[Mailman-checkins] CVS: mailman/Mailman SecurityManager.py,2.4,2.5

Barry Warsaw Thu, 31 May 2001 13:56:03 -0700

Update of /cvsroot/mailman/mailman/Mailman
In directory usw-pr-cvs1:/tmp/cvs-serv24556

Modified Files:
        SecurityManager.py 
Log Message:
Authenticate(): When sha hex digesting the response, save the results
in a temporary variable and check that variable against the secret
(this is so that subsequent checks have the raw password).


Index: SecurityManager.py
===================================================================
RCS file: /cvsroot/mailman/mailman/Mailman/SecurityManager.py,v
retrieving revision 2.4
retrieving revision 2.5
diff -C2 -r2.4 -r2.5
*** SecurityManager.py  2001/05/31 17:46:11     2.4
--- SecurityManager.py  2001/05/31 21:17:47     2.5
***************
*** 142,149 ****
                  # digestify it first.
                  if ac in (mm_cfg.AuthListAdmin, mm_cfg.AuthListModerator):
!                     response = sha.new(response).hexdigest()
  
                  key, secret = self.AuthContextInfo(ac, user)
!                 if secret is not None and response == secret:
                      return ac
          return mm_cfg.UnAuthorized
--- 142,151 ----
                  # digestify it first.
                  if ac in (mm_cfg.AuthListAdmin, mm_cfg.AuthListModerator):
!                     chkresponse = sha.new(response).hexdigest()
!                 else:
!                     chkresponse = response
  
                  key, secret = self.AuthContextInfo(ac, user)
!                 if secret is not None and chkresponse == secret:
                      return ac
          return mm_cfg.UnAuthorized


_______________________________________________
Mailman-checkins mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-checkins

[Mailman-checkins] CVS: mailman/Mailman SecurityManager.py,2.4,2.5

Reply via email to