en fait c'est comme on veut, insensible la casse, mme si beaucoup

prfrent des majuscules. pour mettre tout le monde content, on est completement insensible la casse darcs-hash:20060428000945-4ec08-5e9d3af39d4ce4ca82d6361b26e3daf2ed2811db.gz
2006-04-28 02:09:45 +02:00 · 2006-04-28 02:09:45 +02:00 · 219e0d050e
commit 219e0d050e
parent 0c43bc40d8
1 changed files with 24 additions and 34 deletions
--- a/gestion/ldap_passwd.py
+++ b/gestion/ldap_passwd.py
@ -1,7 +1,7 @@
 # -*- coding: iso8859-15 -*-
 ###############################################################################
 # ldap_passwd.py : manipulation des mots de passes LDAP
-# $Id: ldap_passwd.py,v 1.2 2006-04-28 00:01:09 chove Exp $
+# $Id: ldap_passwd.py,v 1.3 2006-04-28 00:09:45 chove Exp $
 ###############################################################################
 # The authors of this code are 
 #   Bjorn Ove Grotan <bgrotan@grotan.com>
@ -57,6 +57,19 @@ try:
 except:
    smb = False

+algos={}
+algos = {
+    'ssha':'Seeded SHA',
+    'sha':'Secure Hash Algorithm',
+    'md5':'MD5',
+    'smd5':'Seeded MD5',
+    'crypt':'standard unix crypt'
+}
+if smb:
+    algos['lmpassword'] = 'lan man hash'
+    algos['ntpassword'] = 'nt hash'
+
+    
 def getsalt(chars=string.letters+string.digits, length=16):
    ''' Generate a random salt. Default length is 16 '''
    salt = ''
@ -70,37 +83,25 @@ def mkpasswd(pwd, sambaver=3, algo='SSHA', salt=getsalt()):
        LDAP - so default is seeded sha
    '''

-    alg = {
-        'SSHA':'Seeded SHA',
-        'SHA':'Secure Hash Algorithm',
-        'MD5':'MD5',
-        'SMD5':'Seeded MD5',
-        'crypt':'standard unix crypt'
-    }
-    
-    if smb:
-        alg['LMPassword'] = 'lan man hash'
-        alg['NTPassword'] = 'nt hash'
-
-    if algo not in alg.keys():
+    if algo not in algos.keys():
        raise TypeError, 'Algorithm <%s> not supported in this version.' % algo
    
-    if algo == 'SSHA':
+    if algo == 'ssha':
        pwdhash = "{SSHA}" + base64.encodestring(sha.new(str(pwd) + salt).digest() + salt)
-    elif algo =='SHA':
+    elif algo =='sha':
        pwdhash = "{SHA}" + base64.encodestring(sha.new(str(pwd)).digest())
-    elif algo =='MD5':
+    elif algo =='md5':
        pwdhash = "{MD5}" + base64.encodestring(md5.new(str(pwd)).digest())
-    elif algo == 'SMD5':
+    elif algo == 'smd5':
        pwdhash = "{SMD5}" + base64.encodestring(md5.new(str(pwd) + salt).digest() + salt)
    elif algo =='crypt':
-        pwdhash = "{crypt}" + crypt.crypt(str(pwd),getsalt(length=2)) # crypt only uses a salt of length 2
-    elif algo == 'LMPassword':
+        pwdhash = "{CRYPT}" + crypt.crypt(str(pwd),getsalt(length=2)) # crypt only uses a salt of length 2
+    elif algo == 'lmpassword':
        if sambaver==3:
            pwdhash = "{sambaLMPassword}" + smbpasswd.lmhash(pwd)
        elif sambaver==2:
            pwdhash = "{lmPassword}" + smbpasswd.lmhash(pwd)
-    elif algo == 'NTPassword':
+    elif algo == 'ntpassword':
        if sambaver == 3:
            pwdhash = "{sambaNTPassword}" + smbpasswd.lmhash(pwd)
        elif sambaver == 2:
@ -110,19 +111,8 @@ def mkpasswd(pwd, sambaver=3, algo='SSHA', salt=getsalt()):
 def checkpwd(pwd, pwdhash):
    ''' Check if the password matches the hash '''
    
-    alg = {
-        'SSHA':'Seeded SHA',
-        'SHA':'Secure Hash Algorithm',
-        'MD5':'MD5',
-        'SMD5':'Seeded MD5',
-        'crypt':'standard unix crypt'
-    }
-    
-    if smb:
-        alg['LMPassword'] = 'lan man hash'
-        alg['NTPassword'] = 'nt hash'
-
    algo = pwdhash[1:].split('}')[0]
+    algo = algo.lower()

    if algo.startswith('samba'):
        sambaver = 3
@ -130,7 +120,7 @@ def checkpwd(pwd, pwdhash):
    else:
        sambaver = 2

-    if not algo in alg.keys():
+    if not algo in algos.keys():
        raise TypeError, 'Algorithm <%s> not supported in this version.' % algo

    if alg[algo].startswith('Seeded '):