From da220ff14d1cfc33e6606875a5260b8c73d00558 Mon Sep 17 00:00:00 2001 From: jgg <> Date: Sun, 9 Jan 2000 06:41:31 +0000 Subject: [PATCH] Clearer error messages --- doc/ud-mailgate.8.yo | 6 ++++ templates/error-reply | 13 +++++++ ud-echelon | 11 +++++- ud-mailgate | 79 ++++++++++++++++++++++++++++++++++++++----- ud-useradd | 13 +++---- userdir-ldap.conf | 1 + userdir_gpg.py | 4 +++ 7 files changed, 109 insertions(+), 18 deletions(-) create mode 100644 templates/error-reply diff --git a/doc/ud-mailgate.8.yo b/doc/ud-mailgate.8.yo index 2dbbeba..a6c8002 100644 --- a/doc/ud-mailgate.8.yo +++ b/doc/ud-mailgate.8.yo @@ -100,6 +100,12 @@ dit(Show Function) If the single word bf('show') appears on a line then a PGP encrypted version of the entire record will be attached to the result email. +dit(Erasing an entry) +The command bf('del foo') can be used to erase any of the entries settable by +the user. The erasable attributes are: c, l, facsimiletelephonenumber, +telephonenumber, postaladdress, postalcode, emailforward, ircnick, +onvacation, labeledurl, latitude, longitude, and sshrsaauthkey. + enddit() After processing the requests the daemon will generate a report which contains diff --git a/templates/error-reply b/templates/error-reply new file mode 100644 index 0000000..11ec0bf --- /dev/null +++ b/templates/error-reply @@ -0,0 +1,13 @@ +From: __ADMIN__ +Subject: Mail Gateway failed: __ERROR__ + +Hello! + +Your request to the mail gateway is malformed, or an internal processing +error occured. The information below may help you, or the gateway +administrator to identify the problem. + +Error: __ERROR__ +__TRACE__ + +Please email __ADMIN__ if you have any questions. diff --git a/ud-echelon b/ud-echelon index 0487d94..a58c0ec 100755 --- a/ud-echelon +++ b/ud-echelon @@ -12,7 +12,16 @@ Debug = None; # Try to extract a key fingerprint from a PGP siged message def TryGPG(Email): # Try to get a pgp text - Msg = GetClearSig(Email); + try: + Msg = GetClearSig(Email); + except: + # Log an exception.. but continue. This is to deal with 'sort of' + # PGP-MIME things + S = "%s: %s -> %s\n" %(Now,MsgID,ErrMsg); + S = S + " %s: %s\n" %(sys.exc_type,sys.exc_value); + ErrLog.write(S); + return None; + if string.find(Msg[0],"-----BEGIN PGP SIGNED MESSAGE-----") == -1: return None; diff --git a/ud-mailgate b/ud-mailgate index 91dcf40..afbe4c3 100755 --- a/ud-mailgate +++ b/ud-mailgate @@ -30,6 +30,20 @@ ArbChanges = {"c": "..", "onvacation": ".*", "labeledurl": ".*"}; +DelItems = {"c": None, + "l": None, + "facsimiletelephonenumber": None, + "telephonenumber": None, + "postaladdress": None, + "postalcode": None, + "emailforward": None, + "ircnick": None, + "onvacation": None, + "labeledurl": None, + "latitude": None, + "longitude": None, + "sshrsaauthkey": None}; + # Decode a GPS location from some common forms def LocDecode(Str,Dir): # Check for Decimal degrees, DGM, or DGMS @@ -106,6 +120,20 @@ def DoArbChange(Str,Attrs): Attrs.append((ldap.MOD_REPLACE,G[0],G[1])); return "Changed entry %s to %s"%(G[0],G[1]); +# Handle changing a set of arbitary fields +# : value +def DoDel(Str,Attrs): + Match = re.match("^del (.*)$",Str); + if Match == None: + return None; + G = Match.groups(); + + if ArbChanges.has_key(G[0]) == 0: + return "Cannot erase entry %s"%(G[0]); + + Attrs.append((ldap.MOD_DELETE,G[0],None)); + return "Removed entry %s"%(G[0]); + # Handle a position change message, the line format is: # Lat: -12412.23 Long: +12341.2342 def DoPosition(Str,Attrs): @@ -177,6 +205,7 @@ def HandleChange(Reply,DnRecord,Key): Result = ""; Attrs = []; + Show = 0; for Line in Lines: Line = string.strip(Line); if Line == "": @@ -184,14 +213,14 @@ def HandleChange(Reply,DnRecord,Key): # Try to process a command line Result = Result + "> "+Line+"\n"; - Show = 0; try: if Line == "show": Show = 1; Res = "OK"; else: Res = DoPosition(Line,Attrs) or DoDNS(Line,Attrs,DnRecord) or \ - DoArbChange(Line,Attrs) or DoSSH(Line,Attrs); + DoArbChange(Line,Attrs) or DoSSH(Line,Attrs) or \ + DoDel(Line,Attrs); except: Res = None; Result = Result + "==> %s: %s\n" %(sys.exc_type,sys.exc_value); @@ -285,6 +314,11 @@ def HandleChPass(Reply,DnRecord,Key): return Reply; # Start of main program + +# Drop messages from a mailer daemon. +if posix.environ.has_key('SENDER') == 0 or len(posix.environ['SENDER']) == 0: + sys.exit(0); + ErrMsg = "Indeterminate Error"; ErrType = EX_TEMPFAIL; try: @@ -300,7 +334,11 @@ try: Email = mimetools.Message(sys.stdin,0); Msg = GetClearSig(Email); - # Check the signature + ErrMsg = "Message is not PGP signed:" + if string.find(Msg[0],"-----BEGIN PGP SIGNED MESSAGE-----") == -1: + raise Error, "No PGP signature"; + + # Check the signature ErrMsg = "Unable to check the signature or the signature was invalid:"; Res = GPGCheckSig(Msg[0]); @@ -381,12 +419,37 @@ try: raise Error, "Sendmail gave a non-zero return code"; except: - print ErrMsg; - print "==> %s: %s" %(sys.exc_type,sys.exc_value); + # Error Reply Header + Date = time.strftime("%a, %d %b %Y %H:%M:%S +0000",time.gmtime(time.time())); + ErrReplyHead = "To: %s\nReply-To: %s\nDate: %s\n" % (posix.environ['SENDER'],ReplyTo,Date); + + # Error Body + Subst = {}; + Subst["__ERROR__"] = ErrMsg; + Subst["__ADMIN__"] = ReplyTo; + + Trace = "==> %s: %s\n" %(sys.exc_type,sys.exc_value); List = traceback.extract_tb(sys.exc_traceback); if len(List) > 1: - print "Trace: "; + Trace = Trace + "Python Stack Trace:\n"; for x in List: - print " %s %s:%u: %s" %(x[2],x[0],x[1],x[3]); - sys.exit(ErrType); + Trace = Trace + " %s %s:%u: %s\n" %(x[2],x[0],x[1],x[3]); + + Subst["__TRACE__"] = Trace; + + # Try to send the bounce + try: + ErrReply = TemplateSubst(Subst,open(TemplatesDir+"error-reply","r").read()); + + Child = posix.popen("/usr/sbin/sendmail -t","w"); + Child.write(ErrReplyHead); + Child.write(ErrReply); + if Child.close() != None: + raise Error, "Sendmail gave a non-zero return code"; + except: + sys.exit(EX_TEMPFAIL); + + if ErrType != EX_PERMFAIL: + sys.exit(ErrType); + sys.exit(0); diff --git a/ud-useradd b/ud-useradd index b875470..dae1914 100755 --- a/ud-useradd +++ b/ud-useradd @@ -5,8 +5,6 @@ import string, re, time, ldap, getopt, sys, posix, pwd; from userdir_ldap import *; from userdir_gpg import *; -AddressSplit = re.compile("(.*).*<([^@]*)@([^>]*)>"); - # This tries to search for a free UID. There are two possible ways to do # this, one is to fetch all the entires and pick the highest, the other # is to randomly guess uids until one is free. This uses the formar. @@ -63,13 +61,10 @@ while (1): # Crack up the email address from the key into a best guess # first/middle/last name -Match = AddressSplit.match(Keys[0][2]); -if Match == None: - (cn,mn,sn,email,account) = ('','','','',''); -else: - (cn,mn,sn) = NameSplit(re.sub('["]','',Match.groups()[0])) - email = Match.groups()[1] + '@' + Match.groups()[2]; - account = Match.groups()[1]; +Addr = SplitEmail(Keys[0][2]); +(cn,mn,sn) = NameSplit(re.sub('["]','',Addr[0])) +email = Addr[1] + '@' + Addr[2]; +account = Addr[1]; privsub = email; gidnumber = str(DefaultGID); diff --git a/userdir-ldap.conf b/userdir-ldap.conf index bc3e4c0..9759a26 100644 --- a/userdir-ldap.conf +++ b/userdir-ldap.conf @@ -16,6 +16,7 @@ pingfrom = "ping@" + maildomain; chpassfrom = "chpasswd@" + maildomain; changefrom = "change@" + maildomain; templatesdir = "/etc/userdir-ldap/templates/"; +#templatesdir = "./templates/"; replaycachefile = "/var/cache/userdir-ldap/replay"; #replaycachefile = "/tmp/replay"; diff --git a/userdir_gpg.py b/userdir_gpg.py index 21bc138..d19130d 100644 --- a/userdir_gpg.py +++ b/userdir_gpg.py @@ -342,6 +342,7 @@ def GPGKeySearch(SearchCriteria): Result = []; Owner = ""; KeyID = ""; + Hits = {}; try: Strm = os.popen(string.join(Args," "),"r"); @@ -360,6 +361,9 @@ def GPGKeySearch(SearchCriteria): # Output the key if Split[0] == 'fpr': + if Hits.has_key(Split[9]): + continue; + Hits[Split[9]] = None; Result.append( (KeyID,Split[9],Owner,Length) ); finally: if Strm != None: -- 2.20.1