Statistics
| Branch: | Tag: | Revision:

root / lib / http / auth.py @ 971bbd84

History | View | Annotate | Download (9.3 kB)

# Date Author Comment
716a32cb 06/01/2010 11:34 am Guido Trotter

Move hash functions to the compat module

Since the hash functions' changed their module name between python 2.4
and 2.6, and we have to do an try/import/except trick, we'll do it just
once, for both hash functions, and in compat.py. This also fixes a use...

6873a52a 03/10/2010 04:02 pm Michael Hanselmann

http.auth: Disable pylint warnings

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>

23ccba04 03/10/2010 12:17 pm Michael Hanselmann

http.auth: Fix bug with checking hashed passwords

When username and password were sent for a resource not requiring
authentication, it wouldn't be accepted if the user in question had a
hashed password. The reason was that the function GetAuthRealm used to...

2d54e29c 01/04/2010 11:17 am Iustin Pop

Further pylint disables, mostly for Unused args

Many of our functions have to follow a given API, and thus we have to
keep a given signature, but pylint doesn't understand this. Therefore,
we silence this warning.

The patch does a few other cleanups.

Signed-off-by: Iustin Pop <>...

23057d29 11/02/2009 02:05 pm Michael Hanselmann

Epydoc fixes

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Guido Trotter <>

bf9bd8dd 10/29/2009 11:33 am Michael Hanselmann

http.auth: Add new function to verify passwords

This new function supports two schemes for passwords:
- Old-style cleartext passwords
- Hashed passwords according to RFC2617 (H(A1))

Schemes are differentiated by their prefix, a concept also
used in OpenLDAP. Cleartext passwords can no longer start...

7c4d6c7b 07/07/2009 03:54 pm Michael Hanselmann

Fix pylint warnings

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>

5bbd3f7f 07/07/2009 03:51 pm Michael Hanselmann

Fix some typos

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>

81b59aaf 06/23/2009 03:19 pm Iustin Pop

Fix HTTP server library handling of credentials

Currently the http library only checks credentials when authentication
is required. This means that any credentials are accepted on the root
resource, for example, which makes problems hard to diagnose - the...

8a088b79 03/20/2009 03:07 pm Guido Trotter

Fix _NOQUOTE regexp

Allow expressions longer than one character to match.

Reviewed-by: imsnah

85414b69 02/04/2009 05:11 pm Iustin Pop

rapi: fix authentication and queries

For queries, we don't want to require authentication. We fix this by adding an
override GetAuthRealm in the rapi daemon.

We also fix a method name.

Reviewed-by: imsnah

25e7b43f 01/15/2009 12:00 pm Iustin Pop

Some docstring updates

This patch rewraps some comments to shorter lengths, changes
double-quotes to single-quotes inside triple-quoted docstrings for
better editor handling.

It also fixes some epydoc errors, namely invalid crossreferences (after
method rename), documentation for inexistent (removed) parameters, etc....

e09fdcfa 01/06/2009 11:57 am Iustin Pop

Fix some pylint-detected issues

Two bad indentation cases and a missing variable.

Reviewed-by: imsnah

e6e94655 12/19/2008 02:57 pm Michael Hanselmann

ganeti.http: Function to read password file

Lines in the password file are of the following format:

&lt;username&gt; &lt;password&gt; [options]

Fields are separated by whitespace. Username and password are
mandatory, options are optional and separated by comma (",")....

be500c29 12/19/2008 02:57 pm Michael Hanselmann

ganeti.http: Add support for basic HTTP authentication

As per RFC2617.

Reviewed-by: amishchenko