vmm: VirtualMailManager/password.py@77fc7138ef6a (annotated)

268 beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	1	# -- coding: UTF-8 --
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	2	# Copyright (c) 2010, Pascal Volk
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	3	# See COPYING for distribution information.
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	4
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	5	"""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	6	VirtualMailManager.password
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	7
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	8	VirtualMailManager's password module to generate password hashes from
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	9	passwords or random passwords. There are two functions:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	10
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	11	hashed_password = pwhash(password[, scheme][, user])
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	12	random_password = randompw()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	13	"""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	14
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	15	from crypt import crypt
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	16	from random import choice, shuffle
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	17	from subprocess import Popen, PIPE
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	18
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	19	try:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	20	import hashlib
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	21	except ImportError:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	22	from VirtualMailManager.pycompat import hashlib
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	23
272 446483386914 VMM/Config: Added method Config.install() -> global cfg_dget(). Pascal Volk <neverseen@users.sourceforge.net> parents: 268 diff changeset	24	from VirtualMailManager import ENCODING
268 beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	25	from VirtualMailManager.EmailAddress import EmailAddress
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	26	from VirtualMailManager.common import get_unicode, version_str
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	27	from VirtualMailManager.constants.ERROR import VMM_ERROR
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	28	from VirtualMailManager.errors import VMMError
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	29
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	30	COMPAT = hasattr(hashlib, 'compat')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	31	SALTCHARS = './0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	32	PASSWDCHARS = '._-+#*23456789abcdefghikmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ'
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	33	DEFAULT_B64 = (None, 'B64', 'BASE64')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	34	DEFAULT_HEX = (None, 'HEX')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	35
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	36	_ = lambda msg: msg
272 446483386914 VMM/Config: Added method Config.install() -> global cfg_dget(). Pascal Volk <neverseen@users.sourceforge.net> parents: 268 diff changeset	37	cfg_dget = lambda option: None
268 beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	38	_get_salt = lambda s_len: ''.join(choice(SALTCHARS) for x in xrange(s_len))
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	39
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	40
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	41	def _dovecotpw(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	42	"""Communicates with dovecotpw (Dovecot 2.0: `doveadm pw`) and returns
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	43	the hashed password: {scheme[.encoding]}hash
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	44	"""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	45	if encoding:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	46	scheme = '.'.join((scheme, encoding))
272 446483386914 VMM/Config: Added method Config.install() -> global cfg_dget(). Pascal Volk <neverseen@users.sourceforge.net> parents: 268 diff changeset	47	cmd_args = [cfg_dget('bin.dovecotpw'), '-s', scheme, '-p',
268 beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	48	get_unicode(password)]
272 446483386914 VMM/Config: Added method Config.install() -> global cfg_dget(). Pascal Volk <neverseen@users.sourceforge.net> parents: 268 diff changeset	49	if cfg_dget('misc.dovecot_version') >= 0x20000a01:
268 beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	50	cmd_args.insert(1, 'pw')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	51	process = Popen(cmd_args, stdout=PIPE, stderr=PIPE)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	52	stdout, stderr = process.communicate()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	53	if process.returncode:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	54	raise VMMError(stderr.strip(), VMM_ERROR)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	55	return stdout.strip()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	56
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	57
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	58	def _md4_new():
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	59	"""Returns an new MD4-hash object if supported by the hashlib or
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	60	provided by PyCrypto - other `None`.
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	61	"""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	62	try:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	63	return hashlib.new('md4')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	64	except ValueError, err:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	65	if str(err) == 'unsupported hash type':
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	66	if not COMPAT:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	67	try:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	68	from Crypto.Hash import MD4
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	69	return MD4.new()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	70	except ImportError:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	71	return None
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	72	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	73	raise
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	74
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	75
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	76	def _sha256_new(data=''):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	77	"""Returns a new sha256 object from the hashlib.
