X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=userdir_ldap.py;h=215d8e8e77d99a3356c315366c6331110e1616f1;hb=e5c85683eb28840dd086a60e2f259b8d1ab606cb;hp=07bc6b12aee5e4c506b16ef044a3ea930d571f08;hpb=2525bf73603cb6487cfcea096e2dc347ad360394;p=mirror%2Fuserdir-ldap.git

diff --git a/userdir_ldap.py b/userdir_ldap.py
index 07bc6b1..215d8e8 100644
--- a/userdir_ldap.py
+++ b/userdir_ldap.py
@@ -1,5 +1,5 @@
 # Some routines and configuration that are used by the ldap progams
-import termios, TERMIOS, re, string, imp, ldap, sys, whrandom, crypt, rfc822;
+import termios, re, string, imp, ldap, sys, whrandom, crypt, rfc822;
 import userdir_gpg
 
 try:
@@ -11,7 +11,7 @@ File.close();
 
 # Cheap hack
 BaseDn = ConfModule.basedn;
-BaseDn = ConfModule.basedn;
+HostBaseDn = ConfModule.hostbasedn;
 LDAPServer = ConfModule.ldaphost;
 EmailAppend = ConfModule.emailappend;
 AdminUser = ConfModule.adminuser;
@@ -32,6 +32,7 @@ LastNamesPre = {"van": None, "le": None, "de": None, "di": None};
 # SSH Key splitting. The result is:
 # (options,size,modulous,exponent,comment)
 SSHAuthSplit = re.compile('^(.* )?(\d+) (\d+) (\d+) ?(.+)$');
+SSH2AuthSplit = re.compile('^(.* )?ssh-(dss|rsa) ([a-zA-Z0-9=/+]+) ?(.+)$');
 #'^([^\d](?:[^ "]+(?:".*")?)*)? ?(\d+) (\d+) (\d+) (.+)$');
 
 AddressSplit = re.compile("(.*).*<([^@]*)@([^>]*)>");
@@ -69,16 +70,16 @@ def PrettyShow(DnRecord):
 
 # Function to prompt for a password 
 def getpass(prompt = "Password: "):
-   import termios, TERMIOS, sys;
+   import termios, sys;
    fd = sys.stdin.fileno();
    old = termios.tcgetattr(fd);
    new = termios.tcgetattr(fd);
-   new[3] = new[3] & ~TERMIOS.ECHO;          # lflags
+   new[3] = new[3] & ~termios.ECHO;          # lflags
    try:
-      termios.tcsetattr(fd, TERMIOS.TCSADRAIN, new);
+      termios.tcsetattr(fd, termios.TCSADRAIN, new);
       passwd = raw_input(prompt);
    finally:
-      termios.tcsetattr(fd, TERMIOS.TCSADRAIN, old);
+      termios.tcsetattr(fd, termios.TCSADRAIN, old);
    print;
    return passwd;
 
@@ -137,7 +138,7 @@ def GenPass():
    SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ/.";
    Rand = open("/dev/urandom");
    Password = "";
-   for i in range(0,10):
+   for i in range(0,15):
       Password = Password + SaltVals[ord(Rand.read(1)[0]) % len(SaltVals)];
    return Password;
 
@@ -145,10 +146,11 @@ def GenPass():
 def HashPass(Password):
    # Hash it telling glibc to use the MD5 algorithm - if you dont have
    # glibc then just change Salt = "$1$" to Salt = "";
-   SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ/.";
+   SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/.";
    Salt  = "$1$";
+   Rand = open("/dev/urandom");
    for x in range(0,10):
-      Salt = Salt + SaltVals[whrandom.randint(0,len(SaltVals)-1)];
+      Salt = Salt + SaltVals[ord(Rand.read(1)[0]) % len(SaltVals)];
    Pass = crypt.crypt(Password,Salt);
    if len(Pass) < 14:
       raise "Password Error", "MD5 password hashing failed, not changing the password!";
@@ -184,7 +186,7 @@ def FlushOutstanding(l,Outstanding,Fast=0):
 
 # Convert a lat/long attribute into Decimal degrees
 def DecDegree(Posn,Anon=0):
-  Parts = re.match('[+-]?(\d*)\\.?(\d*)?',Posn).groups();
+  Parts = re.match('[-+]?(\d*)\\.?(\d*)',Posn).groups();
   Val = string.atof(Posn);
 
   if (abs(Val) >= 1806060.0):
@@ -212,10 +214,20 @@ def DecDegree(Posn,Anon=0):
      return "+" + Str;
   return Str;
 
+def FormatSSH2Auth(Str):
+   Match = SSH2AuthSplit.match(Str);
+   if Match == None:
+      return "<unknown format>";
+   G = Match.groups();
+
+   if G[0] == None:
+      return "ssh-%s %s..%s %s"%(G[1],G[2][:8],G[2][-8:],G[3]);
+   return "%s ssh-%s %s..%s %s"%(G[0],G[1],G[2][:8],G[2][-8:],G[3]);
+
 def FormatSSHAuth(Str):
    Match = SSHAuthSplit.match(Str);
    if Match == None:
-      return "<unknown format>";
+      return FormatSSH2Auth(Str);
    G = Match.groups();
 
    # No options
@@ -250,6 +262,10 @@ def FormatPGPKey(Str):
 
 # Take an email address and split it into 3 parts, (Name,UID,Domain)
 def SplitEmail(Addr):
+   # Is not an email address at all
+   if string.find(Addr,'@') == -1:
+      return (Addr,"","");
+  
    Res1 = rfc822.AddrlistClass(Addr).getaddress();
    if len(Res1) != 1:
       return ("","",Addr);
@@ -289,6 +305,11 @@ def GetUID(l,Name,UnknownMap = {}):
       Stat = "unknown map hit for"+str(Name);
       return (UnknownMap[Name[2]],[Stat]);
 
+   # Then the name component (another ie there was no email address to match)
+   if UnknownMap.has_key(Name[0]):
+      Stat = "unknown map hit for"+str(Name);
+      return (UnknownMap[Name[0]],[Stat]);
+  
    # Search for a possible first/last name hit
    try:
       Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"(&(cn=%s)(sn=%s))"%(cn,sn),["uid"]);