当前位置: 首页>>代码示例>>Python>>正文


Python Utils.check_global_password方法代码示例

本文整理汇总了Python中Mailman.Utils.check_global_password方法的典型用法代码示例。如果您正苦于以下问题:Python Utils.check_global_password方法的具体用法?Python Utils.check_global_password怎么用?Python Utils.check_global_password使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Mailman.Utils的用法示例。


在下文中一共展示了Utils.check_global_password方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: Authenticate

# 需要导入模块: from Mailman import Utils [as 别名]
# 或者: from Mailman.Utils import check_global_password [as 别名]
 def Authenticate(self, authcontexts, response, user=None):
     # Given a list of authentication contexts, check to see if the
     # response matches one of the passwords.  authcontexts must be a
     # sequence, and if it contains the context AuthUser, then the user
     # argument must not be None.
     #
     # Return the authcontext from the argument sequence that matches the
     # response, or UnAuthorized.
     if not response:
         # Don't authenticate null passwords
         return mm_cfg.UnAuthorized
     for ac in authcontexts:
         if ac == mm_cfg.AuthCreator:
             ok = Utils.check_global_password(response, siteadmin=0)
             if ok:
                 return mm_cfg.AuthCreator
         elif ac == mm_cfg.AuthSiteAdmin:
             ok = Utils.check_global_password(response)
             if ok:
                 return mm_cfg.AuthSiteAdmin
         elif ac == mm_cfg.AuthListAdmin:
             def cryptmatchp(response, secret):
                 try:
                     salt = secret[:2]
                     if crypt and crypt.crypt(response, salt) == secret:
                         return True
                     return False
                 except TypeError:
                     # BAW: Hard to say why we can get a TypeError here.
                     # SF bug report #585776 says crypt.crypt() can raise
                     # this if salt contains null bytes, although I don't
                     # know how that can happen (perhaps if a MM2.0 list
                     # with USE_CRYPT = 0 has been updated?  Doubtful.
                     return False
             # The password for the list admin and list moderator are not
             # kept as plain text, but instead as an sha hexdigest.  The
             # response being passed in is plain text, so we need to
             # digestify it first.  Note however, that for backwards
             # compatibility reasons, we'll also check the admin response
             # against the crypted and md5'd passwords, and if they match,
             # we'll auto-migrate the passwords to sha.
             key, secret = self.AuthContextInfo(ac)
             if secret is None:
                 continue
             sharesponse = sha_new(response).hexdigest()
             upgrade = ok = False
             if sharesponse == secret:
                 ok = True
             elif md5_new(response).digest() == secret:
                 ok = upgrade = True
             elif cryptmatchp(response, secret):
                 ok = upgrade = True
             if upgrade:
                 save_and_unlock = False
                 if not self.Locked():
                     self.Lock()
                     save_and_unlock = True
                 try:
                     self.password = sharesponse
                     if save_and_unlock:
                         self.Save()
                 finally:
                     if save_and_unlock:
                         self.Unlock()
             if ok:
                 return ac
         elif ac == mm_cfg.AuthListModerator:
             # The list moderator password must be sha'd
             key, secret = self.AuthContextInfo(ac)
             if secret and sha_new(response).hexdigest() == secret:
                 return ac
         elif ac == mm_cfg.AuthListPoster:
             # The list poster password must be sha'd
             key, secret = self.AuthContextInfo(ac)
             if secret and sha_new(response).hexdigest() == secret:
                 return ac
         elif ac == mm_cfg.AuthUser:
             if user is not None:
                 try:
                     if self.authenticateMember(user, response):
                         return ac
                 except Errors.NotAMemberError:
                     pass
         else:
             # What is this context???
             syslog('error', 'Bad authcontext: %s', ac)
             raise ValueError, 'Bad authcontext: %s' % ac
     return mm_cfg.UnAuthorized
开发者ID:EmilyDirsh,项目名称:Paperboy,代码行数:90,代码来源:SecurityManager.py

