def __init__(self, username, **kwargs):
self.tls = bool(int(kwargs.pop("tls", "0")))
self.host = kwargs.pop("host", "localhost")
self.cacert = kwargs.pop("cacert", LDAP_CACERTFILE)
self.uid = parse_uid(kwargs.pop("uid", None))
self.gid = parse_gid(kwargs.pop("gid", None))
self.tls_version = None
self.tls_validate = None
if self.tls:
import ssl
tls_version = kwargs.pop("ssl-version", "TLSv1")
tls_validate = kwargs.pop("ssl-validate", "REQUIRED")
self.tls_version = getattr(ssl, "PROTOCOL_%s" % tls_version)
self.tls_validate = getattr(ssl, "CERT_%s" % tls_validate)
default_port = 636
else:
default_port = 389
self.port = int(kwargs.pop("port", default_port))
self.authentication = kwargs.pop("authentication", "NTLM").upper()
assert self.authentication in (
"SIMPLE", "SASL", "NTLM"
), "invalid authentication mechanism '%s'" % self.authentication
username = kwargs.pop("username", username)
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("ldap auth: host=%s, port=%i, tls=%s", self.host, self.port,
self.tls)
def __init__(self, username, **kwargs):
self.service = kwargs.pop("service", "")
self.uid = parse_uid(kwargs.pop("uid", None))
self.gid = parse_gid(kwargs.pop("gid", None))
username = kwargs.pop("username", username)
kwargs["prompt"] = kwargs.pop("prompt", "GSS token")
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("gss auth: service=%s, username=%s", self.service, username)
def __init__(self, username, **kwargs):
self.service = kwargs.pop("service", "")
self.realm = kwargs.pop("realm", "")
self.uid = parse_uid(kwargs.pop("uid", None))
self.gid = parse_gid(kwargs.pop("gid", None))
username = kwargs.pop("username", username)
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("kerberos-password auth: service=%s, realm=%s, username=%s", self.service, self.realm, username)
def __init__(self, username, **kwargs):
def ipop(k):
try:
return int(kwargs.pop(k, 0))
except ValueError:
return 0
self.service = kwargs.pop("service", "")
self.uid = parse_uid(kwargs.pop("uid", None))
self.gid = parse_gid(kwargs.pop("gid", None))
username = kwargs.pop("username", username)
kwargs["prompt"] = kwargs.pop("prompt", "kerberos token")
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("kerberos-token auth: service=%s, username=%s", self.service, username)
def __init__(self, username, **kwargs):
def ipop(k):
try:
return int(kwargs.pop(k, 0))
except ValueError:
return 0
self.service = kwargs.pop("service", "")
self.uid = ipop("uid")
self.gid = ipop("gid")
username = kwargs.pop("username", username)
kwargs["prompt"] = kwargs.pop("prompt", "GSS token")
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("gss auth: service=%s, username=%s", self.service, username)
def __init__(self, username, **kwargs):
self.tls = bool(int(kwargs.pop("tls", "0")))
self.host = kwargs.pop("host", "localhost")
self.cacert = kwargs.pop("cacert", LDAP_CACERTFILE)
self.encoding = kwargs.pop("encoding", LDAP_ENCODING)
if self.tls:
default_port = 636
else:
default_port = 389
self.port = int(kwargs.pop("port", default_port))
self.username_format = kwargs.pop("username_format", "cn=%username, o=%domain")
#self.username_format = kwargs.pop("username_format", "%username@%domain")
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("ldap auth: host=%s, port=%i, tls=%s, username_format=%s, cacert=%s, encoding=%s",
self.host, self.port, self.tls, self.username_format, self.cacert, self.encoding)
def __init__(self, username, **kwargs):
self.service = kwargs.pop("service", "")
self.realm = kwargs.pop("realm", "")
def ipop(k):
try:
return int(kwargs.pop(k, 0))
except ValueError:
return 0
self.uid = ipop("uid")
self.gid = ipop("gid")
username = kwargs.pop("username", username)
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("kerberos-password auth: service=%s, realm=%s, username=%s",
self.service, self.realm, username)
def get_challenge(self, digests):
if "xor" not in digests:
log.error("Error: ldap authentication requires the 'xor' digest")
return None
return SysAuthenticatorBase.get_challenge(self, ["xor"])
