nss-pam-ldapd commit: r1455 - nss-pam-ldapd/pynslcd
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
nss-pam-ldapd commit: r1455 - nss-pam-ldapd/pynslcd
- From: Commits of the nss-pam-ldapd project <nss-pam-ldapd-commits [at] lists.arthurdejong.org>
- To: nss-pam-ldapd-commits [at] lists.arthurdejong.org
- Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: nss-pam-ldapd commit: r1455 - nss-pam-ldapd/pynslcd
- Date: Fri, 13 May 2011 09:04:15 +0200 (CEST)
Author: arthur
Date: Fri May 13 09:04:13 2011
New Revision: 1455
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?view=rev&revision=1455
Log:
simplify request handling by passing read parameters around in a dict instead
of setting object properties (this mainly simplifies search filter building)
Modified:
nss-pam-ldapd/pynslcd/alias.py
nss-pam-ldapd/pynslcd/common.py
nss-pam-ldapd/pynslcd/ether.py
nss-pam-ldapd/pynslcd/group.py
nss-pam-ldapd/pynslcd/host.py
nss-pam-ldapd/pynslcd/netgroup.py
nss-pam-ldapd/pynslcd/network.py
nss-pam-ldapd/pynslcd/pam.py
nss-pam-ldapd/pynslcd/passwd.py
nss-pam-ldapd/pynslcd/protocol.py
nss-pam-ldapd/pynslcd/rpc.py
nss-pam-ldapd/pynslcd/service.py
nss-pam-ldapd/pynslcd/shadow.py
Modified: nss-pam-ldapd/pynslcd/alias.py
==============================================================================
--- nss-pam-ldapd/pynslcd/alias.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/alias.py Fri May 13 09:04:13 2011 (r1455)
@@ -30,16 +30,16 @@
class AliasRequest(common.Request):
- def write(self, dn, attributes):
+ def write(self, dn, attributes, parameters):
# get name and check against requested name
names = attributes['cn']
if not names:
logging.error('Error: entry %s does not contain %s value', dn,
attmap['cn'])
return
- if self.name:
- if self.name.lower() not in (x.lower() for x in names):
+ if 'cn' in parameters:
+ if parameters['cn'].lower() not in (x.lower() for x in names):
return
- names = ( self.name, )
+ names = ( parameters['cn'], )
# get the members of the alias
members = attributes['rfc822MailMember']
if not members:
@@ -55,10 +55,9 @@
class AliasByNameRequest(AliasRequest):
action = constants.NSLCD_ACTION_ALIAS_BYNAME
- filter_attrs = dict(cn='name')
- def read_parameters(self):
- self.name = self.fp.read_string()
+ def read_parameters(self, fp):
+ return dict(cn=fp.read_string())
class AliasAllRequest(AliasRequest):
Modified: nss-pam-ldapd/pynslcd/common.py
==============================================================================
--- nss-pam-ldapd/pynslcd/common.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/common.py Fri May 13 09:04:13 2011 (r1455)
@@ -69,18 +69,14 @@
self.fp = fp
self.conn = conn
self.calleruid = calleruid
- # have default empty values for these
- self.name = None
- self.uid = None
- self.gid = None
- self.address = None
+ # load information from module that defines the class
module = sys.modules[self.__module__]
- self.attmap = module.attmap
- self.filter = module.filter
+ self.attmap = getattr(module, 'attmap', None)
+ self.filter = getattr(module, 'filter', None)
self.bases = getattr(module, 'bases', cfg.bases)
self.scope = getattr(module, 'scope', cfg.scope)
- def read_parameters(self):
+ def read_parameters(self, fp):
"""This method should read the parameters from ths stream and
store them in self."""
pass
@@ -89,26 +85,26 @@
"""Return the attributes that should be used in the LDAP search."""
return self.attmap.attributes()
- def mk_filter(self):
+ def mk_filter(self, parameters):
"""Return the active search filter (based on the read parameters)."""
