def parse_args(): usage = ( """ %s [--test] """ % sys.argv[0] ) if len(sys.argv) == 2: if sys.argv[1] == "--test": config = acquire_configuration() if not "server" in config: print "No server defined." raise SystemExit if not "apikey" in config: print "No API key defined." raise SystemExit uAuth = Client(config["apikey"], config["server"], verify=False) try: (resp, status) = uAuth.get("keys") except Exception, e: print "Error: %s" % e.message raise SystemExit if status == 200: print "The authentication server is available." elif sys.argv[1] in ["-h", "--help"]: print usage raise SystemExit
if os.getuid(): print "login: Cannot possibly work without effective root" raise SystemExit parse_args() # The main loops that first keep asking for input on stdin and # then check if the users shell can be spawned in their home directory. user_exists = False while user_exists == False: success = None while success == None: # Overlay some sensible defaults with whatever's in CONFIG_FILE # and possibly poll our remote microauth instance for settings. config = acquire_configuration() # Read STDIN in an infinite loop. Ignore all signals. (username, password) = prompt_for_login() # Send the data over to microauth. success = authenticate(username, password) if success == None: # Throw in some random delay to avert timing attacks sleepnum = str(random.randint(1, 2)) + "." + str(random.randint(2, 9)) time.sleep(float(sleepnum)) print "\nLogin incorrect" # Write to utmp and syslog so the incident is available to lastlog et al. log_attempt(success, username) # Verify the account exists locally. Possibly create it if configured to. user_exists = check_user_exists(username)