Home Esplora Aiuto
Accedi
mirrors
/
Radicale
mirror da https://github.com/Kozea/Radicale
1
0
Forka 0
File Problemi 0 Wiki
Albero (Tree): 03fc5fc526
Rami (Branch) Tag
Radicale
/
radicale
/
acl
/
courier.py

courier.py 2.2 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 
  1. # -*- coding: utf-8 -*-
    2. 

  2. #
    3. 

  3. # This file is part of Radicale Server - Calendar Server
    4. 

  4. # Copyright © 2011 Henry-Nicolas Tourneur
    5. 

  5. #
    6. 

  6. # This library is free software: you can redistribute it and/or modify
    7. 

  7. # it under the terms of the GNU General Public License as published by
    8. 

  8. # the Free Software Foundation, either version 3 of the License, or
    9. 

  9. # (at your option) any later version.
    10. 

  10. #
    11. 

  11. # This library is distributed in the hope that it will be useful,
    12. 

  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14. 

  14. # GNU General Public License for more details.
    15. 

  15. #
    16. 

  16. # You should have received a copy of the GNU General Public License
    17. 

  17. # along with Radicale.  If not, see <http://www.gnu.org/licenses/>.
    18. 

  18. 

  19. """
    20. 

  20. Courier-Authdaemon ACL.
    21. 

  21. 

  22. """
    23. 

  23. 

  24. import sys
    25. 

  25. import socket
    26. 

  26. from radicale import acl, config, log
    27. 

  27. 

  28. 

  29. COURIER_SOCKET = config.get("acl", "courier_socket")
    30. 

  30. 

  31. 

  32. def has_right(owner, user, password):
    33. 

  33.     """Check if ``user``/``password`` couple is valid."""
    34. 

  34.     if not user or (owner not in acl.PRIVATE_USERS and user != owner):
    35. 

  35.         # No user given, or owner is not private and is not user, forbidden
    36. 

  36.         return False
    37. 

  37. 

  38.     line = "%s\nlogin\n%s\n%s" % (sys.argv[0], user, password)
    39. 

  39.     line = "AUTH %i\n%s" % (len(line), line)
    40. 

  40.     try:
    41. 

  41.         sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
    42. 

  42.         sock.connect(COURIER_SOCKET)
    43. 

  43.         log.LOGGER.debug("Sending to Courier socket the request: %s" % line)
    44. 

  44.         sock.send(line)
    45. 

  45.         data = sock.recv(1024)
    46. 

  46.         sock.close()
    47. 

  47.     except socket.error as exception:
    48. 

  48.         log.LOGGER.debug(
    49. 

  49.             "Unable to communicate with Courier socket: %s" % exception)
    50. 

  50.         return False
    51. 

  51. 

  52.     log.LOGGER.debug("Got Courier socket response: %r" % data)
    53. 

  53. 

  54.     # Address, HOME, GID, and either UID or USERNAME are mandatory in resposne
    55. 

  55.     # see http://www.courier-mta.org/authlib/README_authlib.html#authpipeproto
    56. 

  56.     for line in data.split():
    57. 

  57.         if 'GID' in line:
    58. 

  58.             return True
    59. 

  59. 

  60.     # default is reject
    61. 

  61.     # this alleviates the problem of a possibly empty reply from courier authlib
    62. 

  62.     # see http://www.courier-mta.org/authlib/README_authlib.html#authpipeproto
    63. 

  63.     return False
    64.