Beispiel #1
0
    def _login(self):
        # authenticate
        auth_req = iRODSMessage(type='RODS_API_REQ', int_info=703)
        self.send(auth_req)

        # challenge
        challenge_msg = self.recv()
        logger.debug(challenge_msg.msg)
        challenge = challenge_msg.get_main_message(AuthChallenge).challenge
        padded_pwd = struct.pack("%ds" % MAX_PASSWORD_LENGTH,
                                 self.account.password)
        m = hashlib.md5()
        m.update(challenge)
        m.update(padded_pwd)
        encoded_pwd = m.digest()

        encoded_pwd = encoded_pwd.replace('\x00', '\x01')
        pwd_msg = AuthResponse(response=encoded_pwd,
                               username=self.account.proxy_user)
        pwd_request = iRODSMessage(type='RODS_API_REQ',
                                   int_info=704,
                                   msg=pwd_msg)
        self.send(pwd_request)

        auth_response = self.recv()
Beispiel #2
0
    def _login_password(self):

        # authenticate
        auth_req = iRODSMessage(msg_type='RODS_API_REQ', int_info=703)
        self.send(auth_req)

        # challenge
        challenge_msg = self.recv()
        logger.debug(challenge_msg.msg)
        challenge = challenge_msg.get_main_message(AuthChallenge).challenge
        if six.PY3:
            challenge = challenge.encode('utf-8').strip()
            padded_pwd = struct.pack(
                "%ds" % MAX_PASSWORD_LENGTH, self.account.password.encode(
                    'utf-8').strip())
        else:
            padded_pwd = struct.pack(
                "%ds" % MAX_PASSWORD_LENGTH, self.account.password)
        m = hashlib.md5()
        m.update(challenge)
        m.update(padded_pwd)
        encoded_pwd = m.digest()

        if six.PY2:
            encoded_pwd = encoded_pwd.replace('\x00', '\x01')
        elif b'\x00' in encoded_pwd:
            encoded_pwd_array = bytearray(encoded_pwd)
            encoded_pwd = bytes(encoded_pwd_array.replace(b'\x00', b'\x01'))

        pwd_msg = AuthResponse(
            response=encoded_pwd, username=self.account.proxy_user)
        pwd_request = iRODSMessage(
            msg_type='RODS_API_REQ', int_info=704, msg=pwd_msg)
        self.send(pwd_request)
        auth_response = self.recv()
Beispiel #3
0
    def test_auth_response(self):
        ar = AuthResponse()
        ar.response = "hello"
        ar.username = "******"
        expected = "<authResponseInp_PI>\
<response>aGVsbG8=</response>\
<username>rods</username>\
</authResponseInp_PI>"
        self.assertEqual(ar.pack(), expected)

        ar2 = AuthResponse()
        ar2.unpack(ET.fromstring(expected))
        self.assertEqual(ar2.response, "hello")
        self.assertEqual(ar2.username, "rods")
Beispiel #4
0
    def _login_native(self, password=None):

        # Default case, PAM login will send a new password
        if password is None:
            password = self.account.password or ''

        # authenticate
        auth_req = iRODSMessage(msg_type='RODS_API_REQ', int_info=703)
        self.send(auth_req)

        # challenge
        challenge_msg = self.recv()
        logger.debug(challenge_msg.msg)
        challenge = challenge_msg.get_main_message(AuthChallenge).challenge

        # one "session" signature per connection
        # see https://github.com/irods/irods/blob/4.2.1/plugins/auth/native/libnative.cpp#L137
        # and https://github.com/irods/irods/blob/4.2.1/lib/core/src/clientLogin.cpp#L38-L60
        if six.PY2:
            self._client_signature = "".join("{:02x}".format(ord(c))
                                             for c in challenge[:16])
        else:
            self._client_signature = "".join("{:02x}".format(c)
                                             for c in challenge[:16])

        if six.PY3:
            challenge = challenge.strip()
            padded_pwd = struct.pack("%ds" % MAX_PASSWORD_LENGTH,
                                     password.encode('utf-8').strip())
        else:
            padded_pwd = struct.pack("%ds" % MAX_PASSWORD_LENGTH, password)

        m = hashlib.md5()
        m.update(challenge)
        m.update(padded_pwd)
        encoded_pwd = m.digest()

        if six.PY2:
            encoded_pwd = encoded_pwd.replace('\x00', '\x01')
        elif b'\x00' in encoded_pwd:
            encoded_pwd_array = bytearray(encoded_pwd)
            encoded_pwd = bytes(encoded_pwd_array.replace(b'\x00', b'\x01'))

        pwd_msg = AuthResponse(response=encoded_pwd,
                               username=self.account.proxy_user)
        pwd_request = iRODSMessage(msg_type='RODS_API_REQ',
                                   int_info=api_number['AUTH_RESPONSE_AN'],
                                   msg=pwd_msg)
        self.send(pwd_request)
        self.recv()
Beispiel #5
0
    def gsi_client_auth_response(self):

        message = '%s=%s' % (AUTH_SCHEME_KEY, GSI_AUTH_SCHEME)
        # IMPORTANT! padding
        len_diff = RESPONSE_LEN - len(message)
        message += "\0" * len_diff

        # mimic gsi_auth_client_response
        gsi_msg = AuthResponse(response=message,
                               username=self.account.proxy_user + '#' +
                               self.account.proxy_zone)
        gsi_request = iRODSMessage(msg_type='RODS_API_REQ',
                                   int_info=api_number['AUTH_RESPONSE_AN'],
                                   msg=gsi_msg)
        self.send(gsi_request)
        self.recv()
Beispiel #6
0
    def test_auth_response(self):
        ar = AuthResponse()
        ar.response = b"hello"
        ar.username = "******"
        expected = "<authResponseInp_PI>\
<response>aGVsbG8=</response>\
<username>rods</username>\
</authResponseInp_PI>"
        self.assertEqual(ar.pack(), expected)

        ar2 = AuthResponse()
        ar2.unpack(ET.fromstring(expected))
        self.assertEqual(ar2.response, b"hello")
        self.assertEqual(ar2.username, "rods")