diff options
| author | hmeland | 1999-06-11 14:29:54 +0000 |
|---|---|---|
| committer | hmeland | 1999-06-11 14:29:54 +0000 |
| commit | 9286ef4c5f1c9689dcd72f9731fdbdf8edb8546e (patch) | |
| tree | 1c24c793b53cab0f3e3c685ecb21209bb7ba08cd /Mailman/SecurityManager.py | |
| parent | 4b2a899ffd6325fb1eb223ad6633ce0f4ca2cd08 (diff) | |
| download | mailman-9286ef4c5f1c9689dcd72f9731fdbdf8edb8546e.tar.gz mailman-9286ef4c5f1c9689dcd72f9731fdbdf8edb8546e.tar.zst mailman-9286ef4c5f1c9689dcd72f9731fdbdf8edb8546e.zip | |
Diffstat (limited to 'Mailman/SecurityManager.py')
| -rw-r--r-- | Mailman/SecurityManager.py | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/Mailman/SecurityManager.py b/Mailman/SecurityManager.py index 6a5d0f0a8..d60a93179 100644 --- a/Mailman/SecurityManager.py +++ b/Mailman/SecurityManager.py @@ -20,6 +20,7 @@ import os import string +import time import types import Crypt import Errors @@ -67,6 +68,32 @@ class SecurityManager: raise Errors.MMBadPasswordError return 1 + def MakeCookie(self): + client_ip = os.environ.get('REMOTE_ADDR') or '0.0.0.0' + issued = int(time.time()) + expires = issued + mm_cfg.ADMIN_COOKIE_LIFE + secret = self.password + mac = hash(secret + client_ip + `issued` + `expires`) + return [client_ip, issued, expires, mac] + + def CheckCookie(self, cookie): + if type(cookie) <> type([]): + return 0 + if len(cookie) <> 4: + return 0 + client_ip = os.environ.get('REMOTE_ADDR') or '0.0.0.0' + [for_ip, issued, expires, received_mac] = cookie + if for_ip <> client_ip: + return 0 + now = time.time() + if not issued < now < expires: + return 0 + secret = self.password + mac = hash(secret + client_ip + `issued` + `expires`) + if mac <> received_mac: + return 0 + return 1 + def ConfirmUserPassword(self, user, pw): """True if password is valid for site, list admin, or specific user.""" if self.ValidAdminPassword(pw): |