1# This file is part of Xpra. 

2# Copyright (C) 2013-2019 Antoine Martin <antoine@xpra.org> 

3# Xpra is released under the terms of the GNU GPL v2, or, at your option, any 

4# later version. See the file COPYING for details. 

5 

6#authentication from a file containing just the password 

7 

8from xpra.net.digest import verify_digest 

9from xpra.server.auth.file_auth_base import FileAuthenticatorBase, log 

10from xpra.util import obsc 

11 

12 

13class Authenticator(FileAuthenticatorBase): 

14 

15 def authenticate_hmac(self, challenge_response, client_salt=None) -> bool: 

16 log("file_auth.authenticate_hmac(%r, %r)", challenge_response, client_salt) 

17 if not self.salt: 

18 log.error("Error: illegal challenge response received - salt cleared or unset") 

19 return None 

20 salt = self.get_response_salt(client_salt) 

21 password = self.get_password() 

22 log("authenticate_hmac() get_password()=%s", obsc(password)) 

23 if not password: 

24 log.warn("Warning: authentication failed") 

25 log.warn(" no password for '%s' in '%s'", self.username, self.password_filename) 

26 return False 

27 if not verify_digest(self.digest, password, salt, challenge_response): 

28 log.warn("Warning: %s challenge for '%s' does not match", self.digest, self.username) 

29 return False 

30 return True 

31 

32 def get_password(self) -> str: 

33 password = FileAuthenticatorBase.get_password(self) 

34 if not password: 

35 return password 

36 if password.find(b"\n")>=0 or password.find(b"\r")>=0: 

37 log.warn("Warning: newline found in password data") 

38 log.warn(" this is usually a mistake") 

39 return password 

40 

41 def __repr__(self): 

42 return "password file"