- if hasattr(self, 'filter_attrs'):
+ if parameters:
return '(&%s(%s))' % ( self.filter,
')('.join('%s=%s' % (self.attmap[attribute],
-
ldap.filter.escape_filter_chars(str(getattr(self, name))))
- for attribute, name in self.filter_attrs.items()) )
+
ldap.filter.escape_filter_chars(str(value)))
+ for attribute, value in parameters.items()) )
return self.filter
- def handle_request(self):
+ def handle_request(self, parameters):
"""This method handles the request based on the parameters read
with read_parameters()."""
# get search results
for base in self.bases:
# do the LDAP search
try:
- res = self.conn.search_s(base, self.scope, self.mk_filter(),
self.attributes())
+ res = self.conn.search_s(base, self.scope,
self.mk_filter(parameters), self.attributes())
for entry in res:
if entry[0]:
- self.write(entry[0], self.attmap.mapped(entry[1]))
+ self.write(entry[0], self.attmap.mapped(entry[1]),
parameters)
except ldap.NO_SUCH_OBJECT:
# FIXME: log message
pass
@@ -116,11 +112,11 @@
self.fp.write_int32(constants.NSLCD_RESULT_END)
def __call__(self):
- self.read_parameters()
+ parameters = self.read_parameters(self.fp) or {}
# TODO: log call with parameters
self.fp.write_int32(constants.NSLCD_VERSION)
self.fp.write_int32(self.action)
- self.handle_request()
+ self.handle_request(parameters)
def get_handlers(module):
Modified: nss-pam-ldapd/pynslcd/ether.py
==============================================================================
--- nss-pam-ldapd/pynslcd/ether.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/ether.py Fri May 13 09:04:13 2011 (r1455)
@@ -40,27 +40,23 @@
class EtherRequest(common.Request):
- def __init__(self, *args):
- super(EtherRequest, self).__init__(*args)
- self.ether = None
-
- def write(self, dn, attributes):
+ def write(self, dn, attributes, parameters):
# get name and check against requested name
names = attributes['cn']
if not names:
print 'Error: entry %s does not contain %s value' % ( dn,
attmap['cn'])
- if self.name:
- if self.name.lower() not in (x.lower() for x in names):
+ if 'cn' in parameters:
+ if parameters['cn'].lower() not in (x.lower() for x in names):
return # skip entry
- names = ( self.name, )
+ names = ( parameters['cn'], )
# get addresses and convert to binary form
addresses = [ether_aton(x) for x in attributes['macAddress']]
if not addresses:
print 'Error: entry %s does not contain %s value' % ( dn,
attmap['macAddress'])
- if self.ether:
- if self.ether not in addresses:
+ if 'macAddress' in parameters:
+ if ether_aton(parameters['macAddress']) not in addresses:
return
- addresses = ( self.ether, )
+ addresses = ( ether_aton(parameters['macAddress']), )
# write results
for name in names:
for ether in addresses:
@@ -72,22 +68,17 @@
class EtherByNameRequest(EtherRequest):
action = constants.NSLCD_ACTION_ETHER_BYNAME
- filter_attrs = dict(cn='name')
- def read_parameters(self):
- self.name = self.fp.read_string()
+ def read_parameters(self, fp):
+ return dict(cn=fp.read_string())
class EtherByEtherRequest(EtherRequest):
action = constants.NSLCD_ACTION_ETHER_BYETHER
- def read_parameters(self):
- self.ether = self.fp.read(6)
-
- def mk_filter(self):
- return '(&%s(%s=%s))' % ( self.filter,
- attmap['macAddress'], ether_ntoa(self.ether) )
+ def read_parameters(self, fp):
+ return dict(macAddress=ether_ntoa(fp.read(6)))
class EtherAllRequest(EtherRequest):
Modified: nss-pam-ldapd/pynslcd/group.py
==============================================================================
