[FIX] smac.py's handle_read is naughty,
was Re: [ZODB-Dev] Problem with large transactions combined with
authentication mode
Christian Robottom Reis
kiko at async.com.br
Thu Dec 18 07:36:57 EST 2003
On Wed, Dec 17, 2003 at 08:26:44PM -0500, Jeremy Hylton wrote:
> On Wed, 2003-12-17 at 19:22, Christian Robottom Reis wrote:
> > What's the policy for 3.2 -- should this go onto the ZODB3-3_2-branch,
> > and are we going to see this fixed in a new release? It does render
> > authentication pretty useless without it..
>
> Yes. This should be backported to the 2.7 branch in time for a 2.7b4
> release <0.1 wink>. I think there are one open bugs. I need to check
> my todo list.
It would be great if you could include the zeopasswd fix I had sent a
while back. It allows using commandline parameters (as well as ZConfig)
to specify the authentication parameters, adds a missing import,
clarifies usage, and fixes a bug which renders the script currently
unusable (the realm wasn't being supplied to the Database). There's also
a realm consistency check.
It's not a very complicated patch; I've included a version updated to
CVS HEAD.
I can apply this if you like; just let me know if/which trunk/branches.
Index: zeopasswd.py
===================================================================
RCS file: /cvs-repository/ZODB3/ZEO/zeopasswd.py,v
retrieving revision 1.4
diff -u -p -r1.4 zeopasswd.py
--- zeopasswd.py 2 Oct 2003 18:17:22 -0000 1.4
+++ zeopasswd.py 18 Dec 2003 12:33:29 -0000
@@ -16,73 +16,105 @@
usage: python zeopasswd.py [options] username [password]
--C/--configuration URL -- configuration file or URL
--d/--delete -- delete user instead of updating password
+Specify either a configuration file:
+
+ -C/--configuration -- ZConfig configuration file
+
+or the individual options:
+
+ -f/--filename -- authentication database filename
+ -p/--protocol -- authentication protocol name
+ -r/--realm -- authentication database realm
+
+Additional options:
+
+ -d/--delete -- delete user instead of updating password
"""
import getopt
import getpass
import sys
+import os
import ZConfig
import ZEO
def usage(msg):
- print msg
print __doc__
+ print msg
sys.exit(2)
def options(args):
"""Password-specific options loaded from regular ZEO config file."""
- schema = ZConfig.loadSchema(os.path.join(os.path.dirname(ZEO.__file__),
- "schema.xml"))
-
try:
- options, args = getopt.getopt(args, "C:", ["configure="])
+ options, args = getopt.getopt(args, "dr:p:f:C:", ["configure=",
+ "protocol=",
+ "filename=",
+ "realm"])
except getopt.error, msg:
usage(msg)
config = None
- delete = False
+ delete = 0
+ auth_protocol = None
+ auth_db = ""
+ auth_realm = None
for k, v in options:
if k == '-C' or k == '--configure':
+ schemafile = os.path.join(os.path.dirname(ZEO.__file__),
+ "schema.xml")
+ schema = ZConfig.loadSchema(schemafile)
config, nil = ZConfig.loadConfig(schema, v)
if k == '-d' or k == '--delete':
- delete = True
- if config is None:
- usage("Must specifiy configuration file")
+ delete = 1
+ if k == '-p' or k == '--protocol':
+ auth_protocol = v
+ if k == '-f' or k == '--filename':
+ auth_db = v
+ if k == '-r' or k == '--realm':
+ auth_realm = v
+
+ if config is not None:
+ if auth_protocol or auth_db:
+ usage("Error: Conflicting options; use either -C *or* -p and -f")
+ auth_protocol = config.zeo.authentication_protocol
+ auth_db = config.zeo.authentication_database
+ auth_realm = config.zeo.authentication_realm
+ elif not (auth_protocol and auth_db):
+ usage("Error: Must specifiy configuration file or protocol and database")
password = None
if delete:
if not args:
- usage("Must specify username to delete")
+ usage("Error: Must specify a username to delete")
elif len(args) > 1:
- usage("Too many arguments")
+ usage("Error: Too many arguments")
username = args[0]
else:
if not args:
- usage("Must specify username")
+ usage("Error: Must specify a username")
elif len(args) > 2:
- usage("Too many arguments")
+ usage("Error: Too many arguments")
elif len(args) == 1:
username = args[0]
else:
username, password = args
- return config.zeo, delete, username, password
+ return auth_protocol, auth_db, auth_realm, delete, username, password
def main(args=None):
- options, delete, username, password = options(args)
- p = options.authentication_protocol
+ p, auth_db, auth_realm, delete, username, password = options(args)
if p is None:
- usage("ZEO configuration does not specify authentication-protocol")
+ usage("Error: configuration does not specify auth protocol")
if p == "digest":
from ZEO.auth.auth_digest import DigestDatabase as Database
elif p == "srp":
from ZEO.auth.auth_srp import SRPDatabase as Database
- if options.authentication_database is None:
- usage("ZEO configuration does not specify authentication-database")
- db = Database(options.authentication_database)
+ else:
+ raise ValueError, "Unknown database type %r" % p
+ if auth_db is None:
+ usage("Error: configuration does not specify auth database")
+ db = Database(auth_db, auth_realm)
if delete:
db.del_user(username)
else:
@@ -92,4 +124,5 @@ def main(args=None):
db.save()
if __name__ == "__main__":
- main(sys.argv)
+ main(sys.argv[1:])
+
Index: auth/base.py
===================================================================
RCS file: /cvs-repository/ZODB3/ZEO/auth/base.py,v
retrieving revision 1.5
diff -u -p -r1.5 base.py
--- auth/base.py 2 Oct 2003 18:17:21 -0000 1.5
+++ auth/base.py 18 Dec 2003 12:33:29 -0000
@@ -59,8 +59,12 @@ class Database:
"""
self._users = {}
self.filename = filename
- self.realm = realm
self.load()
+ if self.realm and self.realm != realm:
+ raise ValueError, ("Specified realm %r differs from "
+ "database realm %r" % (realm or '', self.realm))
+ else:
+ self.realm = realm
def save(self, fd=None):
filename = self.filename
Take care,
--
Christian Robottom Reis | http://async.com.br/~kiko/ | [+55 16] 261 2331
More information about the ZODB-Dev
mailing list