Fix ud-mailgate to handle the SHA256:$fingerprint output format that stretch's ssh...

author Tollef Fog Heen <tfheen@err.no>

Sat, 12 Aug 2017 20:07:55 +0000 (22:07 +0200)

committer Tollef Fog Heen <tfheen@err.no>

Sat, 12 Aug 2017 20:07:55 +0000 (22:07 +0200)
author Tollef Fog Heen <tfheen@err.no>
Sat, 12 Aug 2017 20:07:55 +0000 (22:07 +0200)
committer Tollef Fog Heen <tfheen@err.no>
Sat, 12 Aug 2017 20:07:55 +0000 (22:07 +0200)
diff --git a/debian/changelog b/debian/changelog

index 4ee8ee2..55f58c4 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -13,6 +13,8 @@ userdir-ldap (0.3.90) UNRELEASED; urgency=medium
    [ Tollef Fog Heen ]
    * Add totpSeed to LDAP schema.
    * Add support for changing TOTP seed by mailing ud-mailgate.
+  * Fix ud-mailgate to handle the SHA256:$fingerprint output format that
+    stretch's ssh-keygen has switched to.
  
   -- Paul Wise <pabs@debian.org>  Sat, 17 Jun 2017 14:38:00 +0800
  
diff --git a/ud-mailgate b/ud-mailgate

index 427a024..b23e8a5 100755 (executable)
--- a/ud-mailgate
+++ b/ud-mailgate
@@ -39,7 +39,7 @@ SeenList = {}
  DNS = {}
  ValidHostNames = [] # will be initialized in later
  
-SSHFingerprint = re.compile('^(\d+) ([0-9a-f\:]{47}) (.+)$')
+SSHFingerprint = re.compile('^(\d+) ([0-9a-f\:]{47}|SHA256:[0-9A-Za-z/+]{43}) (.+)$')
  SSHRSA1Match = re.compile('^^(.* )?\d+ \d+ \d+')
  
  GenderTable = {"male": '1',
@@ -322,6 +322,8 @@ def DoSSH(Str, Attrs, badkeys, uid):
     Subst["__USER__"] = uid
  
     Match = SSHFingerprint.match(output)
+   if Match is None:
+      return "Failed to match SSH fingerprint, has the output of ssh-keygen changed?"
     g = Match.groups()
     key_size = g[0]
     fingerprint = g[1]
author	Tollef Fog Heen <tfheen@err.no>
	Sat, 12 Aug 2017 20:07:55 +0000 (22:07 +0200)
committer	Tollef Fog Heen <tfheen@err.no>
	Sat, 12 Aug 2017 20:07:55 +0000 (22:07 +0200)
debian/changelog		patch \| blob \| history
ud-mailgate		patch \| blob \| history