- separated password and domain logic into package gvadm
git-svn-id: file:///home/www/usr01/svn/gnuviechadmin/gnuviech.info/gnuviechadmin/trunk@121 a67ec6bc-e5d5-0310-a910-815c51eb3124
This commit is contained in:
parent
1b4fb7e4ef
commit
13b09a8844
|
|
@ -1,112 +1,54 @@
|
|||
#!/usr/bin/env python
|
||||
|
||||
import psycopg, crypt, crack, popen2, getopt, random, sys
|
||||
import psycopg, getopt, sys
|
||||
|
||||
def generate_password():
|
||||
(o, i, e) = popen2.popen3("apg -n 1 -m 8 -x 12 -a 0")
|
||||
|
||||
return "".join(o.readlines()).strip()
|
||||
|
||||
def check_password(password):
|
||||
try:
|
||||
return crack.VeryFascistCheck(password)
|
||||
except ValueError, ve:
|
||||
print "Weak password:", ve
|
||||
return None
|
||||
|
||||
def md5_crypt_password(password):
|
||||
salt = "".join([chr(letter) for letter in random.sample(range(ord('a'), ord('z')), 8)])
|
||||
|
||||
return crypt.crypt(password, '$1$' + salt)
|
||||
|
||||
class InvalidDomain(Exception):
|
||||
def __init__(self, domain):
|
||||
self.domain = domain
|
||||
|
||||
def __str__(self):
|
||||
return repr("Invalid domain %s" % (domain))
|
||||
|
||||
def validate_domain(domain):
|
||||
cnx = psycopg.connect("user=exim4 password=CotOgigmeIk5 dbname=gnuviechadmin")
|
||||
cr = cnx.cursor()
|
||||
|
||||
cr.execute("SELECT * FROM domain WHERE domainname=%(name)s" %
|
||||
{'name': psycopg.QuotedString(domain)})
|
||||
cnx.commit()
|
||||
|
||||
result = cr.fetchall()
|
||||
if (not result):
|
||||
raise InvalidDomain(domain)
|
||||
#
|
||||
#print "-- Information from mailalias --"
|
||||
#cr.execute('SELECT * FROM mailalias')
|
||||
#cnx.commit()
|
||||
#
|
||||
#print cr.description
|
||||
#
|
||||
#result = cr.fetchall()
|
||||
#for line in result:
|
||||
# print line
|
||||
#
|
||||
#print "-- Information from mailpasswd --"
|
||||
#cr.execute('SELECT * FROM mailpasswd')
|
||||
#cnx.commit()
|
||||
#result = cr.fetchall()
|
||||
#for line in result:
|
||||
# print line
|
||||
#
|
||||
#print "-- Domains --"
|
||||
#cr.execute('SELECT DISTINCT domain FROM mailalias')
|
||||
#cnx.commit()
|
||||
#result = cr.fetchall()
|
||||
#for line in result:
|
||||
# print line
|
||||
from gvadm import PasswordTools, DomainTools
|
||||
|
||||
def usage():
|
||||
print """Usage information:
|
||||
=====================
|
||||
%(process)s -h|--help
|
||||
- prints this help text
|
||||
|
||||
%(process)s --domain=<domain> [--password=<password>]
|
||||
- adds a new pop user for the given domain
|
||||
- if the optional password is ommitted a generated one is used
|
||||
- the password is checked using cracklib
|
||||
- if the password is too weak a generated one is used
|
||||
""" % {'process': sys.argv[0]}
|
||||
print """Usage information:
|
||||
=====================
|
||||
%(process)s -h|--help
|
||||
- prints this help text
|
||||
|
||||
%(process)s --domain=<domain> [--password=<password>]
|
||||
- adds a new pop user for the given domain
|
||||
- if the optional password is ommitted a generated one is used
|
||||
- the password is checked using cracklib
|
||||
- if the password is too weak a generated one is used
|
||||
""" % {'process': sys.argv[0]}
|
||||
|
||||
if __name__ == "__main__":
|
||||
try:
|
||||
options = getopt.getopt(sys.argv[1:], "h", ['help', 'password=', 'domain='])
|
||||
except getopt.GetoptError:
|
||||
usage()
|
||||
sys.exit(1)
|
||||
|
||||
if (not options[0] or
|
||||
dict(options[0]).has_key('-h') or
|
||||
dict(options[0]).has_key('--help') or
|
||||
not dict(options[0]).has_key('--domain') or
|
||||
not dict(options[0])['--domain'].strip()):
|
||||
usage()
|
||||
sys.exit(1)
|
||||
|
||||
# specify the domain
|
||||
domain = dict(options[0])['--domain']
