kallithea Changeset - 74e669d8a479

Changeset - 74e669d8a479

Parent rev.

Child rev.

[Not reviewed]

stable

0 2 0

Mads Kiilerich - 10 years ago 2015-12-25 12:32:25
madski@unity3d.com

auth: fail pam and internal authentication attempts if no username is provided (Issue #180)

When the Mercurial client communicates with a server over HTTP, it will always
first try to perform operations unauthenticated before providing credentials.
Authentication attempts without credentials is usually pointless and will just
slow operations down.

Some authentication plugins (such as LDAP) already skipped these
unauthenticated requests. Now, do the same for other authentication plugions.

Other authentication plugins also skip if no password is provided ... but that
doesn't seem necessary.

2 files changed with 6 insertions and 0 deletions:

kallithea/lib/auth_modules/auth_internal.py

kallithea/lib/auth_modules/auth_pam.py

0 comments (0 inline, 0 general)

kallithea/lib/auth_modules/auth_internal.py

➞

Show inline comments

@@ @@ -67,6 +67,9 @@ class KallitheaAuthPlugin(auth_modules.K @@
             log.warning("userobj:%s extern_type mismatch got:`%s` expected:`%s`",
                      userobj, userobj.extern_type, self.name)
             return None
         if not username:
             log.debug('Empty username - skipping...')
             return None
         user_data = {
             "username": userobj.username,

kallithea/lib/auth_modules/auth_pam.py

➞

Show inline comments

@@ @@ -85,6 +85,9 @@ class KallitheaAuthPlugin(auth_modules.K @@
         return True
     def auth(self, userobj, username, password, settings, **kwargs):
         if not username:
             log.debug('Empty username - skipping...')
             return None
         if username not in _auth_cache:
             # Need lock here, as PAM authentication is not thread safe
             _pam_lock.acquire()

0 comments (0 inline, 0 general)