X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=userdir_ldap.py;h=aee0e6fe815a55fb4bed174ecb5c34be17c49d97;hb=804d8d06a049d7cfc90f7c2062cb346901b07757;hp=07bc6b12aee5e4c506b16ef044a3ea930d571f08;hpb=2525bf73603cb6487cfcea096e2dc347ad360394;p=mirror%2Fuserdir-ldap.git diff --git a/userdir_ldap.py b/userdir_ldap.py index 07bc6b1..aee0e6f 100644 --- a/userdir_ldap.py +++ b/userdir_ldap.py @@ -11,7 +11,7 @@ File.close(); # Cheap hack BaseDn = ConfModule.basedn; -BaseDn = ConfModule.basedn; +HostBaseDn = ConfModule.hostbasedn; LDAPServer = ConfModule.ldaphost; EmailAppend = ConfModule.emailappend; AdminUser = ConfModule.adminuser; @@ -32,6 +32,7 @@ LastNamesPre = {"van": None, "le": None, "de": None, "di": None}; # SSH Key splitting. The result is: # (options,size,modulous,exponent,comment) SSHAuthSplit = re.compile('^(.* )?(\d+) (\d+) (\d+) ?(.+)$'); +SSH2AuthSplit = re.compile('^(.* )?ssh-(dss|rsa) ([a-zA-Z0-9=/+]+) (.+)$'); #'^([^\d](?:[^ "]+(?:".*")?)*)? ?(\d+) (\d+) (\d+) (.+)$'); AddressSplit = re.compile("(.*).*<([^@]*)@([^>]*)>"); @@ -137,7 +138,7 @@ def GenPass(): SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ/."; Rand = open("/dev/urandom"); Password = ""; - for i in range(0,10): + for i in range(0,15): Password = Password + SaltVals[ord(Rand.read(1)[0]) % len(SaltVals)]; return Password; @@ -145,10 +146,11 @@ def GenPass(): def HashPass(Password): # Hash it telling glibc to use the MD5 algorithm - if you dont have # glibc then just change Salt = "$1$" to Salt = ""; - SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ/."; + SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/."; Salt = "$1$"; + Rand = open("/dev/urandom"); for x in range(0,10): - Salt = Salt + SaltVals[whrandom.randint(0,len(SaltVals)-1)]; + Salt = Salt + SaltVals[ord(Rand.read(1)[0]) % len(SaltVals)]; Pass = crypt.crypt(Password,Salt); if len(Pass) < 14: raise "Password Error", "MD5 password hashing failed, not changing the password!"; @@ -212,10 +214,20 @@ def DecDegree(Posn,Anon=0): return "+" + Str; return Str; +def FormatSSH2Auth(Str): + Match = SSH2AuthSplit.match(Str); + if Match == None: + return ""; + G = Match.groups(); + + if G[0] == None: + return "ssh-%s %s..%s %s"%(G[1],G[2][:8],G[2][-8:],G[3]); + return "%s ssh-%s %s..%s %s"%(G[0],G[1],G[2][:8],G[2][-8:],G[3]); + def FormatSSHAuth(Str): Match = SSHAuthSplit.match(Str); if Match == None: - return ""; + return FormatSSH2Auth(Str); G = Match.groups(); # No options @@ -250,6 +262,10 @@ def FormatPGPKey(Str): # Take an email address and split it into 3 parts, (Name,UID,Domain) def SplitEmail(Addr): + # Is not an email address at all + if string.find(Addr,'@') == -1: + return (Addr,"",""); + Res1 = rfc822.AddrlistClass(Addr).getaddress(); if len(Res1) != 1: return ("","",Addr); @@ -289,6 +305,11 @@ def GetUID(l,Name,UnknownMap = {}): Stat = "unknown map hit for"+str(Name); return (UnknownMap[Name[2]],[Stat]); + # Then the name component (another ie there was no email address to match) + if UnknownMap.has_key(Name[0]): + Stat = "unknown map hit for"+str(Name); + return (UnknownMap[Name[0]],[Stat]); + # Search for a possible first/last name hit try: Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"(&(cn=%s)(sn=%s))"%(cn,sn),["uid"]);