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	78
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	79	Returns `None` if the PyCrypto in pycompat.hashlib is too old."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	80	if not COMPAT:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	81	return hashlib.sha256(data)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	82	try:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	83	return hashlib.new('sha256', data)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	84	except ValueError, err:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	85	if str(err) == 'unsupported hash type':
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	86	return None
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	87	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	88	raise
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	89
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	90
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	91	def _format_digest(digest, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	92	"""Formats the arguments to a string: {scheme[.encoding]}digest."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	93	if not encoding:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	94	return '{%s}%s' % (scheme, digest)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	95	return '{%s.%s}%s' % (scheme, encoding, digest)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	96
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	97
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	98	def _clear_hash(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	99	"""Generates a (encoded) CLEARTEXT/PLAIN 'hash'."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	100	if encoding:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	101	if encoding == 'HEX':
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	102	password = password.encode('hex')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	103	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	104	password = password.encode('base64').replace('\n', '')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	105	return _format_digest(password, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	106	return get_unicode('{%s}%s' % (scheme, password))
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	107
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	108
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	109	def _crypt_hash(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	110	"""Generates (encoded) CRYPT/MD5/MD5-CRYPT hashes."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	111	if scheme == 'CRYPT':
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	112	salt = _get_salt(2)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	113	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	114	salt = '$1$%s$' % _get_salt(8)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	115	encrypted = crypt(password, salt)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	116	if encoding:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	117	if encoding == 'HEX':
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	118	encrypted = encrypted.encode('hex')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	119	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	120	encrypted = encrypted.encode('base64').rstrip()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	121	return _format_digest(encrypted, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	122
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	123
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	124	def _md4_hash(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	125	"""Generates encoded PLAIN-MD4 hashes."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	126	md4 = _md4_new()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	127	if md4:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	128	md4.update(password)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	129	if encoding in DEFAULT_HEX:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	130	digest = md4.hexdigest()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	131	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	132	digest = md4.digest().encode('base64').rstrip()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	133	return _format_digest(digest, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	134	return _dovecotpw(password, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	135
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	136
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	137	def _md5_hash(password, scheme, encoding, user=None):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	138	"""Generates DIGEST-MD5 aka PLAIN-MD5 and LDAP-MD5 hashes."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	139	md5 = hashlib.md5()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	140	if scheme == 'DIGEST-MD5':
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	141	# Prior to Dovecot v1.1.12/v1.2.beta2 there was a problem with a
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	142	# empty auth_realms setting in dovecot.conf and user@domain.tld
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	143	# usernames. So we have to generate different hashes for different
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	144	# versions. See also:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	145	# http://dovecot.org/list/dovecot-news/2009-March/000103.html
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	146	# http://hg.dovecot.org/dovecot-1.1/rev/2b0043ba89ae
272 446483386914 VMM/Config: Added method Config.install() -> global cfg_dget(). Pascal Volk <neverseen@users.sourceforge.net> parents: 268 diff changeset	147	if cfg_dget('misc.dovecot_version') >= 0x1010cf00:
268 beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	148	md5.update('%s:%s:' % (user.localpart, user.domainname))
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	149	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	150	md5.update('%s::' % user)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	151	md5.update(password)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	152	if (scheme in ('PLAIN-MD5', 'DIGEST-MD5') and encoding in DEFAULT_HEX) \
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	153	or (scheme == 'LDAP-MD5' and encoding == 'HEX'):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	154	digest = md5.hexdigest()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	155	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	156	digest = md5.digest().encode('base64').rstrip()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	157	return _format_digest(digest, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	158
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	159
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	160	def _ntlm_hash(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	161	"""Generates NTLM hashes."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	162	md4 = _md4_new()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	163	if md4:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	164	password = ''.join('%s\x00' % c for c in password)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	165	md4.update(password)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	166	if encoding in DEFAULT_HEX:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	167	digest = md4.hexdigest()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	168	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	169	digest = md4.digest().encode('base64').rstrip()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	170	return _format_digest(digest, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	171	return _dovecotpw(password, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	172
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	173
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	174	def _sha1_hash(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	175	"""Generates SHA1 aka SHA hashes."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	176	sha1 = hashlib.sha1(password)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	177	if encoding in DEFAULT_B64:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	178	digest = sha1.digest().encode('base64').rstrip()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	179	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	180	digest = sha1.hexdigest()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	181	return _format_digest(digest, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	182
