def __init__(self, session, config): PendingAuth.__init__(self, session, config) self._verify_key = None if config['type'] == 'static': self._pubkey_to_authid = {} for authid, principal in self._config.get(u'principals', {}).items(): self._pubkey_to_authid[principal[u'pubkey']] = authid
def __init__(self, session, config): PendingAuth.__init__(self, session, config) self._verify_key = None # https://tools.ietf.org/html/rfc5056 # https://tools.ietf.org/html/rfc5929 # https://www.ietf.org/proceedings/90/slides/slides-90-uta-0.pdf channel_id_hex = session._transport._transport_info.get( u'channel_id', None) if channel_id_hex: self._channel_id = binascii.a2b_hex(channel_id_hex) else: self._channel_id = None self._challenge = None self._expected_signed_message = None # create a map: pubkey -> authid # this is to allow clients to authenticate without specifying an authid if config['type'] == 'static': self._pubkey_to_authid = {} for authid, principal in self._config.get(u'principals', {}).items(): for pubkey in principal[u'authorized_keys']: self._pubkey_to_authid[pubkey] = authid
def __init__(self, session, config): PendingAuth.__init__(self, session, config) # https://tools.ietf.org/html/rfc5056 # https://tools.ietf.org/html/rfc5929 # https://www.ietf.org/proceedings/90/slides/slides-90-uta-0.pdf channel_id_hex = session._transport._transport_info.get(u'channel_id', None) if channel_id_hex: self._channel_id = binascii.a2b_hex(channel_id_hex) else: self._channel_id = None
def __init__(self, session, config): PendingAuth.__init__(self, session, config) self._transport = session._transport # for static-mode, the config has principals as a dict indexed # by authid, but we need the reverse map: cert-sha1 -> principal self._cert_sha1_to_principal = None if self._config[u"type"] == u"static": self._cert_sha1_to_principal = {} if u"principals" in self._config: for authid, principal in self._config[u"principals"].items(): self._cert_sha1_to_principal[principal[u"certificate-sha1"]] = { u"authid": authid, u"role": principal[u"role"], }
def __init__(self, session, config): PendingAuth.__init__(self, session, config) self._transport = session._transport # for static-mode, the config has principals as a dict indexed # by authid, but we need the reverse map: cert-sha1 -> principal self._cert_sha1_to_principal = None if self._config[u'type'] == u'static': self._cert_sha1_to_principal = {} if u'principals' in self._config: for authid, principal in self._config[u'principals'].items(): self._cert_sha1_to_principal[principal[u'certificate-sha1']] = { u'authid': authid, u'role': principal[u'role'] }
def __init__(self, session, config): PendingAuth.__init__(self, session, config) self._verify_key = None channel_id_hex = session._transport._transport_info.get(u'channel_id', None) if channel_id_hex: self._channel_id = binascii.a2b_hex(channel_id_hex) else: self._channel_id = None self._challenge = None self._expected_signed_message = None # create a map: pubkey -> authid # this is to allow clients to authenticate without specifying an authid if config['type'] == 'static': self._pubkey_to_authid = {} for authid, principal in self._config.get(u'principals', {}).items(): for pubkey in principal[u'authorized_keys']: self._pubkey_to_authid[pubkey] = authid
def __init__(self, session, config): PendingAuth.__init__(self, session, config) self._verify_key = None # https://tools.ietf.org/html/rfc5056 # https://tools.ietf.org/html/rfc5929 # https://www.ietf.org/proceedings/90/slides/slides-90-uta-0.pdf channel_id_hex = session._transport._transport_info.get(u"channel_id", None) if channel_id_hex: self._channel_id = binascii.a2b_hex(channel_id_hex) else: self._channel_id = None self._challenge = None self._expected_signed_message = None # create a map: pubkey -> authid # this is to allow clients to authenticate without specifying an authid if config["type"] == "static": self._pubkey_to_authid = {} for authid, principal in self._config.get(u"principals", {}).items(): for pubkey in principal[u"authorized_keys"]: self._pubkey_to_authid[pubkey] = authid
def __init__(self, session, config): PendingAuth.__init__(self, session, config) # The secret/ticket the authenticating principal will need to provide (filled only in static mode). self._signature = None
def __init__(self, session, config): PendingAuth.__init__(self, session, config) # The signature we expect the client to send in AUTHENTICATE. self._signature = None