kflux
9 years ago
1 changed files with 99 additions and 0 deletions
@ -0,0 +1,99 @@
|
||||
#!/usr/bin/python |
||||
|
||||
from ConfigParser import RawConfigParser |
||||
import email, os, smtplib, sys, traceback, markdown, syslog |
||||
from M2Crypto import BIO, Rand, SMIME, X509 |
||||
|
||||
from email.mime.text import MIMEText |
||||
from email.mime.multipart import MIMEMultipart |
||||
|
||||
# Read configuration from /etc/gpg-mailgate.conf |
||||
_cfg = RawConfigParser() |
||||
_cfg.read('/etc/gpg-mailgate.conf') |
||||
cfg = dict() |
||||
for sect in _cfg.sections(): |
||||
cfg[sect] = dict() |
||||
for (name, value) in _cfg.items(sect): |
||||
cfg[sect][name] = value |
||||
|
||||
def log(msg): |
||||
if cfg.has_key('logging') and cfg['logging'].has_key('file'): |
||||
if cfg['logging']['file'] == "syslog": |
||||
syslog.syslog(syslog.LOG_INFO | syslog.LOG_MAIL, msg) |
||||
else: |
||||
logfile = open(cfg['logging']['file'], 'a') |
||||
logfile.write(msg + "\n") |
||||
logfile.close() |
||||
|
||||
CERT_PATH = cfg['smime']['cert_path']+"/" |
||||
|
||||
def send_msg( message, from_addr, recipients = None ): |
||||
relay = ("127.0.0.1", 10028) |
||||
smtp = smtplib.SMTP(relay[0], relay[1]) |
||||
smtp.sendmail( from_addr, recipients, message.as_string() ) |
||||
|
||||
if __name__ == "__main__": |
||||
# try: |
||||
# Read e-mail from stdin |
||||
raw = sys.stdin.read() |
||||
register_msg = email.message_from_string( raw ) |
||||
from_addr = email.utils.parseaddr(register_msg['From'])[1] |
||||
|
||||
sign_part = None |
||||
for msg_part in register_msg.walk(): |
||||
if msg_part.get_content_type().lower() == "application/pkcs7-signature": |
||||
sign_part = msg_part |
||||
break |
||||
|
||||
if sign_part == None: |
||||
log("Unable to find PKCS7 signature in registration email") |
||||
|
||||
failure_msg = file( cfg['smime']['mail_templates'] + "/registrationError.md").read() |
||||
msg = MIMEMultipart("alternative") |
||||
msg["From"] = cfg['smime']['register_email'] |
||||
msg["To"] = from_addr |
||||
msg["Subject"] = "S/MIME registration failed" |
||||
|
||||
msg.attach(MIMEText(failure_msg, 'plain')) |
||||
msg.attach(MIMEText(markdown.markdown(failure_msg), 'html')) |
||||
|
||||
send_msg(msg, cfg['smime']['register_email'], [from_addr]) |
||||
sys.exit(0) |
||||
|
||||
raw_sig = sign_part.get_payload().replace("\n","") |
||||
# re-wrap signature so that it fits base64 standards |
||||
cooked_sig = '\n'.join(raw_sig[pos:pos+76] for pos in xrange(0, len(raw_sig), 76)) |
||||
# now, wrap the signature in a PKCS7 block |
||||
sig = """ |
||||
-----BEGIN PKCS7----- |
||||
%s |
||||
-----END PKCS7----- |
||||
""" % cooked_sig |
||||
|
||||
# and load it into an SMIME p7 object through the BIO I/O buffer: |
||||
buf = BIO.MemoryBuffer(sig) |
||||
p7 = SMIME.load_pkcs7_bio(buf) |
||||
|
||||
sk = X509.X509_Stack() |
||||
signers = p7.get0_signers(sk) |
||||
signing_cert = signers[0] |
||||
|
||||
signing_cert.save(os.path.join(CERT_PATH, from_addr)) |
||||
|
||||
# format in user-specific data |
||||
success_msg = file(cfg['smime']['mail_templates']+"/registrationSuccess.md").read() |
||||
success_msg = success_msg.replace("[:FROMADDRESS:]",from_addr) |
||||
|
||||
msg = MIMEMultipart("alternative") |
||||
msg["From"] = cfg['smime']['register_email'] |
||||
msg["To"] = from_addr |
||||
msg["Subject"] = "S/MIME key registration succeeded" |
||||
|
||||
msg.attach(MIMEText(success_msg, 'plain')) |
||||
msg.attach(MIMEText(markdown.markdown(success_msg), 'html')) |
||||
|
||||
log("Registration succeeded") |
||||
send_msg(msg, cfg['smime']['register_email'], [from_addr]) |
||||
# except: |
||||
# log("Registration exception") |
||||
# sys.exit(0) |
||||
Loading…
Reference in new issue