[chopwood] / service.py

### -*-python-*-
###
### Services
###
### (c) 2013 Mark Wooding
###

###----- Licensing notice ---------------------------------------------------
###
### This file is part of Chopwood: a password-changing service.
###
### Chopwood is free software; you can redistribute it and/or modify
### it under the terms of the GNU Affero General Public License as
### published by the Free Software Foundation; either version 3 of the
### License, or (at your option) any later version.
###
### Chopwood is distributed in the hope that it will be useful,
### but WITHOUT ANY WARRANTY; without even the implied warranty of
### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
### GNU Affero General Public License for more details.
###
### You should have received a copy of the GNU Affero General Public
### License along with Chopwood; if not, see
### <http://www.gnu.org/licenses/>.

from __future__ import with_statement

import os as OS
import re as RX
import subprocess as SUB

from auto import HOME
import backend as B
import cgi as CGI
import config as CONF; CFG = CONF.CFG
import hash as H
import util as U

###--------------------------------------------------------------------------
### Protocol.
###
### A service is a thing for which a user might have an account, with a login
### name and password.  The service protocol is fairly straightforward: a
### password can be set to a particular value using `setpasswd' (which
### handles details of hashing and so on), or cleared (i.e., preventing
### logins using a password) using `clearpasswd'.  Services also present
### `friendly' names, used by the user interface.
###
### A service may be local or remote.  Local services are implemented in
### terms of a backend and hashing scheme.  Information about a particular
### user of a service is maintained in an `account' object which keeps track
### of the backend record and hashing scheme; the service protocol operations
### are handed off to the account.  Accounts provide additional protocol for
### clients which are willing to restrict themselves to the use of local
### services.
###
### A remote service doesn't have local knowledge of the password database:
### instead, it simply sends commands corresponding to the service protocol
### operations to some external service which is expected to act on them.
### The implementation here uses SSH, and the remote end is expected to be
### provided by another instance of `chpwd', but that needn't be the case:
### the protocol is very simple.

UnknownUser = B.UnknownUser

class IncorrectPassword (Exception):
  """
  A failed password check is reported via an exception.

  This is /not/ an `ExpectedError', since we anticipate that whoever called
  `check' will have made their own arrangements to deal with the failure in
  some more useful way.
  """
  pass

class BasicService (object):
  """
  A simple base class for services.
  """

  def __init__(me, friendly, name = None, *args, **kw):
    super(BasicService, me).__init__(*args)
    me.name = name
    me.friendly = friendly
    me.meta = kw

###--------------------------------------------------------------------------
### Local services.

class Account (object):
  """
  An account represents information about a user of a particular service.

  From here, we can implement the service protocol operations, and also check
  passwords.

  Users are expected to acquire account objects via the `lookup' method of a
  `LocalService' or similar.
  """

  def __init__(me, svc, rec):
    """
    Create a new account, for the service SVC, holding the user record REC.
    """
    me._svc = svc
    me._rec = rec
    me._hash = svc.hash

  def check(me, passwd):
    """
    Check the password PASSWD against the information we have.  If the
    password is correct, return normally; otherwise, raise
    `IncorrectPassword'.
    """
    if not me._hash.check(me._rec, me._rec.passwd, passwd):
      raise IncorrectPassword

  def clearpasswd(me):
    """Service protocol: clear the user's password."""
    if me._hash.NULL is None:
      raise U.ExpectedError, (400, "Can't clear this password")
    me._rec.passwd = me._hash.NULL
    me._rec.write()

  def setpasswd(me, passwd):
    """Service protocol: set the user's password to PASSWD."""
    passwd = me._hash.hash(me._rec, passwd)
    me._rec.passwd = passwd
    me._rec.write()

class LocalService (BasicService):
  """
  A local service has immediate knowledge of a hashing scheme and a password
  storage backend.  (Knowing connection details for a remote database server
  is enough to qualify for being a `local' service.  The important bit is
  that the hashed passwords are exposed to us.)

