Re: [Twisted-Python] smtp-server: issue with checkers.FilePasswordDB and hash

Sun, 04 Apr 2010 21:05:57 -0700 

On 4/4/10 5:41 PM, aleu...@inwind.it wrote:
> Hi all,
>    I use FilePasswordDB with a small smtp-server (a very small toy), but when 
> I use the hash function the authentication doesn't work.
> 
> Here few lines of code:
> """
> def _hash(name, clearpsw, hashedpsw):
>     # a very simple hash function ?
>     return md5.md5(clearpsw).hexdigest()
>     # return 'aa'
> 
> # doesn't work; password file content is correctly "hashed"
> smtpusers = checkers.FilePasswordDB('smtppasswords.txt', caseSensitive=True, 
> hash=_hash, cache=True)
> 
> # work! in the file the passwords are in plain text
> #smtpusers = checkers.FilePasswordDB('smtppasswords.txt', caseSensitive=True, 
> cache=True)
> 
> mailservice = mail.MailService()
> mailservice.setQueue(relaymanager.Queue(QUEUE_PATH))
> mailservice.smtpPortal.registerChecker(smtpusers)
> smtpserver = mailservice.getESMTPFactory()
> application = service.Application("Console SMTP Server")
> internet.TCPServer(SMTP_PORT, smtpserver).setServiceParent(application)
> """
> 
> The error is:
> Failure: twisted.cred.error.UnhandledCredentials: No checker for twisted.cred.
> credentials.IUsernameHashedPassword
> 
> Obviously FilePasswordDB doesn't provide that credential when there is the 
> hash function; why smtp connection is hashed and not in plaintext? How can I 
> get it works?
> 
> I found a similar question, with no answer:
> http://twistedmatrix.com/pipermail/twisted-python/2006-November/014395.html
> 
> 
> Thanks
> Alessandro
> 

Can't say for sure without a full example, but it looks like you are
providing an instance of credentials.UsernameHashedPassword to
portal.login when you should be providing a credentials.UsernamePassword
instance.

If you provide a hash function to FilePasswordDB, it only accepts
IUsernamePassword credentials. The hash function is for plaintext
passwords that need to be validated against a hashed password file.

If your passwords are already hashed before they are sent to the server
for authentication, then there is no need for a hash function.
FilePasswordDB will accept either IUsernamePassword or
IUsernameHashedPassword credentials.

The source comments make it a bit clearer:
http://twistedmatrix.com/trac/browser/tags/releases/twisted-9.0.0/twisted/cred/checkers.py#L99


_______________________________________________
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Reply via email to