;ņ ¢)?Bc@s*dZdkZdkZdkZdkZdkZdkZdkZdkl Z l Z dk l Z y dk Z Wne j o eZ nXdkZdklZdklZdklZdklZyeefWnej odZd ZnXd fd „ƒYZeid ƒZd „ZdS(s0Handle passwords and sanitize approved messages.N(s StringTypes TupleType(surlparse(smm_cfg(sUtils(sErrors(ssyslogiisSecurityManagercBsbtZd„Zed„Zed„Zed„Zed„Zed„Zed„Z d„Z RS( NcCst|_h|_dS(N(sNonesselfs mod_passwords passwords(sself((s'/var/mailman/Mailman/SecurityManager.pysInitVarsOs cCs|iƒd}|tijoD|tjo td‚n|i |ƒ}|dt i |ƒ7}n­|ti jo|i}|d7}n†|tijo|i}|d7}n_|tijoDt iƒ}tio|o|}d}q|i}|d7}n ttfS||fSdS(Ns+s%No user supplied for AuthUser contextsuser+%ss moderatorsadminssite(sselfs internal_nameskeys authcontextsmm_cfgsAuthUsersusersNones TypeErrorsgetMemberPasswordssecretsUtilss ObscureEmailsAuthListModerators mod_passwords AuthListAdminspasswords AuthSiteAdminsget_global_passwordssitepasssALLOW_SITE_ADMIN_COOKIES(sselfs authcontextsuserssitepassssecretskey((s'/var/mailman/Mailman/SecurityManager.pysAuthContextInfoXs*         c Cs›x|D]…}|tijo+ti|ddƒ} | o tiSqŒq|tijo%ti|ƒ} | o tiSqŒq|ti jo1d„}|i |ƒ\} }|tjoqnti|ƒiƒ}t}} ||jo t} nIti|ƒiƒ|jot} }n|||ƒot} }n|ogt} |iƒ o|iƒt} nz"||_| o|iƒnWd| o|iƒnXn| o|SqŒq|tijoD|i |ƒ\} }|oti|ƒiƒ|jo|SqŒq|ti joM|tj o<y|i"||ƒo|SnWqkt#i$j oqkXqŒqt%dd|ƒt&d|‚qWti'SdS(Ns siteadminicCsXy:|d }toti||ƒ|jotSntSWntj o tSnXdS(Ni(ssecretssaltscryptsresponsesTruesFalses TypeError(sresponsessecretssalt((s'/var/mailman/Mailman/SecurityManager.pys cryptmatchp”s  serrorsBad authcontext: %s((s authcontextssacsmm_cfgs AuthCreatorsUtilsscheck_global_passwordsresponsesoks AuthSiteAdmins AuthListAdmins cryptmatchpsselfsAuthContextInfoskeyssecretsNonesshasnews hexdigests sharesponsesFalsesupgradesTruesmd5sdigestssave_and_unlocksLockedsLockspasswordsSavesUnlocksAuthListModeratorsAuthUsersusersauthenticateMembersErrorssNotAMemberErrorssyslogs ValueErrors UnAuthorized( sselfs authcontextssresponsesusersacs cryptmatchps sharesponsesupgradessecretssave_and_unlockskeysok((s'/var/mailman/Mailman/SecurityManager.pys Authenticate‚sf         #    cCsox/|D]'}|i||ƒ}|otSqqW|i|||ƒ}|o|i ||ƒGHtSnt SdS(N( s authcontextssacsselfs CheckCookiesusersoksTrues Authenticatesresponses MakeCookiesFalse(sselfs authcontextssresponsesusersacsok((s'/var/mailman/Mailman/SecurityManager.pysWebAuthenticateÓs c CsŽ|i||ƒ\}}|tjp|tjpt|tƒ o t ‚nt t i ƒƒ}t i|| ƒiƒ}tiƒ}titi||fƒƒ||