  The service protocol is implemented via an `Account', acquired through the
  `find' method.  Mainly for the benefit of the `Account' class, the
  service's hashing scheme is exposed in the `hash' attribute.
  """

  def __init__(me, backend, hash, *args, **kw):
    """
    Create a new local service with a FRIENDLY name, using the given BACKEND
    and HASH scheme.
    """
    super(LocalService, me).__init__(*args, **kw)
    me._be = backend
    me.hash = hash

  def find(me, user):
    """Find the named USER, returning an `Account' object."""
    rec = me._be.lookup(user)
    return Account(me, rec)

  def setpasswd(me, user, passwd):
    """Service protcol: set USER's password to PASSWD."""
    me.find(user).setpasswd(passwd)

  def clearpasswd(me, user):
    """Service protocol: clear USER's password, preventing logins."""
    me.find(user).clearpasswd()

CONF.export('LocalService')

###--------------------------------------------------------------------------
### Remote services.

class BasicRemoteService (BasicService):
  """
  A remote service transmits the simple service protocol operations to some
  remote system, which presumably is better able to implement them than we
  are.  This is useful if, for example, the password file isn't available to
  us, or we don't have (or can't be allowed to have) access to the database
  tables containing password hashes, or must synchronize updates with some
  remote process.  It can also be useful to integrate with services which
  don't present a conventional password file.

  This class provides common machinery for communicating with various kinds
  of remote service.  Specific subclasses are provided for transporting
  requests through SSH and GNU Userv; others can be added easily in local
  configuration.
  """

  def _run(me, cmd, input = None, state = None):
    """
    This is the core of the remote service machinery.  It issues a command
    and parses the response.  It will generate strings of informational
    output from the command; error responses cause appropriate exceptions to
    be raised.

    The command is determined by passing the CMD and STATE arguments to the
    `_mkcmd' method, which a subclass must implement; it should return a list
    of command-line arguments suitable for `subprocess.Popen'.  The INPUT is
    a string to make available on the command's stdin; if None, then no input
    is provided to the command.  The `_describe' method must provide a
    description of the remote service for use in timeout messages.

    We expect output on stdout in a simple line-based format.  The first
    whitespace-separated token on each line is a type code: `OK' means the
    command completed successfully; `INFO' means the rest of the line is some
    useful (and expected) information; and `ERR' means an error occurred: the
    next token is an HTTP integer status code, and the remainder is a
    human-readable message.
    """

    ## Run the command and collect its output and status.
    with U.timeout(30, "waiting for remote service %s" % me._describe()):
      proc = SUB.Popen(me._mkcmd(cmd, state),
                       stdin = input is not None and SUB.PIPE or None,
                       stdout = SUB.PIPE, stderr = SUB.PIPE)
      out, err = proc.communicate(input)
      st = proc.wait()

    ## If the program failed then report this: it obviously didn't work
    ## properly.
    if st or err:
      raise U.ExpectedError, (
        500, 'Remote service error: %r (rc = %d)' % (err, st))

    ## Split a word off the front of a string; return the word and the
    ## remaining string.
    def nextword(line):
      ww = line.split(None, 1)
      n = len(ww)
      if not n: return None
      elif n == 1: return ww[0], ''
      else: return ww

    ## Work through the lines, parsing them.
    win = False
    for line in out.splitlines():
      type, rest = nextword(line)
      if type == 'ERR':
        code, msg = nextword(rest)
        raise U.ExpectedError, (int(code), msg)
      elif type == 'INFO':
        yield rest
      elif type == 'OK':
        win = True
      else:
        raise U.ExpectedError, \
              (500, 'Incomprehensible reply from remote service: %r' % line)

    ## If we didn't get any kind of verdict then something weird has
    ## happened.
    if not win:
      raise U.ExpectedError, (500, 'No reply from remote service')

  def _run_noout(me, cmd, input = None, state = None):
    """Like `_run', but expect no output."""
    for _ in me._run(cmd, input, state):
      raise U.ExpectedError, (500, 'Unexpected output from remote service')

class SSHRemoteService (BasicRemoteService):
  """
  A remote service transported over SSH.

