diff options
author | Michael DeHaan <mdehaan@redhat.com> | 2007-12-05 15:43:13 -0500 |
---|---|---|
committer | Michael DeHaan <mdehaan@redhat.com> | 2007-12-05 15:43:13 -0500 |
commit | c7220a9340069f8bc9cc0f7cb840ada3a9cd994d (patch) | |
tree | 9387432c528098e6ba57a2fdf544e45c3ab28fd8 /cobbler | |
parent | 762de2e043b967bdf0bdc1be8189ab21b055a808 (diff) | |
download | third_party-cobbler-c7220a9340069f8bc9cc0f7cb840ada3a9cd994d.tar.gz third_party-cobbler-c7220a9340069f8bc9cc0f7cb840ada3a9cd994d.tar.xz third_party-cobbler-c7220a9340069f8bc9cc0f7cb840ada3a9cd994d.zip |
Work on making the default service authenticator grok Apache htdigest files.
Diffstat (limited to 'cobbler')
-rw-r--r-- | cobbler/action_sync.py | 1 | ||||
-rw-r--r-- | cobbler/modules/authn_configfile.py | 47 |
2 files changed, 36 insertions, 12 deletions
diff --git a/cobbler/action_sync.py b/cobbler/action_sync.py index e1d61d8..987a7f8 100644 --- a/cobbler/action_sync.py +++ b/cobbler/action_sync.py @@ -711,6 +711,7 @@ class BootSync: input_files.append(os.path.join(self.settings.webdir, "repo_mirror", repo, "config.repo")) for infile in input_files: + print "DEBUG: looking for infile: %s" % infile if infile.find("ks_mirror") == -1: dispname = infile.split("/")[-2] else: diff --git a/cobbler/modules/authn_configfile.py b/cobbler/modules/authn_configfile.py index afdd858..5740efa 100644 --- a/cobbler/modules/authn_configfile.py +++ b/cobbler/modules/authn_configfile.py @@ -16,7 +16,10 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. import distutils.sysconfig import ConfigParser import sys +import os from rhpl.translate import _, N_, textdomain, utf8 +import md5 +import traceback plib = distutils.sysconfig.get_python_lib() mod_path="%s/cobbler" % plib @@ -25,29 +28,49 @@ sys.path.insert(0, mod_path) import cexceptions import utils - def register(): """ The mandatory cobbler module registration hook. """ return "authn" +def __parse_storage(): + + if not os.path.exists("/etc/cobbler/users.digest"): + return [] + fd = open("/etc/cobbler/users.digest") + data = fd.read() + fd.close() + results = [] + lines = data.split("\n") + for line in lines: + try: + line = line.strip() + tokens = line.split(":") + results.append([tokens[0],tokens[1],tokens[2]]) + except: + pass + return results + def authenticate(username,password): """ Validate a username/password combo, returning True/False + + Thanks to http://trac.edgewall.org/ticket/845 for supplying + the algorithm info. """ + + userlist = __parse_storage() + for (user,realm,actual_blob) in userlist: + if user == username and realm == "Cobbler": + input = ":".join([user,realm,password]) + input_blob = md5.md5(input).hexdigest() + if input_blob.lower() == actual_blob.lower(): + return True - config_parser = ConfigParser.ConfigParser() - auth_conf = open("/etc/cobbler/auth.conf") - config_parser.readfp(auth_conf) - auth_conf.close() - user_database = config_parser.items("xmlrpc_service_users") - for x in user_database: - (db_user,db_password) = x - db_user = db_user.strip() - db_password = db_password.strip() - if db_user == username and db_password == password and db_password.lower() != "disabled": - return True return False +if __name__ == "__main__": + print authenticate("cobbler","cobbler") + print authenticate("cobbler","bogus") |