def authenticate_hmac(self, challenge_response, client_salt=None): log("authenticate_hmac(%s, %s)", challenge_response, client_salt) self.sessions = None if not self.salt: log.error( "Error: illegal challenge response received - salt cleared or unset" ) return None #ensure this salt does not get re-used: salt = self.get_response_salt(client_salt) entry = self.get_auth_info() if entry is None: log.warn("Warning: authentication failed") log.warn(" no password for '%s' in '%s'", self.username, self.password_filename) return None log("authenticate: auth-info(%s)=%s", self.username, entry) fpassword, uid, gid, displays, env_options, session_options = entry log("multifile authenticate_hmac(%s) password='******', hex(salt)=%s", challenge_response, fpassword, hexstr(salt)) if not verify_digest(self.digest, fpassword, salt, challenge_response): log.warn("Warning: %s challenge for '%s' does not match", self.digest, self.username) return False self.sessions = uid, gid, displays, env_options, session_options return True
def authenticate_hmac(self, challenge_response, client_salt=None): if not self.salt: log.error( "Error: illegal challenge response received - salt cleared or unset" ) return None salt = self.get_response_salt(client_salt) password = self.get_password() if not password: log.warn("Warning: authentication failed") log.warn(" no password for '%s' in '%s'", self.username, self.password_filename) return False if not verify_digest(self.digest, password, salt, challenge_response): log.warn("Warning: %s challenge for '%s' does not match", self.digest, self.username) return False return True
def authenticate_hmac(self, challenge_response, client_salt=None): if not self.salt: log.error( "Error: illegal challenge response received - salt cleared or unset" ) return None salt = self.get_response_salt(client_salt) passwords = self.get_passwords() if not passwords: log.warn("Warning: %s authentication failed", self) log.warn(" no password defined for '%s'", self.username) return False log("found %i passwords using %s", len(passwords), type(self)) for x in passwords: if verify_digest(self.digest, x, salt, challenge_response): return True log.warn("Warning: %s challenge for '%s' does not match", self.digest, self.username) if len(passwords) > 1: log.warn(" checked %i passwords", len(passwords)) return False