diff options
| author | bwarsaw | 2007-01-14 03:24:31 +0000 |
|---|---|---|
| committer | bwarsaw | 2007-01-14 03:24:31 +0000 |
| commit | 898eeaebe945b82c270a31578dabd19728f4475b (patch) | |
| tree | 7c85252428206288b9df74075ea8b15097dfb390 /Mailman/SecurityManager.py | |
| parent | 758c067131369c35b4b737d409ca7809dcd4920a (diff) | |
| download | mailman-898eeaebe945b82c270a31578dabd19728f4475b.tar.gz mailman-898eeaebe945b82c270a31578dabd19728f4475b.tar.zst mailman-898eeaebe945b82c270a31578dabd19728f4475b.zip | |
Diffstat (limited to 'Mailman/SecurityManager.py')
| -rw-r--r-- | Mailman/SecurityManager.py | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/Mailman/SecurityManager.py b/Mailman/SecurityManager.py index 6740a958f..9b7401e59 100644 --- a/Mailman/SecurityManager.py +++ b/Mailman/SecurityManager.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2006 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2007 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -61,6 +61,7 @@ from urlparse import urlparse from Mailman import Defaults from Mailman import Errors from Mailman import Utils +from Mailman import passwords from Mailman.configuration import config log = logging.getLogger('mailman.error') @@ -94,7 +95,7 @@ class SecurityManager: if authcontext == Defaults.AuthUser: if user is None: # A bad system error - raise TypeError, 'No user supplied for AuthUser context' + raise TypeError('No user supplied for AuthUser context') secret = self.getMemberPassword(user) userdata = urllib.quote(Utils.ObscureEmail(user), safe='') key += 'user+%s' % userdata @@ -131,7 +132,7 @@ class SecurityManager: # response, or UnAuthorized. for ac in authcontexts: if ac == Defaults.AuthCreator: - ok = Utils.check_global_password(response, siteadmin=0) + ok = Utils.check_global_password(response, siteadmin=False) if ok: return Defaults.AuthCreator elif ac == Defaults.AuthSiteAdmin: @@ -146,13 +147,12 @@ class SecurityManager: key, secret = self.AuthContextInfo(ac) if secret is None: continue - sharesponse = sha.new(response).hexdigest() - if sharesponse == secret: + if passwords.check_response(secret, response): return ac elif ac == Defaults.AuthListModerator: # The list moderator password must be sha'd key, secret = self.AuthContextInfo(ac) - if secret and sha.new(response).hexdigest() == secret: + if secret and passwords.check_response(secret, response): return ac elif ac == Defaults.AuthUser: if user is not None: |