ArbChanges = {"c": "..",
"l": ".*",
- "facsimiletelephonenumber": ".*",
- "telephonenumber": ".*",
- "postaladdress": ".*",
- "postalcode": ".*",
- "loginshell": ".*",
- "emailforward": "^([^<>@]+@.+)?$",
- "ircnick": ".*",
- "icquin": "^[0-9]*$",
- "onvacation": ".*",
- "labeledurl": ".*"};
+ "facsimileTelephoneNumber": ".*",
+ "telephoneNumber": ".*",
+ "postalAddress": ".*",
+ "postalCode": ".*",
+ "loginShell": ".*",
+ "emailForward": "^([^<>@]+@.+)?$",
+ "ircNick": ".*",
+ "icqUin": "^[0-9]*$",
+ "onVacation": ".*",
+ "labledURI": ".*"};
DelItems = {"c": None,
"l": None,
- "facsimiletelephonenumber": None,
- "telephonenumber": None,
- "postaladdress": None,
- "postalcode": None,
- "emailforward": None,
- "ircnick": None,
- "onvacation": None,
- "labeledurl": None,
+ "facsimileTelephoneNumber": None,
+ "telephoneNumber": None,
+ "postalAddress": None,
+ "postalCode": None,
+ "emailForward": None,
+ "ircNick": None,
+ "onVacation": None,
+ "labledURI": None,
"latitude": None,
"longitude": None,
- "icquin": None,
- "sshrsaauthkey": None,
- "sshdsaauthkey": None};
+ "icqUin": None,
+ "sshRSAAuthKey": None,
+ "sshDSAAuthKey": None};
# Decode a GPS location from some common forms
def LocDecode(Str,Dir):
if Match == None:
return None;
G = Match.groups();
-
- if ArbChanges.has_key(G[0]) == 0:
+
+ attrName = G[0].lower();
+ for i in ArbChanges.keys():
+ if i.lower() == attrName:
+ attrName = i;
+ break;
+ if ArbChanges.has_key(attrName) == 0:
return None;
-
- if re.match(ArbChanges[G[0]],G[1]) == None:
- raise Error, "Item does not match the required format"+ArbChanges[G[0]];
- Attrs.append((ldap.MOD_REPLACE,G[0],G[1]));
- return "Changed entry %s to %s"%(G[0],G[1]);
+ if re.match(ArbChanges[attrName],G[1]) == None:
+ raise Error, "Item does not match the required format"+ArbChanges[attrName];
+
+ Attrs.append((ldap.MOD_REPLACE,attrName,G[1]));
+ return "Changed entry %s to %s"%(attrName,G[1]);
# Handle changing a set of arbitary fields
# <field>: value
if Match == None:
return None;
G = Match.groups();
-
- if DelItems.has_key(G[0]) == 0:
- return "Cannot erase entry %s"%(G[0]);
- Attrs.append((ldap.MOD_DELETE,G[0],None));
- return "Removed entry %s"%(G[0]);
+ attrName = G[0].lower();
+ for i in DelItems.keys():
+ if i.lower() == attrName:
+ attrName = i;
+ break;
+ if DelItems.has_key(attrName) == 0:
+ return "Cannot erase entry %s"%(attrName);
+
+ Attrs.append((ldap.MOD_DELETE,attrName,None));
+ return "Removed entry %s"%(attrName);
# Handle a position change message, the line format is:
# Lat: -12412.23 Long: +12341.2342
# Handle an SSH authentication key, the line format is:
# [options] 1024 35 13188913666680[..] [comment]
def DoSSH(Str,Attrs):
- Match = SSHAuthSplit.match(Str);
+ Match = SSH2AuthSplit.match(Str);
if Match == None:
- Match = SSH2AuthSplit.match(Str);
- if Match == None:
- return None;
+ return None;
global SeenKey;
if SeenKey:
- Attrs.append((ldap.MOD_ADD,"sshrsaauthkey",Str));
+ Attrs.append((ldap.MOD_ADD,"sshRSAAuthKey",Str));