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	183
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	184	def _sha256_hash(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	185	"""Generates SHA256 hashes."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	186	sha256 = _sha256_new(password)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	187	if sha256:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	188	if encoding in DEFAULT_B64:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	189	digest = sha256.digest().encode('base64').rstrip()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	190	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	191	digest = sha256.hexdigest()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	192	return _format_digest(digest, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	193	return _dovecotpw(password, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	194
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	195
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	196	def _sha512_hash(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	197	"""Generates SHA512 hashes."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	198	if not COMPAT:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	199	sha512 = hashlib.sha512(password)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	200	if encoding in DEFAULT_B64:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	201	digest = sha512.digest().encode('base64').replace('\n', '')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	202	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	203	digest = sha512.hexdigest()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	204	return _format_digest(digest, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	205	return _dovecotpw(password, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	206
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	207
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	208	def _smd5_hash(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	209	"""Generates SMD5 (salted PLAIN-MD5) hashes."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	210	md5 = hashlib.md5(password)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	211	salt = _get_salt(4)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	212	md5.update(salt)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	213	if encoding in DEFAULT_B64:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	214	digest = (md5.digest() + salt).encode('base64').rstrip()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	215	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	216	digest = md5.hexdigest() + salt.encode('hex')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	217	return _format_digest(digest, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	218
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	219
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	220	def _ssha1_hash(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	221	"""Generates SSHA (salted SHA/SHA1) hashes."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	222	sha1 = hashlib.sha1(password)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	223	salt = _get_salt(4)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	224	sha1.update(salt)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	225	if encoding in DEFAULT_B64:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	226	digest = (sha1.digest() + salt).encode('base64').rstrip()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	227	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	228	digest = sha1.hexdigest() + salt.encode('hex')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	229	return _format_digest(digest, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	230
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	231
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	232	def _ssha256_hash(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	233	"""Generates SSHA256 (salted SHA256) hashes."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	234	sha256 = _sha256_new(password)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	235	if sha256:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	236	salt = _get_salt(4)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	237	sha256.update(salt)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	238	if encoding in DEFAULT_B64:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	239	digest = (sha256.digest() + salt).encode('base64').rstrip()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	240	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	241	digest = sha256.hexdigest() + salt.encode('hex')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	242	return _format_digest(digest, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	243	return _dovecotpw(password, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	244
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	245
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	246	def _ssha512_hash(password, scheme, encoding):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	247	"""Generates SSHA512 (salted SHA512) hashes."""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	248	if not COMPAT:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	249	salt = _get_salt(4)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	250	sha512 = hashlib.sha512(password + salt)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	251	if encoding in DEFAULT_B64:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	252	digest = (sha512.digest() + salt).encode('base64').replace('\n',
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	253	'')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	254	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	255	digest = sha512.hexdigest() + salt.encode('hex')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	256	return _format_digest(digest, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	257	return _dovecotpw(password, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	258
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	259	_scheme_info = {
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	260	'CLEARTEXT': (_clear_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	261	'CRAM-MD5': (_dovecotpw, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	262	'CRYPT': (_crypt_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	263	'DIGEST-MD5': (_md5_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	264	'HMAC-MD5': (_dovecotpw, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	265	'LANMAN': (_dovecotpw, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	266	'LDAP-MD5': (_md5_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	267	'MD5': (_crypt_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	268	'MD5-CRYPT': (_crypt_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	269	'NTLM': (_ntlm_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	270	'OTP': (_dovecotpw, 0x10100a01),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	271	'PLAIN': (_clear_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	272	'PLAIN-MD4': (_md4_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	273	'PLAIN-MD5': (_md5_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	274	'RPA': (_dovecotpw, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	275	'SHA': (_sha1_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	276	'SHA1': (_sha1_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	277	'SHA256': (_sha256_hash, 0x10100a01),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	278	'SHA512': (_sha512_hash, 0x20000b03),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	279	'SKEY': (_dovecotpw, 0x10100a01),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	280	'SMD5': (_smd5_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	281	'SSHA': (_ssha1_hash, 0x10000f00),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	282	'SSHA256': (_ssha256_hash, 0x10200a04),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	283	'SSHA512': (_ssha512_hash, 0x20000b03),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	284	}
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	285
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	286
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	287	def pwhash(password, scheme=None, user=None):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	288	"""Generates a password hash from the plain text password string.
