projects
/
mirror
/
userdir-ldap.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
a49c1cb
)
sigcheck: kill trailing semicolons
author
Julien Cristau
<jcristau@debian.org>
Fri, 11 Oct 2019 21:33:13 +0000
(23:33 +0200)
committer
Julien Cristau
<jcristau@debian.org>
Fri, 11 Oct 2019 21:33:13 +0000
(23:33 +0200)
sigcheck
patch
|
blob
|
history
diff --git
a/sigcheck
b/sigcheck
index
2561f1c
..
6790836
100755
(executable)
--- a/
sigcheck
+++ b/
sigcheck
@@
-24,22
+24,22
@@
# -m debian.org -a admin@db.debian.org \
# -e /etc/userdir-ldap/templtes/error-reply -- test.sh
# -m debian.org -a admin@db.debian.org \
# -e /etc/userdir-ldap/templtes/error-reply -- test.sh
-import sys, traceback, time, os
;
-import pwd, getopt
;
+import sys, traceback, time, os
+import pwd, getopt
import email, email.parser
import email, email.parser
-from userdir_gpg import *
;
+from userdir_gpg import *
-EX_TEMPFAIL = 75
;
-EX_PERMFAIL = 65
;
# EX_DATAERR
+EX_TEMPFAIL = 75
+EX_PERMFAIL = 65 # EX_DATAERR
# Configuration
# Configuration
-ReplayCacheFile = None
;
-LDAPDn = None
;
-LDAPServer = None
;
-GroupMember = None
;
-Phrases = None
;
-AllowMIME = 1
;
-Verbose = 0
;
+ReplayCacheFile = None
+LDAPDn = None
+LDAPServer = None
+GroupMember = None
+Phrases = None
+AllowMIME = 1
+Verbose = 0
class MessageError(Exception):
pass
class MessageError(Exception):
pass
@@
-50,26
+50,26
@@
def verbmsg(msg):
# Match the key fingerprint against an LDAP directory
def CheckLDAP(FingerPrint):
# Match the key fingerprint against an LDAP directory
def CheckLDAP(FingerPrint):
- import ldap
;
- import userdir_ldap
;
+ import ldap
+ import userdir_ldap
# Connect to the ldap server
# Connect to the ldap server
- global ErrTyp, ErrMsg
;
- ErrType = EX_TEMPFAIL
;
- ErrMsg = "An error occurred while performing the LDAP lookup:"
;
- global l
;
- l = userdir_ldap.connectLDAP(LDAPServer)
;
- l.simple_bind_s("","")
;
+ global ErrTyp, ErrMsg
+ ErrType = EX_TEMPFAIL
+ ErrMsg = "An error occurred while performing the LDAP lookup:"
+ global l
+ l = userdir_ldap.connectLDAP(LDAPServer)
+ l.simple_bind_s("","")
# Search for the matching key fingerprint
verbmsg("Processing fingerprint %s" % FingerPrint)
# Search for the matching key fingerprint
verbmsg("Processing fingerprint %s" % FingerPrint)
- Attrs = l.search_s(LDAPDn,ldap.SCOPE_ONELEVEL,"keyfingerprint=" + FingerPrint)
;
+ Attrs = l.search_s(LDAPDn,ldap.SCOPE_ONELEVEL,"keyfingerprint=" + FingerPrint)
if len(Attrs) == 0:
raise MessageError("Key not found")
if len(Attrs) != 1:
raise MessageError("Oddly your key fingerprint is assigned to more than one account..")
if len(Attrs) == 0:
raise MessageError("Key not found")
if len(Attrs) != 1:
raise MessageError("Oddly your key fingerprint is assigned to more than one account..")
- gidnumber_found = 0
;
+ gidnumber_found = 0
for key in Attrs[0][1].keys():
if (key == "gidNumber"):
gidnumber_found = 1
for key in Attrs[0][1].keys():
if (key == "gidNumber"):
gidnumber_found = 1
@@
-85,7
+85,7
@@
def CheckLDAP(FingerPrint):
# See if the group membership is OK
# Only if a group was given on the commandline
if GroupMember is not None:
# See if the group membership is OK
# Only if a group was given on the commandline
if GroupMember is not None:
- Hit = 0
;
+ Hit = 0
# Check primary group first
if GAttr[0][1]["gid"][0] == GroupMember:
Hit = 1
# Check primary group first
if GAttr[0][1]["gid"][0] == GroupMember:
Hit = 1
@@
-93,51
+93,51
@@
def CheckLDAP(FingerPrint):
# Check supplementary groups
for x in Attrs[0][1].get("supplementaryGid",[]):
if x == GroupMember:
# Check supplementary groups
for x in Attrs[0][1].get("supplementaryGid",[]):
if x == GroupMember:
- Hit = 1
;
+ Hit = 1
if Hit != 1:
raise MessageError("You don't have %s group permissions."%(GroupMember))
# Start of main program
# Process options
if Hit != 1:
raise MessageError("You don't have %s group permissions."%(GroupMember))
# Start of main program
# Process options
-(options, arguments) = getopt.getopt(sys.argv[1:], "r:k:d:l:g:mp:v")
;
+(options, arguments) = getopt.getopt(sys.argv[1:], "r:k:d:l:g:mp:v")
