Trees       Indices       Help   
Package backend :: Package server :: Module rhnAuthPAM
[hide private]
[frames] | no frames]

Source Code for Module backend.server.rhnAuthPAM

 1  # 
 2  # Copyright (c) 2008--2016 Red Hat, Inc. 
 3  # 
 4  # This software is licensed to you under the GNU General Public License, 
 5  # version 2 (GPLv2). There is NO WARRANTY for this software, express or 
 6  # implied, including the implied warranties of MERCHANTABILITY or FITNESS 
 7  # FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2 
 8  # along with this software; if not, see 
 9  # http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. 
10  # 
11  # Red Hat trademarks are not licensed under GPLv2. No permission is 
12  # granted to use or replicate Red Hat trademarks that are incorporated 
13  # in this software or its documentation. 
14  # 
15   
16  import PAM 
17  import sys 
18   
19  from spacewalk.common.usix import raise_with_tb 
20  from spacewalk.common.rhnLog import log_error 
21  from spacewalk.common.rhnException import rhnException 
22   
23  __username = None 
24  __password = None 
25   
26   

27 -def __pam_conv(auth, query_list): 

28      global __username, __password 
29      # Build a list of responses to be passed back to PAM 
30      resp = [] 
31      for query, type in query_list: 
32          if type == PAM.PAM_PROMPT_ECHO_ON: 
33              # Prompt for a username 
34              resp.append((__username, 0)) 
35          elif type == PAM.PAM_PROMPT_ECHO_OFF: 
36              # Prompt for a password 
37              resp.append((__password, 0)) 
38          else: 
39              # Unknown PAM type 
40              log_error("Got unknown PAM type %s (query=%s)" % (type, query)) 
41              return None 
42   
43      return resp 

44   
45   

46 -def check_password(username, password, service): 

47      global __username, __password 
48      auth = PAM.pam() 
49      auth.start(service, username, __pam_conv) 
50   
51      # Save the username and passwords in the globals, the conversation 
52      # function needs access to them 
53      __username = username 
54      __password = password 
55   
56      try: 
57          try: 
58              auth.authenticate() 
59              auth.acct_mgmt() 
60          finally: 
61              # Something to be always executed - cleanup 
62              __username = __password = None 
63      except PAM.error: 
64          e = sys.exc_info()[1] 
65          resp, code = e.args[:2] 
66          log_error("Password check failed (%s): %s" % (code, resp)) 
67          return 0 
68      except: 
69          raise_with_tb(rhnException('Internal PAM error'), sys.exc_info()[2]) 
70      else: 
71          # Good password 
72          return 1 

73

   Trees       Indices       Help   
Generated by Epydoc 3.0.1 on Wed Mar 4 07:37:42 2020 http://epydoc.sourceforge.net