Update of /cvsroot/tmda/tmda/contrib/cgi
In directory sc8-pr-cvs1:/tmp/cvs-serv4430
Modified Files:
Session.py
Log Message:
Improved exception handling.
Added pretty error if CGI_ACTIVE has not been set.
Added debug mode for login.
Index: Session.py
===================================================================
RCS file: /cvsroot/tmda/tmda/contrib/cgi/Session.py,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- Session.py 29 Nov 2002 17:16:12 -0000 1.4
+++ Session.py 30 Nov 2002 18:17:53 -0000 1.5
@@ -29,6 +29,7 @@
import re
import string
import time
+import CgiUtil
import Authenticate
try:
@@ -97,7 +98,7 @@
# Make sure the session has not been hijacked
if os.environ["REMOTE_ADDR"] == self.Vars["IP"]: return
- except: # Failed to resurrect session, fall through to make new SID
+ except IOError: # Failed to resurrect session, fall through to make new SID
pass
# New session
@@ -107,35 +108,46 @@
self.SID += SessionChars[Rands.randrange(len(SessionChars))]
self.Vars = {}
- # Validate the new session?
- try:
+ # Logging in?
+ if not Form.has_key("user"): return
+
# Is there a TMDARC variable?
- if os.environ.has_key("TMDARC"):
- # Yes, replace it
- os.environ["TMDARC"] = string.replace(os.environ["TMDARC"], "/~/",
- "/%s/" % Form["user"].value)
-
- if Authenticate.CheckPassword(Form):
- self.Vars["User"] = Form["user"].value
- PasswordRecord = pwd.getpwnam(self.Vars["User"])
- self.Vars["UID"] = PasswordRecord[2]
- self.Vars["GID"] = PasswordRecord[3]
- self.Vars["HOME"] = PasswordRecord[5]
- os.environ["USER"] = self.Vars["User"]
- os.environ["HOME"] = self.Vars["HOME"]
- self.Vars["IP"] = os.environ["REMOTE_ADDR"]
-
- # Now that we know who we are, get our defaults
- from TMDA import Defaults
-
- # Get misc user info
- PasswordRecord = pwd.getpwnam(Defaults.CGI_USER)
- self.Vars["MiscUID"] = PasswordRecord[2]
- self.Vars["MiscGID"] = PasswordRecord[3]
-
- self.Save() # Save session & set user
- except:
- return
+ if os.environ.has_key("TMDARC"):
+ # Yes, replace it
+ os.environ["TMDARC"] = string.replace(os.environ["TMDARC"], "/~/",
+ "/%s/" % Form["user"].value)
+
+ # Validate the new session
+ if Authenticate.CheckPassword(Form) > 0:
+ self.Vars["User"] = Form["user"].value
+ PasswordRecord = pwd.getpwnam(self.Vars["User"])
+ self.Vars["UID"] = PasswordRecord[2]
+ self.Vars["GID"] = PasswordRecord[3]
+ self.Vars["HOME"] = PasswordRecord[5]
+ os.environ["USER"] = self.Vars["User"]
+ os.environ["HOME"] = self.Vars["HOME"]
+ self.Vars["IP"] = os.environ["REMOTE_ADDR"]
+ self.Vars["debug"] = Form["debug"].value
+
+ # Now that we know who we are, get our defaults
+ from TMDA import Defaults
+
+ # Test CGI_ACTIVE
+ if not Defaults.CGI_ACTIVE:
+ CgiUtil.TermError("<tt>CGI_ACTIVE</tt> has not been set to 1.",
+ "Incomplete configuration file.", "read configuration files",
+ "%s<br>%s" %
+ (CgiUtil.FileDetails("Global configuration", Defaults.GLOBAL_TMDARC),
+ CgiUtil.FileDetails("Local configuration", Defaults.TMDARC)),
+ """Add <tt>CGI_ACTIVE = 1</tt> to one of the configuration files or modify
+file permissions to allow them to be read.""")
+
+ # Get misc user info
+ PasswordRecord = pwd.getpwnam(Defaults.CGI_USER)
+ self.Vars["MiscUID"] = PasswordRecord[2]
+ self.Vars["MiscGID"] = PasswordRecord[3]
+
+ self.Save() # Save session & set user
def Save(self):
"""Save all session variables to disk and change user. Possibly clean up
@@ -144,7 +156,8 @@
try:
os.seteuid(self.Vars["MiscUID"])
os.setegid(self.Vars["MiscGID"])
- except: pass
+ except OSError:
+ pass
F = open(CGI_SESSION_PREFIX + self.SID, "w")
pickle.dump(self.Vars, F)
F.close()
@@ -158,8 +171,9 @@
Stats = os.stat(Session)
# Expired?
if Stats[7] + Defaults.CGI_SESSION_EXP < time.time():
- os.remove(Session)
- except: pass
+ os.unlink(Session)
+ except OSError:
+ pass
# Change back to regular user
try:
@@ -167,7 +181,8 @@
os.setegid(0)
os.setegid(self.Vars["GID"])
os.seteuid(self.Vars["UID"])
- except: pass
+ except OSError:
+ pass
def __contains__(self, a): return a in self.Vars
def countOf(self): return len(self.Vars)
_______________________________________
tmda-cvs mailing list
http://tmda.net/lists/listinfo/tmda-cvs
