author | Pascal Volk <neverseen@users.sourceforge.net> |
Thu, 29 Apr 2010 12:08:43 +0000 | |
branch | v0.6.x |
changeset 278 | 5d229a50b115 |
parent 274 | 45ec5c3cfef4 |
child 284 | ec1966828246 |
permissions | -rw-r--r-- |
268
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
1 |
# -*- coding: UTF-8 -*- |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
2 |
# Copyright (c) 2010, Pascal Volk |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
3 |
# See COPYING for distribution information. |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
4 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
5 |
""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
6 |
VirtualMailManager.password |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
7 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
8 |
VirtualMailManager's password module to generate password hashes from |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
9 |
passwords or random passwords. There are two functions: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
10 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
11 |
hashed_password = pwhash(password[, scheme][, user]) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
12 |
random_password = randompw() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
13 |
""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
14 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
15 |
from crypt import crypt |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
16 |
from random import choice, shuffle |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
17 |
from subprocess import Popen, PIPE |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
18 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
19 |
try: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
20 |
import hashlib |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
21 |
except ImportError: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
22 |
from VirtualMailManager.pycompat import hashlib |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
23 |
|
272
446483386914
VMM/Config: Added method Config.install() -> global cfg_dget().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
268
diff
changeset
|
24 |
from VirtualMailManager import ENCODING |
268
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
25 |
from VirtualMailManager.EmailAddress import EmailAddress |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
26 |
from VirtualMailManager.common import get_unicode, version_str |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
27 |
from VirtualMailManager.constants.ERROR import VMM_ERROR |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
28 |
from VirtualMailManager.errors import VMMError |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
29 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
30 |
COMPAT = hasattr(hashlib, 'compat') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
31 |
SALTCHARS = './0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
32 |
PASSWDCHARS = '._-+#*23456789abcdefghikmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ' |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
33 |
DEFAULT_B64 = (None, 'B64', 'BASE64') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
34 |
DEFAULT_HEX = (None, 'HEX') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
35 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
36 |
_ = lambda msg: msg |
272
446483386914
VMM/Config: Added method Config.install() -> global cfg_dget().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
268
diff
changeset
|
37 |
cfg_dget = lambda option: None |
268
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
38 |
_get_salt = lambda s_len: ''.join(choice(SALTCHARS) for x in xrange(s_len)) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
39 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
40 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
41 |
def _dovecotpw(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
42 |
"""Communicates with dovecotpw (Dovecot 2.0: `doveadm pw`) and returns |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
43 |
the hashed password: {scheme[.encoding]}hash |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
44 |
""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
45 |
if encoding: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
46 |
scheme = '.'.join((scheme, encoding)) |
272
446483386914
VMM/Config: Added method Config.install() -> global cfg_dget().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
268
diff
changeset
|
47 |
cmd_args = [cfg_dget('bin.dovecotpw'), '-s', scheme, '-p', |
268
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
48 |
get_unicode(password)] |
272
446483386914
VMM/Config: Added method Config.install() -> global cfg_dget().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
268
diff
changeset
|
49 |
if cfg_dget('misc.dovecot_version') >= 0x20000a01: |
268
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
50 |
cmd_args.insert(1, 'pw') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
51 |
process = Popen(cmd_args, stdout=PIPE, stderr=PIPE) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
52 |
stdout, stderr = process.communicate() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
53 |
if process.returncode: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
54 |
raise VMMError(stderr.strip(), VMM_ERROR) |
274
45ec5c3cfef4
VMM/password: added small output check on _dovecotpw().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
272
diff
changeset
|
55 |
hashed = stdout.strip() |
45ec5c3cfef4
VMM/password: added small output check on _dovecotpw().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
272
diff
changeset
|
56 |
if not hashed.startswith('{%s}' % scheme): |
45ec5c3cfef4
VMM/password: added small output check on _dovecotpw().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
272
diff
changeset
|
57 |
raise VMMError('Unexpected result from %s: %s' % |
45ec5c3cfef4
VMM/password: added small output check on _dovecotpw().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
272
diff
changeset
|
58 |
(cfg_dget('bin.dovecotpw'), hashed), VMM_ERROR) |
45ec5c3cfef4
VMM/password: added small output check on _dovecotpw().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
272
diff
changeset
|
59 |
return hashed |
268
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
60 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
61 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
62 |
def _md4_new(): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
63 |
"""Returns an new MD4-hash object if supported by the hashlib or |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
64 |
provided by PyCrypto - other `None`. |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
65 |
""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
66 |
try: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
67 |
return hashlib.new('md4') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
68 |
except ValueError, err: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
69 |
if str(err) == 'unsupported hash type': |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
70 |
if not COMPAT: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
71 |
try: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
72 |
from Crypto.Hash import MD4 |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
73 |
return MD4.new() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
74 |
except ImportError: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
75 |
return None |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
76 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
77 |
raise |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
78 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