  The remote service is given commands of the form

  `set SERVICE USER'
        Set USER's password for SERVICE to the password provided on the next
        line of standard input.

  `clear SERVICE USER'
        Clear the USER's password for SERVICE.

  Arguments are form-url-encoded, since SSH doesn't preserve token boundaries
  in its argument list.

  It is expected that the remote user has an `.ssh/authorized_keys' file
  entry for us specifying a program to be run; the above commands will be
  left available to this program in the environment variable
  `SSH_ORIGINAL_COMMAND'.
  """

  def __init__(me, remote, name, *args, **kw):
    """
    Initialize an SSH remote service, contacting the SSH user REMOTE
    (probably of the form `LOGIN@HOSTNAME') and referring to the service
    NAME.
    """
    super(SSHRemoteService, me).__init__(name = name, *args, **kw)
    me._remote = remote

  def _describe(me):
    """Description of the remote service."""
    return "`%s' via SSH to `%s'" % (me.name, me._remote),

  def _mkcmd(me, cmd, state):
    """Format a command for SSH.  Mainly escaping arguments."""
    return ['ssh', me._remote, ' '.join(map(CGI.urlencode, cmd))]

  def setpasswd(me, user, passwd):
    """Service protocol: set the USER's password to PASSWD."""
    me._run_noout(['set', me.name, user], passwd + '\n')

  def clearpasswd(me, user):
    """Service protocol: clear the USER's password."""
    me._run_noout(['clear', me.name, user])

CONF.export('SSHRemoteService')

class CommandRemoteService (BasicRemoteService):
  """
  A remote service transported over a standard Unix command.

  This is left rather generic.  We need to know some command lists SET and
  CLEAR containing the relevant service names and arguments.  These are
  simply executed, after simple placeholder substitution.

  The SET command should read a password as its first line on stdin, and set
  that as the user's new password.  The CLEAR command should simply prevent
  the user from logging in with a password.  On success, the commands should
  print a line `OK' to standard output, and on any kind of anticipated
  failure, they should print `ERR' followed by an HTTP status code and a
  message; in either case, the program should exit with status zero.  In
  disastrous cases, it's acceptable to print an error message to stderr
  and/or exit with a nonzero status.

  The placeholders are as follows.

  `%u'          the user's name
  `%%'          a single `%' character
  """

  R_PAT = RX.compile('%(.)')

  def __init__(me, set, clear, *args, **kw):
    """Initialize the command remote service."""
    super(CommandRemoteService, me).__init__(*args, **kw)
    me._set = set
    me._clear = clear

  def _describe(me):
    """Description of the remote service."""
    return "`%s' command service (%s)" % (me.name, ' '.join(me._default))

  def _subst(me, c, map):
    """Return the substitution for the placeholder `%C'."""
    return map.get(c, c)

  def _mkcmd(me, cmd, map):
    """Construct the command to be executed, by substituting placeholders."""
    return [me.R_PAT.sub(lambda m: me._subst(m.group(1), map), arg)
            for arg in cmd]

  def setpasswd(me, user, passwd):
    """Service protocol: set the USER's password to PASSWD."""
    me._run_noout(me._set, passwd + '\n', state = dict(u = user))

  def clearpasswd(me, user):
    """Service protocol: clear the USER's password."""
    me._run_noout(me._clear, state = dict(u = user))

CONF.export('CommandRemoteService')

###--------------------------------------------------------------------------
### Services registry.

