mailDisableMessage": ".*",
              "mailGreylisting": "^(TRUE|FALSE)$",
              "mailCallout": "^(TRUE|FALSE)$",
+             "VoIP": ".*",
 };
 
 DelItems = {"c": None,
@@ -75,6 +77,7 @@ DelItems = {"c": None,
             "mailRHSBL": None,
             "mailWhitelist": None,
             "mailDisableMessage": None,
+            "VoIP": None,
             };
 
 # Decode a GPS location from some common forms
@@ -239,9 +242,9 @@ def DoSSH(Str, Attrs, badkeys, uid):
    g = Match.groups()
    typekey = g[1]
    if Match == None:
-      Match = re.compile('^1024 (\d+) ').match(Str)
+      Match =SSHRSA1Match.match(Str)
       if Match is not None:
-         return "SSH1 keys not supported anymore"
+         return "RSA1 keys not supported anymore"
       return None;
 
    (fd, path) = tempfile.mkstemp(".pub", "sshkeytry", "/tmp")