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	289
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	290	If no scheme is given the password scheme from the configuration will
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	291	be used for the hash generation. When 'DIGEST-MD5' is used as scheme,
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	292	also an EmailAddress instance must be given as user argument.
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	293	"""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	294	if not isinstance(password, basestring):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	295	raise TypeError('Password is not a string: %r' % password)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	296	if isinstance(password, unicode):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	297	password = password.encode(ENCODING)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	298	password = password.strip()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	299	if not password:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	300	raise ValueError("Couldn't accept empty password.")
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	301	if scheme is None:
272 446483386914 VMM/Config: Added method Config.install() -> global cfg_dget(). Pascal Volk <neverseen@users.sourceforge.net> parents: 268 diff changeset	302	scheme = cfg_dget('misc.password_scheme')
268 beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	303	scheme_encoding = scheme.split('.')
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	304	scheme = scheme_encoding[0].upper()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	305	if not scheme in _scheme_info:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	306	raise VMMError(_(u"Unsupported password scheme: '%s'") % scheme,
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	307	VMM_ERROR)
272 446483386914 VMM/Config: Added method Config.install() -> global cfg_dget(). Pascal Volk <neverseen@users.sourceforge.net> parents: 268 diff changeset	308	if cfg_dget('misc.dovecot_version') < _scheme_info[scheme][1]:
268 beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	309	raise VMMError(_(u"The scheme '%s' requires Dovecot >= v%s") %
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	310	(scheme, version_str(_scheme_info[scheme][1])),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	311	VMM_ERROR)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	312	if len(scheme_encoding) > 1:
272 446483386914 VMM/Config: Added method Config.install() -> global cfg_dget(). Pascal Volk <neverseen@users.sourceforge.net> parents: 268 diff changeset	313	if cfg_dget('misc.dovecot_version') < 0x10100a01:
268 beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	314	raise VMMError(_(u'Encoding suffixes for password schemes require \
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	315	Dovecot >= v1.1.alpha1'),
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	316	VMM_ERROR)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	317	if scheme_encoding[1].upper() not in ('B64', 'BASE64', 'HEX'):
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	318	raise ValueError('Unsupported encoding: %r' % scheme_encoding[1])
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	319	encoding = scheme_encoding[1].upper()
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	320	else:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	321	encoding = None
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	322	if scheme == 'DIGEST-MD5':
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	323	assert isinstance(user, EmailAddress)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	324	return _md5_hash(password, scheme, encoding, user)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	325	return _scheme_info[scheme][0](password, scheme, encoding)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	326
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	327
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	328	def randompw():
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	329	"""Generates a plain text random password.
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	330
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	331	The length of the password can be configured in the ``vmm.cfg``
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	332	(account.password_length).
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	333	"""
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	334	pw_chars = list(PASSWDCHARS)
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	335	shuffle(pw_chars)
272 446483386914 VMM/Config: Added method Config.install() -> global cfg_dget(). Pascal Volk <neverseen@users.sourceforge.net> parents: 268 diff changeset	336	pw_len = cfg_dget('account.password_length')
268 beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	337	if pw_len < 8:
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	338	pw_len = 8
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	339	return ''.join(choice(pw_chars) for x in xrange(pw_len))
beb8f4421f92 VMM: added new modules password and pycompat.hashlib. Pascal Volk <neverseen@users.sourceforge.net> parents: diff changeset	340
272 446483386914 VMM/Config: Added method Config.install() -> global cfg_dget(). Pascal Volk <neverseen@users.sourceforge.net> parents: 268 diff changeset	341	del _, cfg_dget

author	Pascal Volk <neverseen@users.sourceforge.net>
	Thu, 29 Apr 2010 03:05:22 +0000
branch	v0.6.x
changeset 273	77fc7138ef6a
parent 272	446483386914
child 274	45ec5c3cfef4
permissions	-rw-r--r--