## The registry of services.
SERVICES = {}
CONF.export('SERVICES')

## Set some default configuration.
CONF.DEFAULTS.update(

  ## The master database, as a pair (MODNAME, MODARGS).
  DB = ('sqlite3', [OS.path.join(HOME, 'chpwd.db')]),

  ## The hash to use for our master password database.
  HASH = H.CryptHash('md5'))

## Post-configuration hook: add the master service.
@CONF.hook
def add_master_service():
  dbmod, dbargs = CFG.DB
  SERVICES['master'] = \
    LocalService(B.DatabaseBackend(dbmod, dbargs,
                                   'users', 'user', 'passwd'),
                 CFG.HASH,
                 friendly = 'Password changing service')
  for name, svc in SERVICES.iteritems():
    if svc.name is None: svc.name = name

###----- That's all, folks --------------------------------------------------
Commit	Line	Data
a2916c06 MW	1	### --python--
	2	###
	3	### Services
	4	###
	5	### (c) 2013 Mark Wooding
	6	###
	7
	8	###----- Licensing notice ---------------------------------------------------
	9	###
	10	### This file is part of Chopwood: a password-changing service.
	11	###
	12	### Chopwood is free software; you can redistribute it and/or modify
	13	### it under the terms of the GNU Affero General Public License as
	14	### published by the Free Software Foundation; either version 3 of the
	15	### License, or (at your option) any later version.
	16	###
	17	### Chopwood is distributed in the hope that it will be useful,
	18	### but WITHOUT ANY WARRANTY; without even the implied warranty of
	19	### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	20	### GNU Affero General Public License for more details.
	21	###
	22	### You should have received a copy of the GNU Affero General Public
	23	### License along with Chopwood; if not, see
	24	### <http://www.gnu.org/licenses/>.
	25
	26	from __future__ import with_statement
	27
	28	import os as OS
	29	import re as RX
	30	import subprocess as SUB
	31
	32	from auto import HOME
	33	import backend as B
ac377b4f	34	import cgi as CGI
a2916c06 MW	35	import config as CONF; CFG = CONF.CFG
	36	import hash as H
	37	import util as U
	38
	39	###--------------------------------------------------------------------------
	40	### Protocol.
	41	###
	42	### A service is a thing for which a user might have an account, with a login
	43	### name and password. The service protocol is fairly straightforward: a
	44	### password can be set to a particular value using `setpasswd' (which
	45	### handles details of hashing and so on), or cleared (i.e., preventing
	46	### logins using a password) using `clearpasswd'. Services also present
	47	### `friendly' names, used by the user interface.
	48	###
	49	### A service may be local or remote. Local services are implemented in
	50	### terms of a backend and hashing scheme. Information about a particular
	51	### user of a service is maintained in an `account' object which keeps track
	52	### of the backend record and hashing scheme; the service protocol operations
	53	### are handed off to the account. Accounts provide additional protocol for
	54	### clients which are willing to restrict themselves to the use of local
	55	### services.
	56	###
	57	### A remote service doesn't have local knowledge of the password database:
	58	### instead, it simply sends commands corresponding to the service protocol
	59	### operations to some external service which is expected to act on them.
	60	### The implementation here uses SSH, and the remote end is expected to be
	61	### provided by another instance of `chpwd', but that needn't be the case:
	62	### the protocol is very simple.
	63
	64	UnknownUser = B.UnknownUser
	65
	66	class IncorrectPassword (Exception):
	67	"""
	68	A failed password check is reported via an exception.
	69
	70	This is /not/ an `ExpectedError', since we anticipate that whoever called
	71	`check' will have made their own arrangements to deal with the failure in
	72	some more useful way.
	73	"""
	74	pass
	75
	76	class BasicService (object):
