Changeset 2120
- Timestamp:
- 03/24/07 17:23:07 (2 years ago)
- Files:
-
- accountmanagerplugin/0.10/acct_mgr/db.py (added)
- accountmanagerplugin/0.10/acct_mgr/htfile.py (modified) (6 diffs)
- accountmanagerplugin/0.10/acct_mgr/pwhash.py (added)
- accountmanagerplugin/0.10/acct_mgr/tests/db.py (added)
- accountmanagerplugin/0.10/acct_mgr/tests/__init__.py (modified) (1 diff)
- accountmanagerplugin/0.10/setup.py (modified) (1 diff)
- accountmanagerplugin/trunk/acct_mgr/db.py (added)
- accountmanagerplugin/trunk/acct_mgr/htfile.py (modified) (6 diffs)
- accountmanagerplugin/trunk/acct_mgr/pwhash.py (added)
- accountmanagerplugin/trunk/acct_mgr/tests/db.py (added)
- accountmanagerplugin/trunk/acct_mgr/tests/__init__.py (modified) (1 diff)
- accountmanagerplugin/trunk/setup.py (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
accountmanagerplugin/0.10/acct_mgr/htfile.py
r2063 r2120 1 1 # -*- coding: utf8 -*- 2 2 # 3 # Copyright (C) 2005 Matthew Good <trac@matt-good.net>3 # Copyright (C) 2005,2006,2007 Matthew Good <trac@matt-good.net> 4 4 # 5 5 # "THE BEER-WARE LICENSE" (Revision 42): … … 12 12 from __future__ import generators 13 13 14 from binascii import hexlify15 14 import errno 16 import md5, sha17 15 import os.path 18 16 import fileinput 19 from md5crypt import md5crypt20 17 21 18 from trac.core import * … … 23 20 24 21 from api import IPasswordStore 25 26 # check for the availability of the "crypt" module for checking passwords on 27 # Unix-like platforms 28 # MD5 is still used when adding/updating passwords 29 try: 30 from crypt import crypt 31 except ImportError: 32 crypt = None 33 34 # os.urandom was added in Python 2.4 35 # try to fall back on reading from /dev/urandom on older Python versions 36 try: 37 from os import urandom 38 except ImportError: 39 from random import randrange 40 def urandom(n): 41 return ''.join([chr(randrange(256)) for _ in xrange(n)]) 42 22 from pwhash import htpasswd, htdigest 43 23 44 24 class _RelativePathOption(Option): … … 132 112 133 113 134 def salt():135 s = ''136 v = long(hexlify(urandom(4)), 16)137 itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'138 for i in range(8):139 s += itoa64[v & 0x3f]; v >>= 6140 return s141 142 143 114 class HtPasswdStore(AbstractPasswordFileStore): 144 115 """Manages user accounts stored in Apache's htpasswd format. … … 162 133 163 134 def userline(self, user, password): 164 if crypt is None: 165 return self.prefix(user) + md5crypt(password, salt(), '$apr1$') 166 else: 167 return self.prefix(user) + crypt(password, salt()) 135 return self.prefix(user) + htpasswd(password) 168 136 169 137 def _check_userline(self, password, prefix, suffix): 170 if suffix.startswith('$apr1$'): 171 return suffix == md5crypt(password, suffix[6:].split('$')[0], 172 '$apr1$') 173 elif suffix.startswith('{SHA}'): 174 return (suffix[5:] == 175 sha.new(password).digest().encode('base64')[:-1]) 176 elif crypt is None: 177 # crypt passwords are only supported on Unix-like systems 178 raise NotImplementedError('The "crypt" module is unavailable ' 179 'on this platform. Only MD5 ' 180 'passwords (starting with "$apr1$") ' 181 'are supported in the htpasswd file.') 182 else: 183 return suffix == crypt(password, suffix) 138 return suffix == htpasswd(password, suffix) 184 139 185 140 def _get_users(self, filename): … … 216 171 217 172 def userline(self, user, password): 218 p = self.prefix(user) 219 return p + md5.new(p + password).hexdigest() 173 return self.prefix(user) + htdigest(user, self.realm, password) 220 174 221 175 def _check_userline(self, password, prefix, suffix): 222 return suffix == md5.new(prefix + password).hexdigest()176 return suffix == htdigest(user, self.realm, password) 223 177 224 178 def _get_users(self, filename): accountmanagerplugin/0.10/acct_mgr/tests/__init__.py
