Exemple #1
0
    def user_mailbox_create(self, mailbox_base_name, server=None):
        """
            Create a user mailbox.

            Returns the full path to the new mailbox folder.
        """
        # TODO: Whether or not to lowercase the mailbox name is really up to the
        # IMAP server setting username_tolower (normalize_uid, lmtp_downcase_rcpt).

        self.connect()

        if not mailbox_base_name == mailbox_base_name.lower():
            log.warning(_("Downcasing mailbox name %r") % (mailbox_base_name))
            mailbox_base_name = mailbox_base_name.lower()

        folder_name = "user%s%s" % (self.get_separator(), mailbox_base_name)
        log.info(_("Creating new mailbox for user %s") %(mailbox_base_name))

        max_tries = 10
        success = False
        while not success and max_tries > 0:
            success = self.create_folder(folder_name, server)
            if not success:
                self.disconnect()
                max_tries -= 1
                time.sleep(1)
                self.connect()

        if not success:
            log.error(_("Could not create the mailbox for user %s, aborting." % (mailbox_base_name)))
            return False

        # In a Cyrus IMAP Murder topology, wait for the murder to have settled
        if self.imap_murder():
            self.disconnect()
            self.connect()

            created = False
            last_log = time.time()
            while not created:
                created = self.has_folder(folder_name)
                if not created:
                    if time.time() - last_log > 5:
                        log.info(_("Waiting for the Cyrus IMAP Murder to settle..."))
                        last_log = time.time()

                    time.sleep(0.5)

        _additional_folders = None

        if not hasattr(self, 'domain'):
            self.domain = None

        if self.domain == None and len(mailbox_base_name.split('@')) > 1:
            self.domain = mailbox_base_name.split('@')[1]

        if not self.domain == None:
            if conf.has_option(self.domain, "autocreate_folders"):
                _additional_folders = conf.get_raw(
                        self.domain,
                        "autocreate_folders"
                    )

            else:
                from pykolab.auth import Auth
                auth = Auth()
                auth.connect()

                domains = auth.list_domains(self.domain)

                auth.disconnect()

                if len(domains.keys()) > 0:
                    if domains.has_key(self.domain):
                        primary = domains[self.domain]

                        if conf.has_option(primary, "autocreate_folders"):
                            _additional_folders = conf.get_raw(
                                    primary,
                                    "autocreate_folders"
                                )

        if _additional_folders == None:
            if conf.has_option('kolab', "autocreate_folders"):
                _additional_folders = conf.get_raw(
                        'kolab',
                        "autocreate_folders"
                    )

        additional_folders = conf.plugins.exec_hook(
                "create_user_folders",
                kw={
                        'folder': folder_name,
                        'additional_folders': _additional_folders
                    }
            )

        if not additional_folders == None:
            self.user_mailbox_create_additional_folders(
                    mailbox_base_name,
                    additional_folders
                )

        if not self.domain == None:
            if conf.has_option(self.domain, "sieve_mgmt"):
                sieve_mgmt_enabled = conf.get(self.domain, 'sieve_mgmt')
                if utils.true_or_false(sieve_mgmt_enabled):
                    conf.plugins.exec_hook(
                            'sieve_mgmt_refresh',
                            kw={
                                    'user': mailbox_base_name
                                }
                        )

        return folder_name
Exemple #2
0
    def do_saslauthd(self):
        """
            Create the actual listener socket, and handle the authentication.

            The actual authentication handling is passed on to the appropriate
            backend authentication classes through the more generic Auth().
        """
        import binascii
        import socket
        import struct

        s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)

        # TODO: The saslauthd socket path could be a setting.
        try:
            os.remove(conf.socketfile)
        except:
            # TODO: Do the "could not remove, could not start" dance
            pass

        s.bind(conf.socketfile)
        os.chmod(conf.socketfile, 0777)

        s.listen(5)

        while 1:
            max_tries = 20
            cur_tries = 0
            bound = False
            while not bound:
                cur_tries += 1
                try:
                    (clientsocket, address) = s.accept()
                    bound = True
                except Exception, errmsg:
                    log.error(
                        _("kolab-saslauthd could not accept " +
                          "connections on socket: %r") % (errmsg))

                    if cur_tries >= max_tries:
                        log.fatal(_("Maximum tries exceeded, exiting"))
                        sys.exit(1)

                    time.sleep(1)

            received = clientsocket.recv(4096)

            login = []

            start = 0
            end = 2

            while end < len(received):
                (length, ) = struct.unpack("!H", received[start:end])
                start += 2
                end += length
                (value, ) = struct.unpack("!%ds" % (length),
                                          received[start:end])
                start += length
                end = start + 2
                login.append(value)

