Update of /cvsroot/tmda/tmda/TMDA
In directory sc8-pr-cvs1:/tmp/cvs-serv31055
Modified Files:
Defaults.py
Log Message:
Moved crypt_key loading code to the end of the program so that other dependent
variables will already be set by the time it happens.
Added a PENDING_FILE_PERM so that users can override file permissions on pending
e-mail files. (This was needed for no-su mode of tmda-cgi.)
Modified crypt_key loading code so that if PENDING_FILE_PERM is anything other
than 0600, that errors will be ignored during the loading process. These two
entities may not seem to be related, but they are. If you need permissions on
your pending files other than 0600, then you may be running in no-su mode (for
tmda-cgi). In no-su mode, the CGI will still need to have defaults set and
loaded from configuration files, but the crypt_key's will not be accessible. It
is important that this code not throw an exception when imported or the import
will fail.
Index: Defaults.py
===================================================================
RCS file: /cvsroot/tmda/tmda/TMDA/Defaults.py,v
retrieving revision 1.159
retrieving revision 1.160
diff -u -r1.159 -r1.160
--- Defaults.py 26 Nov 2002 19:43:21 -0000 1.159
+++ Defaults.py 28 Nov 2002 17:29:27 -0000 1.160
@@ -178,28 +178,6 @@
if not vars().has_key('ALLOW_MODE_640'):
ALLOW_MODE_640 = 0
-# CRYPT_KEY_FILE
-# File which contains your unique TMDA secret key generated by the
-# `tmda-keygen' program. The key should be unquoted in the file.
-# This file must be chmod 400 or 600, unless ALLOW_MODE_640 is on.
-# Default is ~/.tmda/crypt_key
-if not vars().has_key('CRYPT_KEY_FILE'):
- CRYPT_KEY_FILE = os.path.join(DATADIR, 'crypt_key')
-if os.path.exists(CRYPT_KEY_FILE):
- crypt_key_filemode = Util.getfilemode(CRYPT_KEY_FILE)
- if crypt_key_filemode not in (400, 600):
- if ALLOW_MODE_640 and crypt_key_filemode == 640:
- pass
- else:
- raise Errors.ConfigError, \
- CRYPT_KEY_FILE + " must be chmod 400 or 600!"
-else:
- raise Errors.ConfigError, "Can't find key file: " + CRYPT_KEY_FILE
-
-# Read key from CRYPT_KEY_FILE, and then convert it from hex back into
-# raw binary. Hex has only 4 bits of entropy per byte as opposed to 8.
-CRYPT_KEY = binascii.unhexlify(open(CRYPT_KEY_FILE).read().strip())
-
# OUTGOINGMAIL
# Final delivery method for all outgoing mail (server and client).
# Possible values include:
@@ -1112,6 +1090,18 @@
if not vars().has_key('PENDING_DELETE_APPEND'):
PENDING_DELETE_APPEND = None
+# PENDING_FILE_PERM
+# Numeric file permissions on e-mail in the pending directory. The default
+# is typically correct, but there are times when you might want group read
+# permissions on your pending mail.
+#
+# Example:
+# PENDING_FILE_PERM = 0660
+#
+# Default is 0600
+if not vars().has_key('PENDING_FILE_PERM'):
+ PENDING_FILE_PERM = 0600
+
# PENDING_RELEASE_APPEND
# Filename to which a sender's e-mail address should be automatically
# appended when a message is "released" by tmda-pending.
@@ -1383,6 +1373,35 @@
# Default is 0 (turned off)
if not vars().has_key('X_TMDA_IN_SUBJECT'):
X_TMDA_IN_SUBJECT = 0
+
+# CRYPT_KEY_FILE
+# File which contains your unique TMDA secret key generated by the
+# `tmda-keygen' program. The key should be unquoted in the file.
+# This file must be chmod 400 or 600, unless ALLOW_MODE_640 is on.
+# Default is ~/.tmda/crypt_key
+if not vars().has_key('CRYPT_KEY_FILE'):
+ CRYPT_KEY_FILE = os.path.join(DATADIR, 'crypt_key')
+if os.path.exists(CRYPT_KEY_FILE):
+ crypt_key_filemode = Util.getfilemode(CRYPT_KEY_FILE)
+ if crypt_key_filemode not in (400, 600):
+ if ALLOW_MODE_640 and crypt_key_filemode == 640:
+ pass
+ else:
+ if PENDING_FILE_PERM == 0600:
+ raise Errors.ConfigError, \
+ CRYPT_KEY_FILE + " must be chmod 400 or 600!"
+else:
+ if PENDING_FILE_PERM == 0600:
+ raise Errors.ConfigError, "Can't find key file: " + CRYPT_KEY_FILE
+
+# Read key from CRYPT_KEY_FILE, and then convert it from hex back into
+# raw binary. Hex has only 4 bits of entropy per byte as opposed to 8.
+if PENDING_FILE_PERM == 0600:
+ CRYPT_KEY = binascii.unhexlify(open(CRYPT_KEY_FILE).read().strip())
+else:
+ try:
+ CRYPT_KEY = binascii.unhexlify(open(CRYPT_KEY_FILE).read().strip())
+ except: pass
###################################
# END of user configurable settings
_______________________________________
tmda-cvs mailing list
http://tmda.net/lists/listinfo/tmda-cvs