return "SSH Key added "+FormatSSHAuth(Str);
- Attrs.append((ldap.MOD_REPLACE,"sshrsaauthkey",Str));
+ Attrs.append((ldap.MOD_REPLACE,"sshRSAAuthKey",Str));
SeenKey = 1;
return "SSH Keys replaced with "+FormatSSHAuth(Str);
# Check for collisions
global l;
- Rec = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"dnszoneentry="+G[0]+" *",["uid"]);
+ Rec = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"dnsZoneEntry="+G[0]+" *",["uid"]);
for x in Rec:
if GetAttr(x,"uid") != GetAttr(DnRecord,"uid"):
return "DNS entry is already owned by " + GetAttr(x,"uid")
DNS[G[0]] = 1
if SeenDNS:
- Attrs.append((ldap.MOD_ADD,"dnszoneentry",Str));
+ Attrs.append((ldap.MOD_ADD,"dnsZoneEntry",Str));
return "DNS Entry added "+Str;
- Attrs.append((ldap.MOD_REPLACE,"dnszoneentry",Str));
+ Attrs.append((ldap.MOD_REPLACE,"dnsZoneEntry",Str));
SeenDNS = 1;
return "DNS Entry replaced with "+Str;
# Modify the record
l.simple_bind_s("uid="+AccessPass[0]+","+BaseDn,AccessPass[1]);
+ oldAttrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"uid="+GetAttr(DnRecord,"uid"));
+ if (string.find(GetAttr(oldAttrs[0],"userPassword"),"*LK*") != -1):
+ raise Error, "This account is locked";
Dn = "uid=" + GetAttr(DnRecord,"uid") + "," + BaseDn;
l.modify_s(Dn,Attrs);
# Check for a locked account
Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"uid="+GetAttr(DnRecord,"uid"));
- if (string.find(GetAttr(Attrs[0],"userpassword"),"*LK*") != -1):
+ if (string.find(GetAttr(Attrs[0],"userPassword"),"*LK*") != -1):
raise Error, "This account is locked";
# Modify the password
Msg = GetClearSig(Email);
ErrMsg = "Message is not PGP signed:"
- if string.find(Msg[0],"-----BEGIN PGP SIGNED MESSAGE-----") == -1:
+ if string.find(Msg[0],"-----BEGIN PGP SIGNED MESSAGE-----") == -1 and \
+ string.find(Msg[0],"-----BEGIN PGP MESSAGE-----") == -1:
raise Error, "No PGP signature";
# Check the signature
Rply = RC.Check(Res[1]);
if Rply != None:
raise Error, Rply;
- RC.Add(Res[1]);
# Connect to the ldap server
ErrType = EX_TEMPFAIL;
l.simple_bind_s("","");
# Search for the matching key fingerprint
- Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"keyfingerprint=" + Res[2][1]);
+ Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"keyFingerPrint=" + Res[2][1]);
+
+ ErrType = EX_PERMFAIL;
if len(Attrs) == 0:
raise Error, "Key not found"
if len(Attrs) != 1:
raise Error, "Oddly your key fingerprint is assigned to more than one account.."
+ RC.Add(Res[1]);
+
# Determine the sender address
- ErrType = EX_PERMFAIL;
ErrMsg = "A problem occured while trying to formulate the reply";
Sender = Email.getheader("Reply-To");
if Sender == None:
if Sender == None:
raise Error, "Unable to determine the sender's address";
- if (string.find(GetAttr(Attrs[0],"userpassword"),"*LK*") != -1):
- raise Error, "This account is locked";
-
# Formulate a reply
Date = time.strftime("%a, %d %b %Y %H:%M:%S +0000",time.gmtime(time.time()));
Reply = "To: %s\nReply-To: %s\nDate: %s\n" % (Sender,ReplyTo,Date);
projects / mirror / userdir-ldap.git / blobdiff