r1128 r2120 14 14 15 15 def suite(): 16 from acct_mgr.tests import htfile 16 from acct_mgr.tests import htfile, db 17 17 suite = unittest.TestSuite() 18 18 suite.addTest(htfile.suite()) 19 suite.addTest(db.suite()) 19 20 return suite 20 21 accountmanagerplugin/0.10/setup.py
r1549 r2120 32 32 'acct_mgr.api = acct_mgr.api', 33 33 'acct_mgr.admin = acct_mgr.admin', 34 'acct_mgr.db = acct_mgr.db', 35 'acct_mgr.pwhash = acct_mgr.pwhash', 34 36 ] 35 37 }, accountmanagerplugin/trunk/acct_mgr/htfile.py
r2068 r2120 1 1 # -*- coding: utf8 -*- 2 2 # 3 # Copyright (C) 2005 Matthew Good <trac@matt-good.net>3 # Copyright (C) 2005,2006,2007 Matthew Good <trac@matt-good.net> 4 4 # 5 5 # "THE BEER-WARE LICENSE" (Revision 42): … … 10 10 # Author: Matthew Good <trac@matt-good.net> 11 11 12 from binascii import hexlify13 12 import errno 14 import md5, sha15 13 import os.path 16 14 import fileinput 17 from md5crypt import md5crypt18 15 19 16 from trac.core import * … … 21 18 22 19 from api import IPasswordStore 20 from pwhash import htpasswd, htdigest 23 21 from util import EnvRelativePathOption 24 25 # check for the availability of the "crypt" module for checking passwords on26 # Unix-like platforms27 # MD5 is still used when adding/updating passwords28 try:29 from crypt import crypt30 except ImportError:31 crypt = None32 33 # os.urandom was added in Python 2.434 # try to fall back on reading from /dev/urandom on older Python versions35 try:36 from os import urandom37 except ImportError:38 from random import randrange39 def urandom(n):40 return ''.join([chr(randrange(256)) for _ in xrange(n)])41 22 42 23 … … 122 103 123 104 124 def salt():125 s = ''126 v = long(hexlify(urandom(4)), 16)127 itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'128 for i in range(8):129 s += itoa64[v & 0x3f]; v >>= 6130 return s131 132 133 105 class HtPasswdStore(AbstractPasswordFileStore): 134 106 """Manages user accounts stored in Apache's htpasswd format. … … 152 124 153 125 def userline(self, user, password): 154 if crypt is None: 155 return self.prefix(user) + md5crypt(password, salt(), '$apr1$') 156 else: 157 return self.prefix(user) + crypt(password, salt()) 126 return self.prefix(user) + htpasswd(password) 158 127 159 128 def _check_userline(self, password, prefix, suffix): 160 if suffix.startswith('$apr1$'): 161 return suffix == md5crypt(password, suffix[6:].split('$')[0], 162 '$apr1$') 163 elif suffix.startswith('{SHA}'): 164 return (suffix[5:] == 165 sha.new(password).digest().encode('base64')[:-1]) 166 elif crypt is None: 167 # crypt passwords are only supported on Unix-like systems 168 raise NotImplementedError('The "crypt" module is unavailable ' 169 'on this platform. Only MD5 ' 170 'passwords (starting with "$apr1$") ' 171 'are supported in the htpasswd file.') 172 else: 173 return suffix == crypt(password, suffix) 129 return suffix == htpasswd(password, suffix) 174 130 175 131 def _get_users(self, filename): … … 206 162 207 163 def userline(self, user, password): 208 p = self.prefix(user) 209 return p + md5.new(p + password).hexdigest() 164 return self.prefix(user) + htdigest(user, self.realm, password) 210 165 211 166 def _check_userline(self, password, prefix, suffix): 212 return suffix == md5.new(prefix + password).hexdigest()167 return suffix == htdigest(user, self.realm, password) 213 168 214 169 def _get_users(self, filename): accountmanagerplugin/trunk/acct_mgr/tests/__init__.py
r1128 r2120 14 14 15 15 def suite(): 16 from acct_mgr.tests import htfile 16 from acct_mgr.tests import htfile, db 17 17 suite = unittest.TestSuite() 18 18 suite.addTest(htfile.suite()) 19 suite.addTest(db.suite()) 19 20 return suite 20 21 accountmanagerplugin/trunk/setup.py
r2068 r2120 30 30 'acct_mgr.admin = acct_mgr.admin', 31 31 'acct_mgr.api = acct_mgr.api', 32 'acct_mgr.db = acct_mgr.db', 32 33 'acct_mgr.htfile = acct_mgr.htfile', 33 34 'acct_mgr.http = acct_mgr.http', 35 'acct_mgr.pwhash = acct_mgr.pwhash', 34 36 'acct_mgr.svnserve = acct_mgr.svnserve', 35 37 'acct_mgr.web_ui = acct_mgr.web_ui',
