Hello community,
here is the log from the commit of package python-slapdsock for openSUSE:Factory checked in at 2017-07-12 19:36:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-slapdsock (Old)
and /work/SRC/openSUSE:Factory/.python-slapdsock.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-slapdsock"
Wed Jul 12 19:36:44 2017 rev:4 rq:509740 version:0.5.4
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-slapdsock/python-slapdsock.changes 2017-07-04 09:12:06.468151731 +0200
+++ /work/SRC/openSUSE:Factory/.python-slapdsock.new/python-slapdsock.changes 2017-07-12 19:36:55.720528336 +0200
@@ -1,0 +2,5 @@
+Wed Jul 12 11:12:25 UTC 2017 - michael@stroeder.com
+
+- update to upstream release 0.5.4
+
+-------------------------------------------------------------------
Old:
----
slapdsock-0.5.3.tar.gz
slapdsock-0.5.3.tar.gz.asc
New:
----
slapdsock-0.5.4.tar.gz
slapdsock-0.5.4.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-slapdsock.spec ++++++
--- /var/tmp/diff_new_pack.2cpcxc/_old 2017-07-12 19:36:56.236455458 +0200
+++ /var/tmp/diff_new_pack.2cpcxc/_new 2017-07-12 19:36:56.240454893 +0200
@@ -17,7 +17,7 @@
Name: python-slapdsock
-Version: 0.5.3
+Version: 0.5.4
Release: 0
Summary: Python module for slapd-sock listeners
License: Apache-2.0
++++++ slapdsock-0.5.3.tar.gz -> slapdsock-0.5.4.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slapdsock-0.5.3/PKG-INFO new/slapdsock-0.5.4/PKG-INFO
--- old/slapdsock-0.5.3/PKG-INFO 2017-07-02 18:18:43.000000000 +0200
+++ new/slapdsock-0.5.4/PKG-INFO 2017-07-12 13:11:07.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: slapdsock
-Version: 0.5.3
+Version: 0.5.4
Summary: Module package for back-sock listeners for OpenLDAP
Home-page: https://www.stroeder.com/slapdsock.html
Author: Michael Stroeder
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slapdsock-0.5.3/examples/passmod.py new/slapdsock-0.5.4/examples/passmod.py
--- old/slapdsock-0.5.3/examples/passmod.py 2017-07-02 18:16:44.000000000 +0200
+++ new/slapdsock-0.5.4/examples/passmod.py 2017-07-03 15:26:30.000000000 +0200
@@ -121,6 +121,7 @@
if __debug__:
DEBUG_VARS.extend([
'new_passwd',
+ 'user_password_hash',
])
#-----------------------------------------------------------------------
@@ -190,6 +191,7 @@
'pwdPolicySubentry',
'uid',
'uidNumber',
+ 'userPassword',
],
)
except ldap.SERVER_DOWN, ldap_error:
@@ -204,6 +206,19 @@
)
return ldap_result[0][1] # _read_user_entry()
+ def _compare_old_pwd(self, user_entry, new_passwd):
+ try:
+ user_password_hash = user_entry['userPassword'][0]
+ except KeyError:
+ self._log(logging.DEBUG, 'no old password hash to check')
+ return False
+ pw_context = passlib.context.CryptContext(schemes=['sha512_crypt'])
+ self._log(logging.DEBUG, 'will check old password hash')
+ try:
+ return pw_context.verify(new_passwd, user_password_hash[7:])
+ except ValueError:
+ return False
+
def _get_new_passwd(self, request):
"""
Try to extract userPassword from request
@@ -219,7 +234,11 @@
request.dn,
),
log_level=logging.ERROR,
- response='CONTINUE\n',
+ response=RESULTResponse(
+ request.msgid,
+ 'constraintViolation',
+ info='Multiple password values not allowed!',
+ ),
log_vars=self.server._log_vars,
)
new_passwd = mod_vals[0]
@@ -371,8 +390,14 @@
"""
new_passwd = self._get_new_passwd(request)
user_entry = self._read_user_entry(request)
+ self._log(logging.DEBUG, 'user entry attributes: %r', user_entry.keys())
# Attributes from user entry
#user_class = user_entry.get('structuralObjectClass', [None])[0]
+ if self._compare_old_pwd(user_entry, new_passwd):
+ # setting old password again triggers export once more
+ self._log(logging.INFO, 'user entry already has password => re-export and return success')
+ self._export_password(request, user_entry, new_passwd)
+ return RESULTResponse(request.msgid, 'success')
pwd_changed_time = user_entry.get('pwdChangedTime', [None])[0]
pwd_policy_subentry_dn = user_entry.get(
'pwdPolicySubentry',
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slapdsock-0.5.3/slapdsock/message.py new/slapdsock-0.5.4/slapdsock/message.py
--- old/slapdsock-0.5.3/slapdsock/message.py 2017-07-02 00:43:16.000000000 +0200
+++ new/slapdsock-0.5.4/slapdsock/message.py 2017-07-03 17:16:14.000000000 +0200
@@ -493,11 +493,11 @@
code = RESULT_CODE.get(type(ldap_error), RESULT_CODE['other'])
try:
info = ldap_error.args[0]['info'].decode('utf-8')
- except (AttributeError, KeyError):
+ except (AttributeError, KeyError, IndexError):
pass
try:
matched = ldap_error.args[0]['matched'].decode('utf-8')
- except (AttributeError, KeyError):
+ except (AttributeError, KeyError, IndexError):
pass
else:
raise TypeError('Invalid type of argument code=%r' % (code))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slapdsock-0.5.3/slapdsock/pkginfo.py new/slapdsock-0.5.4/slapdsock/pkginfo.py
--- old/slapdsock-0.5.3/slapdsock/pkginfo.py 2017-07-01 20:06:32.000000000 +0200
+++ new/slapdsock-0.5.4/slapdsock/pkginfo.py 2017-07-03 17:25:57.000000000 +0200
@@ -2,6 +2,6 @@
"""
meta attributes for packaging which does not import any dependencies
"""
-__version__ = '0.5.3'
+__version__ = '0.5.4'
__author__ = u'Michael Ströder