1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
# shadow.py - lookup functions for shadow information
#
# Copyright (C) 2010, 2011, 2012, 2013 Arthur de Jong
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301 USA
import cache
import common
import constants
import search
attmap = common.Attributes(uid='uid',
userPassword='"*"',
shadowLastChange='"${shadowLastChange:--1}"',
shadowMin='"${shadowMin:--1}"',
shadowMax='"${shadowMax:--1}"',
shadowWarning='"${shadowWarning:--1}"',
shadowInactive='"${shadowInactive:--1}"',
shadowExpire='"${shadowExpire:--1}"',
shadowFlag='"${shadowFlag:-0}"')
filter = '(objectClass=shadowAccount)'
class Search(search.LDAPSearch):
case_sensitive = ('uid', )
limit_attributes = ('uid', )
required = ('uid', )
class Cache(cache.Cache):
pass
class ShadowRequest(common.Request):
def write(self, name, passwd, lastchangedate, mindays, maxdays, warndays,
inactdays, expiredate, flag):
self.fp.write_string(name)
self.fp.write_string(passwd)
self.fp.write_int32(lastchangedate)
self.fp.write_int32(mindays)
self.fp.write_int32(maxdays)
self.fp.write_int32(warndays)
self.fp.write_int32(inactdays)
self.fp.write_int32(expiredate)
self.fp.write_int32(flag)
def convert(self, dn, attributes, parameters):
names = attributes['uid']
passwd = attributes['userPassword'][0]
if not passwd or self.calleruid != 0:
passwd = '*'
# function for making an int
def mk_int(attr):
try:
return int(attr)
except TypeError:
return None
# get lastchange date
lastchangedate = mk_int(attributes.get('shadowLastChange', [0])[0])
# we expect an AD 64-bit datetime value;
# we should do date=date/864000000000-134774
# but that causes problems on 32-bit platforms,
# first we devide by 1000000000 by stripping the
# last 9 digits from the string and going from there */
if attmap['shadowLastChange'] == 'pwdLastSet':
lastchangedate = (lastchangedate / 864000000000) - 134774
# get longs
mindays = mk_int(attributes.get('shadowMin', [-1])[0])
maxdays = mk_int(attributes.get('shadowMax', [-1])[0])
warndays = mk_int(attributes.get('shadowWarning', [-1])[0])
inactdays = mk_int(attributes.get('shadowInactive', [-1])[0])
expiredate = mk_int(attributes.get('shadowExpire', [-1])[0])
flag = mk_int(attributes.get('shadowFlag', [0])[0])
if attmap['shadowFlag'] == 'pwdLastSet':
if flag & 0x10000:
maxdays = -1
flag = 0
# return results
for name in names:
yield (name, passwd, lastchangedate, mindays, maxdays, warndays,
inactdays, expiredate, flag)
class ShadowByNameRequest(ShadowRequest):
action = constants.NSLCD_ACTION_SHADOW_BYNAME
def read_parameters(self, fp):
return dict(uid=fp.read_string())
class ShadowAllRequest(ShadowRequest):
action = constants.NSLCD_ACTION_SHADOW_ALL
|