|
||||
try:
|
||||
validate_domain(domain)
|
||||
except InvalidDomain, iv:
|
||||
print iv
|
||||
sys.exit(1)
|
||||
try:
|
||||
options = getopt.getopt(sys.argv[1:], "h", ['help', 'password=', 'domain='])
|
||||
except getopt.GetoptError:
|
||||
usage()
|
||||
sys.exit(1)
|
||||
|
||||
if (not options[0] or
|
||||
dict(options[0]).has_key('-h') or
|
||||
dict(options[0]).has_key('--help') or
|
||||
not dict(options[0]).has_key('--domain') or
|
||||
not dict(options[0])['--domain'].strip()):
|
||||
usage()
|
||||
sys.exit(1)
|
||||
|
||||
# specify the domain
|
||||
domain = dict(options[0])['--domain']
|
||||
try:
|
||||
DomainTools.validate_domain(domain)
|
||||
except DomainTools.InvalidDomain, iv:
|
||||
print iv
|
||||
sys.exit(1)
|
||||
|
||||
# specify the password
|
||||
password = None
|
||||
# specify the password
|
||||
password = None
|
||||
|
||||
if dict(options[0]).has_key('--password'):
|
||||
password = check_password(dict(options[0])['--password'])
|
||||
if (password == None):
|
||||
password = generate_password()
|
||||
|
||||
print domain
|
||||
print password
|
||||
if dict(options[0]).has_key('--password'):
|
||||
password = PasswordTools.check_password(dict(options[0])['--password'])
|
||||
if (password == None):
|
||||
password = PasswordTools.generate_password()
|
||||
|
||||
print domain
|
||||
print password
|
||||
|
||||
print md5_crypt_password(password)
|
||||
print PasswordTools.md5_crypt_password(password)
|
||||
|
|
|
|||
|
|
@ -0,0 +1,30 @@
|
|||
#!/usr/bin/env python
|
||||
|
||||
import psycopg
|
||||
import Settings
|
||||
|
||||
class InvalidDomain(Exception):
|
||||
"""This Exception is thrown if an invalid domain is used."""
|
||||
def __init__(self, domain):
|
||||
self.domain = domain
|
||||
|
||||
def __str__(self):
|
||||
return repr("Invalid domain %s" % (self.domain))
|
||||
|
||||
def validate_domain(domain):
|
||||
"""This function validates whether the given domain is allowed.
|
||||
That means that the domain needs to be registered in the database.
|
||||
|
||||
If the domain is invalid InvalidDomain is raised."""
|
||||
cnx = psycopg.connect("user=%(dbuser)s password=%(dbpassword)s dbname=%(dbname)s" % Settings.dbsettings)
|
||||
cr = cnx.cursor()
|
||||
|
||||
cr.execute("SELECT * FROM domain WHERE domainname=%(name)s" %
|
||||
{'name': psycopg.QuotedString(domain)})
|
||||
cnx.commit()
|
||||
|
||||
result = cr.fetchall()
|
||||
if (not result):
|
||||
raise InvalidDomain(domain)
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
#!/usr/bin/env python
|
||||
|
||||
import crypt, crack, popen2, random
|
||||
|
||||
def generate_password():
|
||||
(o, i, e) = popen2.popen3("apg -n 1 -m 8 -x 12 -a 0")
|
||||
|
||||
return "".join(o.readlines()).strip()
|
||||
|
||||
def check_password(password):
|
||||
try:
|
||||
return crack.VeryFascistCheck(password)
|
||||
except ValueError, ve:
|
||||
print "Weak password:", ve
|
||||
return None
|
||||
|
||||
def md5_crypt_password(password):
|
||||
salt = "".join([chr(letter) for letter in random.sample(range(ord('a'), ord('z')), 8)])
|
||||
|
||||
return crypt.crypt(password, '$1$' + salt)
|
||||
|
||||
if __name__ == '__main__':
|
||||
print check_password("test")
|
||||
print generate_password()
|
||||
print md5_crypt_password("test")
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
#!/usr/bin/env python
|
||||
|
||||
dbsettings = { 'dbuser': 'exim4',
|
||||
'dbpassword' : 'CotOgigmeIk5',
|
||||
'dbname' : 'gnuviechadmin' }
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
#!/usr/bin/env python
|
||||
|
||||
"""This package contains classes for the gnuviech administration tool
|
||||
backend."""
|
||||
|
||||
|
||||
Loading…
Reference in New Issue