1
0
Fork 0

- separated password and domain logic into package gvadm

git-svn-id: file:///home/www/usr01/svn/gnuviechadmin/gnuviech.info/gnuviechadmin/trunk@121 a67ec6bc-e5d5-0310-a910-815c51eb3124
This commit is contained in:
Jan Dittberner 2005-09-28 17:57:51 +00:00
parent 1b4fb7e4ef
commit 13b09a8844
5 changed files with 110 additions and 102 deletions

View file

@ -1,112 +1,54 @@
#!/usr/bin/env python #!/usr/bin/env python
import psycopg, crypt, crack, popen2, getopt, random, sys import psycopg, getopt, sys
def generate_password(): from gvadm import PasswordTools, DomainTools
(o, i, e) = popen2.popen3("apg -n 1 -m 8 -x 12 -a 0")
return "".join(o.readlines()).strip()
def check_password(password):
try:
return crack.VeryFascistCheck(password)
except ValueError, ve:
print "Weak password:", ve
return None
def md5_crypt_password(password):
salt = "".join([chr(letter) for letter in random.sample(range(ord('a'), ord('z')), 8)])
return crypt.crypt(password, '$1$' + salt)
class InvalidDomain(Exception):
def __init__(self, domain):
self.domain = domain
def __str__(self):
return repr("Invalid domain %s" % (domain))
def validate_domain(domain):
cnx = psycopg.connect("user=exim4 password=CotOgigmeIk5 dbname=gnuviechadmin")
cr = cnx.cursor()
cr.execute("SELECT * FROM domain WHERE domainname=%(name)s" %
{'name': psycopg.QuotedString(domain)})
cnx.commit()
result = cr.fetchall()
if (not result):
raise InvalidDomain(domain)
#
#print "-- Information from mailalias --"
#cr.execute('SELECT * FROM mailalias')
#cnx.commit()
#
#print cr.description
#
#result = cr.fetchall()
#for line in result:
# print line
#
#print "-- Information from mailpasswd --"
#cr.execute('SELECT * FROM mailpasswd')
#cnx.commit()
#result = cr.fetchall()
#for line in result:
# print line
#
#print "-- Domains --"
#cr.execute('SELECT DISTINCT domain FROM mailalias')
#cnx.commit()
#result = cr.fetchall()
#for line in result:
# print line
def usage(): def usage():
print """Usage information: print """Usage information:
===================== =====================
%(process)s -h|--help %(process)s -h|--help
- prints this help text - prints this help text
%(process)s --domain=<domain> [--password=<password>] %(process)s --domain=<domain> [--password=<password>]
- adds a new pop user for the given domain - adds a new pop user for the given domain
- if the optional password is ommitted a generated one is used - if the optional password is ommitted a generated one is used
- the password is checked using cracklib - the password is checked using cracklib
- if the password is too weak a generated one is used - if the password is too weak a generated one is used
""" % {'process': sys.argv[0]} """ % {'process': sys.argv[0]}
if __name__ == "__main__": if __name__ == "__main__":
try: try:
options = getopt.getopt(sys.argv[1:], "h", ['help', 'password=', 'domain=']) options = getopt.getopt(sys.argv[1:], "h", ['help', 'password=', 'domain='])
except getopt.GetoptError: except getopt.GetoptError:
usage() usage()
sys.exit(1) sys.exit(1)
if (not options[0] or if (not options[0] or
dict(options[0]).has_key('-h') or dict(options[0]).has_key('-h') or
dict(options[0]).has_key('--help') or dict(options[0]).has_key('--help') or
not dict(options[0]).has_key('--domain') or not dict(options[0]).has_key('--domain') or
not dict(options[0])['--domain'].strip()): not dict(options[0])['--domain'].strip()):
usage() usage()
sys.exit(1) sys.exit(1)
# specify the domain # specify the domain
domain = dict(options[0])['--domain'] domain = dict(options[0])['--domain']
try: try:
validate_domain(domain) DomainTools.validate_domain(domain)
except InvalidDomain, iv: except DomainTools.InvalidDomain, iv:
print iv print iv
sys.exit(1) sys.exit(1)
# specify the password # specify the password
password = None password = None
if dict(options[0]).has_key('--password'): if dict(options[0]).has_key('--password'):
password = check_password(dict(options[0])['--password']) password = PasswordTools.check_password(dict(options[0])['--password'])
if (password == None): if (password == None):
password = generate_password() password = PasswordTools.generate_password()
print domain print domain
print password print password
print md5_crypt_password(password) print PasswordTools.md5_crypt_password(password)

View file

@ -0,0 +1,30 @@
#!/usr/bin/env python
import psycopg
import Settings
class InvalidDomain(Exception):
"""This Exception is thrown if an invalid domain is used."""
def __init__(self, domain):
self.domain = domain
def __str__(self):
return repr("Invalid domain %s" % (self.domain))
def validate_domain(domain):
"""This function validates whether the given domain is allowed.
That means that the domain needs to be registered in the database.
If the domain is invalid InvalidDomain is raised."""
cnx = psycopg.connect("user=%(dbuser)s password=%(dbpassword)s dbname=%(dbname)s" % Settings.dbsettings)
cr = cnx.cursor()
cr.execute("SELECT * FROM domain WHERE domainname=%(name)s" %
{'name': psycopg.QuotedString(domain)})
cnx.commit()
result = cr.fetchall()
if (not result):
raise InvalidDomain(domain)

View file

@ -0,0 +1,25 @@
#!/usr/bin/env python
import crypt, crack, popen2, random
def generate_password():
(o, i, e) = popen2.popen3("apg -n 1 -m 8 -x 12 -a 0")
return "".join(o.readlines()).strip()
def check_password(password):
try:
return crack.VeryFascistCheck(password)
except ValueError, ve:
print "Weak password:", ve
return None
def md5_crypt_password(password):
salt = "".join([chr(letter) for letter in random.sample(range(ord('a'), ord('z')), 8)])
return crypt.crypt(password, '$1$' + salt)
if __name__ == '__main__':
print check_password("test")
print generate_password()
print md5_crypt_password("test")

View file

@ -0,0 +1,5 @@
#!/usr/bin/env python
dbsettings = { 'dbuser': 'exim4',
'dbpassword' : 'CotOgigmeIk5',
'dbname' : 'gnuviechadmin' }

View file

@ -0,0 +1,6 @@
#!/usr/bin/env python
"""This package contains classes for the gnuviech administration tool
backend."""