79 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
80 |
def _sha256_new(data=''): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
81 |
"""Returns a new sha256 object from the hashlib. |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
82 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
83 |
Returns `None` if the PyCrypto in pycompat.hashlib is too old.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
84 |
if not COMPAT: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
85 |
return hashlib.sha256(data) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
86 |
try: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
87 |
return hashlib.new('sha256', data) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
88 |
except ValueError, err: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
89 |
if str(err) == 'unsupported hash type': |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
90 |
return None |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
91 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
92 |
raise |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
93 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
94 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
95 |
def _format_digest(digest, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
96 |
"""Formats the arguments to a string: {scheme[.encoding]}digest.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
97 |
if not encoding: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
98 |
return '{%s}%s' % (scheme, digest) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
99 |
return '{%s.%s}%s' % (scheme, encoding, digest) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
100 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
101 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
102 |
def _clear_hash(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
103 |
"""Generates a (encoded) CLEARTEXT/PLAIN 'hash'.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
104 |
if encoding: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
105 |
if encoding == 'HEX': |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
106 |
password = password.encode('hex') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
107 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
108 |
password = password.encode('base64').replace('\n', '') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
109 |
return _format_digest(password, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
110 |
return get_unicode('{%s}%s' % (scheme, password)) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
111 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
112 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
113 |
def _crypt_hash(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
114 |
"""Generates (encoded) CRYPT/MD5/MD5-CRYPT hashes.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
115 |
if scheme == 'CRYPT': |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
116 |
salt = _get_salt(2) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
117 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
118 |
salt = '$1$%s$' % _get_salt(8) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
119 |
encrypted = crypt(password, salt) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
120 |
if encoding: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
121 |
if encoding == 'HEX': |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
122 |
encrypted = encrypted.encode('hex') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
123 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
124 |
encrypted = encrypted.encode('base64').rstrip() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
125 |
return _format_digest(encrypted, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
126 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
127 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
128 |
def _md4_hash(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
129 |
"""Generates encoded PLAIN-MD4 hashes.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
130 |
md4 = _md4_new() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
131 |
if md4: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
132 |
md4.update(password) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
133 |
if encoding in DEFAULT_HEX: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
134 |
digest = md4.hexdigest() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
135 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
136 |
digest = md4.digest().encode('base64').rstrip() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
137 |
return _format_digest(digest, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
138 |
return _dovecotpw(password, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
139 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
140 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
141 |
def _md5_hash(password, scheme, encoding, user=None): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
142 |
"""Generates DIGEST-MD5 aka PLAIN-MD5 and LDAP-MD5 hashes.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
143 |
md5 = hashlib.md5() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
144 |
if scheme == 'DIGEST-MD5': |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
145 |
# Prior to Dovecot v1.1.12/v1.2.beta2 there was a problem with a |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
146 |
# empty auth_realms setting in dovecot.conf and user@domain.tld |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
147 |
# usernames. So we have to generate different hashes for different |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
148 |
# versions. See also: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
149 |
# http://dovecot.org/list/dovecot-news/2009-March/000103.html |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
150 |
# http://hg.dovecot.org/dovecot-1.1/rev/2b0043ba89ae |
272
446483386914
VMM/Config: Added method Config.install() -> global cfg_dget().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
268
diff
changeset
|
151 |
if cfg_dget('misc.dovecot_version') >= 0x1010cf00: |
268
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
152 |
md5.update('%s:%s:' % (user.localpart, user.domainname)) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
153 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
154 |
md5.update('%s::' % user) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
155 |
md5.update(password) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
156 |
if (scheme in ('PLAIN-MD5', 'DIGEST-MD5') and encoding in DEFAULT_HEX) \ |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
157 |
or (scheme == 'LDAP-MD5' and encoding == 'HEX'): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
158 |
digest = md5.hexdigest() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
159 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
160 |
digest = md5.digest().encode('base64').rstrip() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
161 |
return _format_digest(digest, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
162 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
163 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
164 |
def _ntlm_hash(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
165 |
"""Generates NTLM hashes.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
166 |
md4 = _md4_new() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
167 |
if md4: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
168 |
password = ''.join('%s\x00' % c for c in password) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
169 |
md4.update(password) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
