%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python2.7/site-packages/salt/auth/
Upload File :
Create Path :
Current File : //lib/python2.7/site-packages/salt/auth/file.pyc

�
���^c@@s�dZddlmZmZmZddlZddlZddlZddl	Zej
e�ZdZ
d�Zd�Zd�Zd�Zd	�Zd
�Zied6ed6ed
6Zd�ZdS(u�
Provide authentication using local files

.. versionadded:: 2018.3.0

The `file` auth module allows simple authentication via local files. Different
filetypes are supported, including:

  1. Text files, with passwords in plaintext or hashed
  2. Apache-style htpasswd files
  3. Apache-style htdigest files

.. note::

    The ``python-passlib`` library is required when using a ``^filetype`` of
    ``htpasswd`` or ``htdigest``.

The simplest example is a plaintext file with usernames and passwords:

.. code-block:: yaml

    external_auth:
      file:
        ^filename: /etc/insecure-user-list.txt
        gene:
          - .*
        dean:
          - test.*

In this example the ``/etc/insecure-user-list.txt`` file would be formatted
as so:

.. code-block:: text

    dean:goneFishing
    gene:OceanMan

``^filename`` is the only required parameter. Any parameter that begins with
a ``^`` is passed directly to the underlying file authentication function
via ``kwargs``, with the leading ``^`` being stripped.

The text file option is configurable to work with legacy formats:

.. code-block:: yaml

    external_auth:
      file:
        ^filename: /etc/legacy_users.txt
        ^filetype: text
        ^hashtype: md5
        ^username_field: 2
        ^password_field: 3
        ^field_separator: '|'
        trey:
          - .*

This would authenticate users against a file of the following format:

.. code-block:: text

    46|trey|16a0034f90b06bf3c5982ed8ac41aab4
    555|mike|b6e02a4d2cb2a6ef0669e79be6fd02e4
    2001|page|14fce21db306a43d3b680da1a527847a
    8888|jon|c4e94ba906578ccf494d71f45795c6cb

.. note::

    The :py:func:`hashutil.digest <salt.modules.hashutil.digest>` execution
    function is used for comparing hashed passwords, so any algorithm
    supported by that function will work.

There is also support for Apache-style ``htpasswd`` and ``htdigest`` files:

.. code-block:: yaml

    external_auth:
      file:
        ^filename: /var/www/html/.htusers
        ^filetype: htpasswd
        cory:
          - .*

When using ``htdigest`` the ``^realm`` must be set:

.. code-block:: yaml

    external_auth:
      file:
        ^filename: /var/www/html/.htdigest
        ^filetype: htdigest
        ^realm: MySecureRealm
        cory:
          - .*

i(tabsolute_importtprint_functiontunicode_literalsNufilecC@stS(N(t__virtualname__(((s2/usr/lib/python2.7/site-packages/salt/auth/file.pyt__virtual__pscC@s�idd6dd6dd6dd6d	d
6}xBtdtD]2}|jd�r8tdt|||d<q8q8Wd
|kr�tjd�tStjj|d
�s�tjd|d
�tSt	|d�|d<t	|d
�|d
<|S(uL
    Setup defaults and check configuration variables for auth backends
    utextufiletypeu	plaintextuhashtypeu:ufield_separatoriuusername_fieldiupassword_fieldu
external_authu^ufilenameuYsalt.auth.file: An authentication file must be specified via external_auth:file:^filenameu`salt.auth.file: The configured external_auth:file:^filename (%s)does not exist on the filesystem(
t__opts__Rt
startswithtlogterrortFalsetostpathtexiststint(tconfigtopt((s2/usr/lib/python2.7/site-packages/salt/auth/file.pyt_get_file_auth_configts&
!
	c

