From 4845f3f1b3aaaa0a1beb63fe918876a0988bc8e5 Mon Sep 17 00:00:00 2001 From: jgg <> Date: Tue, 24 Apr 2001 02:14:24 +0000 Subject: [PATCH] DSA key support --- ud-info | 15 +++++++++++++++ ud-mailgate | 22 ++++++++++++++++++++-- userdir_ldap.py | 9 +++++++++ 3 files changed, 44 insertions(+), 2 deletions(-) diff --git a/ud-info b/ud-info index 2adbd24..3d31555 100755 --- a/ud-info +++ b/ud-info @@ -139,6 +139,20 @@ def PrintSshRSAKeys(Attrs): print FormatSSHAuth(x); +# Print the SSH RSA Authentication keys for a user +def PrintSshDSAKeys(Attrs): + if Attrs[1].has_key("sshdsaauthkey") == 0: + return; + First = 0; + for x in Attrs[1]["sshdsaauthkey"]: + if First == 0: + print "%-24s:" % ("SSH DSA Auth Keys"), + First = 1; + else: + print "%-24s:" % (""), + + print FormatSSH2Auth(x); + # Display all of the attributes in a numbered list def ShowAttrs(Attrs): print; @@ -147,6 +161,7 @@ def ShowAttrs(Attrs): PrintShadow(Attrs); PrintKeys(Attrs); PrintSshRSAKeys(Attrs); + PrintSshDSAKeys(Attrs); for at in Attrs[1].keys(): if AttrInfo.has_key(at): diff --git a/ud-mailgate b/ud-mailgate index 9046db6..6764c88 100755 --- a/ud-mailgate +++ b/ud-mailgate @@ -16,6 +16,7 @@ EX_TEMPFAIL = 75; EX_PERMFAIL = 65; # EX_DATAERR Error = 'Message Error'; SeenRSA = 0; +SeenDSA = 0; SeenDNS = 0; ArbChanges = {"c": "..", @@ -44,7 +45,8 @@ DelItems = {"c": None, "latitude": None, "longitude": None, "icquin": None, - "sshrsaauthkey": None}; + "sshrsaauthkey": None, + "sshdsaauthkey": None}; # Decode a GPS location from some common forms def LocDecode(Str,Dir): @@ -172,6 +174,22 @@ def DoSSH(Str,Attrs): SeenRSA = 1; return "SSH Keys replaced with "+FormatSSHAuth(Str); +# Handle a SSH DSA authentication key, the line format is: +# ssh-dss [key] [comment] +def DoSSH2(Str,Attrs): + Match = SSHDSAAuthSplit.match(Str); + if Match == None: + return None; + + global SeenDSA; + if SeenDSA: + Attrs.append((ldap.MOD_ADD,"sshdsaauthkey",Str)); + return "SSH2 Key added "+FormatSSH2Auth(Str); + + Attrs.append((ldap.MOD_REPLACE,"sshdsaauthkey",Str)); + SeenDSA = 1; + return "SSH2 Keys replaced with "+FormatSSH2Auth(Str); + # Handle changing a dns entry # host in a 12.12.12.12 # host in cname foo.bar. <- Trailing dot is required @@ -223,7 +241,7 @@ def HandleChange(Reply,DnRecord,Key): else: Res = DoPosition(Line,Attrs) or DoDNS(Line,Attrs,DnRecord) or \ DoArbChange(Line,Attrs) or DoSSH(Line,Attrs) or \ - DoDel(Line,Attrs); + DoSSH2(Line,Attrs) or DoDel(Line,Attrs); except: Res = None; Result = Result + "==> %s: %s\n" %(sys.exc_type,sys.exc_value); diff --git a/userdir_ldap.py b/userdir_ldap.py index a0de842..888158e 100644 --- a/userdir_ldap.py +++ b/userdir_ldap.py @@ -32,6 +32,7 @@ LastNamesPre = {"van": None, "le": None, "de": None, "di": None}; # SSH Key splitting. The result is: # (options,size,modulous,exponent,comment) SSHAuthSplit = re.compile('^(.* )?(\d+) (\d+) (\d+) ?(.+)$'); +SSHDSAAuthSplit = re.compile('^ssh-dss ([a-zA-Z0-9=/+]+) (.+)$'); #'^([^\d](?:[^ "]+(?:".*")?)*)? ?(\d+) (\d+) (\d+) (.+)$'); AddressSplit = re.compile("(.*).*<([^@]*)@([^>]*)>"); @@ -213,6 +214,14 @@ def DecDegree(Posn,Anon=0): return "+" + Str; return Str; +def FormatSSH2Auth(Str): + Match = SSHDSAAuthSplit.match(Str); + if Match == None: + return ""; + G = Match.groups(); + + return "ssh-dss %s..%s %s"%(G[0][:8],G[0][-8:],G[1]); + def FormatSSHAuth(Str): Match = SSHAuthSplit.match(Str); if Match == None: -- 2.20.1