1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
"""
Authentication module that uses /etc/cobbler/auth.conf
Choice of authentication module is in /etc/cobbler/modules.conf
Copyright 2007, Red Hat, Inc
Michael DeHaan <mdehaan@redhat.com>
This software may be freely redistributed under the terms of the GNU
general public license.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
"""
import distutils.sysconfig
import ConfigParser
import sys
import os
from rhpl.translate import _, N_, textdomain, utf8
import md5
import traceback
plib = distutils.sysconfig.get_python_lib()
mod_path="%s/cobbler" % plib
sys.path.insert(0, mod_path)
import cexceptions
import utils
def register():
"""
The mandatory cobbler module registration hook.
"""
return "authn"
def __parse_storage():
if not os.path.exists("/etc/cobbler/users.digest"):
return []
fd = open("/etc/cobbler/users.digest")
data = fd.read()
fd.close()
results = []
lines = data.split("\n")
for line in lines:
try:
line = line.strip()
tokens = line.split(":")
results.append([tokens[0],tokens[1],tokens[2]])
except:
pass
return results
def authenticate(api_handle,username,password):
"""
Validate a username/password combo, returning True/False
Thanks to http://trac.edgewall.org/ticket/845 for supplying
the algorithm info.
"""
# debugging only (not safe to enable)
# api_handle.logger.debug("backend authenticate (%s,%s)" % (username,password))
userlist = __parse_storage()
for (user,realm,actual_blob) in userlist:
if user == username and realm == "Cobbler":
input = ":".join([user,realm,password])
input_blob = md5.md5(input).hexdigest()
if input_blob.lower() == actual_blob.lower():
return True
return False
|