예제 #1
0
    def configure(self, enable, directory):
        def create_server_args(params):
            validate = ssl.CERT_REQUIRED if params['verify_certificate'] else ssl.CERT_NONE

            if params['encryption'] == 'OFF':
                return {}

            if params['encryption'] == 'SSL':
                tls = ldap3.Tls(validate=validate)
                return {
                    'port': 636,
                    'use_ssl': True,
                    'tls': tls
                }

            if params['encryption'] == 'TLS':
                tls = ldap3.Tls(validate=validate)
                return {
                    'tls': tls
                }

        with self.cv:
            self.directory = directory
            self.parameters = directory.parameters
            self.enabled = enable
            self.server = ldap3.Server(self.parameters['server'], **create_server_args(self.parameters))
            self.base_dn = self.parameters['base_dn']
            self.user_dn = join_dn(self.parameters['user_suffix'], self.base_dn)
            self.group_dn = join_dn(self.parameters['group_suffix'], self.base_dn)
            self.start_tls = self.parameters['encryption'] == 'TLS'
            self.cv.notify_all()

        return dn_to_domain(directory.parameters['base_dn'])
예제 #2
0
    def configure(self, enable, directory):
        def create_server_args(params):
            validate = ssl.CERT_REQUIRED if params['verify_certificate'] else ssl.CERT_NONE

            if params['encryption'] == 'OFF':
                return {}

            if params['encryption'] == 'SSL':
                tls = ldap3.Tls(validate=validate)
                return {
                    'port': 636,
                    'use_ssl': True,
                    'tls': tls
                }

            if params['encryption'] == 'TLS':
                tls = ldap3.Tls(validate=validate)
                return {
                    'tls': tls
                }

        with self.cv:
            self.directory = directory
            self.parameters = directory.parameters
            self.enabled = enable
            self.server = ldap3.Server(self.parameters['server'], **create_server_args(self.parameters))
            self.base_dn = self.parameters['base_dn']
            self.user_dn = join_dn(self.parameters['user_suffix'], self.base_dn)
            self.group_dn = join_dn(self.parameters['group_suffix'], self.base_dn)
            self.start_tls = self.parameters['encryption'] == 'TLS'
            self.cv.notify_all()

        return dn_to_domain(directory.parameters['base_dn'])
예제 #3
0
    def get_id(self, entry):
        checksum = crc32(dn_to_domain(self.parameters['base_dn']))

        if 'entryUUID' in entry:
            return get(entry, 'entryUUID')

        if 'uidNumber' in entry:
            return str(uuid2(checksum, int(get(entry, 'uidNumber'))))

        if 'gidNumber' in entry:
            return str(uuid2(checksum, int(get(entry, 'gidNumber'))))

        return str(uuid.uuid4())
예제 #4
0
    def get_id(self, entry):
        checksum = crc32(dn_to_domain(self.parameters['base_dn']))

        if 'entryUUID' in entry:
            return get(entry, 'entryUUID.0')

        if 'uidNumber' in entry:
            return str(uuid2(checksum, int(get(entry, 'uidNumber.0'))))

        if 'gidNumber' in entry:
            return str(uuid2(checksum, int(get(entry, 'gidNumber.0'))))

        return str(uuid.uuid4())
예제 #5
0
    def getgruuid(self, id):
        logger.debug('getgruuid(uuid={0})'.format(id))

        try:
            checksum, gid = parse_uuid2(id)
            if crc32(dn_to_domain(self.base_dn)) != checksum:
                return None

            q = '(gidNumber={0})'.format(gid)
        except ValueError:
            q = '(entryUUID={0})'.format(id)

        group = self.search_one(self.group_dn, q)
        return self.convert_group(group)
예제 #6
0
    def getpwuuid(self, id):
        logger.debug('getpwuuid(uuid={0})'.format(id))

        try:
            checksum, uid = parse_uuid2(id)
            if crc32(dn_to_domain(self.base_dn)) != checksum:
                return None

            q = '(uidNumber={0})'.format(uid)
        except ValueError:
            q = '(entryUUID={0})'.format(id)

        user = self.search_one(self.user_dn, q)
        return self.convert_user(user)
예제 #7
0
    def getgruuid(self, id):
        logger.debug('getgruuid(uuid={0})'.format(id))

        try:
            checksum, gid = parse_uuid2(id)
            if crc32(dn_to_domain(self.base_dn)) != checksum:
                return None

            q = '(gidNumber={0})'.format(gid)
        except ValueError:
            q = '(entryUUID={0})'.format(id)

        group = self.search_one(self.group_dn, q)
        return self.convert_group(group)
예제 #8
0
    def getpwuuid(self, id):
        logger.debug('getpwuuid(uuid={0})'.format(id))

        try:
            checksum, uid = parse_uuid2(id)
            if crc32(dn_to_domain(self.base_dn)) != checksum:
                return None

            q = '(uidNumber={0})'.format(uid)
        except ValueError:
            q = '(entryUUID={0})'.format(id)

        user = self.search_one(self.user_dn, q)
        return self.convert_user(user)
예제 #9
0
    def configure(self, enable, uid_min, uid_max, gid_min, gid_max, parameters):
        self.parameters = parameters
        self.server = ldap3.Server(self.parameters['server'])
        self.base_dn = self.parameters['base_dn']
        self.user_dn = join_dn(self.parameters['user_suffix'], self.base_dn)
        self.group_dn = join_dn(self.parameters['group_suffix'], self.base_dn)
        self.conn = ldap3.Connection(
            self.server,
            client_strategy='ASYNC',
            user=self.parameters['bind_dn'],
            password=self.parameters['password']
        )

        self.conn.bind()
        return dn_to_domain(parameters['base_dn'])