--- nss-pam-ldapd/pynslcd/group.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/group.py Fri May 13 09:04:13 2011 (r1455)
@@ -44,17 +44,17 @@
wantmembers = True
- def write(self, dn, attributes):
+ def write(self, dn, attributes, parameters):
# get group names and check against requested group name
names = attributes['cn']
- if self.name:
- if self.name not in names:
+ if 'cn' in parameters:
+ if parameters['cn'] not in names:
return
- names = ( self.name, )
+ names = ( parameters['cn'], )
# get group group password
passwd = attributes['userPassword'][0]
# get group id(s)
- gids = ( self.gid, ) if self.gid else attributes['gidNumber']
+ gids = ( parameters['gidNumber'], ) if 'gidNumber' in parameters else
attributes['gidNumber']
gids = [ int(x) for x in gids ]
# build member list
members = set()
@@ -84,20 +84,19 @@
class GroupByNameRequest(GroupRequest):
action = constants.NSLCD_ACTION_GROUP_BYNAME
- filter_attrs = dict(cn='name')
- def read_parameters(self):
- self.name = self.fp.read_string()
- common.validate_name(self.name)
+ def read_parameters(self, fp):
+ name = fp.read_string()
+ common.validate_name(name)
+ return dict(cn=name)
class GroupByGidRequest(GroupRequest):
action = constants.NSLCD_ACTION_GROUP_BYGID
- filter_attrs = dict(gidNumber='gid')
- def read_parameters(self):
- self.gid = self.fp.read_gid_t()
+ def read_parameters(self, fp):
+ return dict(gidNumber=fp.read_gid_t())
class GroupByMemberRequest(GroupRequest):
@@ -112,22 +111,25 @@
del self.attmap['memberUid']
del self.attmap['uniqueMember']
- def read_parameters(self):
- self.memberuid = self.fp.read_string()
- common.validate_name(self.memberuid)
+ def read_parameters(self, fp):
+ memberuid = fp.read_string()
+ common.validate_name(memberuid)
+ return dict(memberUid=memberuid)
def attributes(self):
return self.attmap.attributes()
- def mk_filter(self):
+ def mk_filter(self, parameters):
+ # we still need a custom mk_filter because this is an | query
+ memberuid = parameters['memberUid']
if attmap['uniqueMember']:
- dn = uid2dn(self.conn, self.memberuid)
+ dn = uid2dn(self.conn, memberuid)
if dn:
return '(&%s(|(%s=%s)(%s=%s)))' % ( self.filter,
- attmap['memberUid'],
ldap.filter.escape_filter_chars(self.memberuid),
+ attmap['memberUid'],
ldap.filter.escape_filter_chars(memberuid),
attmap['uniqueMember'],
ldap.filter.escape_filter_chars(dn) )
return '(&%s(%s=%s))' % ( self.filter,
- attmap['memberUid'],
ldap.filter.escape_filter_chars(self.memberuid) )
+ attmap['memberUid'],
ldap.filter.escape_filter_chars(memberuid) )
class GroupAllRequest(GroupRequest):
Modified: nss-pam-ldapd/pynslcd/host.py
==============================================================================
--- nss-pam-ldapd/pynslcd/host.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/host.py Fri May 13 09:04:13 2011 (r1455)
@@ -30,7 +30,7 @@
class HostRequest(common.Request):
- def write(self, dn, attributes):
+ def write(self, dn, attributes, parameters):
hostname = common.get_rdn_value(dn, attmap['cn'])
hostnames = attributes['cn']
if not hostnames:
@@ -54,19 +54,17 @@
class HostByNameRequest(HostRequest):
action = constants.NSLCD_ACTION_HOST_BYNAME
- filter_attrs = dict(cn='name')
- def read_parameters(self):
- self.name = self.fp.read_string()
+ def read_parameters(self, fp):
+ return dict(cn=fp.read_string())
class HostByAddressRequest(HostRequest):
action = constants.NSLCD_ACTION_HOST_BYADDR
