[debian/*.py] remove trailing whitespaces
Ignore-this: f62e84c258c847013d307d12acdf489e darcs-hash:20090309212356-0445d-d8338d06f968f316fcd085446023123be87040f7.gz
This commit is contained in:
Stephane Glondu
parent
cc31727b60
commit
eae0d21f83
18 changed files with 352 additions and 352 deletions
|
|
@ -3,7 +3,7 @@
|
|||
# ldap_passwd.py : manipulation des mots de passes LDAP
|
||||
# $Id: ldap_passwd.py,v 1.7 2006-05-04 17:46:58 chove Exp $
|
||||
###############################################################################
|
||||
# The authors of this code are
|
||||
# The authors of this code are
|
||||
# Bjorn Ove Grotan <bgrotan@grotan.com>
|
||||
# Etienne Chové <etienne.chove@crans.org>
|
||||
#
|
||||
|
|
@ -27,19 +27,19 @@
|
|||
###############################################################################
|
||||
|
||||
# For extra strength passwords, we wanted SSHA in our LDAP-environment
|
||||
# as the standard python-module 'sha' does not support ssha, but this can
|
||||
# easily be implemented with a few extra functions.
|
||||
# as the standard python-module 'sha' does not support ssha, but this can
|
||||
# easily be implemented with a few extra functions.
|
||||
#
|
||||
# SSHA can be described as:
|
||||
# the SHA1-digest of a password with a sequence of "salt" bytes, where
|
||||
# the bytes are randomly chosen - followed by the same salt bytes
|
||||
# For LDAP-use, the SHA1 and SSHA-digest has to be base64-encoded.
|
||||
# For LDAP-use, the SHA1 and SSHA-digest has to be base64-encoded.
|
||||
#
|
||||
# Example-LDIF:
|
||||
# {SSHA}oaEG3PJ10sHxGcSxsDRRooTifL55/2NOdN3nU1VEV+NFzc9Q
|
||||
#
|
||||
#
|
||||
# This package should now support passwords compatible with [1] Samba using the [2]
|
||||
# smbpasswd module for [3] Python. The samba compability is added for use with Samba
|
||||
# smbpasswd module for [3] Python. The samba compability is added for use with Samba
|
||||
# as PDC with storing user and host-information in LDAP.
|
||||
#
|
||||
# [1] http://www.samba.org
|
||||
|
|
@ -70,7 +70,7 @@ if smb:
|
|||
algos['lmpassword'] = 'lan man hash'
|
||||
algos['ntpassword'] = 'nt hash'
|
||||
|
||||
|
||||
|
||||
def getsalt(chars=string.letters+string.digits, length=16):
|
||||
''' Generate a random salt. Default length is 16 '''
|
||||
salt = ''
|
||||
|
|
@ -79,18 +79,18 @@ def getsalt(chars=string.letters+string.digits, length=16):
|
|||
return salt
|
||||
|
||||
def mkpasswd(pwd, sambaver=3, algo='SSHA', salt=None):
|
||||
''' Make a given password cryptated, possibly with different
|
||||
crypt-algorihtms. This module was written for use with
|
||||
''' Make a given password cryptated, possibly with different
|
||||
crypt-algorihtms. This module was written for use with
|
||||
LDAP - so default is seeded sha
|
||||
'''
|
||||
|
||||
if salt == None:
|
||||
salt = getsalt()
|
||||
|
||||
|
||||
algo = algo.lower()
|
||||
if algo not in algos.keys():
|
||||
raise TypeError, 'Algorithm <%s> not supported in this version.' % algo
|
||||
|
||||
|
||||
if algo == 'ssha':
|
||||
pwdhash = "{SSHA}" + base64.encodestring(sha.new(str(pwd) + salt).digest() + salt)
|
||||
elif algo =='sha':
|
||||
|
|
@ -117,7 +117,7 @@ def mkpasswd(pwd, sambaver=3, algo='SSHA', salt=None):
|
|||
|
||||
def checkpwd(pwd, pwdhash):
|
||||
''' Check if the password matches the hash '''
|
||||
|
||||
|
||||
algo = pwdhash[1:].split('}')[0]
|
||||
algo = algo.lower()
|
||||
|
||||
|
|
@ -134,5 +134,5 @@ def checkpwd(pwd, pwdhash):
|
|||
salt = base64.decodestring(pwdhash.split('}')[1])[20:]
|
||||
else:
|
||||
salt = None
|
||||
|
||||
|
||||
return mkpasswd(pwd, sambaver=sambaver, algo=algo, salt=salt) == pwdhash
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue