Commit 57707289 authored by Sebastien Robin's avatar Sebastien Robin

erp5testnode: make shellinabox reusing password file of pwgen

parent bb2c875c
...@@ -25,6 +25,7 @@ ...@@ -25,6 +25,7 @@
# #
############################################################################## ##############################################################################
from getpass import getpass from getpass import getpass
import hmac
import pwd import pwd
import grp import grp
import os import os
...@@ -33,19 +34,24 @@ import shlex ...@@ -33,19 +34,24 @@ import shlex
from slapos.recipe.librecipe import GenericBaseRecipe from slapos.recipe.librecipe import GenericBaseRecipe
def login_shell(args): def login_shell(args):
password = args['password'] password_file = args['password-file']
if password_file:
with open(password_file, 'r') as password_file:
password = password_file.read()
if (password != ''): if (password != ''):
entered_password = getpass() entered_password = getpass()
else: else:
entered_password = '' entered_password = ''
if entered_password != password: if not hmac.compare_digest(entered_password, password):
return 1 return 1
else: else:
commandline = shlex.split(args['shell']) commandline = shlex.split(args['shell'])
path = commandline[0] path = commandline[0]
os.execv(path, commandline) os.execv(path, commandline)
else:
return 1
def shellinabox(args): def shellinabox(args):
certificate_dir = args['certificate_dir'] certificate_dir = args['certificate_dir']
...@@ -95,7 +101,7 @@ class Recipe(GenericBaseRecipe): ...@@ -95,7 +101,7 @@ class Recipe(GenericBaseRecipe):
self.options['login-shell'], self.options['login-shell'],
'%s.login_shell' % __name__, '%s.login_shell' % __name__,
{ {
'password': self.options['password'], 'password-file': self.options['password-file'],
'shell': self.options['shell'] 'shell': self.options['shell']
} }
) )
......
...@@ -94,7 +94,7 @@ port = 8080 ...@@ -94,7 +94,7 @@ port = 8080
shell = $${shell:wrapper} shell = $${shell:wrapper}
wrapper = $${rootdirectory:bin}/shellinaboxd wrapper = $${rootdirectory:bin}/shellinaboxd
shellinabox-binary = ${shellinabox:location}/bin/shellinaboxd shellinabox-binary = ${shellinabox:location}/bin/shellinaboxd
password = $${pwgen:passwd} password-file = $${pwgen:storage-path}
directory = $${buildout:directory}/ directory = $${buildout:directory}/
login-shell = $${rootdirectory:bin}/login login-shell = $${rootdirectory:bin}/login
certificate-directory = $${directory:shellinabox} certificate-directory = $${directory:shellinabox}
......
...@@ -56,7 +56,7 @@ recipe = slapos.recipe.template ...@@ -56,7 +56,7 @@ recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-default.cfg url = ${:_profile_base_location_}/instance-default.cfg
output = ${buildout:directory}/template-default.cfg output = ${buildout:directory}/template-default.cfg
mode = 0644 mode = 0644
md5sum = 8e171816b6caef52ac75c2f8f6a69fc3 md5sum = 05519f3887a309d3ec069e0aa9f52ebc
[versions] [versions]
PyXML = 0.8.5 PyXML = 0.8.5
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment