def get_sessions(self):
import sqlite3
try:
conn = sqlite3.connect(self.filename)
conn.row_factory = sqlite3.Row
cursor = conn.cursor()
cursor.execute(self.sessions_query,
[self.username, self.password_used or ""])
data = cursor.fetchone()
except sqlite3.DatabaseError as e:
log("get_sessions()", exc_info=True)
log.error("Error: sqlauth database access problem:")
log.error(" %s", e)
return None
try:
uid = parse_uid(data["uid"])
gid = parse_gid(data["gid"])
displays = []
env_options = {}
session_options = {}
if data["displays"]:
displays = [x.strip() for x in str(data[2]).split(",")]
if data["env_options"]:
env_options = parse_simple_dict(str(data[3]), ";")
if data["session_options"]:
session_options = parse_simple_dict(str(data[4]), ";")
except Exception as e:
log("get_sessions() error on row %s", data, exc_info=True)
log.error("Error: sqlauth database row parsing problem:")
log.error(" %s", e)
return None
return uid, gid, displays, env_options, session_options
def __init__(self, **kwargs):
self.service = kwargs.pop("service", "")
self.uid = parse_uid(kwargs.pop("uid", None))
self.gid = parse_gid(kwargs.pop("gid", None))
kwargs["prompt"] = kwargs.pop("prompt", "kerberos token")
super().__init__(**kwargs)
log("kerberos-token auth: service=%r, username=%r", self.service, kwargs.get("username"))
def __init__(self, username, **kwargs):
self.tls = bool(int(kwargs.pop("tls", "0")))
self.host = kwargs.pop("host", "localhost")
self.cacert = kwargs.pop("cacert", LDAP_CACERTFILE)
self.uid = parse_uid(kwargs.pop("uid", None))
self.gid = parse_gid(kwargs.pop("gid", None))
self.tls_version = None
self.tls_validate = None
if self.tls:
import ssl
tls_version = kwargs.pop("ssl-version", "TLSv1")
tls_validate = kwargs.pop("ssl-validate", "REQUIRED")
self.tls_version = getattr(ssl, "PROTOCOL_%s" % tls_version)
self.tls_validate = getattr(ssl, "CERT_%s" % tls_validate)
default_port = 636
else:
default_port = 389
self.port = int(kwargs.pop("port", default_port))
self.authentication = kwargs.pop("authentication", "NTLM").upper()
assert self.authentication in (
"SIMPLE", "SASL", "NTLM"
), "invalid authentication mechanism '%s'" % self.authentication
username = kwargs.pop("username", username)
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("ldap auth: host=%s, port=%i, tls=%s", self.host, self.port,
self.tls)
def __init__(self, **kwargs):
self.service = kwargs.pop("service", "")
self.realm = kwargs.pop("realm", "")
self.uid = parse_uid(kwargs.pop("uid", None))
self.gid = parse_gid(kwargs.pop("gid", None))
super().__init__(**kwargs)
log("kerberos-password auth: service=%r, realm=%r, username=%r",
self.service, self.realm, kwargs.get("username"))
def __init__(self, username, **kwargs):
self.service = kwargs.pop("service", "")
self.uid = parse_uid(kwargs.pop("uid", None))
self.gid = parse_gid(kwargs.pop("gid", None))
username = kwargs.pop("username", username)
kwargs["prompt"] = kwargs.pop("prompt", "GSS token")
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("gss auth: service=%s, username=%s", self.service, username)
def __init__(self, username, **kwargs):
self.service = kwargs.pop("service", "")
self.realm = kwargs.pop("realm", "")
self.uid = parse_uid(kwargs.pop("uid", None))
self.gid = parse_gid(kwargs.pop("gid", None))
username = kwargs.pop("username", username)
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("kerberos-password auth: service=%s, realm=%s, username=%s", self.service, self.realm, username)
def __init__(self, username, **kwargs):
def ipop(k):
try:
return int(kwargs.pop(k, 0))
except ValueError:
return 0
self.service = kwargs.pop("service", "")
self.uid = parse_uid(kwargs.pop("uid", None))
self.gid = parse_gid(kwargs.pop("gid", None))
username = kwargs.pop("username", username)
kwargs["prompt"] = kwargs.pop("prompt", "kerberos token")
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("kerberos-token auth: service=%s, username=%s", self.service, username)
def parse_auth_line(line):
ldata = line.split(b"|")
assert len(ldata)>=2, "not enough fields: %i" % (len(ldata))
log("found %s fields", len(ldata))
#parse fields:
username = ldata[0]
password = ldata[1]
if len(ldata)>=5:
uid = parse_uid(bytestostr(ldata[2]))
gid = parse_gid(bytestostr(ldata[3]))
displays = bytestostr(ldata[4]).split(",")
else:
#this will use the default value, usually "nobody":
uid = parse_uid(None)
gid = parse_gid(None)
displays = []
env_options = {}
session_options = {}
if len(ldata)>=6:
env_options = parse_simple_dict(ldata[5], b";")
if len(ldata)>=7:
session_options = parse_simple_dict(ldata[6], b";")
return username, password, uid, gid, displays, env_options, session_options
def __init__(self, username, **kwargs):
self.tls = bool(int(kwargs.pop("tls", "0")))
self.host = kwargs.pop("host", "localhost")
self.cacert = kwargs.pop("cacert", LDAP_CACERTFILE)
self.encoding = kwargs.pop("encoding", LDAP_ENCODING)
self.uid = parse_uid(kwargs.pop("uid", None))
self.gid = parse_gid(kwargs.pop("gid", None))
if self.tls:
default_port = 636
else:
default_port = 389
self.port = int(kwargs.pop("port", default_port))
self.username_format = kwargs.pop("username_format", "cn=%username, o=%domain")
#self.username_format = kwargs.pop("username_format", "%username@%domain")
SysAuthenticatorBase.__init__(self, username, **kwargs)
log("ldap auth: host=%s, port=%i, tls=%s, username_format=%s, cacert=%s, encoding=%s",
self.host, self.port, self.tls, self.username_format, self.cacert, self.encoding)
def parse_session_data(self, data):
try:
uid = parse_uid(data["uid"])
gid = parse_gid(data["gid"])
displays = []
env_options = {}
session_options = {}
if data["displays"]:
displays = [x.strip() for x in str(data["displays"]).split(",")]
if data["env_options"]:
env_options = parse_simple_dict(str(data["env_options"]), ";")
if data["session_options"]:
session_options=parse_simple_dict(str(data["session_options"]), ";")
except Exception as e:
log("get_sessions() error on row %s", data, exc_info=True)
log.error("Error: sqlauth database row parsing problem:")
log.error(" %s", e)
return None
return uid, gid, displays, env_options, session_options