	77	"""
	78	A simple base class for services.
	79	"""
	80
788a729c	81	def __init__(me, friendly, name = None, args, *kw):
a2916c06	82	super(BasicService, me).__init__(*args)
788a729c	83	me.name = name
a2916c06 MW	84	me.friendly = friendly
	85	me.meta = kw
	86
	87	###--------------------------------------------------------------------------
	88	### Local services.
	89
	90	class Account (object):
	91	"""
	92	An account represents information about a user of a particular service.
	93
	94	From here, we can implement the service protocol operations, and also check
	95	passwords.
	96
	97	Users are expected to acquire account objects via the `lookup' method of a
	98	`LocalService' or similar.
	99	"""
	100
	101	def __init__(me, svc, rec):
	102	"""
	103	Create a new account, for the service SVC, holding the user record REC.
	104	"""
	105	me._svc = svc
	106	me._rec = rec
	107	me._hash = svc.hash
	108
	109	def check(me, passwd):
	110	"""
	111	Check the password PASSWD against the information we have. If the
	112	password is correct, return normally; otherwise, raise
	113	`IncorrectPassword'.
	114	"""
	115	if not me._hash.check(me._rec, me._rec.passwd, passwd):
	116	raise IncorrectPassword
	117
	118	def clearpasswd(me):
	119	"""Service protocol: clear the user's password."""
	120	if me._hash.NULL is None:
	121	raise U.ExpectedError, (400, "Can't clear this password")
	122	me._rec.passwd = me._hash.NULL
	123	me._rec.write()
	124
	125	def setpasswd(me, passwd):
	126	"""Service protocol: set the user's password to PASSWD."""
	127	passwd = me._hash.hash(me._rec, passwd)
	128	me._rec.passwd = passwd
	129	me._rec.write()
	130
	131	class LocalService (BasicService):
	132	"""
	133	A local service has immediate knowledge of a hashing scheme and a password
	134	storage backend. (Knowing connection details for a remote database server
	135	is enough to qualify for being a `local' service. The important bit is
	136	that the hashed passwords are exposed to us.)
	137
	138	The service protocol is implemented via an `Account', acquired through the
	139	`find' method. Mainly for the benefit of the `Account' class, the
	140	service's hashing scheme is exposed in the `hash' attribute.
	141	"""
	142
	143	def __init__(me, backend, hash, args, *kw):
	144	"""
	145	Create a new local service with a FRIENDLY name, using the given BACKEND
	146	and HASH scheme.
	147	"""
148	super(LocalService, me).__init__(args, *kw)
149	me._be = backend
150	me.hash = hash
151
152	def find(me, user):
153	"""Find the named USER, returning an `Account' object."""
154	rec = me._be.lookup(user)
155	return Account(me, rec)
156
157	def setpasswd(me, user, passwd):
158	"""Service protcol: set USER's password to PASSWD."""
159	me.find(user).setpasswd(passwd)
160
161	def clearpasswd(me, user):
162	"""Service protocol: clear USER's password, preventing logins."""
163	me.find(user).clearpasswd()
164
165	CONF.export('LocalService')
166
167	###--------------------------------------------------------------------------
168	### Remote services.
169
170	class BasicRemoteService (BasicService):
171	"""
172	A remote service transmits the simple service protocol operations to some
173	remote system, which presumably is better able to implement them than we
174	are. This is useful if, for example, the password file isn't available to
175	us, or we don't have (or can't be allowed to have) access to the database
176	tables containing password hashes, or must synchronize updates with some
177	remote process. It can also be useful to integrate with services which
178	don't present a conventional password file.
179
180	This class provides common machinery for communicating with various kinds
181	of remote service. Specific subclasses are provided for transporting
182	requests through SSH and GNU Userv; others can be added easily in local
183	configuration.
184	"""
185
c8d6d67b	186	def _run(me, cmd, input = None, state = None):
a2916c06 MW	187	"""
