How to use the sasl.sasl.saslmech function in sasl
To help you get started, we’ve selected a few sasl examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
dwd / Suelta / sasl.py View on Github 
if self._rspauth_okay and self._qop == 'auth-int':
self._enc_key = self.hashfn( self._a1 + self.enc_magic ).digest()
self._dec_key = self.hashfn( self._a1 + self.dec_magic ).digest()
self.encoding = True
return self._rspauth_okay
def prep( self ):
if 'password' in self.vals:
del self.vals['password']
self.vals['cnonce'] = self.cnonce
def getuser( self ):
return self.vals['username']
register_mech('DIGEST-', 30, _digest_md5)
class _plain(sasl.saslmech):
def __init__( self, asasl, plainname ):
sasl.saslmech.__init__( self, asasl, plainname, 1 )
if self.sasl.tls_active() is None:
if not self.sasl.secquery( self, "I need to use plaintext authentication,\nbut I have no encryption layer. This is bad, as it is easy\nto obtain your password, and impossible to prevent.\nDo you REALLY want me to continue?" ):
raise cancelled( self.sasl, self )
else:
if not self.sasl.secquery( self, "I have encryption, but I need to use\nplaintext authentication. If the server has been hacked,\nI will give the attacker your password.\nThis is unlikely, but should I continue?" ):
raise cancelled( self.sasl, self )
self.check_vals( ['username','password'] )
def process( self, chatter=None ):
return '\0%s\0%s' % ( self.vals['username'], self.vals['password'] )
def getuser( self ):
return self.vals['username']return True
def prep( self ):
if 'savepass' not in self.vals:
if self.sasl.secquery( self, "Can I save this password in the clear?" ):
self.vals['savepass'] = True
if 'savepass' not in self.vals:
del self.vals['password']
return True
def getuser( self ):
return self.vals['username']
register_mech('CRAM-', 20, _cram_md5)
class _scram_hmac(sasl.saslmech):
def __init__(self, sasl, mechname):
sasl.saslmech.__init__(self, sasl, mechname, 0)
self.cb = False
if mechname[-5:] == "-PLUS":
mechname = mechname[:-5]
self.cb = True
self.hashfn = hash(mechname[6:])
if self.hashfn is None:
raise cancelled(self.sasl, self)
if self.sasl.tls_active() is None:
if not self.sasl.secquery( self, "I have no encryption, however I am using SCRAM.\nAn attacker listening to the wire could see what you're doing,\nbut would find it difficult to get your password.\nShould I continue?" ):
raise cancelled( self.sasl, self )
self.step = 0
self.rspauth = False
def scram_parse(self, chatter):return self.rspauth
def prep( self ):
if 'password' in self.vals:
del self.vals['password']
def getuser( self ):
return self.vals['username']
register_mech('SCRAM-', 60, _scram_hmac)
register_mech('SCRAM-', 70, _scram_hmac, '-PLUS')
except ImportError:
pass
class _anonymous(sasl.saslmech):
def __init__( self, sasl, mechname ):
sasl.saslmech.__init__( self, sasl, mechname, 0 )
def getvals( self ):
return {}
def process( self, chatter ):
return "Anonymous, Suelta"
def okay( self ):
return True
def getuser( self ):
return "anonymous"
mech['ANONYMOUS'] = _anonymousbreak
tmp[x] = None
return tmp
def have_vals( self, keys ):
return 0==len(self.thing_vals(keys))
def check_vals( self, keys ):
tmp = self.thing_vals(keys)
if len(tmp):
self.sasl.cb( self, tmp )
try:
import hmac
class _cram_md5( sasl.saslmech ):
def __init__( self, asasl, mechname ):
sasl.saslmech.__init__( self, asasl, mechname, 2 )
self.hash = hash(mechname[5:])
if self.hash is None:
raise cancelled( self.sasl, self )
if self.sasl.tls_active() is None:
if not self.sasl.secquery( self, "CRAM-MD5 is not very strong, and can be broken.\nShould I continue anyway? It is fairly safe to do so." ):
raise cancelled( self.sasl, self )
def process( self, chatter ):
if chatter == None:
return None
self.check_vals( ['username','password'] )
h = hmac.HMAC( key=self.vals["password"], digestmod=self.hash )
h.update( chatter )
tmp = self.vals["username"] + " " + h.hexdigest()def getvals( self ):
return {}
def process( self, chatter ):
return "Anonymous, Suelta"
def okay( self ):
return True
def getuser( self ):
return "anonymous"
mech['ANONYMOUS'] = _anonymous
mechmap['ANONYMOUS'] = 0
class _digest_md5(sasl.saslmech):
enc_magic = "Digest session key to client-to-server signing key magic constant"
dec_magic = "Digest session key to server-to-client signing key magic constant"
def __init__( self, asasl, mechname ):
sasl.saslmech.__init__( self, asasl, mechname, 3 )
self.hashfn = hash(mechname[7:])
if self.hashfn is None:
raise cancelled(self.sasl, self)
if self.sasl.tls_active() is None:
if not self.sasl.secquery( self, "I have no encryption, however I am using DIGEST-MD5.\nAn attacker listening to the wire could see what you're doing,\nbut would find it difficult to get your password.\nShould I continue?" ):
raise cancelled( self.sasl, self )
self._rspauth_okay = False
self._digest_uri = None
self._a1 = None
self._encbuf = ''
self._enc_key = None
self._enc_seq = 0
Popular sasl functions
- sasl._scram_hmac
- sasl.auth
- sasl.Authenticator
- sasl.cancelled
- sasl.Client
- sasl.DigestMD5
- sasl.DigestMD5Password
- sasl.enums.enums_generator.configuration
- sasl.enums.enums_generator.enum_file_loader
- sasl.error
- sasl.error.__init__
- sasl.log.setLevel
- sasl.mechanism
- sasl.PasswordError
- sasl.Plain
- sasl.Sasl
- sasl.Sasl.__init__
- sasl.sasl.saslmech
- sasl.sasl.saslmech.__init__
- sasl.SimpleAuth