[Mailman-Developers] sender-based authentication

David Lee t.d.lee at durham.ac.uk
Tue Jul 4 19:18:04 CEST 2006 

A few weeks ago I opened a discussion "sender-based authorisation" about
something similar to "Approved: password", but where the password would be
associated with a person (sender) rather than a list.

There seemed to be agreement in principle.  (For the history, see that
thread.)

Being completely new to both Mailman and python programming (though with
several years of majordomo and perl behind me!) I thought I'd check that
I'm on the right lines.  Attached is a shot at a "UserAuth.py" module(?)
to maintain the passwords, with ideas borrowed from "Utils.py".

Does it seem the right sort of thing?  Does it conform to the spirit of
Mailman?  Or is it hopelessly wrong or idiosyncrantic?

I've also written myself a little command-line maintenance program to add,
modify, delete, list, etc. entries in the database.  (I have no plans to
put any user-oriented WWW front end to this at present; I want to get the
module and the command-line interface functional.  Initially, our local
use would be for us, the service, to maintain the entries, not (yet) for
users to be able to maintain it.)

Thoughts?



-- 

:  David Lee                                I.T. Service          :
:  Senior Systems Programmer                Computer Centre       :
:                                           Durham University     :
:  http://www.dur.ac.uk/t.d.lee/            South Road            :
:                                           Durham DH1 3LE        :
:  Phone: +44 191 334 2752                  U.K.                  :
-------------- next part --------------
#! /usr/bin/python
#
# Copyright (C) 2006 David Lee, Durham University, UK
#
# <<GPL>>
#

"""User (site-wide) table maintenance"""

import os
import sha
import dbm

#filename = os.path.join(DATA_DIR, 'userpw')
filename = 'userpw'



def add(user=None, password=None):
    oldmask = os.umask(026)
    try:
        file = dbm.open(filename, 'c')
        if file.has_key(user):
            raise KeyError
        file[user] = sha.new(password).hexdigest()
        file.close()
    finally:
        os.umask(oldmask)

def check(user=None, password=None):
    file = dbm.open(filename, 'r')
    if not file.has_key(user):
        raise KeyError
    pwsha = file[user]
    file.close()
    return pwsha == sha.new(password).hexdigest()

def delete(user=None):
    oldmask = os.umask(026)
    try:
        file = dbm.open(filename, 'c')
        if not file.has_key(user):
            raise KeyError
        del file[user]
        file.close()
    finally:
        os.umask(oldmask)

def list():
    file = dbm.open(filename, 'r')
    lret = {}
    for key in file.keys():
        lret[key] = file[key]
    file.close()
    return lret

def modify(user=None, password=None):
    oldmask = os.umask(026)
    try:
        file = dbm.open(filename, 'c')
        if not file.has_key(user):
            raise KeyError
        file[user] = sha.new(password).hexdigest()
        file.close()
    finally:
        os.umask(oldmask)

More information about the Mailman-Developers mailing list