2022-04-28 21:48:16 +02:00
|
|
|
import __main__
|
2022-03-08 19:42:28 +01:00
|
|
|
from os import urandom as _urandom
|
|
|
|
|
from hashlib import sha1 as _sha1
|
|
|
|
|
from base64 import encodebytes as _encodebytes, b64encode as _b64encode
|
2022-04-28 21:48:16 +02:00
|
|
|
from json import load as _load, dump as _dump
|
|
|
|
|
from os.path import dirname as _dirname, abspath as _abspath, join as _join, isfile as _isfile
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
_HERE = _dirname(_abspath(__main__.__file__))
|
|
|
|
|
_SSHA_PASSWORD_DIR = _join(_HERE, 'password', 'ssha.json')
|
2022-03-08 19:42:28 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
# unproudly borrowed from
|
|
|
|
|
# http://www.openldap.org/faq/data/cache/347.html
|
|
|
|
|
def ssha_encode(password):
|
2022-04-28 21:48:16 +02:00
|
|
|
# do not regenerate SSHA
|
|
|
|
|
if _isfile(_SSHA_PASSWORD_DIR):
|
|
|
|
|
with open(_SSHA_PASSWORD_DIR, 'r') as fh:
|
|
|
|
|
passwords = _load(fh)
|
|
|
|
|
else:
|
|
|
|
|
passwords = {}
|
|
|
|
|
if password in passwords:
|
|
|
|
|
return passwords[password]
|
2022-03-08 19:42:28 +01:00
|
|
|
salt = _urandom(4)
|
|
|
|
|
h = _sha1(password.encode())
|
|
|
|
|
h.update(salt)
|
2022-04-28 21:48:16 +02:00
|
|
|
ret = _b64encode(b"{SSHA}" + _encodebytes(h.digest() + salt)[:-1]).decode()
|
|
|
|
|
passwords[password] = ret
|
|
|
|
|
with open(_SSHA_PASSWORD_DIR, 'w') as fh:
|
|
|
|
|
_dump(passwords, fh)
|
|
|
|
|
return ret
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def get_default_base_dn(server_name: str) -> str:
|
|
|
|
|
if not server_name or '.' not in server_name:
|
|
|
|
|
return None
|
|
|
|
|
values = server_name.split('.')
|
|
|
|
|
# cannot calculated base dn should be server.domain.tld
|
|
|
|
|
# remove 'server' in dn
|
|
|
|
|
if len(values) < 3:
|
|
|
|
|
return None
|
|
|
|
|
domain = ['ou=' + domain for domain in values[1:-2]]
|
|
|
|
|
domain.append(f'o={values[-2]},o={values[-1]}')
|
|
|
|
|
return ','.join(domain)
|
