X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=userdir_ldap.py;h=9e998994aab0e57d469d692cd86aa8943010eec7;hb=04409346418395c9f00c5f4a8244ce1d3512b446;hp=babfce0dea6c1b23425f60348bb3352ced63d8e0;hpb=f484d1c2a8a3fafdee28bf346b350084be710b91;p=mirror%2Fuserdir-ldap.git diff --git a/userdir_ldap.py b/userdir_ldap.py index babfce0..9e99899 100644 --- a/userdir_ldap.py +++ b/userdir_ldap.py @@ -2,6 +2,7 @@ # Copyright (c) 2001-2003 Ryan Murray # Copyright (c) 2004-2005 Joey Schulze # Copyright (c) 2008 Peter Palfrader +# Copyright (c) 2008 Thomas Viehmann # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -18,10 +19,10 @@ # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. # Some routines and configuration that are used by the ldap progams -import termios, re, imp, ldap, sys, crypt, rfc822, pwd, os; +import termios, re, imp, ldap, sys, crypt, rfc822, pwd, os, getpass import userdir_gpg import hmac -import sha as sha1_module +import hashlib try: File = open("/etc/userdir-ldap/userdir-ldap.conf"); @@ -37,7 +38,8 @@ LDAPServer = ConfModule.ldaphost; EmailAppend = ConfModule.emailappend; AdminUser = ConfModule.adminuser; GenerateDir = ConfModule.generatedir; -GenerateConf = ConfModule.generateconf; +AllowedGroupsPreload = ConfModule.allowedgroupspreload; +HomePrefix = ConfModule.homeprefix; DefaultGID = ConfModule.defaultgid; TemplatesDir = ConfModule.templatesdir; PassDir = ConfModule.passdir; @@ -117,28 +119,6 @@ def connectLDAP(server = None): l.start_tls_s(); return l; -# Function to prompt for a password -def getpass(prompt = "Password: "): - import termios, sys; - fd = sys.stdin.fileno(); - old = termios.tcgetattr(fd); - new = termios.tcgetattr(fd); - new[3] = new[3] & ~termios.ECHO; # lflags - try: - termios.tcsetattr(fd, termios.TCSADRAIN, new); - try: - passwd = raw_input(prompt); - except KeyboardInterrupt: - termios.tcsetattr(fd, termios.TCSADRAIN, old); - print - sys.exit(0) - except EOFError: - passwd = "" - finally: - termios.tcsetattr(fd, termios.TCSADRAIN, old); - print; - return passwd; - def passwdAccessLDAP(BaseDn, AdminUser): """ Ask for the AdminUser's password and connect to the LDAP server. @@ -146,7 +126,7 @@ def passwdAccessLDAP(BaseDn, AdminUser): """ print "Accessing LDAP directory as '" + AdminUser + "'"; while (1): - Password = getpass(AdminUser + "'s password: "); + Password = getpass.getpass(AdminUser + "'s password: ") if len(Password) == 0: sys.exit(0) @@ -452,10 +432,13 @@ def Group2GID(l, name): return -1 def make_hmac(str): - File = open(PassDir+"/key-hmac-"+pwd.getpwuid(os.getuid())[0],"r"); - HmacKey = File.readline().strip() - File.close(); - return hmac.new(HmacKey, str, sha1_module).hexdigest() + if 'UD_HMAC_KEY' in os.environ: + HmacKey = os.environ['UD_HMAC_KEY'] + else: + File = open(PassDir+"/key-hmac-"+pwd.getpwuid(os.getuid())[0],"r"); + HmacKey = File.readline().strip() + File.close(); + return hmac.new(HmacKey, str, hashlib.sha1).hexdigest() def make_passwd_hmac(status, purpose, uid, uuid, hosts, cryptedpass): return make_hmac(':'.join([status, purpose, uid, uuid, hosts, cryptedpass]))