170 |
if encoding in DEFAULT_HEX: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
171 |
digest = md4.hexdigest() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
172 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
173 |
digest = md4.digest().encode('base64').rstrip() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
174 |
return _format_digest(digest, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
175 |
return _dovecotpw(password, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
176 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
177 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
178 |
def _sha1_hash(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
179 |
"""Generates SHA1 aka SHA hashes.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
180 |
sha1 = hashlib.sha1(password) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
181 |
if encoding in DEFAULT_B64: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
182 |
digest = sha1.digest().encode('base64').rstrip() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
183 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
184 |
digest = sha1.hexdigest() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
185 |
return _format_digest(digest, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
186 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
187 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
188 |
def _sha256_hash(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
189 |
"""Generates SHA256 hashes.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
190 |
sha256 = _sha256_new(password) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
191 |
if sha256: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
192 |
if encoding in DEFAULT_B64: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
193 |
digest = sha256.digest().encode('base64').rstrip() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
194 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
195 |
digest = sha256.hexdigest() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
196 |
return _format_digest(digest, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
197 |
return _dovecotpw(password, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
198 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
199 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
200 |
def _sha512_hash(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
201 |
"""Generates SHA512 hashes.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
202 |
if not COMPAT: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
203 |
sha512 = hashlib.sha512(password) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
204 |
if encoding in DEFAULT_B64: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
205 |
digest = sha512.digest().encode('base64').replace('\n', '') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
206 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
207 |
digest = sha512.hexdigest() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
208 |
return _format_digest(digest, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
209 |
return _dovecotpw(password, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
210 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
211 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
212 |
def _smd5_hash(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
213 |
"""Generates SMD5 (salted PLAIN-MD5) hashes.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
214 |
md5 = hashlib.md5(password) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
215 |
salt = _get_salt(4) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
216 |
md5.update(salt) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
217 |
if encoding in DEFAULT_B64: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
218 |
digest = (md5.digest() + salt).encode('base64').rstrip() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
219 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
220 |
digest = md5.hexdigest() + salt.encode('hex') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
221 |
return _format_digest(digest, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
222 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
223 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
224 |
def _ssha1_hash(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
225 |
"""Generates SSHA (salted SHA/SHA1) hashes.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
226 |
sha1 = hashlib.sha1(password) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
227 |
salt = _get_salt(4) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
228 |
sha1.update(salt) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
229 |
if encoding in DEFAULT_B64: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
230 |
digest = (sha1.digest() + salt).encode('base64').rstrip() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
231 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
232 |
digest = sha1.hexdigest() + salt.encode('hex') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
233 |
return _format_digest(digest, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
234 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
235 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
236 |
def _ssha256_hash(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
237 |
"""Generates SSHA256 (salted SHA256) hashes.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
238 |
sha256 = _sha256_new(password) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
239 |
if sha256: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
240 |
salt = _get_salt(4) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
241 |
sha256.update(salt) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
242 |
if encoding in DEFAULT_B64: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
243 |
digest = (sha256.digest() + salt).encode('base64').rstrip() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
244 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
245 |
digest = sha256.hexdigest() + salt.encode('hex') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
246 |
return _format_digest(digest, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
247 |
return _dovecotpw(password, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
248 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
249 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
250 |
def _ssha512_hash(password, scheme, encoding): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
251 |
"""Generates SSHA512 (salted SHA512) hashes.""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
252 |
if not COMPAT: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
253 |
salt = _get_salt(4) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
254 |
sha512 = hashlib.sha512(password + salt) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
255 |
if encoding in DEFAULT_B64: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
256 |
digest = (sha512.digest() + salt).encode('base64').replace('\n', |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
257 |
'') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
258 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
259 |
digest = sha512.hexdigest() + salt.encode('hex') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
260 |
return _format_digest(digest, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
261 |
return _dovecotpw(password, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
262 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
263 |
_scheme_info = { |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
264 |
'CLEARTEXT': (_clear_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
265 |
