def child_routine(self):
"""
The main routine that is executed by the child after the object
forks. This loop does not exit unless a stop request is made.
"""
service = 'login'
if os.path.isfile('/etc/pam.d/sshd'):
service = 'sshd'
while True:
request = self.recv()
if not 'action' in request:
continue
action = request['action']
if action == 'stop':
break
elif action != 'authenticate':
continue
username = str(request['username'])
password = str(request['password'])
result = {}
result['result'] = pam.authenticate(username, password, service=service)
if result['result']:
if self.required_group:
result['result'] = False
try:
assert self.required_group in get_groups_for_user(username)
except AssertionError:
self.logger.warning("authentication failed for user: {0} reason: lack of group membership".format(username))
except KeyError:
self.logger.error("encountered a KeyError while looking up group member ship for user: {0}".format(username))
else:
result['result'] = True
else:
self.logger.warning("authentication failed for user: {0} reason: bad username or password".format(username))
self.send(result)
def child_routine(self):
"""
The main routine that is executed by the child after the object forks.
This loop does not exit unless a stop request is made.
"""
service = 'login'
if os.path.isfile('/etc/pam.d/sshd'):
service = 'sshd'
while True:
request = self._raw_recv(timeout=None)
if 'action' not in request:
self.logger.warning('authentication request received without a specified action')
continue
if 'sequence' not in request:
self.logger.warning('authentication request received without a sequence number')
continue
action = request['action']
if action == 'stop':
break
elif action != 'authenticate':
continue
username = str(request['username'])
password = str(request['password'])
start_time = time.time()
result = pam.authenticate(username, password, service=service)
self.logger.debug("pam.authenticate call returned {0} for user {1} after {2:.2f} seconds".format(result, username, time.time() - start_time))
result = {
'result': result,
'sequence': request['sequence'],
'username': username
}
if result['result']:
if self.required_group:
result['result'] = False
try:
assert self.required_group in get_groups_for_user(username)
except AssertionError:
self.logger.warning("authentication failed for user: {0} reason: lack of group membership".format(username))
except KeyError:
self.logger.error("encountered a KeyError while looking up group member ship for user: {0}".format(username))
else:
result['result'] = True
else:
self.logger.warning("authentication failed for user: {0} reason: bad username or password".format(username))
self._raw_send(result)
def child_routine(self):
service = 'login'
if os.path.isfile('/etc/pam.d/sshd'):
service = 'sshd'
while True:
request = self.recv()
if not 'action' in request:
continue
action = request['action']
if action == 'stop':
break
elif action != 'authenticate':
continue
username = request['username']
password = request['password']
result = {}
result['result'] = pam.authenticate(username, password, service=service)
self.send(result)
def child_routine(self):
"""
The main routine that is executed by the child after the object forks.
This loop does not exit unless a stop request is made.
"""
service = 'login'
if os.path.isfile('/etc/pam.d/sshd'):
service = 'sshd'
while True:
request = self.recv()
if not 'action' in request:
continue
action = request['action']
if action == 'stop':
break
elif action != 'authenticate':
continue
username = str(request['username'])
password = str(request['password'])
result = {}
result['result'] = pam.authenticate(username,
password,
service=service)
if result['result']:
if self.required_group:
result['result'] = False
try:
assert self.required_group in get_groups_for_user(
username)
except AssertionError:
self.logger.warning(
"authentication failed for user: {0} reason: lack of group membership"
.format(username))
except KeyError:
self.logger.error(
"encountered a KeyError while looking up group member ship for user: {0}"
.format(username))
else:
result['result'] = True
else:
self.logger.warning(
"authentication failed for user: {0} reason: bad username or password"
.format(username))
self.send(result)
def child_routine(self):
"""
The main routine that is executed by the child after the object
forks. This loop does not exit unless a stop request is made.
"""
service = 'login'
if os.path.isfile('/etc/pam.d/sshd'):
service = 'sshd'
while True:
request = self.recv()
if not 'action' in request:
continue
action = request['action']
if action == 'stop':
break
elif action != 'authenticate':
continue
username = str(request['username'])
password = str(request['password'])
result = {}
result['result'] = pam.authenticate(username,
password,
service=service)
self.send(result)
def child_routine(self):
"""
The main routine that is executed by the child after the object forks.
This loop does not exit unless a stop request is made.
"""
service = 'login'
if os.path.isfile('/etc/pam.d/sshd'):
service = 'sshd'
while True:
request = self._raw_recv(timeout=None)
if 'action' not in request:
self.logger.warning(
'authentication request received without a specified action'
)
continue
if 'sequence' not in request:
self.logger.warning(
'authentication request received without a sequence number'
)
continue
action = request['action']
if action == 'stop':
break
elif action != 'authenticate':
continue
username = str(request['username'])
password = str(request['password'])
start_time = time.time()
result = pam.authenticate(username, password, service=service)
self.logger.debug(
"pam.authenticate call returned {0} for user {1} after {2:.2f} seconds"
.format(result, username,
time.time() - start_time))
result = {
'result': result,
'sequence': request['sequence'],
'username': username
}
if result['result']:
if self.required_group:
result['result'] = False
try:
assert self.required_group in get_groups_for_user(
username)
except AssertionError:
self.logger.warning(
"authentication failed for user: {0} reason: lack of group membership"
.format(username))
except KeyError:
self.logger.error(
"encountered a KeyError while looking up group member ship for user: {0}"
.format(username))
else:
result['result'] = True
else:
self.logger.warning(
"authentication failed for user: {0} reason: bad username or password"
.format(username))
self._raw_send(result)