X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap.git;a=blobdiff_plain;f=userdir_ldap.py;h=00f9d4b6448fcd367e07cc8002fa8f1d9853feb7;hp=9e998994aab0e57d469d692cd86aa8943010eec7;hb=871ab5f2e8bda25130c70834052fa8fb020a5373;hpb=e81f32047e089d96ada62a737e41e08de799d069

diff --git a/userdir_ldap.py b/userdir_ldap.py
index 9e99899..00f9d4b 100644
--- a/userdir_ldap.py
+++ b/userdir_ldap.py
@@ -40,7 +40,6 @@ AdminUser = ConfModule.adminuser;
 GenerateDir = ConfModule.generatedir;
 AllowedGroupsPreload = ConfModule.allowedgroupspreload;
 HomePrefix = ConfModule.homeprefix;
-DefaultGID = ConfModule.defaultgid;
 TemplatesDir = ConfModule.templatesdir;
 PassDir = ConfModule.passdir;
 Ech_ErrorLog = ConfModule.ech_errorlog;
@@ -52,6 +51,17 @@ try:
 except AttributeError:
    UseSSL = False;
 
+try:
+   BaseBaseDn = ConfModule.basebasedn;
+except AttributeError:
+   BaseBaseDn = BaseDn
+
+try:
+   IgnoreUsersForUIDNumberGen = ConfModule.ignoreusersforuidnumbergen
+except AttributeError:
+   IgnoreUsersForUIDNumberGen = ['nobody']
+
+
 # Break up the keyring list
 userdir_gpg.SetKeyrings(ConfModule.keyrings.split(":"))
 
@@ -73,7 +83,7 @@ GroupObjectClasses = ("top", "debianGroup")
 # SSH Key splitting. The result is:
 # (options,size,modulous,exponent,comment)
 SSHAuthSplit = re.compile('^(.* )?(\d+) (\d+) (\d+) ?(.+)$');
-SSH2AuthSplit = re.compile('^(.* )?ssh-(dss|rsa) ([a-zA-Z0-9=/+]+) ?(.+)$');
+SSH2AuthSplit = re.compile('^(.* )?ssh-(dss|rsa|ecdsa-sha2-nistp(?:256|384|521)|ed25519) ([a-zA-Z0-9=/+]+) ?(.+)$');
 #'^([^\d](?:[^ "]+(?:".*")?)*)? ?(\d+) (\d+) (\d+) (.+)$');
 
 AddressSplit = re.compile("(.*).*<([^@]*)@([^>]*)>");
@@ -126,7 +136,10 @@ def passwdAccessLDAP(BaseDn, AdminUser):
    """
    print "Accessing LDAP directory as '" + AdminUser + "'";
    while (1):
-      Password = getpass.getpass(AdminUser + "'s password: ")
+      if 'LDAP_PASSWORD' in os.environ:
+          Password = os.environ['LDAP_PASSWORD']
+      else:
+          Password = getpass.getpass(AdminUser + "'s password: ")
 
       if len(Password) == 0:
          sys.exit(0)
@@ -138,6 +151,9 @@ def passwdAccessLDAP(BaseDn, AdminUser):
       try:
          l.simple_bind_s(UserDn,Password);
       except ldap.INVALID_CREDENTIALS:
+         if 'LDAP_PASSWORD' in os.environ:
+             print "password in environment does not work"
+             del os.environ['LDAP_PASSWORD']
          continue
       break
    return l