Handle some errors from the captcha generator.

The main case here is where we handle HTTPGone.  The vast majority of our
production tracebacks are from here where (somehow) people are loading forms
that generate captchas (which works) and then way later, they are requesting
those same captcha images again (over 300 seconds later.. that's like 5
minutes). I *bet* this is happening if someone has a bodhi update page open,
and then their browser crashes and tries to restore its previous state, or
something like that.

Anyways, this patch adds a catch to that main "captcha is expired"
``InvalidToken`` traceback that is spamming our logs.  It turns it into a 410
Gone statuscode, which makes sense. While testing it, I tried passing in
garbage which generated a different ``TypeError`` from the base64 module, so I
caught that too.

Fixes #237.

bodhi/captcha.py

@@ -22,6 +22,7 @@
 
 from PIL import Image, ImageDraw, ImageFont
 
+from pyramid.httpexceptions import HTTPGone, HTTPNotFound
 from pyramid.view import view_config
 
 
@@ -104,12 +105,23 @@ def encrypt(plaintext, settings):
 
 
 def decrypt(ciphertext, settings):
+    ttl = int(settings['captcha.ttl'])
     secret = settings['captcha.secret']
     engine = cryptography.fernet.Fernet(secret)
+
     if isinstance(ciphertext, six.text_type):
         ciphertext = ciphertext.encode('utf-8')
-    ciphertext = base64.urlsafe_b64decode(ciphertext)
-    plaintext = engine.decrypt(ciphertext, ttl=int(settings['captcha.ttl']))
+
+    try:
+        ciphertext = base64.urlsafe_b64decode(ciphertext)
+    except TypeError:
+        raise HTTPNotFound("%s is garbage" % ciphertext)
+
+    try:
+        plaintext = engine.decrypt(ciphertext, ttl=ttl)
+    except cryptography.fernet.InvalidToken:
+        raise HTTPGone('captcha token is no longer valid')
+
     return plaintext.decode('utf-8')