def recv_captcha(self, mailfrom, msg):
""" Receives and verifies captcha.
"""
subject = msg['Subject']
orgidentifier = string.split(subject,' ')[-1]
logging.debug('Orig CAPTCHA identifier\t: %s', orgidentifier)
# TODO: Reject if original identifier is not in DB
try:
if msg.is_multipart():
answer = msg.get_payload(0).get_payload().splitlines()[0].strip()
else:
answer = msg.get_payload().splitlines()[0].strip()
except:
return
identifier = self.db.hash_data(Address(mailfrom).address, answer)
match = self.db.get_captcha_word(identifier)
if match != None and match['word'] == answer:
# Update captcha status to CAPTCHA_APPROVED
cid, rid, word = match
adata = self.db.get_alias_data(rid)
aobj = Alias(**adata)
user = User(**self.db.get_user(uid=aobj.get_uid()))
# send message to recipient's alias requesting mailfrom's permission to send
msg = UserMessage('senderverify.senduserreq', \
fromaddx = self.cfg.SVCALIAS, \
aliasaddx = aobj.get_alias_address(), \
useraddx = user.get_account_address(), \
requestor = mailfrom)
msg.generate_message_id(self.cfg.DOMAIN)
self.db.set_captcha(msg['Message-ID'], '', cid, rid, self.db.CAPTCHA_APPROVED)
logging.debug('Sending approval request to user %s', user.get_username())
self.send(msg['From'], [user.get_forwarding_address()], msg)
# Delete identifier from database
#self.db.delete_captcha_identifier(identifier)
else:
# TOFIX: should replace with new captcha and increment numtries;
pass
def apply_aliasing(self, user, mailfrom, rcpttos, msg):
""" Applies an alias as the sender of a message or attempts to infer
it if none was given by the sender.
Handles cases 1d and 1e of the specification.
"""
usralias = None
alias_addx = None
is_alias_address = lambda entry: entry.parse_alias_address()
logging.debug('Attempting to apply aliasing')
# look for use of existing alias in To field (case 1d);
for cur_addx in msg.search_header_addresses('to', is_alias_address):
alias_pair = cur_addx.parse_alias_address()
alias_data = self.db.get_alias_data(*alias_pair, \
uid=user.get_uid())
if not alias_data:
continue
usralias = Alias(**alias_data)
alias_addx = cur_addx
#if not usralias.is_active():
# continue
# remove alias from rcpttos and all To fields
for i in range(len(rcpttos)):
if alias_addx == rcpttos[i]:
del rcpttos[i]
break
msg.replace_address('to', alias_addx, None)
break
# if no alias in To field, try to infer the correct one (case 1e);
if not alias_addx:
logging.debug("Couldn't find alias to use in headers; " \
'attempting to infer correct alias')
alias_data = self.db.infer_alias(user.get_uid(),
msg.get_header_addresses('to'),
user.get_salt())
if not alias_data:
logging.debug('Failed to infer alias')
err = ErrorMessage('applyalias.noinfer',
fromaddx = self.cfg.SVCALIAS,
toaddx = user.get_account_address(),
subject = msg['Subject'])
self.send(err['From'], [user.get_forwarding_address()], err)
return False
usralias = Alias(**alias_data)
#if not usralias.is_active():
# return False
logging.debug('Succesfully inferred alias "%s"', str(usralias))
alias_addx = Address(usralias.get_alias_address())
# if we found an alias to use, apply it, send the
# message, and record in history table;
alias_addx.realname = Address(mailfrom).realname
msg.replace_address('from', None, alias_addx)
#del msg['message-id']
if rcpttos == []:
logging.info('No recipients left; ignoring');
return
rcpt_aliases = []
rcpt_nonaliases = []
for entry in rcpttos:
rcpt_addx = Address(entry)
if rcpt_addx.is_servername():
rcpt_aliases.append(entry)
else:
rcpt_nonaliases.append(entry)
self.send(str(alias_addx), rcpt_nonaliases, msg)
self.forward(str(alias_addx), rcpt_aliases, msg)
self.db.add_history(usralias.get_rid(),
True,
address.getaddresses(rcpttos),
msg['Message-ID'],
user.get_salt())
return
def create_alias_helper(self, user, aliasname, \
primary=False, rcpt=None, trusted=True, hint=None):
""" Helper function to create alias.
Generates <rand> for user for the <aliasname> specified.
If <aliasname> belonging to the user already exists, the existing aid is used.
If <aliasname> belonging to another user already exists, an error is returned.
"""
(aid, uid) = self.db.get_aliasname_data(aliasname)
# Error if user doesn't own the aliasname
if uid != None and uid != user.get_uid():
logging.info('User %d does not own "%s".', user.get_uid(), aliasname)
# Create error response message
err = ErrorMessage('createalias.notowner',
fromaddx = self.cfg.GETALIAS,
toaddx = user.get_account_address(),
aliasname = aliasname)
self.send(err['From'], [user.get_forwarding_address()], err)
return None
#
# Now, aliasname either belongs to the user or is not in use.
#
# Gets the alias id, either by getting an existing one or create a new one.
if uid == user.get_uid():
newaid = aid
logging.debug('Using existing aid %d for aliasname "%s"', \
newaid, aliasname)
elif uid == None:
newaid = self.db.insert_alias(user.get_uid(), aliasname, primary)
logging.debug('Created new aid %d for aliasname "%s"', \
newaid, aliasname)
else:
return None
#
# If a recipient is given, check history to see if there was any
# previously generated <rand> that we can use.
# TODO: We might have to make sure the recipient is active.
#
newalias = None
cid = None
if rcpt != None:
cid = self.db.peek_cid(rcpt, user.get_salt())
rid = None
if cid != None:
rid = self.db.get_history_rid(aliasname, cid)
if rid != None:
# Found a history correspondence
hist_alias = Alias(self.db.get_alias_data(rid))
hist_aliasname, hist_aliasrand = hist_alias.get_alias_pair()
logging.debug('History aliasname\t:"%s"', hist_aliasname)
if hist_aliasname == aliasname:
logging.debug('Reuse history aliasrand\t:"%s"', \
hist_aliasrand)
newalias = Alias(hist_aliasname, hist_aliasrand)
else:
# Can't use the rid found since aliasname differs
rid = None
# Create a new alias (aka aliasrand or <aliasname>.<rand>)
if newalias == None:
logging.debug('Generating new aliasrand')
newalias = Alias(aliasname, alias.generate_rint())
logging.debug('Using alias\t\t: %s', newalias)
# Update aid, uid and set isactive for new alias
newalias.set_values(aid=newaid, uid=user.get_uid(), isactive=1)
# Sets up alias pair
alias_pair = newalias.get_alias_pair()
# If we don't have rid yet, insert aliasrand to DB and mark as active
if rid == None:
rid = self.db.insert_aliasrnd(user.get_uid(), \
newaid, \
alias_pair[0], alias_pair[1], \
1, trusted, hint)
if rid == None:
return None
# Looks like this double counts in the history table;
#if rcpt != None:
# self.db.add_history(rid, True, [rcpt], user.get_salt())
# Creates the alias address, which includes the domain
aliasaddx = Address(newalias.get_alias_address())
logging.info('Aliasrnd Address\t\t: %s', str(aliasaddx))
return aliasaddx