K@sC|d}|d}|d}|dd}|dd}tjjj|d���}x�|j�D]�}	|	j�j|�}
y|
|}Wn%tk
r�tj	d||�t
SXy|
|}Wn%tk
r�tj	d	||�t
SX||krb|d
kr||kr1tSn|td||�kr1tSt
SqbWWdQXt
S(
u�
    The text file function can authenticate plaintext and digest methods
    that are available in the :py:func:`hashutil.digest <salt.modules.hashutil.digest>`
    function.
    ufilenameuhashtypeufield_separatoruusername_fieldiupassword_fielduru=salt.auth.file: username field (%s) does not exist in file %su=salt.auth.file: password field (%s) does not exist in file %su	plaintextuhashutil.digestN(
tsalttutilstfilestfopent	readlineststriptsplitt
IndexErrorRRR	tTruet__salt__(
tusernametpasswordtkwargstfilenamethashtypetfield_separatortusername_fieldtpassword_fieldtpwfiletlinetfieldst
this_usernamet
this_password((s2/usr/lib/python2.7/site-packages/salt/auth/file.pyt_text�s8



	

	
cK@sfddlm}||d�}tjjj|dd�dkrR|j||�S|j||�SdS(u@
    Provide authentication via Apache-style htpasswd files
    i(tHtpasswdFileufilenameupasslib_versionu1.6N(tpasslib.apacheR)RRtversionstversion_cmptverifytcheck_password(RRRR)R#((s2/usr/lib/python2.7/site-packages/salt/auth/file.pyt	_htpasswd�s
"cK@s�|jdd�}|s)tjd�tSddlm}||d�}tjj	j
|dd�dkr~|j|||�S|j|||�SdS(	u@
    Provide authentication via Apache-style htdigest files
    urealmuTsalt.auth.file: A ^realm must be defined in external_auth:file for htdigest filetypei(tHtdigestFileufilenameupasslib_versionu1.6N(
tgettNoneRRR	R*R0RRR+R,R-R.(RRRtrealmR0R#((s2/usr/lib/python2.7/site-packages/salt/auth/file.pyt	_htdigest�s
"cK@s�|jdd�j�}yddl}|j|d<Wn"tk
rYtjd|�tSX|dkrvt|||�St	|||�SdS(uK
    Gate function for _htpasswd and _htdigest authentication backends
    ufiletypeuhtpasswdiNupasslib_versionuFsalt.auth.file: The python-passlib library is required for %s filetypeuhtdigest(
R1tlowertpasslibt__version__tImportErrorRRR	R4R/(RRRtfiletypeR6((s2/usr/lib/python2.7/site-packages/salt/auth/file.pyt_htfile�s
	utextuhtpasswduhtdigestcC@s9t�}|stStj|dd�}||||�S(u�
    File based authentication

    ^filename
        The path to the file to use for authentication.

    ^filetype
        The type of file: ``text``, ``htpasswd``, ``htdigest``.

        Default: ``text``

    ^realm
        The realm required by htdigest authentication.

    .. note::
        The following parameters are only used with the ``text`` filetype.

    ^hashtype
        The digest format of the password. Can be ``plaintext`` or any digest
        available via :py:func:`hashutil.digest <salt.modules.hashutil.digest>`.

        Default: ``plaintext``

    ^field_separator
        The character to use as a delimiter between fields in a text file.

        Default: ``:``

    ^username_field
        The numbered field in the text file that contains the username, with
        numbering beginning at 1 (one).

        Default: ``1``

    ^password_field
        The numbered field in the text file that contains the password, with
        numbering beginning at 1 (one).

        Default: ``2``
    ufiletypeutext(RR	tFILETYPE_FUNCTION_MAPR1(RRRt
auth_function((s2/usr/lib/python2.7/site-packages/salt/auth/file.pytauths
*	(t__doc__t
__future__RRRtloggingR
tsalt.utils.filesRtsalt.utils.versionst	getLoggert__name__RRRRR(R/R4R:R;R=(((s2/usr/lib/python2.7/site-packages/salt/auth/file.pyt<module>`s$		!	,			


Zerion Mini Shell 1.0