python-pam-1.8.2/0000755020671502067150000000000012432445553013035 5ustar david00000000000000python-pam-1.8.2/python_pam.egg-info/0000755020671502067150000000000012432445553016705 5ustar david00000000000000python-pam-1.8.2/python_pam.egg-info/top_level.txt0000644020671502067150000000000412432445553021431 0ustar david00000000000000pam python-pam-1.8.2/python_pam.egg-info/dependency_links.txt0000644020671502067150000000000112432445553022753 0ustar david00000000000000 python-pam-1.8.2/python_pam.egg-info/SOURCES.txt0000644020671502067150000000027012432445553020570 0ustar david00000000000000MANIFEST.in README.md README.rst pam.py setup.py python_pam.egg-info/PKG-INFO python_pam.egg-info/SOURCES.txt python_pam.egg-info/dependency_links.txt python_pam.egg-info/top_level.txtpython-pam-1.8.2/python_pam.egg-info/PKG-INFO0000644020671502067150000000462512432445553020011 0ustar david00000000000000Metadata-Version: 1.1 Name: python-pam Version: 1.8.2 Summary: Python PAM module using ctypes, py3/py2 Home-page: https://github.com/FirefighterBlu3/python-pam Author: David Ford Author-email: david@blue-labs.org License: License :: OSI Approved :: MIT License Download-URL: https://github.com/FirefighterBlu3/python-pam Description: python-pam ========== Python pam module supporting py3 (and py2) Commandline example: ``` [david@Scott python-pam]$ python pam.py Username: david Password: 0 Success [david@Scott python-pam]$ python2 pam.py Username: david Password: 0 Success ``` Inline examples: ``` [david@Scott python-pam]$ python Python 3.4.1 (default, May 19 2014, 17:23:49) [GCC 4.9.0 20140507 (prerelease)] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import pam >>> p = pam.pam() >>> p.authenticate('david', 'correctpassword') True >>> p.authenticate('david', 'badpassword') False >>> p.authenticate('david', 'correctpassword', service='login') True >>> p.authenticate('david', 'correctpassword', service='unknownservice') False >>> p.authenticate('david', 'correctpassword', service='login', resetcreds=True) True >>> p.authenticate('david', 'correctpassword', encoding='latin-1') True >>> print('{} {}'.format(p.code, p.reason)) 0 Success >>> p.authenticate('david', 'badpassword') False >>> print('{} {}'.format(p.code, p.reason)) 7 Authentication failure >>> ``` Platform: i686 Platform: x86_64 Classifier: Development Status :: 6 - Mature Classifier: Environment :: Plugins Classifier: Intended Audience :: Developers Classifier: Intended Audience :: Information Technology Classifier: Intended Audience :: System Administrators Classifier: License :: OSI Approved :: MIT License Classifier: Operating System :: POSIX Classifier: Operating System :: POSIX :: Linux Classifier: Programming Language :: Python Classifier: Programming Language :: Python :: 2 Classifier: Programming Language :: Python :: 3 Classifier: Topic :: Security Classifier: Topic :: System :: Systems Administration :: Authentication/Directory python-pam-1.8.2/README.md0000644020671502067150000000210012367472155014312 0ustar david00000000000000python-pam ========== Python pam module supporting py3 (and py2) Commandline example: ``` [david@Scott python-pam]$ python pam.py Username: david Password: 0 Success [david@Scott python-pam]$ python2 pam.py Username: david Password: 0 Success ``` Inline examples: ``` [david@Scott python-pam]$ python Python 3.4.1 (default, May 19 2014, 17:23:49) [GCC 4.9.0 20140507 (prerelease)] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import pam >>> p = pam.pam() >>> p.authenticate('david', 'correctpassword') True >>> p.authenticate('david', 'badpassword') False >>> p.authenticate('david', 'correctpassword', service='login') True >>> p.authenticate('david', 'correctpassword', service='unknownservice') False >>> p.authenticate('david', 'correctpassword', service='login', resetcreds=True) True >>> p.authenticate('david', 'correctpassword', encoding='latin-1') True >>> print('{} {}'.format(p.code, p.reason)) 0 Success >>> p.authenticate('david', 'badpassword') False >>> print('{} {}'.format(p.code, p.reason)) 7 Authentication failure >>> ``` python-pam-1.8.2/README.rst0000777020671502067150000000000012432445444015777 2README.mdustar david00000000000000python-pam-1.8.2/setup.py0000644020671502067150000000303512432445321014541 0ustar david00000000000000import os from setuptools import setup def read(fname): return open(os.path.join(os.path.dirname(__file__), fname)).read() __sdesc = 'Python PAM module using ctypes, py3/py2' setup(name = 'python-pam', description = __sdesc, long_description = read('README.md'), py_modules = ['pam'], version = '1.8.2', author = 'David Ford', author_email = 'david@blue-labs.org', maintainer = 'David Ford', maintainer_email = 'david@blue-labs.org', url = 'https://github.com/FirefighterBlu3/python-pam', download_url = 'https://github.com/FirefighterBlu3/python-pam', bugtrack_url = 'https://github.com/FirefighterBlu3/python-pam/issues', license = 'License :: OSI Approved :: MIT License', platforms = ['i686','x86_64'], classifiers = [ 'Development Status :: 6 - Mature', 'Environment :: Plugins', 'Intended Audience :: Developers', 'Intended Audience :: Information Technology', 'Intended Audience :: System Administrators', 'License :: OSI Approved :: MIT License', 'Operating System :: POSIX', 'Operating System :: POSIX :: Linux', 'Programming Language :: Python', 'Programming Language :: Python :: 2', 'Programming Language :: Python :: 3', 'Topic :: Security', 'Topic :: System :: Systems Administration :: Authentication/Directory', ], ) python-pam-1.8.2/pam.py0000644020671502067150000001513612432445347014173 0ustar david00000000000000# (c) 2007 Chris AtLee # Licensed under the MIT license: # http://www.opensource.org/licenses/mit-license.php # # Original author: Chris AtLee # # Modified by David Ford, 2011-12-6 # added py3 support and encoding # added pam_end # added pam_setcred to reset credentials after seeing Leon Walker's remarks # added byref as well # use readline to prestuff the getuser input ''' PAM module for python Provides an authenticate function that will allow the caller to authenticate a user against the Pluggable Authentication Modules (PAM) on the system. Implemented using ctypes, so no compilation is necessary. ''' __all__ = ['pam'] __version__ = '1.8.2' __author__ = 'David Ford ' __released__ = '2014 November 17' import sys from ctypes import CDLL, POINTER, Structure, CFUNCTYPE, cast, byref, sizeof from ctypes import c_void_p, c_uint, c_char_p, c_char, c_int from ctypes import memmove from ctypes.util import find_library class PamHandle(Structure): """wrapper class for pam_handle_t""" _fields_ = [ ("handle", c_void_p) ] def __init__(self): Structure.__init__(self) self.handle = 0 class PamMessage(Structure): """wrapper class for pam_message structure""" _fields_ = [ ("msg_style", c_int), ("msg", c_char_p) ] def __repr__(self): return "" % (self.msg_style, self.msg) class PamResponse(Structure): """wrapper class for pam_response structure""" _fields_ = [ ("resp", c_char_p), ("resp_retcode", c_int) ] def __repr__(self): return "" % (self.resp_retcode, self.resp) conv_func = CFUNCTYPE(c_int, c_int, POINTER(POINTER(PamMessage)), POINTER(POINTER(PamResponse)), c_void_p) class PamConv(Structure): """wrapper class for pam_conv structure""" _fields_ = [ ("conv", conv_func), ("appdata_ptr", c_void_p) ] # Various constants PAM_PROMPT_ECHO_OFF = 1 PAM_PROMPT_ECHO_ON = 2 PAM_ERROR_MSG = 3 PAM_TEXT_INFO = 4 PAM_REINITIALIZE_CRED = 8 libc = CDLL(find_library("c")) libpam = CDLL(find_library("pam")) calloc = libc.calloc calloc.restype = c_void_p calloc.argtypes = [c_uint, c_uint] pam_end = libpam.pam_end pam_end.restype = c_int pam_end.argtypes = [PamHandle, c_int] pam_start = libpam.pam_start pam_start.restype = c_int pam_start.argtypes = [c_char_p, c_char_p, POINTER(PamConv), POINTER(PamHandle)] pam_setcred = libpam.pam_setcred pam_setcred.restype = c_int pam_setcred.argtypes = [PamHandle, c_int] pam_strerror = libpam.pam_strerror pam_strerror.restype = c_char_p pam_strerror.argtypes = [POINTER(PamHandle), c_int] pam_authenticate = libpam.pam_authenticate pam_authenticate.restype = c_int pam_authenticate.argtypes = [PamHandle, c_int] class pam(): code = 0 reason = None def __init__(self): pass def authenticate(self, username, password, service='login', encoding='utf-8', resetcreds=True): """username and password authentication for the given service. Returns True for success, or False for failure. self.code (integer) and self.reason (string) are always stored and may be referenced for the reason why authentication failed. 0/'Success' will be stored for success. Python3 expects bytes() for ctypes inputs. This function will make necessary conversions using the supplied encoding. Inputs: username: username to authenticate password: password in plain text service: PAM service to authenticate against, defaults to 'login' Returns: success: True failure: False """ @conv_func def my_conv(n_messages, messages, p_response, app_data): """Simple conversation function that responds to any prompt where the echo is off with the supplied password""" # Create an array of n_messages response objects addr = calloc(n_messages, sizeof(PamResponse)) p_response[0] = cast(addr, POINTER(PamResponse)) for i in range(n_messages): if messages[i].contents.msg_style == PAM_PROMPT_ECHO_OFF: cs = c_char_p(password) dst = calloc(sizeof(c_char_p), len(password)+1) memmove(dst , cs, len(password)) p_response.contents[i].resp = dst p_response.contents[i].resp_retcode = 0 return 0 # python3 ctypes prefers bytes if sys.version_info >= (3,): if isinstance(username, str): username = username.encode(encoding) if isinstance(password, str): password = password.encode(encoding) if isinstance(service, str): service = service.encode(encoding) handle = PamHandle() conv = PamConv(my_conv, 0) retval = pam_start(service, username, byref(conv), byref(handle)) if retval != 0: # This is not an authentication error, something has gone wrong starting up PAM self.code = retval self.reason = pam_strerror(byref(handle), retval) if sys.version_info >= (3,): self.reason = self.reason.decode(encoding) pam_end(handle, retval) return False retval = pam_authenticate(handle, 0) auth_success = retval == 0 if auth_success and resetcreds: retval = pam_setcred(handle, PAM_REINITIALIZE_CRED); pam_end(handle, retval) # store information to inform the caller why we failed self.code = retval self.reason = pam_strerror(byref(handle), retval) if sys.version_info >= (3,): self.reason = self.reason.decode(encoding) return auth_success if __name__ == "__main__": import readline, getpass def input_with_prefill(prompt, text): def hook(): readline.insert_text(text) readline.redisplay() readline.set_pre_input_hook(hook) if sys.version_info >= (3,): result = input(prompt) else: result = raw_input(prompt) readline.set_pre_input_hook() return result pam = pam() username = input_with_prefill('Username: ', getpass.getuser()) # enter a valid username and an invalid/valid password, to verify both failure and success pam.authenticate(username, getpass.getpass()) print('{} {}'.format(pam.code, pam.reason)) python-pam-1.8.2/setup.cfg0000644020671502067150000000007312432445553014656 0ustar david00000000000000[egg_info] tag_build = tag_date = 0 tag_svn_revision = 0 python-pam-1.8.2/MANIFEST.in0000644020671502067150000000002212432445124014557 0ustar david00000000000000include README.md python-pam-1.8.2/PKG-INFO0000644020671502067150000000462512432445553014141 0ustar david00000000000000Metadata-Version: 1.1 Name: python-pam Version: 1.8.2 Summary: Python PAM module using ctypes, py3/py2 Home-page: https://github.com/FirefighterBlu3/python-pam Author: David Ford Author-email: david@blue-labs.org License: License :: OSI Approved :: MIT License Download-URL: https://github.com/FirefighterBlu3/python-pam Description: python-pam ========== Python pam module supporting py3 (and py2) Commandline example: ``` [david@Scott python-pam]$ python pam.py Username: david Password: 0 Success [david@Scott python-pam]$ python2 pam.py Username: david Password: 0 Success ``` Inline examples: ``` [david@Scott python-pam]$ python Python 3.4.1 (default, May 19 2014, 17:23:49) [GCC 4.9.0 20140507 (prerelease)] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import pam >>> p = pam.pam() >>> p.authenticate('david', 'correctpassword') True >>> p.authenticate('david', 'badpassword') False >>> p.authenticate('david', 'correctpassword', service='login') True >>> p.authenticate('david', 'correctpassword', service='unknownservice') False >>> p.authenticate('david', 'correctpassword', service='login', resetcreds=True) True >>> p.authenticate('david', 'correctpassword', encoding='latin-1') True >>> print('{} {}'.format(p.code, p.reason)) 0 Success >>> p.authenticate('david', 'badpassword') False >>> print('{} {}'.format(p.code, p.reason)) 7 Authentication failure >>> ``` Platform: i686 Platform: x86_64 Classifier: Development Status :: 6 - Mature Classifier: Environment :: Plugins Classifier: Intended Audience :: Developers Classifier: Intended Audience :: Information Technology Classifier: Intended Audience :: System Administrators Classifier: License :: OSI Approved :: MIT License Classifier: Operating System :: POSIX Classifier: Operating System :: POSIX :: Linux Classifier: Programming Language :: Python Classifier: Programming Language :: Python :: 2 Classifier: Programming Language :: Python :: 3 Classifier: Topic :: Security Classifier: Topic :: System :: Systems Administration :: Authentication/Directory