Esempio n. 1
0
    def init_file(self, file):
        """Initializes the authentication scheme with a flat file.
        - If the file has mode 400 or 600, it is allowed to contain cleartext
          passwords.
        - Otherwise it must contain encrypted passwords only.

        May raise ValueError if file does not exist.
        """
        if file is None:
            file = self.__defaultauthfile
        self.debug("Setting up file authentication with file '%s'" % file)
        if not Util.CanRead(file, raiseError=0):
            raise ValueError, "File '%s' does not exist" % file
        self.__authtype = "file"
        self.__authfile = file
        self.__authfile_allows_cleartext = Util.getfilemode(file) in (400, 600)
        self.__authdict = None
        self.__authdictupdate = None
        self.__update_authdict()
Esempio n. 2
0
    def __init__(self, authtype=None, autharg=None, \
                 configdir = None, \
                 vuser = None, vlookupscript = None, \
                 ipauthmapfile = None, localip = "127.0.0.1",
                 debugObject = Util.DevnullOutput() ):
        """Setup initial values.
        Optional: authtype and autharg initialize the authentication mechanism
                  configdir to set an alternate directory to /home/user
                    (tmda dir will be configdir/.tmda/ )
                  vlookupscript and vuser for virtual users
                  debugObject to begin debugging immediately
        """
        Util.Debugable.__init__(self, debugObject)

        # Internal vars
        self.__version__ = Version.TMDA
        self.__program = sys.argv[0]
        self.__authprog = None
        self.__authdict = None
        self.__authdictupdate = None
        self.__authremote = {
            'proto': None,
            'host': 'localhost',
            'port': None,
            'dn': '',
            'enable': 0,
        }
        self.__defaultauthports = {
            'imap': 143,
            'imaps': 993,
            'apop': 110,
            'pop3': 110,
            'ldap': 389,
            #'pop3s': 995,
        }

        self.__ownerID = os.getuid()
        if self.__ownerID == 0:
            self.running_as_root = 1
        else:
            self.running_as_root = 0

        # Default values
        self.__default_auth_filename = "tmdauth"
        self.__default_owner_username = "******"
        self.__default_tmda_dir = ".tmda"
        self.__system_tmda_path = "/etc"
        self.__owner_tmda_path = self.__system_tmda_path
        self.__owner_username = None
        if self.running_as_root:
            self.__owner_username = self.__default_owner_username
        elif os.environ.has_key("HOME"):
            self.__owner_tmda_path = os.path.join(os.path.expanduser('~'), \
                                                  self.__default_tmda_dir)
        self.__defaultauthfile = os.path.join(self.__owner_tmda_path, \
                                              self.__default_auth_filename)
        self.__defaultipauth = os.path.join(self.__owner_tmda_path,
                                            'ipauthmap')
        if self.__owner_tmda_path != "/etc":
            if not Util.CanRead(self.__defaultauthfile, raiseError=0):
                self.__defaultauthfile = os.path.join(self.__system_tmda_path, \
                                                      'tmdauth')
            if not Util.CanRead(self.__defaultipauth, raiseError=0):
                self.__defaultipauth = os.path.join(self.__system_tmda_path, \
                                                    'ipauthmap')

        # external vars
        self.allowed_authtypes = ('file', 'checkpw', 'remote')
        self.allowed_protocols = self.__defaultauthports.keys()

        # Initialize the authtype if possible
        if authtype is None:
            try:
                self.init_auth_method('file', self.__defaultauthfile)
            except ValueError:
                self.__authtype = "Undefined"
        else:
            self.init_auth_method(authtype, autharg)

        # Set up the ipauthmapfile
        if ipauthmapfile is not None:
            self.__ipauthmapfile = ipauthmapfile
        else:
            self.__ipauthmapfile = self.__defaultipauth
        self.__localip = localip

        # Initialize virtual users if necessary
        self.__use_confdir = 0
        self.__use_vhome = 0
        if vlookupscript is not None:
            self.setup_vuser(vlookupscript, vdomainfile)
        elif configdir is not None:
            self.setup_configdir(configdir)