Browse Source

Add pym/encrypt.py and scripts/cl-passwd

master
Самоукин Алексей 12 years ago
parent
commit
8f7eef09b7
  1. 94
      pym/encrypt.py
  2. 68
      scripts/cl-passwd

94
pym/encrypt.py

@ -0,0 +1,94 @@
#-*- coding: utf-8 -*-
# Copyright 2008-2010 Mir Calculate Ltd. http://www.calculate-linux.org
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import sys
import os
import hashlib
import crypt
import string
import time
from random import choice
from base64 import urlsafe_b64encode as b64encode
import smbpasswd
import cl_base
# Перевод модуля
tr = cl_base.lang()
tr.setLanguage(sys.modules[__name__])
class encrypt:
"""Класс хранения общих методов используемых для настройки сервисов
Методы шифрования, создания сертификатов и.т. д
"""
def __GenCryptSalt__(self):
"""Генерация соли для хеширования пароля (CRYPT)"""
chars = string.letters + string.digits + "./"
salt = ""
for i in range(2):
salt = salt + choice(chars)
return salt
def getHashPasswd(self, password, SecHashAlg):
"""Генерация хеша пароля,
Поддерживаемые алгоритмы шифрования пароля:
plain, md5, smd5, crypt, sha, ssha, lm, nt
"""
if not password:
print _("ERROR") + " getHashPasswd: " +\
_("password empty")
return False
hashPwd = ""
if SecHashAlg == "plain":
hashPwd = password
elif SecHashAlg == "md5":
h = hashlib.md5(password)
hashPwd = "{MD5}" + b64encode(h.digest())
elif SecHashAlg == "smd5":
salt = os.urandom(4)
h = hashlib.md5(password)
h.update(salt)
hashPwd = "{SMD5}" + b64encode(h.digest() + salt)
elif SecHashAlg == "crypt":
salt = self.__GenCryptSalt__()
hashPwd = "{CRYPT}" + crypt.crypt(password, salt)
elif SecHashAlg == "sha":
h = hashlib.sha1(password)
hashPwd = "{SHA}" + b64encode(h.digest())
elif SecHashAlg == "ssha":
salt = os.urandom(4)
h = hashlib.sha1(password)
h.update(salt)
hashPwd = "{SSHA}" + b64encode(h.digest() + salt)
elif SecHashAlg == "lm":
hashPwd = smbpasswd.lmhash(password)
elif SecHashAlg == "nt":
hashPwd = smbpasswd.nthash(password)
else:
print _("ERROR") + " getHashPasswd: " +\
_("Can not support '%s' crypto algoritm")%SecHashAlg
return False
return hashPwd

68
scripts/cl-passwd

@ -0,0 +1,68 @@
#!/usr/bin/python
#-*- coding: utf-8 -*-
# Copyright 2008-2010 Mir Calculate Ltd. http://www.calculate-linux.org
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import sys
import os
sys.path.insert(0,os.path.abspath('/usr/lib/calculate/calculate-lib/pym'))
sys.path.insert(0,os.path.abspath('/usr/lib/calculate/calculate-client/pym'))
import cl_base
import cl_client
tr = cl_base.lang()
tr.setGlobalDomain('cl_client')
tr.setLanguage(sys.modules[__name__])
if __name__ == "__main__":
ldapObj = cl_client.cl_client("cl-passwd")
cl_base.exit = lambda x: ldapObj.exit(x)
optObj = cl_client.tsOpt(ldapObj, False, False)
flagError = False
if not optObj.flagHelp and optObj.opt.has_key('vars'):
terms = optObj.opt['vars'].split(",")
clVars = cl_base.DataVars()
clVars.flClient()
clVars.flIniFile()
if terms == ["all"]:
clVars.printVars()
else:
clVars.printVars(terms)
elif not optObj.flagHelp:
if optObj.opt.has_key('color'):
if not (optObj.opt["color"]=="never" or\
optObj.opt["color"]=="auto" or\
optObj.opt["color"]=="always"):
optObj.handlerErrOpt()
sys.exit(1)
if optObj.opt["color"]=="never":
newClass = type("cl_client_nocolor",(cl_client.printNoColor,
cl_client.cl_client,object),
{})
ldapObj = newClass("cl-passwd")
cl_base.exit = lambda x: ldapObj.exit(x)
#userName = optObj.params['user'].strip()
if not ldapObj.setUserPasswordToServer(optObj.opt):
flagError = True
else:
if not optObj.flagHelp:
ldapObj.printERROR(_("Not found 'user' in command line"))
ldapObj.printERROR(\
_('Try "cl-passwd --help" for more information'))
flagError = True
if flagError:
sys.exit(1)
else:
sys.exit(0)
Loading…
Cancel
Save