            if len(login) == 4:
                realm = login[3]
            elif len(login[0].split('@')) > 1:
                realm = login[0].split('@')[1]
            else:
                realm = conf.get('kolab', 'primary_domain')

            auth = Auth(domain=realm)
            auth.connect()

            success = False

            try:
                success = auth.authenticate(login)
            except:
                success = False

            if success:
                # #1170: Catch broken pipe error (incomplete authentication request)
                try:
                    clientsocket.send(struct.pack("!H2s", 2, "OK"))
                except:
                    pass
            else:
                # #1170: Catch broken pipe error (incomplete authentication request)
                try:
                    clientsocket.send(struct.pack("!H2s", 2, "NO"))
                except:
                    pass

            clientsocket.close()
            auth.disconnect()
Exemple #3
0
    def do_saslauthd(self):
        """
            Create the actual listener socket, and handle the authentication.

            The actual authentication handling is passed on to the appropriate
            backend authentication classes through the more generic Auth().
        """
        import binascii
        import socket
        import struct

        s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)

        # TODO: The saslauthd socket path could be a setting.
        try:
            os.remove(conf.socketfile)
        except:
            # TODO: Do the "could not remove, could not start" dance
            pass

        s.bind(conf.socketfile)
        os.chmod(conf.socketfile, 0777)

        s.listen(5)

        while 1:
            max_tries = 20
            cur_tries = 0
            bound = False
            while not bound:
                cur_tries += 1
                try:
                    (clientsocket, address) = s.accept()
                    bound = True
                except Exception, errmsg:
                    log.error(
                            _("kolab-saslauthd could not accept " + \
                            "connections on socket: %r") % (errmsg)
                        )

                    if cur_tries >= max_tries:
                        log.fatal(_("Maximum tries exceeded, exiting"))
                        sys.exit(1)

                    time.sleep(1)

            received = clientsocket.recv(4096)

            login = []

            start = 0
            end = 2

            while end < len(received):
                (length,) = struct.unpack("!H", received[start:end])
                start += 2
                end += length
                (value,) = struct.unpack("!%ds" % (length), received[start:end])
                start += length
                end = start + 2
                login.append(value)

            if len(login) == 4:
                realm = login[3]
            elif len(login[0].split('@')) > 1:
                realm = login[0].split('@')[1]
            else:
                realm = conf.get('kolab', 'primary_domain')

            auth = Auth(domain=realm)
            auth.connect()

            success = False

            try:
                success = auth.authenticate(login)
            except:
                success = False

            if success:
                # #1170: Catch broken pipe error (incomplete authentication request)
                try:
                    clientsocket.send(struct.pack("!H2s", 2, "OK"))
                except:
                    pass
            else:
                # #1170: Catch broken pipe error (incomplete authentication request)
                try:
                    clientsocket.send(struct.pack("!H2s", 2, "NO"))
                except:
                    pass

            clientsocket.close()
            auth.disconnect()
Exemple #4
0
    def do_saslauthd(self):
        """
            Create the actual listener socket, and handle the authentication.

            The actual authentication handling is passed on to the appropriate
            backend authentication classes through the more generic Auth().
        """
        import binascii
        import socket
        import struct

        s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)

        utils.ensure_directory(
                '/var/run/saslauthd/',
                conf.process_username,
                conf.process_groupname
            )

        # TODO: The saslauthd socket path could be a setting.
        try:
            os.remove('/var/run/saslauthd/mux')
        except:
            # TODO: Do the "could not remove, could not start" dance
            pass

        s.bind('/var/run/saslauthd/mux')
        os.chmod('/var/run/saslauthd/mux', 0777)

        s.listen(5)

        while 1:
            (clientsocket, address) = s.accept()
            received = clientsocket.recv(4096)

            login = []

            start = 0
            end = 2

            while end < len(received):
                (length,) = struct.unpack("!H", received[start:end])
                start += 2
                end += length
                (value,) = struct.unpack("!%ds" % (length), received[start:end])
                start += length
                end = start + 2
                login.append(value)

            if len(login) == 4:
                realm = login[3]
            elif len(login[0].split('@')) > 1:
                realm = login[0].split('@')[1]
            else:
                realm = conf.get('kolab', 'primary_domain')

            auth = Auth(domain=realm)
            auth.connect()

            if auth.authenticate(login):
                # #1170: Catch broken pipe error (incomplete authentication request)
                try:
                    clientsocket.send(struct.pack("!H2s", 2, "OK"))
                except:
                    pass
            else:
                # #1170: Catch broken pipe error (incomplete authentication request)
                try:
                    clientsocket.send(struct.pack("!H2s", 2, "NO"))
                except:
                    pass

            clientsocket.close()
            auth.disconnect()