'CRAM-MD5': (_dovecotpw, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
266 |
'CRYPT': (_crypt_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
267 |
'DIGEST-MD5': (_md5_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
268 |
'HMAC-MD5': (_dovecotpw, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
269 |
'LANMAN': (_dovecotpw, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
270 |
'LDAP-MD5': (_md5_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
271 |
'MD5': (_crypt_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
272 |
'MD5-CRYPT': (_crypt_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
273 |
'NTLM': (_ntlm_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
274 |
'OTP': (_dovecotpw, 0x10100a01), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
275 |
'PLAIN': (_clear_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
276 |
'PLAIN-MD4': (_md4_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
277 |
'PLAIN-MD5': (_md5_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
278 |
'RPA': (_dovecotpw, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
279 |
'SHA': (_sha1_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
280 |
'SHA1': (_sha1_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
281 |
'SHA256': (_sha256_hash, 0x10100a01), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
282 |
'SHA512': (_sha512_hash, 0x20000b03), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
283 |
'SKEY': (_dovecotpw, 0x10100a01), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
284 |
'SMD5': (_smd5_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
285 |
'SSHA': (_ssha1_hash, 0x10000f00), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
286 |
'SSHA256': (_ssha256_hash, 0x10200a04), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
287 |
'SSHA512': (_ssha512_hash, 0x20000b03), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
288 |
} |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
289 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
290 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
291 |
def pwhash(password, scheme=None, user=None): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
292 |
"""Generates a password hash from the plain text *password* string. |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
293 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
294 |
If no *scheme* is given the password scheme from the configuration will |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
295 |
be used for the hash generation. When 'DIGEST-MD5' is used as scheme, |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
296 |
also an EmailAddress instance must be given as *user* argument. |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
297 |
""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
298 |
if not isinstance(password, basestring): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
299 |
raise TypeError('Password is not a string: %r' % password) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
300 |
if isinstance(password, unicode): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
301 |
password = password.encode(ENCODING) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
302 |
password = password.strip() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
303 |
if not password: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
304 |
raise ValueError("Couldn't accept empty password.") |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
305 |
if scheme is None: |
272
446483386914
VMM/Config: Added method Config.install() -> global cfg_dget().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
268
diff
changeset
|
306 |
scheme = cfg_dget('misc.password_scheme') |
268
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
307 |
scheme_encoding = scheme.split('.') |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
308 |
scheme = scheme_encoding[0].upper() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
309 |
if not scheme in _scheme_info: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
310 |
raise VMMError(_(u"Unsupported password scheme: '%s'") % scheme, |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
311 |
VMM_ERROR) |
272
446483386914
VMM/Config: Added method Config.install() -> global cfg_dget().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
268
diff
changeset
|
312 |
if cfg_dget('misc.dovecot_version') < _scheme_info[scheme][1]: |
268
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
313 |
raise VMMError(_(u"The scheme '%s' requires Dovecot >= v%s") % |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
314 |
(scheme, version_str(_scheme_info[scheme][1])), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
315 |
VMM_ERROR) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
316 |
if len(scheme_encoding) > 1: |
272
446483386914
VMM/Config: Added method Config.install() -> global cfg_dget().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
268
diff
changeset
|
317 |
if cfg_dget('misc.dovecot_version') < 0x10100a01: |
268
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
318 |
raise VMMError(_(u'Encoding suffixes for password schemes require \ |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
319 |
Dovecot >= v1.1.alpha1'), |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
320 |
VMM_ERROR) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
321 |
if scheme_encoding[1].upper() not in ('B64', 'BASE64', 'HEX'): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
322 |
raise ValueError('Unsupported encoding: %r' % scheme_encoding[1]) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
323 |
encoding = scheme_encoding[1].upper() |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
324 |
else: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
325 |
encoding = None |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
326 |
if scheme == 'DIGEST-MD5': |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
327 |
assert isinstance(user, EmailAddress) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
328 |
return _md5_hash(password, scheme, encoding, user) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
329 |
return _scheme_info[scheme][0](password, scheme, encoding) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
330 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
331 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
332 |
def randompw(): |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
333 |
"""Generates a plain text random password. |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
334 |
|
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
335 |
The length of the password can be configured in the ``vmm.cfg`` |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
336 |
(account.password_length). |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
337 |
""" |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
338 |
pw_chars = list(PASSWDCHARS) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
339 |
shuffle(pw_chars) |
272
446483386914
VMM/Config: Added method Config.install() -> global cfg_dget().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
268
diff
changeset
|
340 |
pw_len = cfg_dget('account.password_length') |
268
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
341 |
if pw_len < 8: |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
342 |
pw_len = 8 |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
343 |
return ''.join(choice(pw_chars) for x in xrange(pw_len)) |
beb8f4421f92
VMM: added new modules password and pycompat.hashlib.
Pascal Volk <neverseen@users.sourceforge.net>
parents:
diff
changeset
|
344 |
|
272
446483386914
VMM/Config: Added method Config.install() -> global cfg_dget().
Pascal Volk <neverseen@users.sourceforge.net>
parents:
268
diff
changeset
|
345 |
del _, cfg_dget |