def __init__(self, session, config):
     PendingAuth.__init__(self, session, config)
     self._verify_key = None
     if config['type'] == 'static':
         self._pubkey_to_authid = {}
         for authid, principal in self._config.get(u'principals', {}).items():
             self._pubkey_to_authid[principal[u'pubkey']] = authid
Beispiel #2
0
    def __init__(self, session, config):
        PendingAuth.__init__(self, session, config)
        self._verify_key = None

        # https://tools.ietf.org/html/rfc5056
        # https://tools.ietf.org/html/rfc5929
        # https://www.ietf.org/proceedings/90/slides/slides-90-uta-0.pdf
        channel_id_hex = session._transport._transport_info.get(
            u'channel_id', None)
        if channel_id_hex:
            self._channel_id = binascii.a2b_hex(channel_id_hex)
        else:
            self._channel_id = None

        self._challenge = None
        self._expected_signed_message = None

        # create a map: pubkey -> authid
        # this is to allow clients to authenticate without specifying an authid
        if config['type'] == 'static':
            self._pubkey_to_authid = {}
            for authid, principal in self._config.get(u'principals',
                                                      {}).items():
                for pubkey in principal[u'authorized_keys']:
                    self._pubkey_to_authid[pubkey] = authid
Beispiel #3
0
 def __init__(self, session, config):
     PendingAuth.__init__(self, session, config)
     self._verify_key = None
     if config['type'] == 'static':
         self._pubkey_to_authid = {}
         for authid, principal in self._config.get(u'principals',
                                                   {}).items():
             self._pubkey_to_authid[principal[u'pubkey']] = authid
Beispiel #4
0
    def __init__(self, session, config):
        PendingAuth.__init__(self, session, config)

        # https://tools.ietf.org/html/rfc5056
        # https://tools.ietf.org/html/rfc5929
        # https://www.ietf.org/proceedings/90/slides/slides-90-uta-0.pdf
        channel_id_hex = session._transport._transport_info.get(u'channel_id', None)
        if channel_id_hex:
            self._channel_id = binascii.a2b_hex(channel_id_hex)
        else:
            self._channel_id = None
Beispiel #5
0
    def __init__(self, session, config):
        PendingAuth.__init__(self, session, config)

        # https://tools.ietf.org/html/rfc5056
        # https://tools.ietf.org/html/rfc5929
        # https://www.ietf.org/proceedings/90/slides/slides-90-uta-0.pdf
        channel_id_hex = session._transport._transport_info.get(u'channel_id', None)
        if channel_id_hex:
            self._channel_id = binascii.a2b_hex(channel_id_hex)
        else:
            self._channel_id = None
Beispiel #6
0
    def __init__(self, session, config):
        PendingAuth.__init__(self, session, config)

        self._transport = session._transport

        # for static-mode, the config has principals as a dict indexed
        # by authid, but we need the reverse map: cert-sha1 -> principal
        self._cert_sha1_to_principal = None
        if self._config[u"type"] == u"static":
            self._cert_sha1_to_principal = {}
            if u"principals" in self._config:
                for authid, principal in self._config[u"principals"].items():
                    self._cert_sha1_to_principal[principal[u"certificate-sha1"]] = {
                        u"authid": authid,
                        u"role": principal[u"role"],
                    }
    def __init__(self, session, config):
        PendingAuth.__init__(self, session, config)

        self._transport = session._transport

        # for static-mode, the config has principals as a dict indexed
        # by authid, but we need the reverse map: cert-sha1 -> principal
        self._cert_sha1_to_principal = None
        if self._config[u'type'] == u'static':
            self._cert_sha1_to_principal = {}
            if u'principals' in self._config:
                for authid, principal in self._config[u'principals'].items():
                    self._cert_sha1_to_principal[principal[u'certificate-sha1']] = {
                        u'authid': authid,
                        u'role': principal[u'role']
                    }
Beispiel #8
0
    def __init__(self, session, config):
        PendingAuth.__init__(self, session, config)
        self._verify_key = None

        channel_id_hex = session._transport._transport_info.get(u'channel_id', None)
        if channel_id_hex:
            self._channel_id = binascii.a2b_hex(channel_id_hex)
        else:
            self._channel_id = None

        self._challenge = None
        self._expected_signed_message = None

        # create a map: pubkey -> authid
        # this is to allow clients to authenticate without specifying an authid
        if config['type'] == 'static':
            self._pubkey_to_authid = {}
            for authid, principal in self._config.get(u'principals', {}).items():
                for pubkey in principal[u'authorized_keys']:
                    self._pubkey_to_authid[pubkey] = authid
Beispiel #9
0
    def __init__(self, session, config):
        PendingAuth.__init__(self, session, config)
        self._verify_key = None

        # https://tools.ietf.org/html/rfc5056
        # https://tools.ietf.org/html/rfc5929
        # https://www.ietf.org/proceedings/90/slides/slides-90-uta-0.pdf
        channel_id_hex = session._transport._transport_info.get(u"channel_id", None)
        if channel_id_hex:
            self._channel_id = binascii.a2b_hex(channel_id_hex)
        else:
            self._channel_id = None

        self._challenge = None
        self._expected_signed_message = None

        # create a map: pubkey -> authid
        # this is to allow clients to authenticate without specifying an authid
        if config["type"] == "static":
            self._pubkey_to_authid = {}
            for authid, principal in self._config.get(u"principals", {}).items():
                for pubkey in principal[u"authorized_keys"]:
                    self._pubkey_to_authid[pubkey] = authid
Beispiel #10
0
    def __init__(self, session, config):
        PendingAuth.__init__(self, session, config)

        # The secret/ticket the authenticating principal will need to provide (filled only in static mode).
        self._signature = None
Beispiel #11
0
    def __init__(self, session, config):
        PendingAuth.__init__(self, session, config)

        # The secret/ticket the authenticating principal will need to provide (filled only in static mode).
        self._signature = None
Beispiel #12
0
    def __init__(self, session, config):
        PendingAuth.__init__(self, session, config)

        # The signature we expect the client to send in AUTHENTICATE.
        self._signature = None
    def __init__(self, session, config):
        PendingAuth.__init__(self, session, config)

        # The signature we expect the client to send in AUTHENTICATE.
        self._signature = None