for (switch, val) in options:
if (switch == '-r'):
for (switch, val) in options:
if (switch == '-r'):
- ReplayCacheFile = val
;
+ ReplayCacheFile = val
elif (switch == '-k'):
elif (switch == '-k'):
- SetKeyrings(val.split(":"))
;
+ SetKeyrings(val.split(":"))
elif (switch == '-d'):
elif (switch == '-d'):
- LDAPDn = val
;
+ LDAPDn = val
elif (switch == '-l'):
elif (switch == '-l'):
- LDAPServer = val
;
+ LDAPServer = val
elif (switch == '-g'):
elif (switch == '-g'):
- GroupMember = val
;
+ GroupMember = val
elif (switch == '-m'):
elif (switch == '-m'):
- AllowMIME = 0
;
+ AllowMIME = 0
elif (switch == '-v'):
elif (switch == '-v'):
- Verbose = 1
;
+ Verbose = 1
elif (switch == '-p'):
elif (switch == '-p'):
- Phrases = val
;
+ Phrases = val
-Now = time.strftime("%a, %d %b %Y %H:%M:%S",time.gmtime(time.time()))
;
-ErrMsg = "Indeterminate Error"
;
-ErrType = EX_TEMPFAIL
;
-MsgID = None
;
+Now = time.strftime("%a, %d %b %Y %H:%M:%S",time.gmtime(time.time()))
+ErrMsg = "Indeterminate Error"
+ErrType = EX_TEMPFAIL
+MsgID = None
try:
# Startup the replay cache
try:
# Startup the replay cache
- ErrType = EX_TEMPFAIL
;
+ ErrType = EX_TEMPFAIL
if ReplayCacheFile is not None:
if ReplayCacheFile is not None:
- ErrMsg = "Failed to initialize the replay cache:"
;
- RC = ReplayCache(ReplayCacheFile)
;
+ ErrMsg = "Failed to initialize the replay cache:"
+ RC = ReplayCache(ReplayCacheFile)
# Get the email
# Get the email
- ErrType = EX_PERMFAIL
;
- ErrMsg = "Failed to understand the email or find a signature:"
;
- mail = email.parser.Parser().parse(sys.stdin)
;
+ ErrType = EX_PERMFAIL
+ ErrMsg = "Failed to understand the email or find a signature:"
+ mail = email.parser.Parser().parse(sys.stdin)
MsgID = mail["Message-ID"]
MsgID = mail["Message-ID"]
- print "Inspecting message %s"%MsgID
;
+ print "Inspecting message %s"%MsgID
verbmsg("Processing message %s" % MsgID)
verbmsg("Processing message %s" % MsgID)
- Msg = GetClearSig(mail,1)
;
+ Msg = GetClearSig(mail,1)
if AllowMIME == 0 and Msg[1] != 0:
raise MessageError("PGP/MIME disallowed")
if AllowMIME == 0 and Msg[1] != 0:
raise MessageError("PGP/MIME disallowed")
@@
-146,7
+146,7
@@
try:
raise MessageError("No PGP signature")
# Check the signature
raise MessageError("No PGP signature")
# Check the signature
- ErrMsg = "Unable to check the signature or the signature was invalid:"
;
+ ErrMsg = "Unable to check the signature or the signature was invalid:"
pgp = GPGCheckSig2(Msg[0])
if not pgp.ok:
pgp = GPGCheckSig2(Msg[0])
if not pgp.ok:
@@
-162,29
+162,29
@@
try:
if LDAPDn is not None:
CheckLDAP(pgp.key_fpr)
if LDAPDn is not None:
CheckLDAP(pgp.key_fpr)
- ErrMsg = "Verifying message:"
;
+ ErrMsg = "Verifying message:"
if Phrases is not None:
if Phrases is not None:
- F = open(Phrases,"r")
;
+ F = open(Phrases,"r")
while 1:
while 1:
- Line = F.readline()
;
- if Line == "": break
;
+ Line = F.readline()
+ if Line == "": break
if pgp.text.find(Line.strip()) == -1:
raise MessageError("Phrase '%s' was not found" % (Line.strip()))
except:
if pgp.text.find(Line.strip()) == -1:
raise MessageError("Phrase '%s' was not found" % (Line.strip()))
except:
- ErrMsg = "[%s] \"%s\" \"%s %s\"\n"%(Now,MsgID,ErrMsg,sys.exc_value)
;
- sys.stderr.write(ErrMsg)
;
+ ErrMsg = "[%s] \"%s\" \"%s %s\"\n"%(Now,MsgID,ErrMsg,sys.exc_value)
+ sys.stderr.write(ErrMsg)
- Trace = "==> %s: %s\n" %(sys.exc_type,sys.exc_value)
;
- List = traceback.extract_tb(sys.exc_traceback)
;
+ Trace = "==> %s: %s\n" %(sys.exc_type,sys.exc_value)
+ List = traceback.extract_tb(sys.exc_traceback)
if len(List) >= 1:
if len(List) >= 1:
- Trace = Trace + "Python Stack Trace:\n"
;
+ Trace = Trace + "Python Stack Trace:\n"
for x in List:
for x in List:
- Trace = Trace + " %s %s:%u: %s\n" %(x[2],x[0],x[1],x[3])
;
- #print Trace
;
+ Trace = Trace + " %s %s:%u: %s\n" %(x[2],x[0],x[1],x[3])
+ #print Trace
- sys.exit(EX_PERMFAIL)
;
+ sys.exit(EX_PERMFAIL)
# For Main
# For Main
-print "Message %s passed"%MsgID
;
-sys.exit(0)
;
+print "Message %s passed"%MsgID
+sys.exit(0)