summaryrefslogtreecommitdiffstats
path: root/kolabd/__init__.py
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2011-03-07 15:09:00 +0000
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2011-03-07 15:09:00 +0000
commiteb8353dd68d593dffb8a8b40d3b16ab665635892 (patch)
tree7a0b9333ee69cfd4fff07bdfaa8a37a5e682d6bc /kolabd/__init__.py
parent0315add2c60954646962937dc9d616c4339d392e (diff)
downloadpykolab-eb8353dd68d593dffb8a8b40d3b16ab665635892.tar.gz
Add an enhanced SASL authentication daemon to the Kolab daemon
Diffstat (limited to 'kolabd/__init__.py')
-rw-r--r--kolabd/__init__.py81
1 files changed, 79 insertions, 2 deletions
diff --git a/kolabd/__init__.py b/kolabd/__init__.py
index e863ad6..b9c7bef 100644
--- a/kolabd/__init__.py
+++ b/kolabd/__init__.py
@@ -49,6 +49,12 @@ class KolabDaemon(object):
default = False,
help = _("Fork to the background."))
+ daemon_group.add_option( "--saslauthd",
+ dest = "saslauth_mode",
+ action = "store_true",
+ default = False,
+ help = _("Include the SASL Authentication Daemon."))
+
self.conf.finalize_conf()
self.log = self.conf.log
@@ -60,6 +66,15 @@ class KolabDaemon(object):
exitcode = 0
+ # TODO: Add a nosync option
+
+ if self.conf.saslauth_mode:
+ self.thread_count += 1
+ pid = os.fork()
+ if pid == 0:
+ self.log.remove_stdout_handler()
+ self.do_saslauthd()
+
try:
if self.conf.fork_mode:
self.thread_count += 1
@@ -95,7 +110,69 @@ class KolabDaemon(object):
self.log.debug(_("Sleeping for 10 seconds..."), 5)
time.sleep(10)
auth = Auth(self.conf)
- users = auth.users()
+ domains = auth.list_domains()
+ #print domains
+
imap = IMAP(self.conf)
- imap.synchronize(users)
+ all_folders = []
+
+ for primary_domain,secondary_domains in domains:
+ #print "Running for domain %s" %(primary_domain)
+ auth.connect(primary_domain)
+ start_time = time.time()
+ users = auth.list_users(primary_domain, secondary_domains)
+ #print "USERS RETURNED FROM auth.list_users():", users
+ end_time = time.time()
+ self.log.info(_("Listing users for %s (including getting the" + \
+ " appropriate attributes, took %d seconds")
+ %(primary_domain, (end_time-start_time))
+ )
+ all_folders.extend(imap.synchronize(users, primary_domain, secondary_domains))
+
+ imap.expunge_user_folders(all_folders)
+
+ def do_saslauthd(self):
+ import binascii
+ import socket
+ import struct
+
+ s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
+
+ # TODO: The saslauthd socket path could be a setting.
+
+ try:
+ os.remove('/var/run/saslauthd/mux')
+ except:
+ pass
+
+ s.bind('/var/run/saslauthd/mux')
+ os.chmod('/var/run/saslauthd/mux', 0777)
+
+ s.listen(5)
+
+ while 1:
+ (clientsocket, address) = s.accept()
+ received = clientsocket.recv(4096)
+
+ login = []
+
+ start = 0
+ end = 2
+
+ while end < len(received):
+ (length,) = struct.unpack("!H", received[start:end])
+ start += 2
+ end += length
+ (value,) = struct.unpack("!%ds" %(length), received[start:end])
+ start += length
+ end = start + 2
+ login.append(value)
+
+ auth = Auth(self.conf)
+ if auth.authenticate(login):
+ clientsocket.send(struct.pack("!H2s", 2, "OK"))
+ else:
+ clientsocket.send(struct.pack("!H2s", 2, "NO"))
+
+ clientsocket.close()