diff --git a/backend/addpopuser.py b/backend/addpopuser.py index e0d3c11..0a8c552 100755 --- a/backend/addpopuser.py +++ b/backend/addpopuser.py @@ -1,112 +1,54 @@ #!/usr/bin/env python -import psycopg, crypt, crack, popen2, getopt, random, sys +import psycopg, getopt, sys -def generate_password(): - (o, i, e) = popen2.popen3("apg -n 1 -m 8 -x 12 -a 0") - - return "".join(o.readlines()).strip() - -def check_password(password): - try: - return crack.VeryFascistCheck(password) - except ValueError, ve: - print "Weak password:", ve - return None - -def md5_crypt_password(password): - salt = "".join([chr(letter) for letter in random.sample(range(ord('a'), ord('z')), 8)]) - - return crypt.crypt(password, '$1$' + salt) - -class InvalidDomain(Exception): - def __init__(self, domain): - self.domain = domain - - def __str__(self): - return repr("Invalid domain %s" % (domain)) - -def validate_domain(domain): - cnx = psycopg.connect("user=exim4 password=CotOgigmeIk5 dbname=gnuviechadmin") - cr = cnx.cursor() - - cr.execute("SELECT * FROM domain WHERE domainname=%(name)s" % - {'name': psycopg.QuotedString(domain)}) - cnx.commit() - - result = cr.fetchall() - if (not result): - raise InvalidDomain(domain) -# -#print "-- Information from mailalias --" -#cr.execute('SELECT * FROM mailalias') -#cnx.commit() -# -#print cr.description -# -#result = cr.fetchall() -#for line in result: -# print line -# -#print "-- Information from mailpasswd --" -#cr.execute('SELECT * FROM mailpasswd') -#cnx.commit() -#result = cr.fetchall() -#for line in result: -# print line -# -#print "-- Domains --" -#cr.execute('SELECT DISTINCT domain FROM mailalias') -#cnx.commit() -#result = cr.fetchall() -#for line in result: -# print line +from gvadm import PasswordTools, DomainTools def usage(): - print """Usage information: - ===================== - %(process)s -h|--help - - prints this help text - - %(process)s --domain= [--password=] - - adds a new pop user for the given domain - - if the optional password is ommitted a generated one is used - - the password is checked using cracklib - - if the password is too weak a generated one is used - """ % {'process': sys.argv[0]} + print """Usage information: + ===================== + %(process)s -h|--help + - prints this help text + + %(process)s --domain= [--password=] + - adds a new pop user for the given domain + - if the optional password is ommitted a generated one is used + - the password is checked using cracklib + - if the password is too weak a generated one is used + """ % {'process': sys.argv[0]} if __name__ == "__main__": - try: - options = getopt.getopt(sys.argv[1:], "h", ['help', 'password=', 'domain=']) - except getopt.GetoptError: - usage() - sys.exit(1) - - if (not options[0] or - dict(options[0]).has_key('-h') or - dict(options[0]).has_key('--help') or - not dict(options[0]).has_key('--domain') or - not dict(options[0])['--domain'].strip()): - usage() - sys.exit(1) - - # specify the domain - domain = dict(options[0])['--domain'] - try: - validate_domain(domain) - except InvalidDomain, iv: - print iv - sys.exit(1) + try: + options = getopt.getopt(sys.argv[1:], "h", ['help', 'password=', 'domain=']) + except getopt.GetoptError: + usage() + sys.exit(1) + + if (not options[0] or + dict(options[0]).has_key('-h') or + dict(options[0]).has_key('--help') or + not dict(options[0]).has_key('--domain') or + not dict(options[0])['--domain'].strip()): + usage() + sys.exit(1) + + # specify the domain + domain = dict(options[0])['--domain'] + try: + DomainTools.validate_domain(domain) + except DomainTools.InvalidDomain, iv: + print iv + sys.exit(1) - # specify the password - password = None + # specify the password + password = None - if dict(options[0]).has_key('--password'): - password = check_password(dict(options[0])['--password']) - if (password == None): - password = generate_password() - - print domain - print password + if dict(options[0]).has_key('--password'): + password = PasswordTools.check_password(dict(options[0])['--password']) + if (password == None): + password = PasswordTools.generate_password() + + print domain + print password - print md5_crypt_password(password) + print PasswordTools.md5_crypt_password(password) diff --git a/backend/gvadm/DomainTools.py b/backend/gvadm/DomainTools.py new file mode 100644 index 0000000..d5a17e2 --- /dev/null +++ b/backend/gvadm/DomainTools.py @@ -0,0 +1,30 @@ +#!/usr/bin/env python + +import psycopg +import Settings + +class InvalidDomain(Exception): + """This Exception is thrown if an invalid domain is used.""" + def __init__(self, domain): + self.domain = domain + + def __str__(self): + return repr("Invalid domain %s" % (self.domain)) + +def validate_domain(domain): + """This function validates whether the given domain is allowed. + That means that the domain needs to be registered in the database. + + If the domain is invalid InvalidDomain is raised.""" + cnx = psycopg.connect("user=%(dbuser)s password=%(dbpassword)s dbname=%(dbname)s" % Settings.dbsettings) + cr = cnx.cursor() + + cr.execute("SELECT * FROM domain WHERE domainname=%(name)s" % + {'name': psycopg.QuotedString(domain)}) + cnx.commit() + + result = cr.fetchall() + if (not result): + raise InvalidDomain(domain) + + diff --git a/backend/gvadm/PasswordTools.py b/backend/gvadm/PasswordTools.py new file mode 100644 index 0000000..f972df4 --- /dev/null +++ b/backend/gvadm/PasswordTools.py @@ -0,0 +1,25 @@ +#!/usr/bin/env python + +import crypt, crack, popen2, random + +def generate_password(): + (o, i, e) = popen2.popen3("apg -n 1 -m 8 -x 12 -a 0") + + return "".join(o.readlines()).strip() + +def check_password(password): + try: + return crack.VeryFascistCheck(password) + except ValueError, ve: + print "Weak password:", ve + return None + +def md5_crypt_password(password): + salt = "".join([chr(letter) for letter in random.sample(range(ord('a'), ord('z')), 8)]) + + return crypt.crypt(password, '$1$' + salt) + +if __name__ == '__main__': + print check_password("test") + print generate_password() + print md5_crypt_password("test") diff --git a/backend/gvadm/Settings.py b/backend/gvadm/Settings.py new file mode 100644 index 0000000..cf79bef --- /dev/null +++ b/backend/gvadm/Settings.py @@ -0,0 +1,5 @@ +#!/usr/bin/env python + +dbsettings = { 'dbuser': 'exim4', + 'dbpassword' : 'CotOgigmeIk5', + 'dbname' : 'gnuviechadmin' } diff --git a/backend/gvadm/__init__.py b/backend/gvadm/__init__.py new file mode 100644 index 0000000..10da71f --- /dev/null +++ b/backend/gvadm/__init__.py @@ -0,0 +1,6 @@ +#!/usr/bin/env python + +"""This package contains classes for the gnuviech administration tool +backend.""" + +