# Some routines and configuration that are used by the ldap progams
-import termios, TERMIOS, re, string, imp, ldap, sys, whrandom, crypt, rfc822;
+import termios, re, string, imp, ldap, sys, whrandom, crypt, rfc822;
import userdir_gpg
try:
# Cheap hack
BaseDn = ConfModule.basedn;
-BaseDn = ConfModule.basedn;
+HostBaseDn = ConfModule.hostbasedn;
LDAPServer = ConfModule.ldaphost;
EmailAppend = ConfModule.emailappend;
AdminUser = ConfModule.adminuser;
# SSH Key splitting. The result is:
# (options,size,modulous,exponent,comment)
SSHAuthSplit = re.compile('^(.* )?(\d+) (\d+) (\d+) ?(.+)$');
+SSH2AuthSplit = re.compile('^(.* )?ssh-(dss|rsa) ([a-zA-Z0-9=/+]+) ?(.+)$');
#'^([^\d](?:[^ "]+(?:".*")?)*)? ?(\d+) (\d+) (\d+) (.+)$');
AddressSplit = re.compile("(.*).*<([^@]*)@([^>]*)>");
# Function to prompt for a password
def getpass(prompt = "Password: "):
- import termios, TERMIOS, sys;
+ import termios, sys;
fd = sys.stdin.fileno();
old = termios.tcgetattr(fd);
new = termios.tcgetattr(fd);
- new[3] = new[3] & ~TERMIOS.ECHO; # lflags
+ new[3] = new[3] & ~termios.ECHO; # lflags
try:
- termios.tcsetattr(fd, TERMIOS.TCSADRAIN, new);
+ termios.tcsetattr(fd, termios.TCSADRAIN, new);
passwd = raw_input(prompt);
finally:
- termios.tcsetattr(fd, TERMIOS.TCSADRAIN, old);
+ termios.tcsetattr(fd, termios.TCSADRAIN, old);
print;
return passwd;
SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ/.";
Rand = open("/dev/urandom");
Password = "";
- for i in range(0,10):
+ for i in range(0,15):
Password = Password + SaltVals[ord(Rand.read(1)[0]) % len(SaltVals)];
return Password;
def HashPass(Password):
# Hash it telling glibc to use the MD5 algorithm - if you dont have
# glibc then just change Salt = "$1$" to Salt = "";
- SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ/.";
+ SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/.";
Salt = "$1$";
+ Rand = open("/dev/urandom");
for x in range(0,10):
- Salt = Salt + SaltVals[whrandom.randint(0,len(SaltVals)-1)];
+ Salt = Salt + SaltVals[ord(Rand.read(1)[0]) % len(SaltVals)];
Pass = crypt.crypt(Password,Salt);
if len(Pass) < 14:
raise "Password Error", "MD5 password hashing failed, not changing the password!";
# Convert a lat/long attribute into Decimal degrees
def DecDegree(Posn,Anon=0):
- Parts = re.match('[+-]?(\d*)\\.?(\d*)?',Posn).groups();
+ Parts = re.match('[-+]?(\d*)\\.?(\d*)',Posn).groups();
Val = string.atof(Posn);
if (abs(Val) >= 1806060.0):
return "+" + Str;
return Str;
+def FormatSSH2Auth(Str):
+ Match = SSH2AuthSplit.match(Str);
+ if Match == None:
+ return "<unknown format>";
+ G = Match.groups();
+
+ if G[0] == None:
+ return "ssh-%s %s..%s %s"%(G[1],G[2][:8],G[2][-8:],G[3]);
+ return "%s ssh-%s %s..%s %s"%(G[0],G[1],G[2][:8],G[2][-8:],G[3]);
+
def FormatSSHAuth(Str):
Match = SSHAuthSplit.match(Str);
if Match == None:
- return "<unknown format>";
+ return FormatSSH2Auth(Str);
G = Match.groups();
# No options
# Take an email address and split it into 3 parts, (Name,UID,Domain)
def SplitEmail(Addr):
+ # Is not an email address at all
+ if string.find(Addr,'@') == -1:
+ return (Addr,"","");
+
Res1 = rfc822.AddrlistClass(Addr).getaddress();
if len(Res1) != 1:
return ("","",Addr);
Stat = "unknown map hit for"+str(Name);
return (UnknownMap[Name[2]],[Stat]);
+ # Then the name component (another ie there was no email address to match)
+ if UnknownMap.has_key(Name[0]):
+ Stat = "unknown map hit for"+str(Name);
+ return (UnknownMap[Name[0]],[Stat]);
+
# Search for a possible first/last name hit
try:
Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"(&(cn=%s)(sn=%s))"%(cn,sn),["uid"]);