	188	This is the core of the remote service machinery. It issues a command
	189	and parses the response. It will generate strings of informational
	190	output from the command; error responses cause appropriate exceptions to
	191	be raised.
	192
c8d6d67b MW	193	The command is determined by passing the CMD and STATE arguments to the
	194	`_mkcmd' method, which a subclass must implement; it should return a list
	195	of command-line arguments suitable for `subprocess.Popen'. The INPUT is
	196	a string to make available on the command's stdin; if None, then no input
a2916c06 MW	197	is provided to the command. The `_describe' method must provide a
	198	description of the remote service for use in timeout messages.
	199
	200	We expect output on stdout in a simple line-based format. The first
	201	whitespace-separated token on each line is a type code: `OK' means the
	202	command completed successfully; `INFO' means the rest of the line is some
	203	useful (and expected) information; and `ERR' means an error occurred: the
	204	next token is an HTTP integer status code, and the remainder is a
	205	human-readable message.
	206	"""
	207
	208	## Run the command and collect its output and status.
ac377b4f	209	with U.timeout(30, "waiting for remote service %s" % me._describe()):
c8d6d67b	210	proc = SUB.Popen(me._mkcmd(cmd, state),
a2916c06 MW	211	stdin = input is not None and SUB.PIPE or None,
	212	stdout = SUB.PIPE, stderr = SUB.PIPE)
	213	out, err = proc.communicate(input)
	214	st = proc.wait()
	215
	216	## If the program failed then report this: it obviously didn't work
	217	## properly.
	218	if st or err:
	219	raise U.ExpectedError, (
	220	500, 'Remote service error: %r (rc = %d)' % (err, st))
	221
	222	## Split a word off the front of a string; return the word and the
	223	## remaining string.
	224	def nextword(line):
	225	ww = line.split(None, 1)
	226	n = len(ww)
	227	if not n: return None
	228	elif n == 1: return ww[0], ''
	229	else: return ww
	230
	231	## Work through the lines, parsing them.
	232	win = False
	233	for line in out.splitlines():
	234	type, rest = nextword(line)
	235	if type == 'ERR':
	236	code, msg = nextword(rest)
	237	raise U.ExpectedError, (int(code), msg)
	238	elif type == 'INFO':
	239	yield rest
	240	elif type == 'OK':
	241	win = True
	242	else:
	243	raise U.ExpectedError, \
	244	(500, 'Incomprehensible reply from remote service: %r' % line)
	245
	246	## If we didn't get any kind of verdict then something weird has
	247	## happened.
	248	if not win:
	249	raise U.ExpectedError, (500, 'No reply from remote service')
	250
c8d6d67b	251	def _run_noout(me, cmd, input = None, state = None):
a2916c06	252	"""Like `_run', but expect no output."""
c8d6d67b	253	for _ in me._run(cmd, input, state):
a2916c06 MW	254	raise U.ExpectedError, (500, 'Unexpected output from remote service')
	255
	256	class SSHRemoteService (BasicRemoteService):
	257	"""
	258	A remote service transported over SSH.
	259
	260	The remote service is given commands of the form
	261
	262	`set SERVICE USER'
	263	Set USER's password for SERVICE to the password provided on the next
	264	line of standard input.
	265
	266	`clear SERVICE USER'
	267	Clear the USER's password for SERVICE.
	268
	269	Arguments are form-url-encoded, since SSH doesn't preserve token boundaries
	270	in its argument list.
	271
	272	It is expected that the remote user has an `.ssh/authorized_keys' file
	273	entry for us specifying a program to be run; the above commands will be
	274	left available to this program in the environment variable
	275	`SSH_ORIGINAL_COMMAND'.
	276	"""
	277
	278	def __init__(me, remote, name, args, *kw):
	279	"""
	280	Initialize an SSH remote service, contacting the SSH user REMOTE
	281	(probably of the form `LOGIN@HOSTNAME') and referring to the service
	282	NAME.
	283	"""
7789d380	284	super(SSHRemoteService, me).__init__(name = name, args, *kw)
a2916c06	285	me._remote = remote
a2916c06 MW	286
	287	def _describe(me):
	288	"""Description of the remote service."""
