[Twisted-Python] R: Re: smtp-server: issue with checkers.FilePasswordDB and hash
First of all, thanks for your answer :-)
Can't say for sure without a full example, but it looks like you are
Here the full source code: from twisted.mail import mail, relaymanager from twisted.cred import checkers from twisted.python import log from twisted.application import internet from twisted.application import service import os, md5 SMTP_PORT = 25 QUEUE_PATH = './users_home/insertionQueue' if not os.path.exists(QUEUE_PATH): os.makedirs(QUEUE_PATH) def _hash(name, clearpsw, hashedpsw): return 'aa' return md5.md5(clearpsw).hexdigest() # doesnt' work# smtpusers = checkers.FilePasswordDB('smtppasswords.txt', caseSensitive=True, hash=_hash, cache=True) smtpusers = checkers.FilePasswordDB('smtppasswords.txt', caseSensitive=True, cache=True) mailservice = mail.MailService() mailservice.setQueue(relaymanager.Queue(QUEUE_PATH)) mailservice.smtpPortal.registerChecker(smtpusers) smtpserver = mailservice.getESMTPFactory() application = service.Application("Console SMTP Server") internet.TCPServer(SMTP_PORT, smtpserver).setServiceParent(application)
If you provide a hash function to FilePasswordDB, it only accepts IUsernamePassword credentials. The hash function is for plaintext
I read the source code, I'm agree with this point
I want to hash the password on the server; can't I? How I can decide to use a simple IUsernamePassword? however If I don't use the hash function the connection still continue to use an IUsernameHashedPassword. Probably the smtp connection is not made for a plain-text password, isn't it? Alessandro
On 4/5/10 6:22 AM, aleuser@inwind.it wrote:
It sounds to me like you want the server to support PLAIN auth but still compare against a hashed password file? The ESMTP factory you are using only provides CRAM-MD5 auth via credentials. http://twistedmatrix.com/trac/browser/trunk/twisted/mail/protocols.py#L132 CramMD5Credentials implements IUsernameHashedPassword, so it won't work with a FilePasswordDB checker that has a hash function. This is the source of your error message. You can add PLAIN support by adding credentials that provide IUsernamePassword. The imap4 implementation has one (PLAINCredentials): ... from twisted.mail import imap4 smtpserver = mailservice.getESMTPFactory() smtpserver.challengers['PLAIN'] = imap4.PLAINCredentials application = service.Application("Console SMTP Server") ... Clients using CRAM-MD5 will still fail with the same error, though. You could create your own checker which differentiates how it checks based on the provided credentials interface. You would start by subclassing FilePasswordDB and override the requestAvatarId method. If the credentials interface is IUsernameHashedPassword, just skip over the hash function. Here's an example based on yours: http://gist.github.com/357396
On 4/5/10 6:22 AM, aleuser@inwind.it wrote:
It sounds to me like you want the server to support PLAIN auth but still compare against a hashed password file? The ESMTP factory you are using only provides CRAM-MD5 auth via credentials. http://twistedmatrix.com/trac/browser/trunk/twisted/mail/protocols.py#L132 CramMD5Credentials implements IUsernameHashedPassword, so it won't work with a FilePasswordDB checker that has a hash function. This is the source of your error message. You can add PLAIN support by adding credentials that provide IUsernamePassword. The imap4 implementation has one (PLAINCredentials): ... from twisted.mail import imap4 smtpserver = mailservice.getESMTPFactory() smtpserver.challengers['PLAIN'] = imap4.PLAINCredentials application = service.Application("Console SMTP Server") ... Clients using CRAM-MD5 will still fail with the same error, though. You could create your own checker which differentiates how it checks based on the provided credentials interface. You would start by subclassing FilePasswordDB and override the requestAvatarId method. If the credentials interface is IUsernameHashedPassword, just skip over the hash function. Here's an example based on yours: http://gist.github.com/357396
participants (3)
-
aleuser@inwind.it -
exarkun@twistedmatrix.com -
Lucas Taylor