# HG changeset patch
# User Alastair Tse <atse@xxxxxxxxxxxxx>
# Node ID 6173a6f5de2b39027c4f730593aaa82e84521f90
# Parent e295ad19deed521cbea316011a252e07807cf5bc
[XEND] Switch to PAM authentication for login sessions
[XENAPI] Fix case difference in API for Host.* functions
Signed-off-by: Alastair Tse <atse@xxxxxxxxxxxxx>
---
tools/python/scripts/xapi.py | 13 +++++++----
tools/python/xen/xend/XendAuthSessions.py | 33 ++++++++++++++++++++++++++----
2 files changed, 37 insertions(+), 9 deletions(-)
diff -r e295ad19deed -r 6173a6f5de2b tools/python/scripts/xapi.py
--- a/tools/python/scripts/xapi.py Wed Oct 18 17:54:58 2006 +0100
+++ b/tools/python/scripts/xapi.py Thu Oct 19 15:37:16 2006 +0100
@@ -20,6 +20,7 @@ from optparse import *
from optparse import *
from pprint import pprint
from types import DictType
+from getpass import getpass
MB = 1024 * 1024
@@ -30,7 +31,6 @@ SR_LIST_FORMAT = '%(name_label)-18s %(uu
'%(type)-10s'
VDI_LIST_FORMAT = '%(name_label)-18s %(uuid)-36s %(virtual_size)-8s '\
'%(sector_size)-8s'
-LOGIN = ('atse', 'passwd')
COMMANDS = {
'host-info': ('', 'Get Xen Host Info'),
@@ -132,8 +132,11 @@ def execute(fn, *args):
def _connect(*args):
- server = ServerProxy('httpu:///var/run/xend/xmlrpc.sock')
- session = execute(server.session.login_with_password, *LOGIN)
+ server = ServerProxy('httpu:///var/run/xend/xmlrpc.sock')
+ login = raw_input("Login: ")
+ password = getpass()
+ creds = (login, password)
+ session = execute(server.session.login_with_password, *creds)
host = execute(server.session.get_this_host, session)
return (server, session)
@@ -158,9 +161,9 @@ def resolve_vm(server, session, vm_name)
def xapi_host_info(*args):
server, session = _connect()
- hosts = execute(server.Host.get_all, session)
+ hosts = execute(server.host.get_all, session)
for host in hosts: # there is only one, but ..
- hostinfo = execute(server.Host.get_record, session, host)
+ hostinfo = execute(server.host.get_record, session, host)
print HOST_INFO_FORMAT % ('Name', hostinfo['name_label'])
print HOST_INFO_FORMAT % ('Version', hostinfo['software_version'])
print HOST_INFO_FORMAT % ('CPUs', len(hostinfo['host_CPUs']))
diff -r e295ad19deed -r 6173a6f5de2b tools/python/xen/xend/XendAuthSessions.py
--- a/tools/python/xen/xend/XendAuthSessions.py Wed Oct 18 17:54:58 2006 +0100
+++ b/tools/python/xen/xend/XendAuthSessions.py Thu Oct 19 15:37:16 2006 +0100
@@ -16,6 +16,7 @@
#============================================================================
import time
+import PAM
from xen.xend import uuid
from xen.xend.XendError import *
@@ -26,7 +27,6 @@ class XendAuthSessions:
def __init__(self):
self.sessions = {}
- self.users = {'atse': 'passwd'}
def init(self):
pass
@@ -47,11 +47,36 @@ class XendAuthSessions:
if type(session) == type(str()):
return (session in self.sessions)
return False
-
+
def is_authorized(self, username, password):
- if username in self.users and self.users[username] == password:
+ pam_auth = PAM.pam()
+ pam_auth.start("login")
+ pam_auth.set_item(PAM.PAM_USER, username)
+
+ def _pam_conv(auth, query_list, user_data):
+ resp = []
+ for i in range(len(query_list)):
+ query, qtype = query_list[i]
+ if qtype == PAM.PAM_PROMPT_ECHO_ON:
+ resp.append((username, 0))
+ elif qtype == PAM.PAM_PROMPT_ECHO_OFF:
+ resp.append((password, 0))
+ else:
+ return None
+ return resp
+
+ pam_auth.set_item(PAM.PAM_CONV, _pam_conv)
+
+ try:
+ pam_auth.authenticate()
+ pam_auth.acct_mgmt()
+ except PAM.error, resp:
+ return False
+ except Exception, e:
+ log.warn("Error with PAM: %s" % str(e))
+ return False
+ else:
return True
- return False
def get_user(self, session):
try:
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
Home