def _validate_request(self, request):
u = request.get_user()
p = request.get_password()
# @fixme Is the request security key used? I've seen
# 0 and None as values...
security_key = request.get_security_key()
passwd = manager.PasswdFile()
passwd.load()
if u in passwd:
entry = passwd[u]
if len(p) == 32:
# This could be a Config Service Secure Key.
metadata = entry.gecos()
for key_value in metadata.split(","):
result = key_value.split("=")
if len(result) == 2:
key, value = result
if key == "CSIK":
security_token = _MD5(value)
security_token.update(str(self.security_key))
security_token = security_token.hexdigest()
if p == security_token:
# We have a match!
return
# Try a plain-text password.
if entry.password_matches_crypt(p):
return
raise Exception("Could not validate user")
def level2_signature_for(message,
seed,
username,
password=None,
sulfur=None,
calculate=1,
file=_SHADOW_FILE):
# Get sulfur based on arguments...
if sulfur is None:
if password is None:
sulfur = sulfur_for(username, password, 0, file)
else:
sulfur = sulfur_for(username, password, 1, file)
elif len(sulfur) != 2:
raise EInvalidValue('sulfur must be None or a two character string.')
# Calculate the crypted, sulfurfree password based on the arguments...
sf_pass = None
if password is None:
passwd = _ShadowFile(file)
passwd.load()
entry = passwd[username]
sf_user = sulfurfree(entry.crypt())
else:
sf_pass = sulfurfree(
crypted_password(username, password, sulfur, calculate, file))
# Calculate the crypted, sulfurfree username based on the arguments...
sf_user = sulfurfree(
crypted_username(username, password, sulfur, calculate, file))
md5 = _MD5(sf_pass)
md5.update(seed)
md5.update(message)
return _join(sf_user, md5.hexdigest().lower())
def level2_signature_for(message, seed, username, password=None,
sulfur=None, calculate=1, file=_SHADOW_FILE):
# Get sulfur based on arguments...
if sulfur is None:
if password is None:
sulfur = sulfur_for(username, password, 0, file)
else:
sulfur = sulfur_for(username, password, 1, file)
elif len(sulfur) != 2:
raise EInvalidValue('sulfur must be None or a two character string.')
# Calculate the crypted, sulfurfree password based on the arguments...
sf_pass = None
if password is None:
passwd = _ShadowFile(file)
passwd.load()
entry = passwd[username]
sf_user = sulfurfree(entry.crypt())
else:
sf_pass = sulfurfree(crypted_password(username, password,
sulfur, calculate, file))
# Calculate the crypted, sulfurfree username based on the arguments...
sf_user = sulfurfree(crypted_username(username, password,
sulfur, calculate, file))
md5 = _MD5(sf_pass)
md5.update(seed)
md5.update(message)
return _join(sf_user, md5.hexdigest().lower())
def _validate_request(self, request):
u = request.get_user()
p = request.get_password()
# @fixme Is the request security key used? I've seen
# 0 and None as values...
security_key = request.get_security_key()
passwd = manager.PasswdFile()
passwd.load()
if u in passwd:
entry = passwd[u]
if len(p) == 32:
# This could be a Config Service Secure Key.
metadata = entry.gecos()
for key_value in metadata.split(','):
result = key_value.split('=')
if len(result) == 2:
key,value = result
if key == "CSIK":
security_token = _MD5(value)
security_token.update(str(self.security_key))
security_token = security_token.hexdigest()
if p == security_token:
# We have a match!
return
# Try a plain-text password.
if entry.password_matches_crypt(p):
return
raise Exception('Could not validate user')
def context_seed(seed, context):
return _MD5(_join(seed, context)).hexdigest().lower()
def new_seed():
result = _array('c', str(_now()))
for i in range(0, _randint(10, 20)):
result.append(chr(_randint(0, 255)))
return _MD5(result.tostring()).hexdigest().lower()
def context_seed(seed, context):
return _MD5(_join(seed, context)).hexdigest().lower()
def new_seed():
result = _array('c',str(_now()))
for i in range(0,_randint(10,20)):
result.append(chr(_randint(0,255)))
return _MD5(result.tostring()).hexdigest().lower()
