Ńň /čęJc@sŻdZddklZdZdZdZdZdZdZd Z d dd „ƒYZ d e fd „ƒYZ de fd„ƒYZ de fd„ƒYZ de fd„ƒYZdS(s. sasl.py - support for SASL mechanism See http://www.python-ldap.org/ for details. \$Id: sasl.py,v 1.15 2009/07/26 11:09:58 stroeder Exp $ Description: The ldap.sasl module provides SASL authentication classes. Each class provides support for one SASL mechanism. This is done by implementing a callback() - method, which will be called by the LDAPObject's sasl_bind_s() method Implementing support for new sasl mechanism is very easy --- see the examples of digest_md5 and gssapi. Compability: - Tested with Python 2.0+ but should work with Python 1.5.x i˙˙˙˙(t __version__i@i@i@i@i@i@i@tsaslcBs eZdZd„Zd„ZRS(sThis class handles SASL interactions for authentication. If an instance of this class is passed to ldap's sasl_bind_s() method, the library will call its callback() method. For specific SASL authentication mechanisms, this method can be overriddencCs|ph|_||_dS(sň The (generic) base class takes a cb_value_dictionary of question-answer pairs. Questions are specified by the respective SASL callback id's. The mech argument is a string that specifies the SASL mechaninsm to be uesd.N(t cb_value_dicttmech(tselfRR((s//usr/lib64/python2.6/site-packages/ldap/sasl.pyt__init__+scCs |ii||ƒpd}|S(s— The callback method will be called by the sasl_bind_s() method several times. Each time it will provide the id, which tells us what kind of information is requested (the CB_ ... constants above). The challenge might be a short (english) text or some binary string, from which the return value is calculated. The prompt argument is always a human-readable description string; The defresult is a default value provided by the sasl library Currently, we do not use the challenge and prompt information, and return only information which is stored in the self.cb_value_dict cb_value_dictionary. Note that the current callback interface is not very useful for writing generic sasl GUIs, which would need to know all the questions to ask, before the answers are returned to the sasl lib (in contrast to one question at a time).t(Rtget(Rtcb_idt challengetpromptt defresultt cb_result((s//usr/lib64/python2.6/site-packages/ldap/sasl.pytcallback3s(t__name__t __module__t__doc__RR (((s//usr/lib64/python2.6/site-packages/ldap/sasl.pyR$s tcram_md5cBseZdZdd„ZRS(s0This class handles SASL CRAM-MD5 authentication.RcCs2h|t6|t6|t6}ti||dƒdS(NsCRAM-MD5(t CB_AUTHNAMEtCB_PASStCB_USERRR(Rtauthc_idtpasswordtauthz_idt auth_dict((s//usr/lib64/python2.6/site-packages/ldap/sasl.pyRQs (RRRR(((s//usr/lib64/python2.6/site-packages/ldap/sasl.pyRNst digest_md5cBseZdZdd„ZRS(s2This class handles SASL DIGEST-MD5 authentication.RcCs2h|t6|t6|t6}ti||dƒdS(Ns DIGEST-MD5(RRRRR(RRRRR((s//usr/lib64/python2.6/site-packages/ldap/sasl.pyRZs (RRRR(((s//usr/lib64/python2.6/site-packages/ldap/sasl.pyRWstgssapicBseZdZdd„ZRS(sDThis class handles SASL GSSAPI (i.e. Kerberos V) authentication.RcCsti|h|t6dƒdS(NtGSSAPI(RRR(RR((s//usr/lib64/python2.6/site-packages/ldap/sasl.pyRds(RRRR(((s//usr/lib64/python2.6/site-packages/ldap/sasl.pyR`stexternalcBseZdZdd„ZRS(sSThis class handles SASL EXTERNAL authentication (i.e. X.509 client certificate)RcCsti|h|t6dƒdS(NtEXTERNAL(RRR(RR((s//usr/lib64/python2.6/site-packages/ldap/sasl.pyRls(RRRR(((s//usr/lib64/python2.6/site-packages/ldap/sasl.pyRhsN((RtldapRRRt CB_LANGUAGERt CB_ECHOPROMPTtCB_NOECHOPROMPTt CB_GETREALMRRRRR(((s//usr/lib64/python2.6/site-packages/ldap/sasl.pyts*