7789d380	289	return "`%s' via SSH to `%s'" % (me.name, me._remote),
a2916c06	290
7789d380	291	def _mkcmd(me, cmd, state):
a2916c06	292	"""Format a command for SSH. Mainly escaping arguments."""
ac377b4f	293	return ['ssh', me._remote, ' '.join(map(CGI.urlencode, cmd))]
a2916c06 MW	294
	295	def setpasswd(me, user, passwd):
	296	"""Service protocol: set the USER's password to PASSWD."""
7789d380	297	me._run_noout(['set', me.name, user], passwd + '\n')
a2916c06 MW	298
	299	def clearpasswd(me, user):
	300	"""Service protocol: clear the USER's password."""
7789d380	301	me._run_noout(['clear', me.name, user])
a2916c06 MW	302
	303	CONF.export('SSHRemoteService')
	304
	305	class CommandRemoteService (BasicRemoteService):
	306	"""
	307	A remote service transported over a standard Unix command.
	308
	309	This is left rather generic. We need to know some command lists SET and
	310	CLEAR containing the relevant service names and arguments. These are
	311	simply executed, after simple placeholder substitution.
	312
	313	The SET command should read a password as its first line on stdin, and set
	314	that as the user's new password. The CLEAR command should simply prevent
	315	the user from logging in with a password. On success, the commands should
	316	print a line `OK' to standard output, and on any kind of anticipated
	317	failure, they should print `ERR' followed by an HTTP status code and a
	318	message; in either case, the program should exit with status zero. In
	319	disastrous cases, it's acceptable to print an error message to stderr
	320	and/or exit with a nonzero status.
	321
	322	The placeholders are as follows.
	323
	324	`%u' the user's name
	325	`%%' a single `%' character
	326	"""
	327
	328	R_PAT = RX.compile('%(.)')
	329
	330	def __init__(me, set, clear, args, *kw):
74b87214	331	"""Initialize the command remote service."""
a2916c06 MW	332	super(CommandRemoteService, me).__init__(args, *kw)
	333	me._set = set
	334	me._clear = clear
a2916c06	335
99968b29 MW	336	def _describe(me):
	337	"""Description of the remote service."""
	338	return "`%s' command service (%s)" % (me.name, ' '.join(me._default))
	339
c8d6d67b	340	def _subst(me, c, map):
a2916c06	341	"""Return the substitution for the placeholder `%C'."""
c8d6d67b	342	return map.get(c, c)
a2916c06	343
c8d6d67b	344	def _mkcmd(me, cmd, map):
a2916c06	345	"""Construct the command to be executed, by substituting placeholders."""
c8d6d67b MW	346	return [me.R_PAT.sub(lambda m: me._subst(m.group(1), map), arg)
c8d6d67b MW	347	for arg in cmd]
a2916c06 MW	348
	349	def setpasswd(me, user, passwd):
	350	"""Service protocol: set the USER's password to PASSWD."""
c8d6d67b	351	me._run_noout(me._set, passwd + '\n', state = dict(u = user))
a2916c06 MW	352
	353	def clearpasswd(me, user):
	354	"""Service protocol: clear the USER's password."""
c8d6d67b	355	me._run_noout(me._clear, state = dict(u = user))
a2916c06 MW	356
	357	CONF.export('CommandRemoteService')
	358
	359	###--------------------------------------------------------------------------
	360	### Services registry.
	361
	362	## The registry of services.
	363	SERVICES = {}
	364	CONF.export('SERVICES')
	365
	366	## Set some default configuration.
	367	CONF.DEFAULTS.update(
	368
	369	## The master database, as a pair (MODNAME, MODARGS).
	370	DB = ('sqlite3', [OS.path.join(HOME, 'chpwd.db')]),
	371
	372	## The hash to use for our master password database.
	373	HASH = H.CryptHash('md5'))
	374
	375	## Post-configuration hook: add the master service.
	376	@CONF.hook
	377	def add_master_service():
	378	dbmod, dbargs = CFG.DB
	379	SERVICES['master'] = \
	380	LocalService(B.DatabaseBackend(dbmod, dbargs,
	381	'users', 'user', 'passwd'),
	382	CFG.HASH,
	383	friendly = 'Password changing service')
788a729c MW	384	for name, svc in SERVICES.iteritems():
788a729c MW	385	if svc.name is None: svc.name = name
a2916c06 MW	386
a2916c06 MW	387	###----- That's all, folks --------------------------------------------------