- filter_attrs = dict(ipHostNumber='address')
- def read_parameters(self):
- self.address = self.fp.read_address()
+ def read_parameters(self, fp):
+ return dict(ipHostNumber=fp.read_address())
class HostAllRequest(HostRequest):
Modified: nss-pam-ldapd/pynslcd/netgroup.py
==============================================================================
--- nss-pam-ldapd/pynslcd/netgroup.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/netgroup.py Fri May 13 09:04:13 2011 (r1455)
@@ -36,13 +36,13 @@
class NetgroupRequest(common.Request):
- def write(self, dn, attributes):
+ def write(self, dn, attributes, parameters):
# get names and check against requested user name
names = attributes['cn']
- if self.name:
- if self.name not in names:
+ if 'cn' in parameters:
+ if parameters['cn'] not in names:
return
- names = ( self.name, )
+ names = ( parameters['cn'], )
if not names:
print 'Error: entry %s does not contain %s value' % (dn,
attmap['cn'])
# write the netgroup triples
@@ -66,7 +66,6 @@
class NetgroupByNameRequest(NetgroupRequest):
action = constants.NSLCD_ACTION_NETGROUP_BYNAME
- filter_attrs = dict(cn='name')
- def read_parameters(self):
- self.name = self.fp.read_string()
+ def read_parameters(self, fp):
+ return dict(cn=fp.read_string())
Modified: nss-pam-ldapd/pynslcd/network.py
==============================================================================
--- nss-pam-ldapd/pynslcd/network.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/network.py Fri May 13 09:04:13 2011 (r1455)
@@ -31,18 +31,18 @@
class NetworkRequest(common.Request):
- def write(self, dn, attributes):
+ def write(self, dn, attributes, parameters):
networkname = common.get_rdn_value(dn, attmap['cn'])
networknames = attributes['cn']
if not networknames:
- print 'Error: entry %s does not contain %s value' % ( dn,
attmap['cn'])
+ print 'Error: entry %s does not contain %s value' % (dn,
attmap['cn'])
if not networkname:
networkname = networknames.pop(0)
elif networkname in networknames:
networknames.remove(networkname)
addresses = attributes['ipNetworkNumber']
if not addresses:
- print 'Error: entry %s does not contain %s value' % ( dn,
attmap['ipNetworkNumber'])
+ print 'Error: entry %s does not contain %s value' % (dn,
attmap['ipNetworkNumber'])
# write result
self.fp.write_int32(constants.NSLCD_RESULT_BEGIN)
self.fp.write_string(networkname)
@@ -55,19 +55,17 @@
class NetworkByNameRequest(NetworkRequest):
action = constants.NSLCD_ACTION_NETWORK_BYNAME
- filter_attrs = dict(cn='name')
- def read_parameters(self):
- self.name = self.fp.read_string()
+ def read_parameters(self, fp):
+ return dict(cn=fp.read_string())
class NetworkByAddressRequest(NetworkRequest):
action = constants.NSLCD_ACTION_NETWORK_BYADDR
- filter_attrs = dict(ipNetworkNumber='address')
- def read_parameters(self):
- self.address = self.fp.read_address()
+ def read_parameters(self, fp):
+ return dict(ipNetworkNumber=fp.read_address())
class NetworkAllRequest(NetworkRequest):
Modified: nss-pam-ldapd/pynslcd/pam.py
==============================================================================
--- nss-pam-ldapd/pynslcd/pam.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/pam.py Fri May 13 09:04:13 2011 (r1455)
@@ -42,18 +42,18 @@
class PAMRequest(common.Request):
- def validate_request(self):
+ def validate_request(self, parameters):
"""This method checks the provided username for validity and fills
in the DN if needed."""
# check username for validity
- common.validate_name(self.username)
+ common.validate_name(parameters['username'])
# look up user DN if not known
- if not self.userdn:
- entry = passwd.uid2entry(self.conn, self.username)
+ if not parameters['userdn']:
+ entry = passwd.uid2entry(self.conn, parameters['username'])
if not entry:
- raise ValueError('%r: user not found' % self.username)
+ raise ValueError('%r: user not found' % parameters['username'])
# save the DN
- self.userdn = entry[0]
+ parameters['userdn'] = entry[0]
# get the "real" username
value = common.get_rdn_value(entry[0], passwd.attmap['uid'])
if not value:
@@ -66,55 +66,57 @@
if value and not common.isvalidname(value):
raise ValueError('%s: has invalid %s attribute', dn,
passwd.attmap['uid'])
# check if the username is different and update it if needed
- if value != self.username:
- logging.info('username changed from %r to %r', self.username,
value)
- self.username = value
+ if value != parameters['username']:
+ logging.info('username changed from %r to %r',
parameters['username'], value)
+ parameters['username'] = value
class PAMAuthenticationRequest(PAMRequest):
action = constants.NSLCD_ACTION_PAM_AUTHC
- def read_parameters(self):
- self.username = self.fp.read_string()
- self.userdn = self.fp.read_string()
- self.servicename = self.fp.read_string()
- self.password = self.fp.read_string()
+ def read_parameters(self, fp):
+ return dict(username=fp.read_string(),
+ userdn=fp.read_string(),
+ servicename=fp.read_string(),
+ password=fp.read_string())
#self.validate_request()
# TODO: log call with parameters
- def write(self, code=constants.NSLCD_PAM_SUCCESS, msg=''):
+ def write(self, parameters, code=constants.NSLCD_PAM_SUCCESS, msg=''):
self.fp.write_int32(constants.NSLCD_RESULT_BEGIN)
- self.fp.write_string(self.username)
- self.fp.write_string(self.userdn)
+ self.fp.write_string(parameters['username'])
+ self.fp.write_string(parameters['userdn'])
self.fp.write_int32(code) # authc
self.fp.write_int32(constants.NSLCD_PAM_SUCCESS) # authz
self.fp.write_string(msg) # authzmsg
self.fp.write_int32(constants.NSLCD_RESULT_END)
- def handle_request(self):
+ def handle_request(self, parameters):
# if the username is blank and rootpwmoddn is configured, try to
# authenticate as administrator, otherwise validate request as usual
- if not self.username and cfg.rootpwmoddn:
+ if not parameters['username'] and cfg.rootpwmoddn:
# authenticate as rootpwmoddn
- self.userdn = cfg.rootpwmoddn
+ userdn = cfg.rootpwmoddn
# if the caller is root we will allow the use of rootpwmodpw
- if not self.password and self.calleruid == 0 and cfg.rootpwmodpw:
- self.password = cfg.rootpwmodpw
+ if not parameters['password'] and self.calleruid == 0 and
cfg.rootpwmodpw:
+ password = cfg.rootpwmodpw
else:
- self.validate_request()
+ self.validate_request(parameters)
+ userdn = parameters['userdn']
+ password = parameters['password']
# try authentication
try:
- try_bind(self.userdn, self.password)
+ try_bind(userdn, password)
logging.debug('bind successful')
- self.write()
+ self.write(parameters)
except ldap.INVALID_CREDENTIALS, e:
try:
msg = e[0]['desc']
except:
msg = str(e)
logging.debug('bind failed: %s', msg)
- self.write(constants.NSLCD_PAM_AUTH_ERR, msg)
+ self.write(parameters, constants.NSLCD_PAM_AUTH_ERR, msg)
#class PAMAuthorisationRequest(PAMRequest):
Modified: nss-pam-ldapd/pynslcd/passwd.py
==============================================================================
--- nss-pam-ldapd/pynslcd/passwd.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/passwd.py Fri May 13 09:04:13 2011 (r1455)
@@ -39,20 +39,20 @@
class PasswdRequest(common.Request):
- def write(self, dn, attributes):
+ def write(self, dn, attributes, parameters):
# get uid attribute and check against requested user name
names = attributes['uid']
- if self.name:
- if self.name not in names:
+ if 'uid' in parameters:
+ if parameters['uid'] not in names:
return
- names = ( self.name, )
+ names = ( parameters['uid'], )
# get user password entry
if 'shadowAccount' in attributes['objectClass']:
passwd = 'x'
else:
passwd = attributes['userPassword'][0]
# get numeric user and group ids
- uids = ( self.uid, ) if self.uid else attributes['uidNumber']
+ uids = ( parameters['uidNumber'], ) if 'uidNumber' in parameters else
attributes['uidNumber']
uids = [ int(x) for x in uids ]
# get other passwd properties
gid = int(attributes['gidNumber'][0])
@@ -78,20 +78,19 @@
class PasswdByNameRequest(PasswdRequest):
action = constants.NSLCD_ACTION_PASSWD_BYNAME
- filter_attrs = dict(uid='name')
- def read_parameters(self):
- self.name = self.fp.read_string()
- common.validate_name(self.name)
+ def read_parameters(self, fp):
+ name = fp.read_string()
+ common.validate_name(name)
+ return dict(uid=name)
class PasswdByUidRequest(PasswdRequest):
action = constants.NSLCD_ACTION_PASSWD_BYUID
- filter_attrs = dict(uidNumber='uid')
- def read_parameters(self):
- self.uid = self.fp.read_uid_t()
+ def read_parameters(self, fp):
+ return dict(uidNumber=fp.read_uid_t())
class PasswdAllRequest(PasswdRequest):
@@ -99,6 +98,7 @@
action = constants.NSLCD_ACTION_PASSWD_ALL
+# FIXME: have something in common that does this
def do_search(conn, flt=None, base=None):
mybases = ( base, ) if base else bases
flt = flt or filter
Modified: nss-pam-ldapd/pynslcd/protocol.py
==============================================================================
--- nss-pam-ldapd/pynslcd/protocol.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/protocol.py Fri May 13 09:04:13 2011 (r1455)
@@ -30,13 +30,13 @@
class ProtocolRequest(common.Request):
- def write(self, dn, attributes):
+ def write(self, dn, attributes, parameters):
# get name
name = common.get_rdn_value(dn, attmap['cn'])
names = attributes['cn']
if not names:
print 'Error: entry %s does not contain %s value' % (dn,
attmap['cn'])
- if self.name and self.name not in names:
+ if 'cn' in parameters and parameters['cn'] not in names:
return # case of result entry did not match
if not name:
name = names.pop(0)
@@ -57,19 +57,17 @@
class ProtocolByNameRequest(ProtocolRequest):
action = constants.NSLCD_ACTION_PROTOCOL_BYNAME
- filter_attrs = dict(cn='name')
- def read_parameters(self):
- self.name = self.fp.read_string()
+ def read_parameters(self, fp):
+ return dict(cn=fp.read_string())
class ProtocolByNumberRequest(ProtocolRequest):
action = constants.NSLCD_ACTION_PROTOCOL_BYNUMBER
- filter_attrs = dict(ipProtocolNumber='number')
- def read_parameters(self):
- self.number = self.fp.read_int32()
+ def read_parameters(self, fp):
+ return dict(ipProtocolNumber=fp.read_int32())
class ProtocolAllRequest(ProtocolRequest):
Modified: nss-pam-ldapd/pynslcd/rpc.py
==============================================================================
--- nss-pam-ldapd/pynslcd/rpc.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/rpc.py Fri May 13 09:04:13 2011 (r1455)
@@ -30,13 +30,13 @@
class RpcRequest(common.Request):
- def write(self, dn, attributes):
+ def write(self, dn, attributes, parameters):
# get name
name = common.get_rdn_value(dn, attmap['cn'])
names = attributes['cn']
if not names:
print 'Error: entry %s does not contain %s value' % ( dn,
attmap['cn'] )
- if self.name and self.name not in names:
+ if 'cn' in parameters and parameters['cn'] not in names:
return # case of result entry did not match
if not name:
name = names.pop(0)
@@ -57,19 +57,17 @@
class RpcByNameRequest(RpcRequest):
action = constants.NSLCD_ACTION_RPC_BYNAME
- filter_attrs = dict(cn='name')
- def read_parameters(self):
- self.name = self.fp.read_string()
+ def read_parameters(self, fp):
+ return dict(cn=fp.read_string())
class RpcByNumberRequest(RpcRequest):
action = constants.NSLCD_ACTION_RPC_BYNUMBER
- filter_attrs = dict(oncRpcNumber='number')
- def read_parameters(self):
- self.number = self.fp.read_int32()
+ def read_parameters(self, fp):
+ return dict(oncRpcNumber=fp.read_int32())
class RpcAllRequest(RpcRequest):
Modified: nss-pam-ldapd/pynslcd/service.py
==============================================================================
--- nss-pam-ldapd/pynslcd/service.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/service.py Fri May 13 09:04:13 2011 (r1455)
@@ -33,17 +33,13 @@
class ServiceRequest(common.Request):
- def __init__(self, *args):
- super(ServiceRequest, self).__init__(*args)
- self.protocol = None
-
- def write(self, dn, attributes):
+ def write(self, dn, attributes, parameters):
# get name
name = common.get_rdn_value(dn, attmap['cn'])
names = attributes['cn']
if not names:
print 'Error: entry %s does not contain %s value' % (dn,
attmap['cn'])
- if self.name and self.name not in names + [ name, ]:
+ if 'cn' in parameters and parameters['cn'] not in names + [ name, ]:
return # case of result entry did not match
if not name:
name = names.pop(0)
@@ -56,10 +52,10 @@
port = int(port)
# get protocol
protocols = attributes['ipServiceProtocol']
- if self.protocol:
- if self.protocol not in protocols:
+ if 'ipServiceProtocol' in parameters:
+ if parameters['ipServiceProtocol'] not in protocols:
return
- protocols = ( self.protocol, )
+ protocols = ( parameters['ipServiceProtocol'], )
# write result
for protocol in protocols:
self.fp.write_int32(constants.NSLCD_RESULT_BEGIN)
@@ -73,36 +69,26 @@
action = constants.NSLCD_ACTION_SERVICE_BYNAME
- def read_parameters(self):
- self.name = self.fp.read_string()
- self.protocol = self.fp.read_string()
-
- def mk_filter(self):
- if self.protocol:
- return '(&%s(%s=%s)(%s=%s))' % ( self.filter,
- attmap['cn'], ldap.filter.escape_filter_chars(self.name),
- attmap['ipServiceProtocol'],
ldap.filter.escape_filter_chars(self.protocol) )
+ def read_parameters(self, fp):
+ name = fp.read_string()
+ protocol = fp.read_string()
+ if protocol:
+ return dict(cn=name, ipServiceProtocol=protocol)
else:
- return '(&%s(%s=%s))' % ( self.filter,
- attmap['cn'], ldap.filter.escape_filter_chars(self.name)
)
+ return dict(cn=name)
class ServiceByNumberRequest(ServiceRequest):
action = constants.NSLCD_ACTION_SERVICE_BYNUMBER
- def read_parameters(self):
- self.number = self.fp.read_int32()
- self.protocol = self.fp.read_string()
-
- def mk_filter(self):
- if self.protocol:
- return '(&%s(%s=%d)(%s=%s))' % ( self.filter,
- attmap['ipServicePort'], self.number,
- attmap['ipServiceProtocol'],
ldap.filter.escape_filter_chars(self.protocol) )
+ def read_parameters(self, fp):
+ number = fp.read_int32()
+ protocol = fp.read_string()
+ if protocol:
+ return dict(ipServicePort=number, ipServiceProtocol=protocol)
else:
- return '(&%s(%s=%d))' % ( self.filter,
- attmap['ipServicePort'], self.number )
+ return dict(ipServicePort=number)
class ServiceAllRequest(ServiceRequest):
Modified: nss-pam-ldapd/pynslcd/shadow.py
==============================================================================
--- nss-pam-ldapd/pynslcd/shadow.py Sun May 1 21:08:39 2011 (r1454)
+++ nss-pam-ldapd/pynslcd/shadow.py Fri May 13 09:04:13 2011 (r1455)
@@ -39,16 +39,16 @@
class ShadowRequest(common.Request):
- def write(self, dn, attributes):
+ def write(self, dn, attributes, parameters):
# get name and check against requested name
names = attributes['uid']
if not names:
print 'Error: entry %s does not contain %s value' % ( dn,
attmap['uid'] )
return
- if self.name:
- if self.name not in names:
+ if 'uid' in parameters:
+ if parameters['uid'] not in names:
return
- names = ( self.name, )
+ names = ( parameters['uid'], )
# get password
(passwd, ) = attributes['userPassword']
if not passwd or self.calleruid != 0:
@@ -96,10 +96,9 @@
class ShadowByNameRequest(ShadowRequest):
action = constants.NSLCD_ACTION_SHADOW_BYNAME
- filter_attrs = dict(uid='name')
- def read_parameters(self):
- self.name = self.fp.read_string()
+ def read_parameters(self, fp):
+ return dict(uid=fp.read_string())
class ShadowAllRequest(ShadowRequest):
--
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits
- nss-pam-ldapd commit: r1455 - nss-pam-ldapd/pynslcd,
Commits of the nss-pam-ldapd project
