summaryrefslogtreecommitdiff
path: root/Mailman/SecurityManager.py
diff options
context:
space:
mode:
Diffstat (limited to 'Mailman/SecurityManager.py')
-rw-r--r--Mailman/SecurityManager.py26
1 files changed, 7 insertions, 19 deletions
diff --git a/Mailman/SecurityManager.py b/Mailman/SecurityManager.py
index c0a14e534..6a5d0f0a8 100644
--- a/Mailman/SecurityManager.py
+++ b/Mailman/SecurityManager.py
@@ -71,26 +71,14 @@ class SecurityManager:
"""True if password is valid for site, list admin, or specific user."""
if self.ValidAdminPassword(pw):
return 1
-
- # We need to obtain the right letter-case translated version, if any:
- got = self.members.get(string.lower(user), None)
- if got == None:
- got = self.digest_members.get(string.lower(user), None)
- if got == None:
- # Not found in either members dict, resort to expensive FindUser.
- normalized = self.FindUser(user)
- elif type(got) == types.StringType:
- # Found case translated version, use it:
- normalized = got
- else: # Found, no case translation needed:
- normalized = user
-
- try:
- # XXX Huh?? Why eliminate password case info?? klm # 11/23/98.
- if (string.lower(pw) <> string.lower(self.passwords[normalized])):
- raise Errors.MMBadPasswordError
- except KeyError:
+ addr = self.FindUser(user)
+ if addr is None:
+ raise Errors.MMNotAMemberError
+ storedpw = self.passwords.get(addr)
+ if storedpw is None:
raise Errors.MMBadUserError
+ if storedpw <> pw:
+ raise Errors.MMBadPasswordError
return 1
def ChangeUserPassword(self, user, newpw, confirm):
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-09 13:18:01 +0000