diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2013-07-27 20:17:16 +0200 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2013-07-28 20:01:06 +0200 |
| commit | a3acbecc071b4138a36fa2a155f7fab2eb94209b (patch) | |
| tree | bfc603af3dcd02de6d8301ee9a69e130ec3b2394 /pynslcd/pam.py | |
| parent | 4031750cbbf7d8c7803ed7379d42c1c1b4805a85 (diff) | |
Implement PAM session handling in pynslcd
Just like in nslcd this doesn't actually do anything with the session
ids except generating them.
Diffstat (limited to 'pynslcd/pam.py')
| -rw-r--r-- | pynslcd/pam.py | 63 |
1 files changed, 61 insertions, 2 deletions
diff --git a/pynslcd/pam.py b/pynslcd/pam.py index 1dbf7e8..483c8d5 100644 --- a/pynslcd/pam.py +++ b/pynslcd/pam.py @@ -19,6 +19,7 @@ # 02110-1301 USA import logging +import random import socket import time @@ -34,6 +35,9 @@ import search import shadow +random = random.SystemRandom() + + def authenticate(binddn, password): # open a new connection conn = search.Connection() @@ -309,5 +313,60 @@ class PAMPasswordModificationRequest(PAMRequest): self.write() -#NSLCD_ACTION_PAM_SESS_O -#NSLCD_ACTION_PAM_SESS_C +SESSION_ID_LENGTH = 25 +SESSION_ID_ALPHABET = ( + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + + "abcdefghijklmnopqrstuvwxyz" + + "01234567890" +) + + +def generate_session_id(): + return ''.join( + random.choice(SESSION_ID_ALPHABET) + for i in range(SESSION_ID_LENGTH) + ) + + +class PAMSessionOpenRequest(PAMRequest): + + action = constants.NSLCD_ACTION_PAM_SESS_O + + def read_parameters(self, fp): + return dict(username=fp.read_string(), + service=fp.read_string(), + ruser=fp.read_string(), + rhost=fp.read_string(), + tty=fp.read_string()) + # TODO: log call with parameters + + def write(self, sessionid): + self.fp.write_int32(constants.NSLCD_RESULT_BEGIN) + self.fp.write_string(sessionid) + self.fp.write_int32(constants.NSLCD_RESULT_END) + + def handle_request(self, parameters): + # generate a session id + session_id = generate_session_id() + self.write(session_id) + + +class PAMSessionCloseRequest(PAMRequest): + + action = constants.NSLCD_ACTION_PAM_SESS_C + + def read_parameters(self, fp): + return dict(username=fp.read_string(), + service=fp.read_string(), + ruser=fp.read_string(), + rhost=fp.read_string(), + tty=fp.read_string(), + session_id=fp.read_string()) + # TODO: log call with parameters + + def write(self): + self.fp.write_int32(constants.NSLCD_RESULT_BEGIN) + self.fp.write_int32(constants.NSLCD_RESULT_END) + + def handle_request(self, parameters): + self.write() |