-userdir-ldap (0.3.77) unstable; urgency=low
+userdir-ldap (0.3.7X) Xnstable; urgency=low
* ud-mailgate: Remove a global declaration after a variable has
already been assigned globally.
+ * ud-mailgate: We use the result of the pgp check for quite a long
+ time in the main program. Give it its own variable instead of
+ using Res which was overwritten a bit later. Also make a new
+ gpgcheck2 class that allows us to access the values of the gpg
+ signature check in a saner way.
- -- Peter Palfrader <weasel@debian.org> Sun, 31 Jan 2010 10:11:48 +0100
+ -- Peter Palfrader <weasel@debian.org> Sun, 31 Jan 2010 10:12:35 +0100
userdir-ldap (0.3.76) unstable; urgency=low
# Check the signature
ErrMsg = "Unable to check the signature or the signature was invalid:";
- Res = GPGCheckSig(Msg[0]);
+ pgp = GPGCheckSig2(Msg[0])
- if Res[0] != None:
- raise UDFormatError, Res[0];
+ if not pgp.ok:
+ raise UDFormatError, pgp.why
- if Res[3] == None:
- raise UDFormatError, "Null signature text";
+ if pgp.text is None:
+ raise UDFormatError, "Null signature text"
# Extract the plain message text in the event of mime encoding
global PlainText;
ErrMsg = "Problem stripping MIME headers from the decoded message"
if Msg[1] == 1:
try:
- Index = Res[3].index("\n\n") + 2;
+ Index = pgp.text.index("\n\n") + 2
except ValueError:
- Index = Res[3].index("\n\r\n") + 3;
- PlainText = Res[3][Index:];
+ Index = pgp.text.index("\n\r\n") + 3
+ PlainText = pgp.text[Index:]
else:
- PlainText = Res[3];
+ PlainText = pgp.text
# Connect to the ldap server
ErrType = EX_TEMPFAIL;
l.simple_bind_s("","");
# Search for the matching key fingerprint
- Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"keyFingerPrint=" + Res[2][1]);
+ Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"keyFingerPrint=" + pgp.key_fpr)
ErrType = EX_PERMFAIL;
if len(Attrs) == 0:
RC = ReplayCache(ReplayCacheFile);
RC.Clean();
ErrMsg = "The replay cache rejected your message. Check your clock!";
- Rply = RC.Check(Res[1]);
+ Rply = RC.Check(pgp.sig_info);
if Rply != None:
RC.close()
raise UDNotAllowedError, Rply;
- RC.Add(Res[1]);
+ RC.Add(pgp.sig_info);
RC.close()
# Determine the sender address
# Dispatch
if sys.argv[1] == "ping":
- Reply = HandlePing(Reply,Attrs[0],Res[2]);
+ Reply = HandlePing(Reply,Attrs[0],pgp.key_info);
elif sys.argv[1] == "chpass":
if PlainText.strip().find("Please change my Debian password") != 0:
raise UDFormatError,"Please send a signed message where the first line of text is the string 'Please change my Debian password'";
- Reply = HandleChPass(Reply,Attrs[0],Res[2]);
+ Reply = HandleChPass(Reply,Attrs[0],pgp.key_info);
elif sys.argv[1] == "change":
- Reply = HandleChange(Reply,Attrs[0],Res[2]);
+ Reply = HandleChange(Reply,Attrs[0],pgp.key_info);
else:
print sys.argv;
raise UDFormatError, "Incorrect Invokation";
Res[1].close();
Res[2].close();
+class GPGCheckSig2:
+ def __init__(self, msg):
+ res = GPGCheckSig(msg)
+ self.why = res[0]
+ self.sig_info = res[1]
+ self.key_info = res[2]
+ self.text = res[3]
+
+ self.ok = self.why is None
+
+ self.sig_id = self.sig_info[0]
+ self.sig_date = self.sig_info[1]
+ self.sig_fpr = self.sig_info[2]
+
+ self.key_id = self.key_info[0]
+ self.key_fpr = self.key_info[1]
+ self.key_owner = self.key_info[2]
+
+ self.is_pgp2 = self.key_info[4]
+
# Search for keys given a search pattern. The pattern is passed directly
# to GPG for processing. The result is a list of tuples of the form:
# (KeyID,KeyFinger,Owner,Length)
else:
self.DB[Key] = str(int(Sig[1]));
+# vim:set et:
+# vim:set ts=3:
+# vim:set shiftwidth=3: