[Zope-Checkins] CVS: ZODB3/ZEO - runzeo.py:1.14 StorageServer.py:1.94 ServerStub.py:1.14 Exceptions.py:1.8 ClientStorage.py:1.96 zpasswd.py:NONE

Jeremy Hylton jeremy@zope.com
Wed, 30 Apr 2003 13:14:34 -0400


Update of /cvs-repository/ZODB3/ZEO
In directory cvs.zope.org:/tmp/cvs-serv4308/ZEO

Modified Files:
	runzeo.py StorageServer.py ServerStub.py Exceptions.py 
	ClientStorage.py 
Removed Files:
	zpasswd.py 
Log Message:
Revert checkins of ZEO auth code on trunk.


=== ZODB3/ZEO/runzeo.py 1.13 => 1.14 ===
--- ZODB3/ZEO/runzeo.py:1.13	Tue Apr 29 16:00:28 2003
+++ ZODB3/ZEO/runzeo.py	Wed Apr 30 13:14:33 2003
@@ -1,7 +1,7 @@
 #!python
 ##############################################################################
 #
-# Copyright (c) 2001, 2002, 2003 Zope Corporation and Contributors.
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
 # All Rights Reserved.
 #
 # This software is subject to the provisions of the Zope Public License,
@@ -89,9 +89,7 @@
                  "t:", "timeout=", float)
         self.add("monitor_address", "zeo.monitor_address", "m:", "monitor=",
                  self.handle_monitor_address)
-        self.add('auth_protocol', 'zeo.auth_protocol', None,
-                 'auth-protocol=', default=None)
-        self.add('auth_filename', 'zeo.auth_filename', None, 'auth-filename=')
+
 
 class ZEOOptions(ZDOptions, ZEOOptionsMixin):
 
@@ -191,9 +189,7 @@
             read_only=self.options.read_only,
             invalidation_queue_size=self.options.invalidation_queue_size,
             transaction_timeout=self.options.transaction_timeout,
-            monitor_address=self.options.monitor_address,
-            auth_protocol=self.options.auth_protocol,
-            auth_filename=self.options.auth_filename)
+            monitor_address=self.options.monitor_address)
 
     def loop_forever(self):
         import ThreadedAsync.LoopCallback


=== ZODB3/ZEO/StorageServer.py 1.93 => 1.94 ===
--- ZODB3/ZEO/StorageServer.py:1.93	Tue Apr 29 16:00:28 2003
+++ ZODB3/ZEO/StorageServer.py	Wed Apr 30 13:14:33 2003
@@ -1,6 +1,6 @@
 ##############################################################################
 #
-# Copyright (c) 2001, 2002, 2003 Zope Corporation and Contributors.
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
 # All Rights Reserved.
 #
 # This software is subject to the provisions of the Zope Public License,
@@ -31,7 +31,6 @@
 
 from ZEO import ClientStub
 from ZEO.CommitLog import CommitLog
-from ZEO.auth.database import Database
 from ZEO.monitor import StorageStats, StatsServer
 from ZEO.zrpc.server import Dispatcher
 from ZEO.zrpc.connection import ManagedServerConnection, Delay, MTDelay
@@ -162,8 +161,6 @@
         """Select the storage that this client will use
 
         This method must be the first one called by the client.
-        For authenticated storages this method will be called by the client
-        immediately after authentication is finished.
         """
         if self.storage is not None:
             self.log("duplicate register() call")
@@ -413,15 +410,6 @@
         else:
             return self._wait(lambda: self._vote())
 
-    def getAuthProtocol(self):
-        """Return string specifying name of authentication module to use.
-
-           The module name should be auth_%s where %s is auth_protocol."""
-        protocol = self.server.auth_protocol
-        if not protocol or protocol == 'none':
-            return None
-        return protocol
-    
     def abortVersion(self, src, id):
         self._check_tid(id, exc=StorageTransactionError)
         if self.locked:
@@ -589,9 +577,7 @@
     def __init__(self, addr, storages, read_only=0,
                  invalidation_queue_size=100,
                  transaction_timeout=None,
-                 monitor_address=None,
-                 auth_protocol=None,
-                 auth_filename=None):
+                 monitor_address=None):
         """StorageServer constructor.
 
         This is typically invoked from the start.py script.
@@ -632,22 +618,7 @@
         monitor_address -- The address at which the monitor server
             should listen.  If specified, a monitor server is started.
             The monitor server provides server statistics in a simple
-            text format.
-
-        auth_protocol -- The name of the authentication protocol to use.
-            Examples are "plaintext", "sha" and "srp".
-            
-        auth_filename -- The name of the password database filename.
-            It should be in a format compatible with the authentication
-            protocol used; for instance, "sha" and "srp" require different
-            formats.
-            
-            Note that to implement an authentication protocol, a server
-            and client authentication mechanism must be implemented in a
-            auth_* module, which should be stored inside the "auth"
-            subdirectory. This module may also define a DatabaseClass
-            variable that should indicate what database should be used
-            by the authenticator.
+            text format. 
         """
 
         self.addr = addr
@@ -662,10 +633,6 @@
         for s in storages.values():
             s._waiting = []
         self.read_only = read_only
-        self.auth_protocol = auth_protocol
-        self.auth_filename = auth_filename
-        if auth_protocol:
-            self._setup_auth(auth_protocol)
         # A list of at most invalidation_queue_size invalidations
         self.invq = []
         self.invq_bound = invalidation_queue_size
@@ -687,43 +654,7 @@
             self.monitor = StatsServer(monitor_address, self.stats)
         else:
             self.monitor = None
-            
-    def _setup_auth(self, protocol):
-        # Load the auth protocol
-        fullname = 'ZEO.auth.auth_' + protocol
-        try:
-            module = __import__(fullname, globals(), locals(), protocol)
-        except ImportError:
-            log("%s: no such an auth protocol: %s" %
-                (self.__class__.__name__, protocol))
-            self.auth_protocol = None
-            return
-        
-        from ZEO.auth.storage import AuthZEOStorage
-        
-        # And set up ZEOStorageClass
-        klass = getattr(module, 'StorageClass', None)
-        if not klass or not issubclass(klass, AuthZEOStorage):
-            log(("%s: %s is not a valid auth protocol, must have a " + \
-                "StorageClass class") % (self.__class__.__name__, protocol))
-            self.auth_protocol = None
-            return
-        self.ZEOStorageClass = klass
 
-        log("%s: using auth protocol: %s" % \
-            (self.__class__.__name__, protocol))
-        
-        dbklass = getattr(module, 'DatabaseClass', None)
-        if not dbklass:
-            dbklass = Database
-
-        # We create a Database instance here for use with the authenticator
-        # modules. Having one instance allows it to be shared between multiple
-        # storages, avoiding the need to bloat each with a new authenticator
-        # Database that would contain the same info, and also avoiding any
-        # possibly synchronization issues between them.
-        self.database = dbklass(self.auth_filename)
-        
     def new_connection(self, sock, addr):
         """Internal: factory to create a new connection.
 
@@ -732,8 +663,6 @@
         connection.
         """
         z = self.ZEOStorageClass(self, self.read_only)
-        if self.auth_protocol:
-            z.set_database(self.database)
         c = self.ManagedServerConnectionClass(sock, addr, z, self)
         log("new connection %s: %s" % (addr, `c`))
         return c


=== ZODB3/ZEO/ServerStub.py 1.13 => 1.14 ===
--- ZODB3/ZEO/ServerStub.py:1.13	Tue Apr 29 16:00:28 2003
+++ ZODB3/ZEO/ServerStub.py	Wed Apr 30 13:14:33 2003
@@ -1,6 +1,6 @@
 ##############################################################################
 #
-# Copyright (c) 2001, 2002, 2003 Zope Corporation and Contributors.
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
 # All Rights Reserved.
 #
 # This software is subject to the provisions of the Zope Public License,
@@ -45,9 +45,6 @@
     def get_info(self):
         return self.rpc.call('get_info')
 
-    def getAuthProtocol(self):
-        return self.rpc.call('getAuthProtocol')
-    
     def lastTransaction(self):
         # Not in protocol version 2.0.0; see __init__()
         return self.rpc.call('lastTransaction')


=== ZODB3/ZEO/Exceptions.py 1.7 => 1.8 ===
--- ZODB3/ZEO/Exceptions.py:1.7	Tue Apr 29 16:00:28 2003
+++ ZODB3/ZEO/Exceptions.py	Wed Apr 30 13:14:33 2003
@@ -24,5 +24,3 @@
 class ClientDisconnected(ClientStorageError):
     """The database storage is disconnected from the storage."""
 
-class AuthError(StorageError):
-    """The client provided invalid authentication credentials."""


=== ZODB3/ZEO/ClientStorage.py 1.95 => 1.96 ===
--- ZODB3/ZEO/ClientStorage.py:1.95	Tue Apr 29 16:00:28 2003
+++ ZODB3/ZEO/ClientStorage.py	Wed Apr 30 13:14:33 2003
@@ -1,6 +1,6 @@
 ##############################################################################
 #
-# Copyright (c) 2001, 2002, 2003 Zope Corporation and Contributors.
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
 # All Rights Reserved.
 #
 # This software is subject to the provisions of the Zope Public License,
@@ -29,8 +29,7 @@
 from ZEO import ClientCache, ServerStub
 from ZEO.TransactionBuffer import TransactionBuffer
 from ZEO.Exceptions \
-     import ClientStorageError, UnrecognizedResult, ClientDisconnected, \
-            AuthError
+     import ClientStorageError, UnrecognizedResult, ClientDisconnected
 from ZEO.zrpc.client import ConnectionManager
 
 from ZODB import POSException
@@ -100,8 +99,7 @@
                  min_disconnect_poll=5, max_disconnect_poll=300,
                  wait_for_server_on_startup=None, # deprecated alias for wait
                  wait=None, # defaults to 1
-                 read_only=0, read_only_fallback=0,
-                 username='', password=''):
+                 read_only=0, read_only_fallback=0):
 
         """ClientStorage constructor.
 
@@ -161,17 +159,6 @@
             writable storages are available.  Defaults to false.  At
             most one of read_only and read_only_fallback should be
             true.
-
-        username -- string with username to be used when authenticating.
-            These only need to be provided if you are connecting to an
-            authenticated server storage.
- 
-        password -- string with plaintext password to be used
-            when authenticated.
-
-        Note that the authentication scheme is defined by the server and is
-        detected by the ClientStorage upon connecting (see testConnection()
-        and doAuth() for details).
         """
 
         log2(INFO, "%s (pid=%d) created %s/%s for storage: %r" %
@@ -230,8 +217,6 @@
         self._conn_is_read_only = 0
         self._storage = storage
         self._read_only_fallback = read_only_fallback
-        self._username = username
-        self._password = password
         # _server_addr is used by sortKey()
         self._server_addr = None
         self._tfile = None
@@ -362,34 +347,6 @@
         if cn is not None:
             cn.pending()
 
-    def doAuth(self, protocol, stub):
-        if self._username == '' and self._password == '':
-            raise AuthError, "empty username or password"
-
-        # import the auth module
-        
-        # XXX: Should we validate the client module that is being specified
-        # by the server? A malicious server could cause any auth_*.py file
-        # to be loaded according to Python import semantics.
-        fullname = 'ZEO.auth.auth_' + protocol
-        try:
-            module = __import__(fullname, globals(), locals(), protocol)
-        except ImportError:
-            log("%s: no such an auth protocol: %s" %
-                (self.__class__.__name__, protocol))
-
-        # And setup ZEOStorageClass
-        Client = getattr(module, 'Client', None)
-        if not Client:
-            log("%s: %s is not a valid auth protocol, must have a " + \
-                "Client class" % (self.__class__.__name__, protocol))
-            raise AuthError, "invalid protocol"
-        
-        c = Client(stub)
-        
-        # Initiate authentication, return boolean specifying whether OK or not
-        return c.start(self._username, self._password)
-        
     def testConnection(self, conn):
         """Internal: test the given connection.
 
@@ -415,12 +372,6 @@
         # XXX Check the protocol version here?
         self._conn_is_read_only = 0
         stub = self.StorageServerStubClass(conn)
-
-        # XXX: Verify return value
-        auth = stub.getAuthProtocol()
-        if auth and not self.doAuth(auth, stub):
-            raise AuthError, "Authentication failed"
-        
         try:
             stub.register(str(self._storage), self._is_read_only)
             return 1

=== Removed File ZODB3/ZEO/zpasswd.py ===