示例2: Authenticate

# 需要导入模块: from Mailman import Utils [as 别名]
# 或者: from Mailman.Utils import check_global_password [as 别名]
    def Authenticate(self, authcontexts, response, user=None):
        # Given a list of authentication contexts, check to see if the
        # response matches one of the passwords.  authcontexts must be a
        # sequence, and if it contains the context AuthUser, then the user
        # argument must not be None.
        #
        # Return the authcontext from the argument sequence that matches the
        # response, or UnAuthorized.
        if not response:
            # Don't authenticate null passwords
            return mm_cfg.UnAuthorized
        for ac in authcontexts:
            if ac == mm_cfg.AuthCreator:
                ok = Utils.check_global_password(response, siteadmin=0)
                if ok:
                    return mm_cfg.AuthCreator
            elif ac == mm_cfg.AuthSiteAdmin:
                ok = Utils.check_global_password(response)
                if ok:
                    return mm_cfg.AuthSiteAdmin
            elif ac == mm_cfg.AuthListAdmin:
                def cryptmatchp(response, secret):
                    try:
                        salt = secret[:2]
                        if crypt and crypt.crypt(response, salt) == secret:
                            return True
                        return False
                    except TypeError:
                        # BAW: Hard to say why we can get a TypeError here.
                        # SF bug report #585776 says crypt.crypt() can raise
                        # this if salt contains null bytes, although I don't
                        # know how that can happen (perhaps if a MM2.0 list
                        # with USE_CRYPT = 0 has been updated?  Doubtful.
                        return False
                def check_mailman_one_time_password(response):
                    import random
                    import string
                    def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
                        return ''.join(random.choice(chars) for x in range(size))

                    def cpauth_protocol_safe_host_info():
                        sanitized = {}
                        keys = ['REMOTE_HOST', 'REMOTE_ADDR']
                        whitespace_pattern = re.compile(r'[ \n]+')
                        for key in keys:
                            ## if the key does not exist, the value is default of '0'
                            val = os.environ.get(key, '0')
                            val = re.sub(whitespace_pattern, '', val)
                            sanitized[key] = val
                        return sanitized

                    def cpauth_protocol_safe_string(unsafestr):
                        whitespace_pattern = re.compile(r'[ \n]+')
                        sanitized = re.sub(whitespace_pattern, '', unsafestr)
                        if sanitized == '':
                            return '0'
                        return sanitized

                    import socket
                    import re
                    fname = '/usr/local/cpanel/var/cpauthd.sock'
                    if os.path.exists(fname):
                        try:
                            client = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
                            client.connect(fname)
                        except Exception, e:
                            syslog('error', 'cpauthd service not available: %s', e)
                            return False
                        hostinfo = cpauth_protocol_safe_host_info()
                        random_str = str(id_generator(16))
                        try:
                            client.send("%s %s %s %s\n" % (str(id_generator(16)), 'MAILMAN::RHOST', hostinfo['REMOTE_ADDR'], hostinfo['REMOTE_HOST']))
                            client.send("%s %s %s %s\n" % (random_str, 'MAILMAN::OTP', cpauth_protocol_safe_string(self.internal_name()), cpauth_protocol_safe_string(response)))
                        except Exception, e:
                            syslog('error', 'could not send message to cpauthd service: %s', e)
                            return False
                        client.shutdown(socket.SHUT_WR)
                        all_data = []
                        while True:
                            raw = client.recv(4096)
                            if not raw: break
                            all_data.append(raw)
                        data = ''.join(all_data)

                        if data:
                            lines = data.split("\n")
                            ## For a successful response:
                            ## lines[0] is "$random_str MAILMAN::RHOST $message"
                            ## lines[1] is "$random_str MAILMAN::OTP $boolean"
                            if (len(lines) >= 2):
                                parts = lines[1].split()
                                ## For a successful response:
                                ## parts[0] is $random_str
                                ## parts[1] is 'MAILMAN::OTP'
                                ## parts[2] is $boolean (1 = password accepted, 0 = password rejected)

                                if ((len(parts) == 3) and
                                    (parts[0] == random_str) and
                                    (parts[2] == '1')):
                                    return True
#.........这里部分代码省略.........
开发者ID:bdraco,项目名称:mailman,代码行数:103,代码来源:SecurityManager.py


注:本文中的Mailman.Utils.check_global_password方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。